urlscan.io logo urlscan.io
SecurityTrails logo

winnerofferz.com Open in urlscan Pro
2606:4700:3036::6815:407  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/goodsurely43/43xyz.html#redirect.php/c1713eCHiT16595MdLk88IbF572DDDA62
Effective URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77...
Submission: On December 04 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 12 domains to perform 51 HTTP transactions. The main IP is 2606:4700:3036::6815:407, located in United States and belongs to CLOUDFLARENET, US. The main domain is winnerofferz.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 20th 2021. Valid for: a year.
This is the only time winnerofferz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 2 94.102.4.174 51559 (NETINTERN...)
1 1 34.117.99.21 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
24 2606:4700:303... 13335 (CLOUDFLAR...)
2 151.101.64.217 54113 (FASTLY)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 151.101.14.109 54113 (FASTLY)
6 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 34.120.202.204 15169 (GOOGLE)
51 12
1    2a00:1450:4001:810::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    94.102.4.174 (Turkey)

ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR)
PTR: static.94-102-4-174-clients.www20100.com
replace.goodsurely43.xyz
1    34.117.99.21 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 21.99.117.34.bc.googleusercontent.com
www.k33clq-3.com
1    2606:4700:3035::ac43:a6d9 (United States)

ASN13335 (CLOUDFLARENET, US)
tracking.the-traffice-system.com
24    2606:4700:3036::6815:407 (United States)

ASN13335 (CLOUDFLARENET, US)
winnerofferz.com
2    151.101.64.217 (United States)

ASN54113 (FASTLY, US)
player.vimeo.com
vimeo.com
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2606:4700:3032::6815:3469 (United States)

ASN13335 (CLOUDFLARENET, US)
trafforms.co
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.vimeocdn.com
f.vimeocdn.com
6    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2606:4700:3033::ac43:d6d2 (United States)

ASN13335 (CLOUDFLARENET, US)
external-media.trafficon.co
splitter.trafficon.co
3    2606:4700:3037::ac43:d4bf (United States)

ASN13335 (CLOUDFLARENET, US)
streamerpr.com
2    34.120.202.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.202.120.34.bc.googleusercontent.com
fresnel.vimeocdn.com
Domain Requested by
24 winnerofferz.com replace.goodsurely43.xyz
winnerofferz.com
6 fonts.gstatic.com fonts.googleapis.com
3 streamerpr.com code.jquery.com
3 f.vimeocdn.com player.vimeo.com
3 i.vimeocdn.com player.vimeo.com
2 fresnel.vimeocdn.com f.vimeocdn.com
2 external-media.trafficon.co code.jquery.com
winnerofferz.com
2 replace.goodsurely43.xyz 1 redirects storage.googleapis.com
1 vimeo.com f.vimeocdn.com
1 splitter.trafficon.co code.jquery.com
1 fonts.googleapis.com winnerofferz.com
1 trafforms.co winnerofferz.com
1 code.jquery.com winnerofferz.com
1 player.vimeo.com winnerofferz.com
1 tracking.the-traffice-system.com 1 redirects
1 www.k33clq-3.com 1 redirects
1 storage.googleapis.com
51 17

This site contains no links.

Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-20 -
2022-10-19		 a year crt.sh
*.vimeo.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-09-15 -
2022-10-17		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.vimeocdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-18 -
2022-06-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
fresnel.vimeocdn.com
GTS CA 1D4		 2021-10-19 -
2022-01-17		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Frame ID: E334DD2C84781285AC941DC9C8FB5434
Requests: 38 HTTP requests in this frame

Frame: https://player.vimeo.com/video/320508452
Frame ID: CF73DCFB86DBFDE5064608CD948C9174
Requests: 10 HTTP requests in this frame

Frame: https://streamerpr.com/analytic/codenet-system/form-loaded/01cd4567i910l121638592989470?splitterType=splitterNg
Frame ID: FE1446C39520FCA88F4E87558DB3A038
Requests: 1 HTTP requests in this frame

Frame: https://streamerpr.com/analytic/codenet-system/pre-sales/01cd4567i910l121638592989470?aff_id=1057&aff_subs%5Baff_sub1%5D=91d68d5709fc41d691ae97a640f0332f&aff_subs%5Baff_sub3%5D=7&aff_subs%5Baff_sub4%5D=62-1713&aff_subs%5Baff_sub5%5D=Code&splitterType=splitterNg
Frame ID: B375A1FD9DDA69E6F86BF7EA3DB6EBC9
Requests: 1 HTTP requests in this frame

Frame: https://streamerpr.com/analytic/codenet-system/members/01cd4567i910l121638592989470?lead.offer_id=45&lead.aff_id=1057&lead.transaction_id=1028659bd464537dfce65c77808bf4&lead.broker=meteortrade&lead.campaign_id=89452&aff_subs%5Baff_sub1%5D=91d68d5709fc41d691ae97a640f0332f&aff_subs%5Baff_sub3%5D=7&aff_subs%5Baff_sub4%5D=62-1713&aff_subs%5Baff_sub5%5D=Code&geo.country=Germany&geo.iso=DE&abTesting%5Bfeatures%5D%5Btooltips%5D%5Btr%5D%5Bemail_desc%5D=L%C3%BCtfen+s%C4%B1k+olarak+kulland%C4%B1%C4%9F%C4%B1n%C4%B1z+bir+eposta+adresi+se%C3%A7iniz&abTesting%5Bfeatures%5D%5Btooltips%5D%5Btr%5D%5Bpassword_desc%5D=%C5%9Eifreniz+6-12+karakter+aral%C4%B1%C4%9F%C4%B1nda+olmal%C4%B1d%C4%B1r&abTesting%5Bfeatures%5D%5Btooltips%5D%5Btr%5D%5Barea_code_desc%5D=Bu+listeden+bakarak+%C3%BClke+kodunuzun+do%C4%9Fru+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Eoldu%C4%9Fundan+emin+olun%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Btr%5D%5Bphone_desc%5D=Numara+b%C3%B6lge+kodunuzu+ve+ki%C5%9Fisel+telefon+numaran%C4%B1z%C4%B1+i%C3%A7ermelidir&abTesting%5Bfeatures%5D%5Btooltips%5D%5Btr%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bru%5D%5Bemail_desc%5D=%D0%92%D1%8B%D0%B1%D0%B5%D1%80%D0%B8%D1%82%D0%B5+%D1%83%D0%BD%D0%B8%D0%BA%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9+%D0%B8%D1%81%D0%BF%D0%BE%D0%BB%D1%8C%D0%B7%D1%83%D0%B5%D0%BC%D1%8B%D0%B9+%D0%BF%D0%BE%D1%87%D1%82%D0%BE%D0%B2%D1%8B%D0%B9+%D0%B0%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bru%5D%5Bpassword_desc%5D=%D0%94%D0%BB%D0%B8%D0%BD%D0%B0+%D0%BF%D0%B0%D1%80%D0%BE%D0%BB%D1%8F+%D0%B4%D0%BE%D0%BB%D0%B6%D0%BD%D0%B0+%D0%B1%D1%8B%D1%82%D1%8C+%D0%BE%D1%82+6+%D0%B4%D0%BE+12+%D0%B7%D0%BD%D0%B0%D0%BA%D0%BE%D0%B2&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bru%5D%5Barea_code_desc%5D=%D0%A1%D0%B2%D0%B5%D1%80%D1%8C%D1%82%D0%B5+%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9+%D0%BA%D0%BE%D0%B4+%D1%81%D1%82%D1%80%D0%B0%D0%BD%D1%8B+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3E%D0%BF%D0%BE+%D1%8D%D1%82%D0%BE%D0%BC%D1%83+%D1%81%D0%BF%D0%B8%D1%81%D0%BA%D1%83%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bru%5D%5Bphone_desc%5D=%D0%9D%D0%BE%D0%BC%D0%B5%D1%80+%D0%B4%D0%BE%D0%BB%D0%B6%D0%B5%D0%BD+%D0%B2%D0%BA%D0%BB%D1%8E%D1%87%D0%B0%D1%82%D1%8C+%D0%BA%D0%BE%D0%B4+%D0%92%D0%B0%D1%88%D0%B5%D0%B3%D0%BE+%D1%80%D0%B0%D0%B9%D0%BE%D0%BD%D0%B0+%D0%B8+%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9+%D0%BD%D0%BE%D0%BC%D0%B5%D1%80+%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD%D0%B0&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bru%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bit%5D%5Bemail_desc%5D=Scegli+un%27email+che+controlli+regolarmente&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bit%5D%5Bpassword_desc%5D=La+password+deve+contenere+tra+gli+6+e+12+caratteri&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bit%5D%5Barea_code_desc%5D=Assicurati+cheil+prefisso+sia+corretto+verificandolo+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Esulla+lista%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bit%5D%5Bphone_desc%5D=Il+numero+deve+comprendere+il+prefisso+e+il+tuo+numero+personale&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bit%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bar%5D%5Bemail_desc%5D=%D8%AE%D8%AA%D8%B1+%D8%B9%D9%86%D9%88%D8%A7%D9%86+%D8%A8%D8%B1%D9%8A%D8%AF+%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A+%D8%AD%D9%82%D9%8A%D9%82%D9%8A+%D8%AA%D8%B3%D8%AA%D8%AE%D8%AF%D9%85%D9%87+%D8%A8%D8%A7%D9%86%D8%AA%D8%B8%D8%A7%D9%85&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bar%5D%5Bpassword_desc%5D=%D9%8A%D8%AC%D8%A8+%D8%A3%D9%86+%D8%AA%D9%83%D9%88%D9%86+%D9%83%D9%84%D9%85%D8%A9+%D8%A7%D9%84%D9%85%D8%B1%D9%88%D8%B1+%D8%A8%D9%8A%D9%86+8-12+%D8%B1%D9%85%D8%B2%D8%A7%D9%8B&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bar%5D%5Barea_code_desc%5D=%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3E%D8%AA%D8%A3%D9%83%D8%AF+%D9%85%D9%86+%D8%A3%D9%86%3C%2Fa%3E+%D9%81%D8%AA%D8%AD+%D8%AE%D8%B7+%D8%A7%D9%84%D8%AF%D9%88%D9%84%D8%A9+%D8%B5%D8%AD%D9%8A%D8%AD+%D8%A8%D8%A7%D9%84%D9%86%D8%B8%D8%B1+%D8%A5%D9%84%D9%89+%D8%A7%D9%84%D9%82%D8%A7%D8%A6%D9%85%D8%A9+%D8%A7%D9%84%D8%AA%D8%A7%D9%84%D9%8A%D8%A9&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bar%5D%5Bphone_desc%5D=%D9%8A%D8%AC%D8%A8+%D8%A3%D9%86+%D9%8A%D8%AA%D8%B6%D9%85%D9%86+%D8%A7%D9%84%D8%B1%D9%82%D9%85+%D8%B1%D9%85%D8%B2+%D8%A7%D9%84%D9%85%D9%86%D8%B7%D9%82%D8%A9+%D9%88%D8%B1%D9%82%D9%85+%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81+%D8%A7%D9%84%D8%B4%D8%AE%D8%B5%D9%8A&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bar%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bpr%5D%5Bemail_desc%5D=Escolha+a+conta+de+email+aut%C3%AAntica+que+usa+regularmente%22&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bpr%5D%5Bpassword_desc%5D=A+sua+palavra-passe+deve+ser+entre+6-12+caracteres&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bpr%5D%5Barea_code_desc%5D=Verifique+nesta+lista+se+o+indicativo+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Edo+pa%C3%ADs+%C3%A9+correto%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bpr%5D%5Bphone_desc%5D=Deve+incluir+o+seu+indicativo+de+zona+e+n%C3%BAmero+de+telefone+pessoal&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bpr%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bnl%5D%5Bemail_desc%5D=Kies+een+e-mailaccount+dat+u+regelmatig+gebruikt&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bnl%5D%5Bpassword_desc%5D=Uw+wachtwoord+dient+6-12+tekens+te+bevatten&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bnl%5D%5Barea_code_desc%5D=Zorg+voor+het+juiste+landnummer+door+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Edeze+lijst+te+controleren%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bnl%5D%5Bphone_desc%5D=Het+nummer+dient+uw+netnummer+en+eigen+telefoonnummer+te+bevatten&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bnl%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Ben%5D%5Bemail_desc%5D=Enter+your+valid+email+account&abTesting%5Bfeatures%5D%5Btooltips%5D%5Ben%5D%5Bpassword_desc%5D=Password+must+be+6-12+characters+long&abTesting%5Bfeatures%5D%5Btooltips%5D%5Ben%5D%5Barea_code_desc%5D=Make+sure+this+is+your+correct+country+dial+code+by+checking+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Ethis+list%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Ben%5D%5Bphone_desc%5D=Phone+number+must+include+your+Area+Code+and+Phone+Number&abTesting%5Bfeatures%5D%5Btooltips%5D%5Ben%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bde%5D%5Bemail_desc%5D=W%C3%A4hlen+Sie+ein+E-Mail-Konto%2C+das+Sie+regelm%C3%A4%C3%9Fig+nutzen&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bde%5D%5Bpassword_desc%5D=Ihr+Passwort+sollte+6-12+Zeichen+enthalten&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bde%5D%5Barea_code_desc%5D=Stellen+Sie+anhand+der+Liste+sicher%2C+dass+die+L%C3%A4ndervorwahl+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Ekorrekt+ist%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bde%5D%5Bphone_desc%5D=Die+Nummer+muss+die+Vorwahl+und+die+pers%C3%B6nliche+Telefonnummer+enthalten&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bde%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bes%5D%5Bemail_desc%5D=Elija+un+correo+electr%C3%B3nico+aut%C3%A9ntico+que+use+regularmente&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bes%5D%5Bpassword_desc%5D=Su+contrase%C3%B1a+debe+tener+entre+8+y+12+caracteres&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bes%5D%5Barea_code_desc%5D=En+esta+lista+puede+asegurarse+si+ese+es+el+c%C3%B3digo+de+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Epa%C3%ADs+correcto%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bes%5D%5Bphone_desc%5D=El+n%C3%BAmero+debe+incluir+un+c%C3%B3digo+de+%C3%A1rea+y+un+n%C3%BAmero+personal&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bes%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bfr%5D%5Bemail_desc%5D=Choisissez+un+compte+e-mail+que+vous+utilisez+r%C3%A9guli%C3%A8rement&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bfr%5D%5Bpassword_desc%5D=Votre+mot+de+passe+doit+contenir+entre+6+et+12+caract%C3%A8res&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bfr%5D%5Barea_code_desc%5D=Assurez-vous+qu%27il+s%27agit+du+bon+code+en+consultant+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Ecette+liste%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bfr%5D%5Bphone_desc%5D=Le+num%C3%A9ro+doit+inclure+votre+code+r%C3%A9gional+et+votre+num%C3%A9ro+de+t%C3%A9l%C3%A9phone&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bfr%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bda%5D%5Bemail_desc%5D=Indtast+din+gyldig+e-mail-konto&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bda%5D%5Bpassword_desc%5D=dgangskode+skal+v%C3%A6re+mellem+6+og+12+karakterer&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bda%5D%5Barea_code_desc%5D=V%C3%A6r+sikker+p%C3%A5+at+dette+er+dit+korrekte+forvalgsnummer+ved+at+kontrollere+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Elisten%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bda%5D%5Bphone_desc%5D=Telefonnummeret+skal+indeholde+dit+forvalgsnummer+og+telefonnummer&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bda%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bsv%5D%5Bemail_desc%5D=Ange+ditt+e-postkonto&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bsv%5D%5Bpassword_desc%5D=L%C3%B6senordet+m%C3%A5ste+vara+6-12+tecken+l%C3%A5ngt&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bsv%5D%5Barea_code_desc%5D=Kontrollera+att+detta+%C3%A4r+r%C3%A4tt+landskod+genom+att+kolla+p%C3%A5+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Ethis+list%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bsv%5D%5Bphone_desc%5D=Telefonnummer+m%C3%A5ste+inneh%C3%A5lla+riktnummer+och+telefonnummer&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bsv%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bro%5D%5Bemail_desc%5D=Enter+your+valid+email+account&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bro%5D%5Bpassword_desc%5D=Password+must+be+6-12+characters+long&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bro%5D%5Barea_code_desc%5D=Make+sure+this+is+your+correct+country+dial+code+by+checking+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Ethis+list%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bro%5D%5Bphone_desc%5D=Phone+number+must+include+your+Area+Code+and+Phone+Number&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bro%5D%5Bdescription%5D=0&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bno%5D%5Bemail_desc%5D=Oppgi+gyldig+e-postkonto&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bno%5D%5Bpassword_desc%5D=Passord+m%C3%A5+v%C3%A6re+6-12+tegn+lang&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bno%5D%5Barea_code_desc%5D=S%C3%B8rge+for+at+dette+er+din+riktige+landskode+ved+%C3%A5+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27target%3D%27_blank%27%3Esjekke+denne+listen%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bno%5D%5Bphone_desc%5D=Telefonnummer+m%C3%A5+inkludere+omr%C3%A5de+og+telefonnummeret&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bno%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bjp%5D%5Bemail_desc%5D=Enter+your+valid+email+account&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bjp%5D%5Bpassword_desc%5D=Password+must+be+6-12+characters+long&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bjp%5D%5Barea_code_desc%5D=Make+sure+this+is+your+correct+country+dial+code+by+checking+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Ethis+list%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bjp%5D%5Bphone_desc%5D=Phone+number+must+include+your+Area+Code+and+Phone+Number&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bjp%5D%5Bdescription%5D=0&abTesting%5Bview%5D=default&splitterType=splitterNg
Frame ID: B482CDC58A63EED23DDEA2FC3063756A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Bitcoin Code

Page URL History Show full URLs

  1. https://storage.googleapis.com/goodsurely43/43xyz.html Page URL
  2. http://replace.goodsurely43.xyz/redirect.php/c1713eCHiT16595MdLk88IbF572DDDA62 Page URL
  3. http://replace.goodsurely43.xyz/track/c1713eCHiT16595MdLk88IbF572DDDA62 HTTP 302
    https://www.k33clq-3.com/2CRWBRB44/XCQZJ/?sub1=7&sub2=62-1713&sub3=16595-88-572 HTTP 302
    https://tracking.the-traffice-system.com/aff_c?offer_id=45&aff_id=1057&aff_sub=91d68d5709fc41d691ae97a640f0332f&aff_s... HTTP 302
    https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028... Page URL

Page Statistics

51
Requests

98 %
HTTPS

64 %
IPv6

12
Domains

17
Subdomains

12
IPs

4
Countries

1250 kB
Transfer

2597 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/goodsurely43/43xyz.html Page URL
  2. http://replace.goodsurely43.xyz/redirect.php/c1713eCHiT16595MdLk88IbF572DDDA62 Page URL
  3. http://replace.goodsurely43.xyz/track/c1713eCHiT16595MdLk88IbF572DDDA62 HTTP 302
    https://www.k33clq-3.com/2CRWBRB44/XCQZJ/?sub1=7&sub2=62-1713&sub3=16595-88-572 HTTP 302
    https://tracking.the-traffice-system.com/aff_c?offer_id=45&aff_id=1057&aff_sub=91d68d5709fc41d691ae97a640f0332f&aff_sub2=670343&aff_sub3=7&aff_sub4=62-1713&aff_sub5=Code&aff_click_id=16595-88-572 HTTP 302
    https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
43xyz.html
storage.googleapis.com/goodsurely43/ 		278 B
860 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/goodsurely43/43xyz.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
22d31c186de83cb8e94c72d1512790095efd3dc753e49d1b222984003f27f7e8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-guploader-uploadid
ADPycdsM3fBPrxbwfgjNzb8VLRHdZpA_gpLoej6L9zm0ElVAByFX8veR8bxTg1rtsdH6OkIQeGz2iNDOiGU5dzmIYv2t10mkKA
expires
Sat, 04 Dec 2021 05:28:50 GMT
date
Sat, 04 Dec 2021 04:28:50 GMT
last-modified
Thu, 04 Nov 2021 15:29:48 GMT
etag
"1bafb4a59b10793f002b36118ba6bd4d"
x-goog-generation
1636039788583740
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
278
content-type
text/html
x-goog-hash
crc32c=e99Z/g== md5=G6+0pZsQeT8AKzYRi6a9TQ==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
278
server
UploadServer
age
858
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
c1713eCHiT16595MdLk88IbF572DDDA62
replace.goodsurely43.xyz/redirect.php/ 		245 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
http://replace.goodsurely43.xyz/redirect.php/c1713eCHiT16595MdLk88IbF572DDDA62
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/goodsurely43/43xyz.html
Protocol
HTTP/1.1
Server
94.102.4.174 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
static.94-102-4-174-clients.www20100.com
Software
/
Resource Hash
a07da5cb8ffa149699ada3d29f8bdacc15d2e89856735faa3b8e30f1e533d94b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Date
Sat, 04 Dec 2021 04:43:08 GMT
Content-Length
245
Primary Request /
winnerofferz.com/
Redirect Chain
  • http://replace.goodsurely43.xyz/track/c1713eCHiT16595MdLk88IbF572DDDA62
  • https://www.k33clq-3.com/2CRWBRB44/XCQZJ/?sub1=7&sub2=62-1713&sub3=16595-88-572
  • https://tracking.the-traffice-system.com/aff_c?offer_id=45&aff_id=1057&aff_sub=91d68d5709fc41d691ae97a640f0332f&aff_sub2=670343&aff_sub3=7&aff_sub4=62-1713&aff_sub5=Code&aff_click_id=16595-88-572
  • https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
64 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Requested by
Host: replace.goodsurely43.xyz
URL: http://replace.goodsurely43.xyz/redirect.php/c1713eCHiT16595MdLk88IbF572DDDA62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32671077921063b6f53e995d57c04274ecb654fbe3023d5faa9b5dda9b5919cb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://replace.goodsurely43.xyz/redirect.php/c1713eCHiT16595MdLk88IbF572DDDA62

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
content-type
text/html
last-modified
Fri, 11 Sep 2020 13:03:18 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F54YlIYiJEugyDc%2FgOy0nSEOFE6mztPfQNkyxZzjCrRDxavVJwDOxeOPJIF08v7i18nLHNSzUta5aD5otyZLAWrRqmVRyZ2at14ZOseUng1jflTaD00yr%2F8vDN53uLSarS2kLhdxq796LgrHmYuJ"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b825f48fc6b83a2-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Sat, 04 Dec 2021 04:43:09 GMT
content-type
text/html; charset=iso-8859-1
location
https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
cache-control
no-cache, no-store, must-revalidate
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI CUR OUR NOR INT"
pragma
no-cache
tracking_id
1028659bd464537dfce65c77808bf4
x-robots-tag
noindex, nofollow
access-control-allow-origin
*
x-request-id
194fbcb6eeef3dc0619728c9a956a74a
access-control-allow-headers
Tune-SDK-Version
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovRSrrQkC1rYBanMG7nC4M17U5GLEJzmhACMgL7s03zuzN30DHFQCkbxA6DQcfIDf9gA0QONxWS4Z5Mvo7CRUNnK2OSKARE8YZvg2TToj1V1fhrrbrmqGAFAOciKJqruNDClXY5oO%2FRZO39zZwErFetMr1c1Zo4I%2B7QL9d%2BFpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b825f47da4a0f7e-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
reset.css
winnerofferz.com/css/ 		650 B
723 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winnerofferz.com/css/reset.css
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c969f948cee9e692af07816b19f8475ee1d0e62ce5e3b4a668c3c8635c86d865

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:30 GMT
server
cloudflare
etag
W/"5f5b75a2-28a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muIEZzSSCGBEh3rP6ruqjo2pq2Etn%2FRocfbH6XBkVUKFGOtEHp6jQ4%2F89Vi%2Bsm7T2c%2FH7XRQ1qTiZuQ7yYjyFR%2BR9mUGcMKRmgYIeDfeGUHjQizqxFdZYDpr0wCdePTlJzlrWEc%2B%2FDDoMVcOYjmw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b825f49ed3d83a2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
bootstrap.min.css
winnerofferz.com/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winnerofferz.com/css/bootstrap.min.css
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f58760b9a1062f69c68ec1888a6c95339165dc77fa95488a5c1c0ef50f3b638

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:28 GMT
server
cloudflare
etag
W/"5f5b75a0-1d975"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kx1vYURFp1o7QDadi8JV7z7m08%2B%2F%2BqpbQ%2FJJHBCNIza%2B%2BFvMKPSR%2B2slG5XxH9IyAqLGbM0%2BIYZE476noJps9DmbAn8CJv%2F7b9lLFA%2FaXqGbPDt%2Fhj2xSw6Td%2FcDOmqBtcVlibug9CI7XngBrXep"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b825f49ed3e83a2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
form-css.css
winnerofferz.com/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winnerofferz.com/css/form-css.css
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
549681b7ccc94cd509603c99a13ca754659129dbaa85d99518aec7503f6d0d11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:29 GMT
server
cloudflare
etag
W/"5f5b75a1-1bd5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9DL%2BA54zeN%2BiVcuIX4kbXv4M3Rwg4yOQfZerF6rkewFAAnrWstSMWhd%2BwJse6QHlZ1c0OAkfrbryYcGl4d3u%2F3kIkgH9SXV2Fl1SlcV7UJFvJeFg83EVJ5vt5AcWcScajxat0WG6Kiyx5HhzBlk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b825f49ed3f83a2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
form-css-custom.css
winnerofferz.com/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winnerofferz.com/css/form-css-custom.css
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb11fec718599f057ece4e60515ac417a2a3f37f0fd3e95c2d9951a9aecf9428

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:29 GMT
server
cloudflare
etag
W/"5f5b75a1-14f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GFrA3w7HEiLw5jR5lAgnkWbf4tbQwOUpVLz569H3O7CtA%2FC4AB3rfK5Xf25iriBMuHMKo65oVgABI2MIBpIoaovyeFBeKLh%2BcoIqmICeVUUmxyQVLs2a1BRB%2FcfQGiArfMiTPoJ3iI5hfaJ86GX"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b825f49ed4083a2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.css
winnerofferz.com/css/ 		68 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winnerofferz.com/css/style.css
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9046a95f1f844a97668be1c5e975fdec432b723d5b4e42e817d8ad578194c7d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:29 GMT
server
cloudflare
etag
W/"5f5b75a1-10ebc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G50ZxUj1lIm6Nx4gu%2Bf6WV06RZEkhqSXByz9JH14teBE6z7KFpZZL2mNWg9EWv2JwKIaaVYaIcSBe7AtdqOfg0rqBYbxsN2q8Yr%2Fh6nhvbmUWP1sr0tvaqUiGa4lnvYDHOduUakyj34QauTRF3v5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b825f49ed4183a2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
testimonial-1.jpg
winnerofferz.com/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winnerofferz.com/img/testimonial-1.jpg
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e10da011124c6038cab89c8eee389debce70ee724f9539ca0c9f9305269f9aaa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:26 GMT
server
cloudflare
etag
"5f5b759e-ca8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zZJDz4HP2qswlmZ7nnAIu91FS9VX56l96wXm7qTcF3rO9WMGwuGtA2qaOkhXeZrjDnL%2BUkD160U5WH4us3VZUwrKAA95HimrMQXi2IrO7pa7ibw0Szg7MaRu4jKsPoxW8UeyVKM2%2F0mqRot0ASW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b825f49fd4a83a2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3240
testimonial-2.jpg
winnerofferz.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winnerofferz.com/img/testimonial-2.jpg
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46e65cc4a14f82dc08bb5a89fa3e85f9d7a3ee691bd50c78440b802f56d66dc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:25 GMT
server
cloudflare
etag
"5f5b759d-e3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lc05Tl%2FHan8Zvz42DNzS1pWbLXQgLiTCpR5Et5K59%2F26SnY%2B8g9YGJBDbI1mAT6LHpPdt1%2FRUzem%2FoS9frzYiEHm2wCoy5CUqkgpi518v2N59LLWart%2FzuOOvLq8i%2FJ5as2TtUJFytnkXVYk6t4m"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b825f49fd4b83a2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3645
testimonial-3.jpg
winnerofferz.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winnerofferz.com/img/testimonial-3.jpg
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b50ebf10355cf0baed11d7f01a2615ba15b49820134fe96c46c3e10539db8767

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:24 GMT
server
cloudflare
etag
"5f5b759c-fbd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GFEbXiXQoWYK6nEuvYKi18UqzCsyHBE083D8tX9sHMiCPH3Gb%2FCqENuOgjI5u%2Bk%2BM2ycvMzAPXyKBAvVB4WigFmzVtiwl2QhyLyY6jmZnriA8thui63MBoBJ8yYMH8gaFJ00QACVvUQRHckb0LI"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b825f49fd4c83a2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4029
testimonial-4.jpg
winnerofferz.com/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winnerofferz.com/img/testimonial-4.jpg
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6eb3ce6daa6e8c2451e2dc601d63b524cd3d32e7e4f9736bd5278513c791cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:26 GMT
server
cloudflare
etag
"5f5b759e-cfa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pE%2BdLpCXxpUOwsFt%2BHqAmyN6flo0pT2gAdRBSTrs5qV2I2KwSiF330UFwrmZcJWAgaoTEYnbsxTdsA9lQRPl2XdI65XfNTlSv0oaPe%2FRSE6JasRMxjynijHr45lSnk72nV8cmnwuZ7%2FONUPlydak"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b825f49fd4d83a2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3322
testimonial-5.jpg
winnerofferz.com/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winnerofferz.com/img/testimonial-5.jpg
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04a816b7da7fb5148a1c97d1d56f804880c4d88f0d7677ae8b557594d0d03f54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:25 GMT
server
cloudflare
etag
"5f5b759d-c23"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDYiTBYnGMRJ8rzF1mHuibZgHQudWIP%2FNh7O1IizmGf34GomQuAKf8k3wCuqdIaM6wC7gzYSwmfdZ4dNA9ItwV4701BYMUN9SMybB7IdI99G9jy1xZ8BwNi78OjxMUUebV%2B5O%2B%2BlniOMG%2Fzk1kDD"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b825f49fd4f83a2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3107
testimonial-6.jpg
winnerofferz.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winnerofferz.com/img/testimonial-6.jpg
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d270ee37727a7e8d9796db24c7a784bca91f5411d699c5416fa0bb59874e0685

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:25 GMT
server
cloudflare
etag
"5f5b759d-f54"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CEJhmiFnOSXeQssmUG09OmynPMMn%2FUWaNpVkgxAyVdDI%2FZPtYm%2BX8uMsfE8YXYRc6pveLJbstX3Uwbg37%2FHJOJannOgjWnzXO8xtyb1c7SCVrT4jmarNClKxLquJXVCf0vStihL9ZYtrxSnZrjS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b825f49fd5083a2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3924
testimonial-7.jpg
winnerofferz.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winnerofferz.com/img/testimonial-7.jpg
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
717ec72cdd462e1c80b35b109012a3f824db1ed64fb3e10a93253b3883439526

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:23 GMT
server
cloudflare
etag
"5f5b759b-fff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GwG0E1eXuRy0Vrm8U7LfnW1vYPYNEq%2F55QzY7tsXOcGZCbEHCwRV4Dv7TNoyV2CNMb4XI2E09ctcW9S4ffjMFT2wYeFbRqzhQngtcW2rwoyQTAXJFleKxV9%2FtZYcY5y5QJRftF5n3YnQ1TVytzs"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b825f49fd5183a2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4095
testimonial-8.jpg
winnerofferz.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winnerofferz.com/img/testimonial-8.jpg
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28781c0c715f33bba9c4d508df89aef0aca7fa707196e122ed5e917dd5966b1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:25 GMT
server
cloudflare
etag
"5f5b759d-1016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwI0PDOkgcPuf7du5KBbPX7tM7DW3yZ9SI4dAjVoy%2BvqMnAdvJ0dGgvUE7gERH5K8mmYCcEtmlcUjkw8jHDjnwuzVjg%2Bfc3XccO3imshHL8xD1lvPzpa%2FAStsIjCPHfLv8vcnBwSBkxARYYt4WRO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b825f49fd5283a2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4118
testimonial-9.jpg
winnerofferz.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winnerofferz.com/img/testimonial-9.jpg
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35ca68aa504d1db1ef312210a0a44b2f4234f7eace8a973b9ba09749a036a745

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:23 GMT
server
cloudflare
etag
"5f5b759b-f38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKFYqy0VfB0wirTJ5lbNISZ4lWDBpb8ITHhEbeByHzWY4nUWTCvC8CuypL6kMbjjWX5ugwJ8E7LW6lo%2Fc7JbzH1o8X19wwfhCOsm8XdG0t7VS9%2BE4v42qMuQlGSzI%2BEmjocm1O2egPiJWgjy1f%2BY"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b825f49fd5383a2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3896
man.jpg
winnerofferz.com/img/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winnerofferz.com/img/man.jpg
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1abbf3dd63827ef487c1daa6d4a1c4f8fe12608c0c04e57317a5243d29745f6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:26 GMT
server
cloudflare
etag
"5f5b759e-7d6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csE0s6%2B8t5L6iSsOwfsDnfdx63w83SQ6t7pt8jh3qSedR5iE8mH3N%2BYNBblbTnMfSknZYW97Ndy2ymC9xeicRvThnFO2YbMUYTfZwcIUaA9YJ0YYuEixA2oWD4G6bHIM3OOpQdSrnb0qh2%2FUxtMp"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b825f49fd5483a2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
32110
sign.png
winnerofferz.com/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winnerofferz.com/img/sign.png
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea22eeb3ff67e953e770d7349a111529ac3a27b2830d090a3cf62a460470ce2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:25 GMT
server
cloudflare
etag
"5f5b759d-cb3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDoHgQYl7J5JoWc%2BppqbVqN7SIJzJV%2Fk2SIINSV8O3mQGAE0CBXRfR4CIFuXmxBPt5HHdC9n8Q%2BYfEE08D2eckP%2FmT3Wx99yXxBVqa8oBB9uqjPXVD1BUhkFFbB7rwxmDurwId92lcG2eMe7xCdL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b825f49fd5583a2-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3251
320508452
player.vimeo.com/video/ Frame CF73 		13 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/320508452
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b46c03ed183197dd8f1b6310c97fddafa9269fc5eb870736b7b1c8ac8f3b7541
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/

Response headers

Connection
keep-alive
Content-Length
8174
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Sat, 04 Dec 2021 04:43:17 GMT
Via
1.1 varnish, 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
1
X-VServer
infra-playproxy-b-4
X-Vimeo-DC
ge
Accept-Ranges
bytes
Date
Sat, 04 Dec 2021 04:43:09 GMT
Age
0
X-Served-By
cache-hhn4026-HHN
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1638592990.779076,VS0,VE104
Vary
Accept-Encoding
X-Player-Backend
p
bootstrap.min.js
winnerofferz.com/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winnerofferz.com/js/bootstrap.min.js
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:18 GMT
server
cloudflare
etag
W/"5f5b7596-90b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXMOnLZhUcepzzkw3Viu8jPD3Y%2BDXc9eV6Oa%2BRTmn21ww8GtMT7FZZLIp5IDxKxdQAHQPOPPsVOzDgaKqm3OTxl9ry8HE14CqdRf3x%2FVfvVODYq1h5Cbay0ewuPNOKYqaxTHEOGYLAmeWqFZ7Arl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b825f4a18118397-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery-1.11.3.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.3.min.js
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2015 16:20:58 GMT
server
nginx
etag
W/"553fb36a-176d5"
vary
Accept-Encoding
x-hw
1638592989.dop214.fr8.t,1638592989.cds215.fr8.hn,1638592989.cds127.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33261
form.min.js
trafforms.co/ 		327 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trafforms.co/form.min.js?offer=BOf84c5996e81fd&nid=3
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3469 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
443e4b26d5cfdc85860bb01fe9505d0e3a18380c083e609f9eba157d948f3e5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 04 Dec 2021 04:42:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glR5khD3GXZhgDRF%2BVJNjGRFahleA4hkN%2FjULnhn6m%2BsCvhLYhx%2FZ1LLPy7u4iwxjEagMT17EZZtIxqf7ZCQ7k1yYuJyITFk8GoSOuUnU%2BczlCdVQdTe1TfBJ5RI0LdMfjcOFMvaIcrVGWw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b825f4a3d9d05dc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu+Condensed|Ubuntu:300,300i,400,500,500i,700,700i&amp;subset=cyrillic
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/css/form-css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99a02ce77e6f4561ee68b13f539074f17eb236d640a9b272be4ed49e759924cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 04 Dec 2021 04:43:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 04 Dec 2021 04:43:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Dec 2021 04:43:09 GMT
762951787-85dc962f82764d7761acfd95f414de0ea296b3688eb868fefdc28de2c06850d6-d.jpg
i.vimeocdn.com/video/ Frame CF73 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/762951787-85dc962f82764d7761acfd95f414de0ea296b3688eb868fefdc28de2c06850d6-d.jpg?mw=80&q=85
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/320508452
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8563f0452de0bdef782bb7d89ca0e0e6f5956e7968ec273333e61e8bf6056b91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
938676
x-viewmaster-lossless-format
false
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
1510
viewmaster-server
viewmaster-us-central1-v4cv
x-served-by
cache-dfw18630-DFW, cache-fra19168-FRA
x-timer
S1638592990.929937,VS0,VE0
etag
7d67eb866bbd25b5c2ae3334007cc5d7
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 1
player.de-DE.js
f.vimeocdn.com/p/3.46.2/js/ Frame CF73 		683 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/3.46.2/js/player.de-DE.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/320508452
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9a1275f949aa2027f61ebcd39b1fc1528359a1575cecbb1f5471adeb580dd413

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
via
1.1 varnish, 1.1 varnish
age
112741
x-guploader-uploadid
ADPycdvgbZw6rNrLg-Vn4ec5icieZRwdU6aVFhGk-jSghUTtCMUOOLx-0B4EbyoT3taMYB31wwFYn230YAb-iielQyA
x-cache
MISS, HIT
content-encoding
br
content-length
164101
x-served-by
cache-bwi5171-BWI, cache-fra19162-FRA
last-modified
Thu, 02 Dec 2021 21:14:59 GMT
server
UploadServer
x-timer
S1638592990.933852,VS0,VE0
etag
"b0a6f3a0e2e92e0e1bedb9da7360b540"
vary
Accept-Encoding,x-http-method-override
content-type
application/javascript
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
0, 60
player.css
f.vimeocdn.com/p/3.46.2/css/ Frame CF73 		195 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/3.46.2/css/player.css
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/320508452
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
210af586ddda401737982c48d008375a36f61527187df6d031990e3fab67575d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
via
1.1 varnish, 1.1 varnish
age
112747
x-guploader-uploadid
ADPycdtNTBTCAxcmLkrkWmvMPzkLbPSMVSeN8YWzs8ynue1qPj5CRstlNmE1E3SIEW8A0Mz2Ij7inFvmfVnlt1sAMECIWegq-g
x-cache
MISS, HIT
content-encoding
br
content-length
19215
x-served-by
cache-bwi5159-BWI, cache-fra19162-FRA
last-modified
Thu, 02 Dec 2021 21:14:59 GMT
server
UploadServer
x-timer
S1638592990.933778,VS0,VE0
etag
"4bbf851bade37c2c938f1a6b7f81f8e6"
vary
Accept-Encoding,x-http-method-override
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
0, 48402
vuid.min.js
f.vimeocdn.com/js_opt/modules/utils/ Frame CF73 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/320508452
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:09 GMT
content-encoding
gzip
age
5607679
x-cache
HIT, HIT
content-length
1238
x-served-by
cache-bwi5125-BWI, cache-fra19162-FRA
last-modified
Thu, 30 Sep 2021 05:42:18 GMT
server
Apache
cache-control
max-age=315360000
x-timer
S1638592990.933896,VS0,VE0
etag
"a68-5cd2fe8e48280-gzip"
vary
Accept-Encoding,x-http-method-override
content-type
text/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
expires
Sun, 28 Sep 2031 07:01:52 GMT
x-vimeo-dc
ge
x-bapp-server
assets-v3244-jqhzs
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 399695
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu+Condensed|Ubuntu:300,300i,400,500,500i,700,700i&amp;subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://winnerofferz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 11:14:45 GMT
x-content-type-options
nosniff
age
322104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34260
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 11:14:45 GMT
4iCp6KVjbNBYlgoKejZPslyPN4E.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCp6KVjbNBYlgoKejZPslyPN4E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu+Condensed|Ubuntu:300,300i,400,500,500i,700,700i&amp;subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aaa5c804f7a331ebdac8988c462bfc09ab5fb7d80a699da7ed1d1f3683b6bbf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://winnerofferz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 11:19:01 GMT
x-content-type-options
nosniff
age
321848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30092
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 11:19:01 GMT
logo.png
winnerofferz.com/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winnerofferz.com/img/logo.png
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f62e5b42279de5ac04b03ae515d1319e90ca42efc94e5e4a8a15545fc4fc887

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:10 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:25 GMT
server
cloudflare
etag
"5f5b759d-15f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwCatJALdgv7ThsOIVx2rKrmhcNcmWkBsRwtwPXFxhNBOPhw3Ols1l8KEAM0OIgGuyVyV%2BmgJ6yyfe8lKPmOWLMP0UHsQvOr9KE%2BpvPX0eC9zDyDs%2F4kRYdaY1uXF1tbOtUNH2BK0%2F%2FE1wed0wzS"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b825f4b39158397-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5619
intro-bg.jpg
winnerofferz.com/img/ 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winnerofferz.com/img/intro-bg.jpg
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62fc0799d11f7268fd146b071db41ffb6c7693733b506cfbdd2d6038287af0a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:10 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:26 GMT
server
cloudflare
etag
"5f5b759e-1f6b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3VCSiHwaSus5D4Y9GyoNNcELo3zt%2F1XBbPkSTGpgkJbIGS94PnV31YRGbnGP%2Br39Y97rPmUhxFcOBkHfdg6WnpnDHARvfRdxh%2Bq%2FhNab2TcVyuA4DBZeA%2F10Ab4Q04NUdHr9vdyhssL6F%2F%2BhqLQ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b825f4b49198397-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
128694
4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu+Condensed|Ubuntu:300,300i,400,500,500i,700,700i&amp;subset=cyrillic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://winnerofferz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 15:41:55 GMT
x-content-type-options
nosniff
age
219674
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29864
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:34 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 01 Dec 2022 15:41:55 GMT
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu+Condensed|Ubuntu:300,300i,400,500,500i,700,700i&amp;subset=cyrillic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://winnerofferz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 17:57:27 GMT
x-content-type-options
nosniff
age
297942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28968
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 17:57:27 GMT
4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoC1CzjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu+Condensed|Ubuntu:300,300i,400,500,500i,700,700i&amp;subset=cyrillic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f22c14d833819460602bd41792732725e48a6a6ee48f768a298cde40e16584f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://winnerofferz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 11:25:38 GMT
x-content-type-options
nosniff
age
235051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38108
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:31 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 01 Dec 2022 11:25:38 GMT
vacations-bg.jpg
winnerofferz.com/img/ 		240 KB
241 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winnerofferz.com/img/vacations-bg.jpg
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e62aa1590f5901c0f46311d01179d9ee7256fd27b4cd64878925e3433995a380

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:10 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:27 GMT
server
cloudflare
etag
"5f5b759f-3bfab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UQ%2FaMbu1i54IFDmUxDSor%2BGPAYi4IB4OBK6pOj%2BNLDbTRU7hu5YheFdAsi2E999%2BcHv4%2BePxDIQB3Ss0M%2FkFEmSCfe8dnECazf0iIN845DdBTgE6C%2FHQk2qI%2FXdf%2BbuE2YFnHSdBWre1jli%2FDyS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b825f4b491b8397-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
245675
man-bg.jpg
winnerofferz.com/img/ 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winnerofferz.com/img/man-bg.jpg
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
560f212d1beedc85a7590988579355a70cd952a9c9ec8d3b17acf40940e0ed97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:10 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:26 GMT
server
cloudflare
etag
"5f5b759e-29e37"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTdm0cyYBvRdCAghf3mwnbWyQX1vTllW78WdrtkHb5z1aVaXNj7JiOb8EbdOBIpNJ2b5h1%2BBNnahqjDoFPSsrnE9pd3QidkKixxvPW2%2Fa%2B64lChcnHDzScV2rc6vHbkmENMhvHGRUffspZdE2o57"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b825f4b491d8397-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
171575
icon-b-sm.png
winnerofferz.com/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winnerofferz.com/img/icon-b-sm.png
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83dd87c25a5289ffad935687f277623b203fce90bbd995ba2a961dac46cd5087

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:10 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:24 GMT
server
cloudflare
etag
"5f5b759c-728"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FV2zoLMJlVteHTuJUwn8%2F%2FejAQdltE5j26RBt6jgr%2Bi3oeZJsrfPn%2B8Nsj02%2BQiukyTtSXQV16f1kioRTWIQ%2BfldWjWsFw1mDbr2kRDNKoCXctpktcVYApEw58wymcCdMylAOAx79EbM5yZXsDrA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b825f4b491e8397-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1832
4iCp6KVjbNBYlgoKejZftVyPN4E.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCp6KVjbNBYlgoKejZftVyPN4E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu+Condensed|Ubuntu:300,300i,400,500,500i,700,700i&amp;subset=cyrillic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83464c090d730c4caa01efe2f196b176d7764c80e9a56e3d7ff29745fb8b39f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://winnerofferz.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 23:06:42 GMT
x-content-type-options
nosniff
age
279387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37548
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:15 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 23:06:42 GMT
form.min.css
external-media.trafficon.co/api/v1/ 		130 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://external-media.trafficon.co/api/v1/form.min.css?product=codenet-system
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:d6d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a41d32f98ad4e438af9f9ff7d3fe61deb4ac484d8a0d8bc335dc026af82165eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
218
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
DZ5XX69GWAA7RE9Z
x-amz-id-2
DpuuYYNuiwRrbMm+dEQNzQ7T5yaWQypvuV2XcYErocuIVXG3BMohVfIuV5bUBB7maDpj+gVhOcQ=
last-modified
Thu, 22 Aug 2019 14:20:54 GMT
server
cloudflare
etag
W/"18e5ba47bbdade46f898d84b7af45ee3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FOoUwlpWN86Dr3tc1mHQrBbHw2%2FAdp2JJ5pWc0tF%2FhCE1dx%2FPlzHxIXzQPo%2BK52Yfw9%2FIPVfRAKPoDh3qHbUQkmoPZkyZ%2BATYn8bsE%2Ft0H42CXnc941MVdY3ZI6n8wyC5FliuFOLFJJb4K6HWWgKdg%2BsMiap1Bn%2FQM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
x-amz-version-id
DxQq79aeuecUU5TZ7SWGrcVnxTsKhyB7
cf-ray
6b825f4bfebb145a-FRA
push
splitter.trafficon.co/api/v1/traffics/ 		379 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://splitter.trafficon.co/api/v1/traffics/push
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:d6d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.29
Resource Hash
39fa563f7e8afdafb59526d58f6c999858f20c98b1c8c857931b57a5f8143c1b

Request headers

Accept
*/*
Referer
https://winnerofferz.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 04:43:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.29
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6dEqTeaoKY2BoAAoQmhbTFx%2B4XUvLaGcft3VddZhrtBYKCxm%2FIS8sdZEuExaWO6GF%2FWe%2ByTa4W3SReXxjV8Bm4euImjS6Gl1%2B3DrI6Wj7XaEJpoM6Xjqn4jgacdpE%2BSKOkU%2B%2BjRhVTzYmPqsfrbEhssP4E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://winnerofferz.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
6b825f4c09d48397-MXP
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,authorization
01cd4567i910l121638592989470
streamerpr.com/analytic/codenet-system/form-loaded/ Frame FE14 		24 B
309 B 		Document
General
Check archive.org
Download Go to
Full URL
https://streamerpr.com/analytic/codenet-system/form-loaded/01cd4567i910l121638592989470?splitterType=splitterNg
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:d4bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8b782eaca244f8a8e2aa6641aa24d9223c8f2f23f55fdb15baf726f8eae5c5d2
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/

Response headers

date
Sat, 04 Dec 2021 04:43:10 GMT
content-type
text/html; charset=utf-8
x-powered-by
Express
x-frame-options
ALLOWALL
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocZlPDp303sGTcHktG3ey%2FcZpCKcFxf2kC8t5kfATTrm4WQQCNXN20Z4rrAjbdSCXGGmeToU7tj1DaUMzmzxfxjD355ZCG8bNH6L7xlW9REqn0xLTJ%2BMq4jPrRtMtkNK7aNcCPsOB0eYD4yTOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b825f4bf8aa4eeb-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
01cd4567i910l121638592989470
streamerpr.com/analytic/codenet-system/pre-sales/ Frame B375 		24 B
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://streamerpr.com/analytic/codenet-system/pre-sales/01cd4567i910l121638592989470?aff_id=1057&aff_subs%5Baff_sub1%5D=91d68d5709fc41d691ae97a640f0332f&aff_subs%5Baff_sub3%5D=7&aff_subs%5Baff_sub4%5D=62-1713&aff_subs%5Baff_sub5%5D=Code&splitterType=splitterNg
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:d4bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8b782eaca244f8a8e2aa6641aa24d9223c8f2f23f55fdb15baf726f8eae5c5d2
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/

Response headers

date
Sat, 04 Dec 2021 04:43:10 GMT
content-type
text/html; charset=utf-8
x-powered-by
Express
x-frame-options
ALLOWALL
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpoMFQNzhA5KKnPuKMT%2FN3Mzj9gq%2BjCVpEn88lOaawwY42AvAtk3qNDNh3XgL%2B6aY73Y%2FiqIIe0wi4ZzbZ03dAeZpJq52zGQr0bY9NM5%2F%2Bjl6Zq2a1FDmrJBYftFa1MICmJSTgl4jnjkIYAqIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b825f4bf8ab4eeb-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
checkmark.png
external-media.trafficon.co/boaform/img/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-media.trafficon.co/boaform/img/checkmark.png
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:d6d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd590f1a69adfe4d76effbb17c6246337f2f5fe5b2a3643b83faa69f6096516b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5647
content-type
image/png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17884
x-amz-id-2
MfdyhSY+F3VWP9zXYxbqk58Sp2LuAWz+AnMPXoCh9Y5+y9srm/a5D5Cj3/E9FSo1s6eNKDqq0Kc=
last-modified
Thu, 22 Aug 2019 14:23:00 GMT
server
cloudflare
etag
"8fddeaf0a00c291478deec92db1b482f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0m0%2F6vyXR8SD5CqQes1hhARR6MShUYJ%2F9EMf%2BKOl6nG%2BKmIzBcGeZuHUcrtWDsSxDMvoAondNbL%2BMAh9TzmyBSjtr%2FMxcuFk7nPAxBuSt2516SqB3vbqUXKvjU9r1KzJ%2FcHS2RTDYBF6nLZLvSaP8vnzEjkUHuMgMcw%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
48VWGGD0DCQP5CD9
cache-control
max-age=14400
x-amz-version-id
jKuvtADLhac4nMtlI2ifL0XZQ4rfF9qX
accept-ranges
bytes
cf-ray
6b825f4bfebd145a-FRA
icon-b.png
winnerofferz.com/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winnerofferz.com/img/icon-b.png
Requested by
Host: winnerofferz.com
URL: https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
081f9179a77580f178d94140204915863f7022540f341edf3822a7c0ef3333ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/?clickID=91d68d5709fc41d691ae97a640f0332f&aff=Code&c=IT&offer_id=45&tid=1028659bd464537dfce65c77808bf4&aff_id=1057&aff_sub3=7&aff_sub4=62-1713&source=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:10 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Sep 2020 13:03:23 GMT
server
cloudflare
etag
"5f5b759b-b2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjmB0CtlmyRl5kRNQfLvHEGEMJw%2Fg%2FTTaNiyJ7vavSMnGvNVhQrnrRxxi%2Fy14Taq%2FdaVy4wnxA%2BPlHFNh6IGkC2mEPkprOZX5wNRGzT6Ar2pN1jzoax4LM3Zvc6c%2Fzlmr29xDHiFFrVhOrho34v6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b825f4be9af8397-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2860
vuid
vimeo.com/ablincoln/ Frame CF73 		0
790 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vimeo.com/ablincoln/vuid?pid=037ce1590f519a5575aafd7f1e0ab40cacaf96961638592989
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://player.vimeo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Via
1.1 varnish, 1.1 varnish
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Served-By
cache-bwi5169-BWI, cache-hhn4030-HHN
X-Vimeo-DC
ge
Server
nginx
X-Timer
S1638592990.131464,VS0,VE124
X-Frame-Options
sameorigin
Date
Sat, 04 Dec 2021 04:43:10 GMT
Vary
User-Agent
Expires
Fri, 03 Dec 2021 16:43:10 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-BApp-Server
pweb-v17971-8c2jx
X-UA-Compatible
IE=edge
Accept-Ranges
bytes
X-Cache-Hits
0, 0
defaults-blue_60x60
i.vimeocdn.com/portrait/ Frame CF73 		741 B
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/portrait/defaults-blue_60x60
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/320508452
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cb979b547809a0615f8d033ba1d6b33693b9e902a178a3ead75a5dcb3c9d0543

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:10 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
595698
x-viewmaster-lossless-format
false
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
741
viewmaster-server
viewmaster-us-central1-9199
x-served-by
cache-dfw18625-DFW, cache-fra19168-FRA
x-timer
S1638592990.157600,VS0,VE0
etag
2a3431b0f58081f075ee539a613338ae
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
495, 1511
player-test-impression
fresnel.vimeocdn.com/add/ Frame CF73 		0
40 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.2/js/player.de-DE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Sat, 04 Dec 2021 04:43:10 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0
762951787-85dc962f82764d7761acfd95f414de0ea296b3688eb868fefdc28de2c06850d6-d
i.vimeocdn.com/video/ Frame CF73 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/762951787-85dc962f82764d7761acfd95f414de0ea296b3688eb868fefdc28de2c06850d6-d?mw=700&mh=394
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/320508452
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58cf5fca019bc11cf795c2c4888c0c529f13ba201a997063afbb4483631c0dc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 04:43:10 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
442493
x-viewmaster-lossless-format
false
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
15873
viewmaster-server
viewmaster-us-central1-5cqp
x-served-by
cache-dfw18658-DFW, cache-fra19168-FRA
x-timer
S1638592990.205238,VS0,VE1
etag
24134e9fa3de7bffb33cef09ba6a6270
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 1
player-stats
fresnel.vimeocdn.com/add/ Frame CF73 		0
110 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=037ce1590f519a5575aafd7f1e0ab40cacaf96961638592989
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.2/js/player.de-DE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Sat, 04 Dec 2021 04:43:10 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0
01cd4567i910l121638592989470
streamerpr.com/analytic/codenet-system/members/ Frame B482 		24 B
608 B 		Document
General
Check archive.org
Download Go to
Full URL
https://streamerpr.com/analytic/codenet-system/members/01cd4567i910l121638592989470?lead.offer_id=45&lead.aff_id=1057&lead.transaction_id=1028659bd464537dfce65c77808bf4&lead.broker=meteortrade&lead.campaign_id=89452&aff_subs%5Baff_sub1%5D=91d68d5709fc41d691ae97a640f0332f&aff_subs%5Baff_sub3%5D=7&aff_subs%5Baff_sub4%5D=62-1713&aff_subs%5Baff_sub5%5D=Code&geo.country=Germany&geo.iso=DE&abTesting%5Bfeatures%5D%5Btooltips%5D%5Btr%5D%5Bemail_desc%5D=L%C3%BCtfen+s%C4%B1k+olarak+kulland%C4%B1%C4%9F%C4%B1n%C4%B1z+bir+eposta+adresi+se%C3%A7iniz&abTesting%5Bfeatures%5D%5Btooltips%5D%5Btr%5D%5Bpassword_desc%5D=%C5%9Eifreniz+6-12+karakter+aral%C4%B1%C4%9F%C4%B1nda+olmal%C4%B1d%C4%B1r&abTesting%5Bfeatures%5D%5Btooltips%5D%5Btr%5D%5Barea_code_desc%5D=Bu+listeden+bakarak+%C3%BClke+kodunuzun+do%C4%9Fru+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Eoldu%C4%9Fundan+emin+olun%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Btr%5D%5Bphone_desc%5D=Numara+b%C3%B6lge+kodunuzu+ve+ki%C5%9Fisel+telefon+numaran%C4%B1z%C4%B1+i%C3%A7ermelidir&abTesting%5Bfeatures%5D%5Btooltips%5D%5Btr%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bru%5D%5Bemail_desc%5D=%D0%92%D1%8B%D0%B1%D0%B5%D1%80%D0%B8%D1%82%D0%B5+%D1%83%D0%BD%D0%B8%D0%BA%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9+%D0%B8%D1%81%D0%BF%D0%BE%D0%BB%D1%8C%D0%B7%D1%83%D0%B5%D0%BC%D1%8B%D0%B9+%D0%BF%D0%BE%D1%87%D1%82%D0%BE%D0%B2%D1%8B%D0%B9+%D0%B0%D0%BA%D0%BA%D0%B0%D1%83%D0%BD%D1%82&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bru%5D%5Bpassword_desc%5D=%D0%94%D0%BB%D0%B8%D0%BD%D0%B0+%D0%BF%D0%B0%D1%80%D0%BE%D0%BB%D1%8F+%D0%B4%D0%BE%D0%BB%D0%B6%D0%BD%D0%B0+%D0%B1%D1%8B%D1%82%D1%8C+%D0%BE%D1%82+6+%D0%B4%D0%BE+12+%D0%B7%D0%BD%D0%B0%D0%BA%D0%BE%D0%B2&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bru%5D%5Barea_code_desc%5D=%D0%A1%D0%B2%D0%B5%D1%80%D1%8C%D1%82%D0%B5+%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9+%D0%BA%D0%BE%D0%B4+%D1%81%D1%82%D1%80%D0%B0%D0%BD%D1%8B+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3E%D0%BF%D0%BE+%D1%8D%D1%82%D0%BE%D0%BC%D1%83+%D1%81%D0%BF%D0%B8%D1%81%D0%BA%D1%83%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bru%5D%5Bphone_desc%5D=%D0%9D%D0%BE%D0%BC%D0%B5%D1%80+%D0%B4%D0%BE%D0%BB%D0%B6%D0%B5%D0%BD+%D0%B2%D0%BA%D0%BB%D1%8E%D1%87%D0%B0%D1%82%D1%8C+%D0%BA%D0%BE%D0%B4+%D0%92%D0%B0%D1%88%D0%B5%D0%B3%D0%BE+%D1%80%D0%B0%D0%B9%D0%BE%D0%BD%D0%B0+%D0%B8+%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9+%D0%BD%D0%BE%D0%BC%D0%B5%D1%80+%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD%D0%B0&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bru%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bit%5D%5Bemail_desc%5D=Scegli+un%27email+che+controlli+regolarmente&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bit%5D%5Bpassword_desc%5D=La+password+deve+contenere+tra+gli+6+e+12+caratteri&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bit%5D%5Barea_code_desc%5D=Assicurati+cheil+prefisso+sia+corretto+verificandolo+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Esulla+lista%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bit%5D%5Bphone_desc%5D=Il+numero+deve+comprendere+il+prefisso+e+il+tuo+numero+personale&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bit%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bar%5D%5Bemail_desc%5D=%D8%AE%D8%AA%D8%B1+%D8%B9%D9%86%D9%88%D8%A7%D9%86+%D8%A8%D8%B1%D9%8A%D8%AF+%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A+%D8%AD%D9%82%D9%8A%D9%82%D9%8A+%D8%AA%D8%B3%D8%AA%D8%AE%D8%AF%D9%85%D9%87+%D8%A8%D8%A7%D9%86%D8%AA%D8%B8%D8%A7%D9%85&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bar%5D%5Bpassword_desc%5D=%D9%8A%D8%AC%D8%A8+%D8%A3%D9%86+%D8%AA%D9%83%D9%88%D9%86+%D9%83%D9%84%D9%85%D8%A9+%D8%A7%D9%84%D9%85%D8%B1%D9%88%D8%B1+%D8%A8%D9%8A%D9%86+8-12+%D8%B1%D9%85%D8%B2%D8%A7%D9%8B&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bar%5D%5Barea_code_desc%5D=%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3E%D8%AA%D8%A3%D9%83%D8%AF+%D9%85%D9%86+%D8%A3%D9%86%3C%2Fa%3E+%D9%81%D8%AA%D8%AD+%D8%AE%D8%B7+%D8%A7%D9%84%D8%AF%D9%88%D9%84%D8%A9+%D8%B5%D8%AD%D9%8A%D8%AD+%D8%A8%D8%A7%D9%84%D9%86%D8%B8%D8%B1+%D8%A5%D9%84%D9%89+%D8%A7%D9%84%D9%82%D8%A7%D8%A6%D9%85%D8%A9+%D8%A7%D9%84%D8%AA%D8%A7%D9%84%D9%8A%D8%A9&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bar%5D%5Bphone_desc%5D=%D9%8A%D8%AC%D8%A8+%D8%A3%D9%86+%D9%8A%D8%AA%D8%B6%D9%85%D9%86+%D8%A7%D9%84%D8%B1%D9%82%D9%85+%D8%B1%D9%85%D8%B2+%D8%A7%D9%84%D9%85%D9%86%D8%B7%D9%82%D8%A9+%D9%88%D8%B1%D9%82%D9%85+%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81+%D8%A7%D9%84%D8%B4%D8%AE%D8%B5%D9%8A&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bar%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bpr%5D%5Bemail_desc%5D=Escolha+a+conta+de+email+aut%C3%AAntica+que+usa+regularmente%22&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bpr%5D%5Bpassword_desc%5D=A+sua+palavra-passe+deve+ser+entre+6-12+caracteres&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bpr%5D%5Barea_code_desc%5D=Verifique+nesta+lista+se+o+indicativo+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Edo+pa%C3%ADs+%C3%A9+correto%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bpr%5D%5Bphone_desc%5D=Deve+incluir+o+seu+indicativo+de+zona+e+n%C3%BAmero+de+telefone+pessoal&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bpr%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bnl%5D%5Bemail_desc%5D=Kies+een+e-mailaccount+dat+u+regelmatig+gebruikt&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bnl%5D%5Bpassword_desc%5D=Uw+wachtwoord+dient+6-12+tekens+te+bevatten&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bnl%5D%5Barea_code_desc%5D=Zorg+voor+het+juiste+landnummer+door+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Edeze+lijst+te+controleren%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bnl%5D%5Bphone_desc%5D=Het+nummer+dient+uw+netnummer+en+eigen+telefoonnummer+te+bevatten&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bnl%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Ben%5D%5Bemail_desc%5D=Enter+your+valid+email+account&abTesting%5Bfeatures%5D%5Btooltips%5D%5Ben%5D%5Bpassword_desc%5D=Password+must+be+6-12+characters+long&abTesting%5Bfeatures%5D%5Btooltips%5D%5Ben%5D%5Barea_code_desc%5D=Make+sure+this+is+your+correct+country+dial+code+by+checking+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Ethis+list%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Ben%5D%5Bphone_desc%5D=Phone+number+must+include+your+Area+Code+and+Phone+Number&abTesting%5Bfeatures%5D%5Btooltips%5D%5Ben%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bde%5D%5Bemail_desc%5D=W%C3%A4hlen+Sie+ein+E-Mail-Konto%2C+das+Sie+regelm%C3%A4%C3%9Fig+nutzen&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bde%5D%5Bpassword_desc%5D=Ihr+Passwort+sollte+6-12+Zeichen+enthalten&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bde%5D%5Barea_code_desc%5D=Stellen+Sie+anhand+der+Liste+sicher%2C+dass+die+L%C3%A4ndervorwahl+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Ekorrekt+ist%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bde%5D%5Bphone_desc%5D=Die+Nummer+muss+die+Vorwahl+und+die+pers%C3%B6nliche+Telefonnummer+enthalten&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bde%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bes%5D%5Bemail_desc%5D=Elija+un+correo+electr%C3%B3nico+aut%C3%A9ntico+que+use+regularmente&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bes%5D%5Bpassword_desc%5D=Su+contrase%C3%B1a+debe+tener+entre+8+y+12+caracteres&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bes%5D%5Barea_code_desc%5D=En+esta+lista+puede+asegurarse+si+ese+es+el+c%C3%B3digo+de+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Epa%C3%ADs+correcto%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bes%5D%5Bphone_desc%5D=El+n%C3%BAmero+debe+incluir+un+c%C3%B3digo+de+%C3%A1rea+y+un+n%C3%BAmero+personal&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bes%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bfr%5D%5Bemail_desc%5D=Choisissez+un+compte+e-mail+que+vous+utilisez+r%C3%A9guli%C3%A8rement&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bfr%5D%5Bpassword_desc%5D=Votre+mot+de+passe+doit+contenir+entre+6+et+12+caract%C3%A8res&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bfr%5D%5Barea_code_desc%5D=Assurez-vous+qu%27il+s%27agit+du+bon+code+en+consultant+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Ecette+liste%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bfr%5D%5Bphone_desc%5D=Le+num%C3%A9ro+doit+inclure+votre+code+r%C3%A9gional+et+votre+num%C3%A9ro+de+t%C3%A9l%C3%A9phone&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bfr%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bda%5D%5Bemail_desc%5D=Indtast+din+gyldig+e-mail-konto&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bda%5D%5Bpassword_desc%5D=dgangskode+skal+v%C3%A6re+mellem+6+og+12+karakterer&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bda%5D%5Barea_code_desc%5D=V%C3%A6r+sikker+p%C3%A5+at+dette+er+dit+korrekte+forvalgsnummer+ved+at+kontrollere+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Elisten%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bda%5D%5Bphone_desc%5D=Telefonnummeret+skal+indeholde+dit+forvalgsnummer+og+telefonnummer&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bda%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bsv%5D%5Bemail_desc%5D=Ange+ditt+e-postkonto&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bsv%5D%5Bpassword_desc%5D=L%C3%B6senordet+m%C3%A5ste+vara+6-12+tecken+l%C3%A5ngt&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bsv%5D%5Barea_code_desc%5D=Kontrollera+att+detta+%C3%A4r+r%C3%A4tt+landskod+genom+att+kolla+p%C3%A5+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Ethis+list%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bsv%5D%5Bphone_desc%5D=Telefonnummer+m%C3%A5ste+inneh%C3%A5lla+riktnummer+och+telefonnummer&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bsv%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bro%5D%5Bemail_desc%5D=Enter+your+valid+email+account&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bro%5D%5Bpassword_desc%5D=Password+must+be+6-12+characters+long&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bro%5D%5Barea_code_desc%5D=Make+sure+this+is+your+correct+country+dial+code+by+checking+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Ethis+list%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bro%5D%5Bphone_desc%5D=Phone+number+must+include+your+Area+Code+and+Phone+Number&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bro%5D%5Bdescription%5D=0&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bno%5D%5Bemail_desc%5D=Oppgi+gyldig+e-postkonto&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bno%5D%5Bpassword_desc%5D=Passord+m%C3%A5+v%C3%A6re+6-12+tegn+lang&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bno%5D%5Barea_code_desc%5D=S%C3%B8rge+for+at+dette+er+din+riktige+landskode+ved+%C3%A5+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27target%3D%27_blank%27%3Esjekke+denne+listen%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bno%5D%5Bphone_desc%5D=Telefonnummer+m%C3%A5+inkludere+omr%C3%A5de+og+telefonnummeret&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bno%5D%5Bdescription%5D=1&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bjp%5D%5Bemail_desc%5D=Enter+your+valid+email+account&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bjp%5D%5Bpassword_desc%5D=Password+must+be+6-12+characters+long&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bjp%5D%5Barea_code_desc%5D=Make+sure+this+is+your+correct+country+dial+code+by+checking+%3Ca+href%3D%27https%3A%2F%2Fcountrycode.org%2F%27+target%3D%27_blank%27%3Ethis+list%3C%2Fa%3E&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bjp%5D%5Bphone_desc%5D=Phone+number+must+include+your+Area+Code+and+Phone+Number&abTesting%5Bfeatures%5D%5Btooltips%5D%5Bjp%5D%5Bdescription%5D=0&abTesting%5Bview%5D=default&splitterType=splitterNg
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8b782eaca244f8a8e2aa6641aa24d9223c8f2f23f55fdb15baf726f8eae5c5d2
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://winnerofferz.com/

Response headers

date
Sat, 04 Dec 2021 04:43:10 GMT
content-type
text/html; charset=utf-8
x-powered-by
Express
x-frame-options
ALLOWALL
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwt%2Bv1QFPbsHD%2FL5kZ3EsWvlyL1lJpfGsjZCmj14y2kbl0mLqLqNEYG0upmD5Uh5dxunoKBELbg1RMeVZcvniJWbphIz6gAcCSIb7oJX4lW8Z7NkIX0Rdtdte7kPt2qK14eSBoeoLWJZHTLzfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b825f4ed850dfdb-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery object| translations object| _BOAS function| _ object| jQuery11130027353973767249462 object| JST function| sha1 object| BOA function| Validation function| DepositValidation object| boa object| form1 object| form2 string| elm function| getTracking object| onSuccess object| onError object| onSubmit object| oneSubmit object| oneError function| ucTemplate

6 Cookies

Domain/Path Name / Value
www.k33clq-3.com/ Name: uniqueClick_XCQZJ
Value: d168dc41-e4ef-4823-99f0-605d35ae85ec:1638592989
www.k33clq-3.com/ Name: transaction_id
Value: 91d68d5709fc41d691ae97a640f0332f
tracking.the-traffice-system.com/ Name: enc_aff_session_45
Value: ENC039bab80a531405f0aef52a37f46b61377604f35958aa0b52fc5dc5c9b259db574c1b1843b2e6ab33017405f79e3b4f08648d7d6b3def42d764cbc7f7e0c2bfd5f2e5c567bf24dcc7c3e6b6b7e58038c9098599a5c7303878528981a636b2b1914b5f4828bbb08fc0a8e8043e8d43d8607331f690f93178aaf04d21fdc8d2ccc1e9adc68dab21069cd634bea385ff39c8b32e7bbb5f7c1c1efae1a3a827bc2517bc89cebf6f7cbc2f32bc4e84529bdf59ea06f7208ca8c7a1c074a48b4bab8265bc8d903bc88f15bc2b7b0c699ae77f33e7a82e9329bff753cc732439916ee5ec41e021aa7
tracking.the-traffice-system.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Ni4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuNDUgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImRlLURFLGRlO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
.vimeo.com/ Name: vuid
Value: pl501556332.1891320786
winnerofferz.com/ Name: tj
Value: {"aff_id":"1057","aff_subs":{"aff_sub1":"91d68d5709fc41d691ae97a640f0332f","aff_sub3":"7","aff_sub4":"62-1713","aff_sub5":"Code"},"transaction_id":"1028659bd464537dfce65c77808bf4","nekot":null,"hid":"BOf84c5996e81fd","log_id":"01cd4567i910l121638592989470","log_steps":["form-loaded","pre-sales","members"],"offer_id":45,"country":"AA","created":"2021-12-04T04:43:10+00:00","status":"new","last_pull":1638592989.948}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
external-media.trafficon.co
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
i.vimeocdn.com
player.vimeo.com
replace.goodsurely43.xyz
splitter.trafficon.co
storage.googleapis.com
streamerpr.com
tracking.the-traffice-system.com
trafforms.co
vimeo.com
winnerofferz.com
www.k33clq-3.com
151.101.14.109
151.101.64.217
2001:4de0:ac18::1:a:1b
2606:4700:3032::6815:3469
2606:4700:3033::ac43:d6d2
2606:4700:3035::ac43:a6d9
2606:4700:3036::6815:407
2606:4700:3037::ac43:d4bf
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2010
2a00:1450:4001:82b::200a
34.117.99.21
34.120.202.204
94.102.4.174
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
04a816b7da7fb5148a1c97d1d56f804880c4d88f0d7677ae8b557594d0d03f54
081f9179a77580f178d94140204915863f7022540f341edf3822a7c0ef3333ed
1abbf3dd63827ef487c1daa6d4a1c4f8fe12608c0c04e57317a5243d29745f6f
210af586ddda401737982c48d008375a36f61527187df6d031990e3fab67575d
22d31c186de83cb8e94c72d1512790095efd3dc753e49d1b222984003f27f7e8
28781c0c715f33bba9c4d508df89aef0aca7fa707196e122ed5e917dd5966b1b
2ea22eeb3ff67e953e770d7349a111529ac3a27b2830d090a3cf62a460470ce2
32671077921063b6f53e995d57c04274ecb654fbe3023d5faa9b5dda9b5919cb
35ca68aa504d1db1ef312210a0a44b2f4234f7eace8a973b9ba09749a036a745
39fa563f7e8afdafb59526d58f6c999858f20c98b1c8c857931b57a5f8143c1b
443e4b26d5cfdc85860bb01fe9505d0e3a18380c083e609f9eba157d948f3e5f
46e65cc4a14f82dc08bb5a89fa3e85f9d7a3ee691bd50c78440b802f56d66dc0
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
549681b7ccc94cd509603c99a13ca754659129dbaa85d99518aec7503f6d0d11
560f212d1beedc85a7590988579355a70cd952a9c9ec8d3b17acf40940e0ed97
58cf5fca019bc11cf795c2c4888c0c529f13ba201a997063afbb4483631c0dc9
62fc0799d11f7268fd146b071db41ffb6c7693733b506cfbdd2d6038287af0a3
717ec72cdd462e1c80b35b109012a3f824db1ed64fb3e10a93253b3883439526
83464c090d730c4caa01efe2f196b176d7764c80e9a56e3d7ff29745fb8b39f5
83dd87c25a5289ffad935687f277623b203fce90bbd995ba2a961dac46cd5087
8563f0452de0bdef782bb7d89ca0e0e6f5956e7968ec273333e61e8bf6056b91
8b782eaca244f8a8e2aa6641aa24d9223c8f2f23f55fdb15baf726f8eae5c5d2
8d6eb3ce6daa6e8c2451e2dc601d63b524cd3d32e7e4f9736bd5278513c791cd
8f22c14d833819460602bd41792732725e48a6a6ee48f768a298cde40e16584f
8f62e5b42279de5ac04b03ae515d1319e90ca42efc94e5e4a8a15545fc4fc887
9046a95f1f844a97668be1c5e975fdec432b723d5b4e42e817d8ad578194c7d0
97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0
99a02ce77e6f4561ee68b13f539074f17eb236d640a9b272be4ed49e759924cf
9a1275f949aa2027f61ebcd39b1fc1528359a1575cecbb1f5471adeb580dd413
9f58760b9a1062f69c68ec1888a6c95339165dc77fa95488a5c1c0ef50f3b638
a07da5cb8ffa149699ada3d29f8bdacc15d2e89856735faa3b8e30f1e533d94b
a41d32f98ad4e438af9f9ff7d3fe61deb4ac484d8a0d8bc335dc026af82165eb
aaa5c804f7a331ebdac8988c462bfc09ab5fb7d80a699da7ed1d1f3683b6bbf5
b46c03ed183197dd8f1b6310c97fddafa9269fc5eb870736b7b1c8ac8f3b7541
b50ebf10355cf0baed11d7f01a2615ba15b49820134fe96c46c3e10539db8767
c969f948cee9e692af07816b19f8475ee1d0e62ce5e3b4a668c3c8635c86d865
cb979b547809a0615f8d033ba1d6b33693b9e902a178a3ead75a5dcb3c9d0543
cd590f1a69adfe4d76effbb17c6246337f2f5fe5b2a3643b83faa69f6096516b
d270ee37727a7e8d9796db24c7a784bca91f5411d699c5416fa0bb59874e0685
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4
e10da011124c6038cab89c8eee389debce70ee724f9539ca0c9f9305269f9aaa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62aa1590f5901c0f46311d01179d9ee7256fd27b4cd64878925e3433995a380
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
fb11fec718599f057ece4e60515ac417a2a3f37f0fd3e95c2d9951a9aecf9428