winstler.io Open in urlscan Pro
2606:4700:20::681a:df3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://speedyurl.net/nRIkK
Effective URL:
https://winstler.io/?source=int&campaign=cpm-2921
Submission Tags: 0xscam
Submission: On February 01 via api (February 1st 2024, 8:42:18 pm UTC) from US — Scanned from DE

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 11 domains to perform 47 HTTP transactions. The main IP is 2606:4700:20::681a:df3, located in United States and belongs to CLOUDFLARENET, US. The main domain is winstler.io.
TLS certificate: Issued by GTS CA 1P5 on January 31st 2024. Valid for: 3 months.

This is the only time winstler.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	94.156.77.202 94.156.77.202	34224 (NETERRA-AS) (NETERRA-AS)
1 21	2606:4700:20:... 2606:4700:20::681a:df3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
4	23.36.162.25 23.36.162.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1901:0:b... 2600:1901:0:bc29::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
5	2.17.100.209 2.17.100.209	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
47	13

1 94.156.77.202 (Bulgaria) 1 redirects

ASN34224 (NETERRA-AS, BG)
PTR: hypersino.com

speedyurl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:20::681a:df3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

winstler.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn.usefathom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.36.162.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-25.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.17.100.209 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-209.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	winstler.io 1 redirects winstler.io	578 KB
9	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5963 api.livechatinc.com — Cisco Umbrella Rank: 5415 secure.livechatinc.com — Cisco Umbrella Rank: 6663 accounts.livechatinc.com — Cisco Umbrella Rank: 7278	338 KB
5	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	112 KB
3	gstatic.com fonts.gstatic.com	64 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com — Cisco Umbrella Rank: 369	90 KB
2	usefathom.com cdn.usefathom.com — Cisco Umbrella Rank: 19147	3 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	88 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029	251 B
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 3321	18 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	86 KB
1	speedyurl.net 1 redirects speedyurl.net	442 B
47	11

	Domain	Requested by
21	winstler.io	1 redirects winstler.io
5	cdn.jsdelivr.net	winstler.io
4	cdn.livechatinc.com	winstler.io secure.livechatinc.com
3	api.livechatinc.com	cdn.livechatinc.com
3	fonts.gstatic.com	fonts.googleapis.com
2	cdn.usefathom.com	winstler.io
2	cdnjs.cloudflare.com	winstler.io cdnjs.cloudflare.com
2	fonts.googleapis.com	winstler.io
1	accounts.livechatinc.com	cdn.livechatinc.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.mxpnl.com	winstler.io
1	ajax.googleapis.com	winstler.io
1	www.googletagmanager.com	winstler.io
1	speedyurl.net	1 redirects
47	15

This site contains no links.

Subject Issuer	Validity	Valid
winstler.io GTS CA 1P5	`2024-01-31` - `2024-04-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
cdn.usefathom.com R3	`2024-01-11` - `2024-04-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-31` - `2025-01-31`	a year	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://winstler.io/?source=int&campaign=cpm-2921
Frame ID: BAE75689EDE02B40A3318F8B9318DCF8
Requests: 43 HTTP requests in this frame

Frame: https://winstler.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js
Frame ID: C35B82B1666D113C408A89CC63FC37DA
Requests: 2 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=14657979&group=8&embedded=1&widget_version=3&unique_groups=1
Frame ID: 1E4754DB1C05131EDD0CBFD20ED1722C
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Casino, Live Casino & Sportwetten - Winstler

Page URL History Show full URLs

https://speedyurl.net/nRIkK HTTP 301
https://winstler.io/?source=int&campaign=cpm-2921 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js
/npm/sweetalert2@([\d.]+)
sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

47
Requests

98 %
HTTPS

77 %
IPv6

11
Domains

15
Subdomains

13
IPs

3
Countries

1377 kB
Transfer

3035 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://speedyurl.net/nRIkK HTTP 301
https://winstler.io/?source=int&campaign=cpm-2921 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://winstler.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://winstler.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js

47 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
winstler.io/
Redirect Chain

https://speedyurl.net/nRIkK
https://winstler.io/?source=int&campaign=cpm-2921

54 KB
18 KB

167ms
122ms

Document
text/html

2606:4700:20::681a:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 473f57751e5248bf409b7441b98a3cccd4936c7a42feb5fc1707aed0932da789

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 84ed05079e48bba3-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 01 Feb 2024 20:42:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGTKDNkPpbxOEmx9NT8ShEAP%2Fn84wv1ESJIfXJrSrjQugK7VSplDOwVuAXknx8%2FlA8bLyAOI7nNJyRZ46pTIumX5k5zqky5C62VhPL7lZUoUBOE53204isp1Lc3AQGFEPn7paOaiQxO6"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 01 Feb 2024 20:42:12 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://winstler.io/?source=int&campaign=cpm-2921
pragma: no-cache
server: LiteSpeed
x-powered-by: PHP/8.1.26

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1018 B 45ms
21ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro&display=swap

Requested by

Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

314eadd1fe6abbb0e4bd5f269b0866d8ae1a577717901182339c80f93dc236df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Feb 2024 20:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 19:22:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Feb 2024 20:42:13 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
600 B 53ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:wght@400;600;800&display=swap

Requested by

Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a95a6d0e2bad78c24174639a632d679a16635cc25f4e5200d06ff47f109d65eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Feb 2024 20:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 20:42:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Feb 2024 20:42:13 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 160 KB
25 KB 44ms
25ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

Requested by

Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://winstler.io/
Origin: https://winstler.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 829038
x-jsd-version: 5.1.3
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220101-FRA, cache-lga21964-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRLWP1S8fbgU8s3GAtREUCXnGM9enadVA4N3ADvD7HTPLOB%2Bi8Dhxnlc%2BJBBgL7HRcrgY0E0oZT1a0EOOtQ%2BOVUJki2D9m3M9hXACV%2B0UGaeO3h%2FFFApElmfJWBJyBGY3PItwUgt6Ym80Tok110%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84ed05088a4fbb71-FRA

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 37ms
17ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://winstler.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1120482
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10462
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhQhWoN237JDd8K8%2Fj6uxrX0x8SBQdqcWj8KEc4rmTvBtV%2FYWraPK9n0mpxudD7VUTsm2Twv1oN78oR6jb5b4Tfrhw4ZdGnbA%2B%2BrBt%2Bfmx17NjyKgg%2Ftds4eP8udfe%2BOdXTPAFltxiqh5OIwzp5fTQ9y"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84ed0508896e2bd6-FRA
expires: Tue, 21 Jan 2025 20:42:13 GMT

GET
H2 200 style.css
winstler.io/css/ 32 KB
9 KB 27ms
26ms Stylesheet
text/css 2606:4700:20::681a:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winstler.io/css/style.css
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07b82085d2bedb433b56df9a09a9d3f2786a03f186ef4aa7ea3bad09a5fe7768

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/?source=int&campaign=cpm-2921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2728
cf-polished: origSize=37866
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 07 Nov 2023 20:36:03 GMT
server: cloudflare
etag: W/"654a9fb3-93ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnsajKigFV7zHwW8iI4puQqv%2BwfZhu2grRmE%2Bb72R6bDj8pkI5dlf7eLwGjON1cFOHUYgGOE0Nm%2FXxXaF6CWucAL7gAqcFw0KycU8rgwn4CXPTkZ5sBbgW4ge1BpPpYxRY06B%2FPbwlSa"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84ed05086f65bba3-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
86 KB 54ms
30ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XS3HR0HGPX

Requested by

Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c2808da7c2f06cb344888a2af355ec5689d98f06f5acbf58b559eae12b1c27f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87594
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Feb 2024 20:42:13 GMT

GET
H2 200 script.js Show response
cdn.usefathom.com/ 6 KB
2 KB 44ms
10ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.usefathom.com/script.js
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 19ddbd3f35a8f49ec6c6b5074c782c5b9324b8fda7859ee5f632d10e95c02e81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-vapor-base64-encode: True
cdn-cachedat: 01/31/2024 22:47:13
cdn-pullzone: 506217
last-modified: Wed, 17 Jan 2024 17:14:12 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control: public, max-age=0
cdn-requestid: 49ae28e6ac4168fbcd761d218bad822c
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 swiper-bundle.min.css
cdn.jsdelivr.net/npm/swiper@8/ 16 KB
5 KB 37ms
19ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css

Requested by

Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8363
x-jsd-version: 8.4.7
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230083-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"406d-rwCOh5O6dcNGNg6U6W482jFM4n8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6q46jFYCYt5lGvxrHuIulIpqgRfvxPpCZ562xulzp%2FOVCJ8yg8U5N9aK%2FZwCZVYeFo7gxF05MNcxEwcY3nWhGy6gGeyzGebHoA395%2BxC4u5lSMlOmlqkOBgkgRSyyJ%2Fvtz7gu1ykTFdjarSNt8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 84ed05088acc6adc-FRA

GET
H2 200 swiper-bundle.min.js Show response
cdn.jsdelivr.net/npm/swiper@8/ 140 KB
40 KB 39ms
21ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.js

Requested by

Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17963
x-jsd-version: 8.4.7
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230034-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"2315a-9NyNRghnOcWBIRhbLQ9OGQcQ8Rs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MvJGo5rYucf9Qg4GZsqtwpEFIow0xQXKMYQiGJj0j1mRLar5Fgo9N4AUfzpvkEqwYeZvzHyBDJ5HgRjit4vraoLmidS9%2BE%2BCLfj7885Uirspw8O%2B9vmpBfInuLO6jouPqAcXO%2BsJbC%2F52aebwxg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 84ed05088ace6adc-FRA

GET
H2 200 logo-fixed-phone.png
winstler.io/images/ 13 KB
13 KB 28ms
27ms Image
image/png 2606:4700:20::681a:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winstler.io/images/logo-fixed-phone.png
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c8c80162beed3a216c6af3ca864853c9832527bb511c818b09641d9692b1ff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/?source=int&campaign=cpm-2921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2728
cf-polished: origSize=17441
alt-svc: h3=":443"; ma=86400
content-length: 13040
cf-bgj: imgq:100,h2pri
last-modified: Sun, 04 Sep 2022 19:32:04 GMT
server: cloudflare
etag: "6314fd34-4421"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXAjPtRTaHUbVwWhoA38dtdrX7G15acw4vqLcmkOq6dzLkMMsBpryuJplsR4qXNGZTHwvImzU73tFe2t9DzeNglR%2B5mN39ZzgahzDF9n7znlaC67f0p%2FIjHHzjTZrohAg%2F7Sx%2BsKYuqM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84ed05086f67bba3-FRA

GET
H2 200 logo-fixed.png
winstler.io/images/ 13 KB
13 KB 25ms
24ms Image
image/png 2606:4700:20::681a:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winstler.io/images/logo-fixed.png
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 992c37056654b5f7bf8659fd98c82f81379e7e7b074b87e1be25974a20ff0063

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/?source=int&campaign=cpm-2921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2728
cf-polished: origSize=17518
alt-svc: h3=":443"; ma=86400
content-length: 13087
cf-bgj: imgq:100,h2pri
last-modified: Sun, 04 Sep 2022 19:32:04 GMT
server: cloudflare
etag: "6314fd34-446e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2G7z5HtasVKKt5Y4MXBSeCY0pRAgsB5tBTDH9WcbgkyHl%2FFnKLvbx3tFCkfWP38%2BD1ze4l0gMsAOprywrOiXXvwSJBE1ggIbEgzPSk54QhdLoyHicf8%2Bd4mziA%2BJhvWcTgNK6%2Fz8Hk8a"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84ed05086f68bba3-FRA

GET
H3 200 payment-methods.png
winstler.io/images/ 21 KB
21 KB 25ms
25ms Image
image/png 2606:4700:20::681a:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winstler.io/images/payment-methods.png
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57079db833ed1a56006d12eb39417f10f703009437922e7091ac20c1c51ed0cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/?source=int&campaign=cpm-2921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2728
cf-polished: origSize=33379
alt-svc: h3=":443"; ma=86400
content-length: 21469
cf-bgj: imgq:100,h2pri
last-modified: Sun, 04 Sep 2022 19:32:04 GMT
server: cloudflare
etag: "6314fd34-8263"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOpKFC46sdrwIcJiD34LuDMYri4hYPwU%2F7ulrIOdVKOfUdzNcbrAx8YJxq5M8%2BSRWS%2FqNqCHRPne%2BsxOBFPRG3ThmdURmccaPwuFmIoBsiWTMtblBZqvNUXKWdutmMSMgj8dANqH2OAJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84ed05089ed01e10-FRA

GET
H3 200 853050837-1643061467.png
winstler.io/storage/casino-providers/ 2 KB
2 KB 41ms
41ms Image
image/png 2606:4700:20::681a:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winstler.io/storage/casino-providers/853050837-1643061467.png
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adadf851ed4154aadc8ddd6fab83ccbfdaea0d04c63fac4bc12c5eb47f024b65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/?source=int&campaign=cpm-2921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2728
cf-polished: origSize=3206
alt-svc: h3=":443"; ma=86400
content-length: 1726
cf-bgj: imgq:100,h2pri
last-modified: Sun, 04 Sep 2022 19:40:47 GMT
server: cloudflare
etag: "6314ff3f-c86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h15CMO3C%2F6kvyDbSJT%2BRwsCgycHaVavbWKODLKBn1xAB4VtQM%2Bwx4Z6CRc%2F5viFVeo8B6uFulWolz7FJvvRyfaypCXcOo0rMtQIU7k6EPEhoYonm5Jy1owwptF4CQVksZKVC1raxPsku"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84ed05089edf1e10-FRA

GET
H3 200 1445836051-1646127255.png
winstler.io/storage/casino-providers/ 4 KB
4 KB 38ms
37ms Image
image/png 2606:4700:20::681a:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winstler.io/storage/casino-providers/1445836051-1646127255.png
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 631cd5c67a5efa4ddee380397685f16dab9fcad1538c97c437d6e6cfda64b42c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/?source=int&campaign=cpm-2921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2728
cf-polished: origSize=6335
alt-svc: h3=":443"; ma=86400
content-length: 3936
cf-bgj: imgq:100,h2pri
last-modified: Sun, 04 Sep 2022 19:40:47 GMT
server: cloudflare
etag: "6314ff3f-18bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2Ba9tFP8fYIJwbREsHBhu1q%2FJfrR2GqzgPD22QWSgTzp2RMOMgWGbfjXUs%2Bmglvuqhr62zvx32cTAWTc1MUZcBxUkSVPFIyRWD35OfYu2afDwrgOsUio4ALMr3yylPqGquaKxBBSj82C"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84ed0508cf081e10-FRA

GET
H3 200 411393957-1643061681.png
winstler.io/storage/casino-providers/ 7 KB
8 KB 29ms
28ms Image
image/png 2606:4700:20::681a:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winstler.io/storage/casino-providers/411393957-1643061681.png
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82e25bf8a87e82a620f6a62f532f3538a0c45eea5e163cef7236c9b003581d61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/?source=int&campaign=cpm-2921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2728
cf-polished: origSize=15078
alt-svc: h3=":443"; ma=86400
content-length: 7486
cf-bgj: imgq:100,h2pri
last-modified: Sun, 04 Sep 2022 19:40:47 GMT
server: cloudflare
etag: "6314ff3f-3ae6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1i2kp2%2FRmOKSytMxIqHWRTgybqVLBbsY4Etz%2F%2F%2FrhzYVT6Y%2F4gmP5j6qxl3Y8iyx47%2F%2B2afbETWoCBi0r3wwMSTwlCWe0w3Jyq1IoyQGBqJZDF7AuXUkhQsmGRsIPD2%2FqIqfhqjaR%2BHV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84ed0508cf181e10-FRA

GET
H3 200 2055341954-1643061581.png
winstler.io/storage/casino-providers/ 4 KB
5 KB 46ms
45ms Image
image/png 2606:4700:20::681a:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winstler.io/storage/casino-providers/2055341954-1643061581.png
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77103a5a80fa8c907ed39c24343d0f38a95d5ed24b3e1c5fc9c57136156e8613

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/?source=int&campaign=cpm-2921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2728
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 4338
cf-bgj: imgq:100,h2pri
last-modified: Sun, 04 Sep 2022 19:40:47 GMT
server: cloudflare
etag: "6314ff3f-10f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zplOQceXmF3lVEc%2BKuHY6KNSeiw3sycIUDr5NL0enRKc8yHA5AGtH2kX7F%2FowE7INwQ2Sv%2F1VPlD0opAf0IhaBUhY%2FDL5ls1bwlWIso3%2FoIkSD73Nl1ZD8npjvlA%2FdCc4PAODI9zlmJE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84ed0508cf1b1e10-FRA

GET
H3 200 1771669135-1643061563.png
winstler.io/storage/casino-providers/ 4 KB
4 KB 32ms
32ms Image
image/png 2606:4700:20::681a:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winstler.io/storage/casino-providers/1771669135-1643061563.png
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b35be4e05ac83212184e57a7138f944aa7a12f375a765e87ac39646b6cacff41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/?source=int&campaign=cpm-2921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2728
cf-polished: origSize=6228
alt-svc: h3=":443"; ma=86400
content-length: 3910
cf-bgj: imgq:100,h2pri
last-modified: Sun, 04 Sep 2022 19:40:47 GMT
server: cloudflare
etag: "6314ff3f-1854"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpruxQMMj1WUR6NJVK0xbuMcFpdIoa8V9J8F5fGcjk4TxtTFdQJBwhki6Mh%2BzPhecX2y1W0LjeMz7Cqu6794%2FyjpEGGL4sXvGkwfOEDDzeLiKksgGmz4KtYX0MGcQ0CdlRzYErrUTGvW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84ed0508cf1e1e10-FRA

GET
H3 200 1559617876-1643061454.png
winstler.io/storage/casino-providers/ 2 KB
3 KB 30ms
30ms Image
image/png 2606:4700:20::681a:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winstler.io/storage/casino-providers/1559617876-1643061454.png
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4788a4718add85c5b5680c59e700dd973cc5d4ad87bf709ff3d370c528bf62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/?source=int&campaign=cpm-2921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2728
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 2327
cf-bgj: imgq:100,h2pri
last-modified: Sun, 04 Sep 2022 19:40:47 GMT
server: cloudflare
etag: "6314ff3f-917"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XF3eCqrT0TXz1RrjRHjTIOUhZDRzxrycgN6%2FgS83LSoPZE%2BiXpmDwDzUHT7bFlDGB39ww9nVO6PYo4nMqRcJwInrPn2h2HEjbHMYcjLmjGyazfUXWkH7xhiFgF3StrT1T7tI6aVsCAbF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84ed0508cf231e10-FRA

GET
H3 200 1215950981-1669807368.png
winstler.io/storage/casino-providers/ 3 KB
3 KB 33ms
32ms Image
image/png 2606:4700:20::681a:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winstler.io/storage/casino-providers/1215950981-1669807368.png
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 322646249c79fa7e935eaf472d1dc04b146f9a843fe05014d9999d3200c1d4bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/?source=int&campaign=cpm-2921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2728
cf-polished: origSize=4752
alt-svc: h3=":443"; ma=86400
content-length: 3010
cf-bgj: imgq:100,h2pri
last-modified: Wed, 30 Nov 2022 11:22:48 GMT
server: cloudflare
etag: "63873d08-1290"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYDyixP5bThL9J8%2B%2B%2BHwZGYIWfadJjsmBvDDeA5fdoyGSDusaDR%2BxH%2FISrUV6kvS%2BXlEHmN8lkTSfrq0nPSEauW1regA8662LeCmN%2BJyymfDzap%2FXMCCe99lb6OwF2N6CEGxdThUZHuT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84ed0508cf251e10-FRA

GET
H3 200 winstler_box.png
winstler.io/images/ 17 KB
18 KB 59ms
59ms Image
image/png 2606:4700:20::681a:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winstler.io/images/winstler_box.png
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb30c7bba08de1e383ee8ac3d8d52a6cdecfd0cc3867fc685d4dc96b97ea3b63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/?source=int&campaign=cpm-2921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 17819
cf-bgj: imgq:100,h2pri
last-modified: Sat, 27 May 2023 13:21:00 GMT
server: cloudflare
etag: "647203bc-459b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3q%2F2no4UbTsC4MeWrx4Z%2FqI8tDhRIfgzheB7ehV28znQ2DgXw89CfYC8izLhae3c%2F0ebSF9wCnGJqDAn9Uc7UapgsW%2BSQEAAbaCEJTbEPWgq2MtY%2FbpcPBHj2GBORGIOQWpHnEU1Rwp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84ed0508cf281e10-FRA

GET
H3 200 curacao.svg
winstler.io/images/ 51 KB
19 KB 77ms
77ms Image
image/svg+xml 2606:4700:20::681a:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winstler.io/images/curacao.svg
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7552cc91be5333420da11c10d7cd8b99411a4f8667b83de28a365c84deebd7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/?source=int&campaign=cpm-2921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Sep 2022 19:32:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6314fd34-cb99"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6uOlt5u4OAj4Ba2vVcZs%2BS8NX0zLky69ZWKxNOjvUno7hcex4xedySJSoyiRbwJKeHDjAUv0FzLA6lJMH019xOwy9tcWX7IsBxPfkAJXYLF%2F44RJTILP%2BfJqaLkU73%2FPsU24M4HPnRsr"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 84ed0508cf2d1e10-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
88 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 10:08:08 GMT
x-content-type-options: nosniff
age: 297245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89476
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 10:08:08 GMT

GET
H2 200 sweetalert2.all.min.js Show response
cdn.jsdelivr.net/npm/sweetalert2@11.0.18/dist/ 63 KB
18 KB 21ms
19ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11.0.18/dist/sweetalert2.all.min.js

Requested by

Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eeb704ce1dec593e4ee98594c46b7e74c2d318b75d20db504aac096c4ad72fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5417146
x-jsd-version: 11.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230050-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"fa1b-DaaEqoyOjVKTtLqpROrzmogb5GI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmR0Q%2BCvDzfHrYVHWP%2FfpmSSD2DbAIRWGcivi%2B4gz5wo%2F326ucJNg4xSIHG%2FuFoiDU4bl0EbN3XA1GSmIB%2FR4YDinogEaWRpOIFavR65GbRkW%2FbCxXRqsjn0P2%2BecFGeMLRNxatt9X9lGfR6jtM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84ed0508cb1b6adc-FRA

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 76 KB
24 KB 22ms
21ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5580272
x-jsd-version: 5.1.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230074-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6MPyAK%2FVVguailYWoNQXbIPoSWDzcG8irPl0LP1bzEEHAgkhw7b4tazCH9LYr7thVmY5esb1qC3MKAJQ9sESk%2F8w1QIG4M4fph9Pq3PDgA27SpzQUmuhwgxpKtoC0b7oAORKLLU6M2OBvrh8SM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84ed0508cb1c6adc-FRA

GET
H3 200 axios.min.js Show response
winstler.io/js/ 13 KB
5 KB 32ms
31ms Script
application/javascript 2606:4700:20::681a:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winstler.io/js/axios.min.js
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/?source=int&campaign=cpm-2921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Sep 2022 19:32:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2728
etag: W/"6314fd34-3580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNl0cWDcUFcPeDC9QEOjCi25q7i4x6lw3CYjBzBiXTTgRoNfEaYxBsBstDHJKDqPX8r31iCkEGnf%2BOV4%2F6%2BHUIk49PxFcZrIHdGXcu31wQInNwW6JHZJNMu%2Fzsg6L2%2FI3Il7NsJBTC2V"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84ed0508cf0b1e10-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 lazy.js Show response
winstler.io/js/ 8 KB
4 KB 43ms
42ms Script
application/javascript 2606:4700:20::681a:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winstler.io/js/lazy.js
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68de5ad319292b1694c484116cdb3d704adb794a86518ffaabe822684d10bb2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/?source=int&campaign=cpm-2921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2728
cf-polished: origSize=22582
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 25 Jan 2023 18:43:02 GMT
server: cloudflare
etag: W/"63d17836-5836"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fx8%2FeK1QSp6GO2sGNERRVvmnxCrVnxpcopLbgKs4kvgvkUkmtYq1jeUNC1toV%2BQf7gsLtnrG1%2Ffj5qoJ1OgkDIuL1QPPDvRKOG6y7Dg8Ply75OLHoJpfKNv1ot3RauZnwYnjXAxNW4uU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84ed0508cf111e10-FRA

GET
H3 200 app.js Show response
winstler.io/js/ 175 KB
55 KB 38ms
37ms Script
application/javascript 2606:4700:20::681a:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winstler.io/js/app.js
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efc40747a8e97a4c653ed027b4c961696ebe8199960fe169f9a0a9f06a3df909

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/?source=int&campaign=cpm-2921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2728
cf-polished: origSize=179503
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 25 Jul 2023 13:04:22 GMT
server: cloudflare
etag: W/"64bfc856-2bd2f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irvTQJuvfztrwdwU6o7%2Ba7HCNcBdAvF%2F4FOqyOARS66vkna04V0CnbV58ym9ywpe8iESEtNAKggsnTRx3%2BDI61aEuPdEAJj1vIDUAK8IvRYesmoSgK3RIa3swkcB6laI2%2F%2FCMs8AnPZa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84ed0508cf161e10-FRA

GET
H3 200 home-header-2.jpg
winstler.io/images/ 369 KB
369 KB 38ms
38ms Image
image/jpeg 2606:4700:20::681a:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winstler.io/images/home-header-2.jpg
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01c7224a8363b7d2a6368d0e136ad00a6b2671f183cffb61491372472672a40e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/?source=int&campaign=cpm-2921
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2728
cf-polished: origSize=393897
alt-svc: h3=":443"; ma=86400
content-length: 377654
cf-bgj: imgq:100,h2pri
last-modified: Sun, 04 Sep 2022 19:32:04 GMT
server: cloudflare
etag: "6314fd34-602a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tt%2FUQBnSoTxo0lFE0WoepKqUfH2WE09sgqvvM5THNNQUh%2FYcSopMq3xdqCaIcacfAagZnI8qyKE14reA2rAbBum3qWMdR0bDToOlVY2RjPoEFXfG4l7u0wSsyMO06i0iiJkgGmFRVILK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84ed0508df361e10-FRA

GET
DATA 200
OK truncated
/ 207 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6559e15fa4090dd921467b6da0e02ef0198641f86b2c81faba5648dec24f113

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 208 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdaa8b72e5f72dc4b11244459070632baec41585fc4fa74741e54c8b006250bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 231 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4e33196eb0d772b7cf9649be32efb5a691f63b5e9f21a10e633965dc719beae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 7cHqv4kjgoGqM7E3q-0s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 22 KB
22 KB 34ms
10ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3q-0s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;600;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f132510bc7b665bbe5fb9227b0d2daafa5513296a72f88f88d38179eded9277

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://winstler.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:02:29 GMT
x-content-type-options: nosniff
age: 178784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22052
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:05:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:02:29 GMT

GET
H2 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 37ms
14ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;600;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://winstler.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 22:10:59 GMT
x-content-type-options: nosniff
age: 81074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21796
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:35:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jan 2025 22:10:59 GMT

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 16ms
15ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Origin: https://winstler.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4336400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 78268
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-131bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9q6LMn5QeFK6IqTvTs3uXYvO4CJhQoPosp8wukK9BEUR933nGJRotvIIK5ik6atDqDt6vrQmlIWn6WmtSeU5r%2FOuvk5LQcGMAG4%2FSyYqwSP0YmUmtoc1v0as3QrN%2BmDfC32UGdWNfQX9EA6Utkw9ouL"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84ed0508d9d72bd6-FRA
expires: Tue, 21 Jan 2025 20:42:13 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 42ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;600;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://winstler.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 23:27:00 GMT
x-content-type-options: nosniff
age: 594913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 23:27:00 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 89 KB
27 KB 59ms
26ms Script
application/javascript 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 275d8126ef3dfb6c425ee7ad451c1cf110f3dc28bd01d6e65c7a7d59f29bde2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: c8WTjdLmk.GXdzcsOKpgseftokj8fJyL
content-encoding: br
date: Thu, 01 Feb 2024 20:42:13 GMT
last-modified: Wed, 31 Jan 2024 13:52:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: W/"4c8c48a92ae8500bea40fb49877da227"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
x-amz-cf-id: TVxJp2IqxtuzqrpFKonjLvNXLlF2U0WCt2Qi4OwH42gwyWbNaVY8tA==
content-length: 27492
expires: Fri, 02 Feb 2024 04:42:13 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 52 KB
18 KB 40ms
11ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:33:24 GMT
content-encoding: gzip
age: 529
x-guploader-uploadid: ABPtcPpliMvMlgo8tCebP3Mw2YYoLCbC2W3-BnmfEd_lg3n7MPYbB_kAsx51rJYcONj1i2EWvn8MF0rPXFTj08Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18139
last-modified: Tue, 14 Nov 2023 19:54:10 GMT
server: UploadServer
etag: "dff66d0b72bdc18a02be56412d5ef8c4"
vary: Accept-Encoding
x-goog-generation: 1699991650202934
x-goog-hash: crc32c=VW26dg==, md5=3/ZtC3K9wYoCvlZBLV74xA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=600
x-goog-stored-content-length: 18139
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 01 Feb 2024 20:43:24 GMT

GET
H3

200

main.js Show response
winstler.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/ Frame C35B
Redirect Chain

https://winstler.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://winstler.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js

7 KB
4 KB

25ms
25ms

Script
application/javascript

2606:4700:20::681a:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winstler.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js

Requested by

Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921

Protocol

Server

2606:4700:20::681a:df3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d7a01cfaf15e7419a2b6a1f3ec5617a3062f671dddd01a6db63f672808b9e68

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7RyjAj1a8TrLfRhWNg0Kd7OKN7%2F5hKji8VItKR8kba97LtaYZ22WJ8lWeUE8BpDA8JySGwvniljwX9UBfDVHPLVfdqPBHQmiqaai8L%2FfyQrSaBa8fQsQXUIpUVFeEezf5DeFH4GE3t0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 84ed0509c8f81e10-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 01 Feb 2024 20:42:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWoZAg41hsvtnsrK80mP1yDUEZY%2Fr9Hi6nZQnu4Xj5xfEGcY%2Fq%2BzxJCqp4%2B1QRMeBaz9ISHBKHc326uQemPPr3Q%2Fv4tqAAV1%2BBRQznTqCof7BW%2FZDSmMJSdMhQbFOaZsWY6AnaDTcKQQ"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 84ed0509a8ba1e10-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 35ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XS3HR0HGPX&gtm=45je41v0v885207111za200&_p=1706820133237&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&cid=265091196.1706820133&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706820133&sct=1&seg=0&dl=https%3A%2F%2Fwinstler.io%2F%3Fsource%3Dint%26campaign%3Dcpm-2921&dt=Online%20Casino%2C%20Live%20Casino%20%26%20Sportwetten%20-%20Winstler&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=592
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XS3HR0HGPX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 20:42:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winstler.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cdn.usefathom.com/ 43 B
427 B 28ms
28ms Image
image/gif 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.usefathom.com/?h=https%3A%2F%2Fwinstler.io&p=%2F&r=&sid=DDNKXPET&qs=%7B%7D&cid=35491860
Requested by: Host: winstler.io
URL: https://winstler.io/?source=int&campaign=cpm-2921
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
cdn-edgestorageid: 1081
cdn-cachedat: 02/01/2024 20:42:13
cdn-pullzone: 506217
content-length: 43
pragma: no-cache
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
tk: N
content-type: text/plain; charset=utf-8, image/gif
cdn-cache: MISS
cdn-uid: aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cache-control: public, max-age=0
cdn-requestid: 17bfd17ae1ed49c753c8e9bdfeacda63
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.6/customer/action/ 428 B
607 B 213ms
178ms Script
application/javascript 2.17.100.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=14657979&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fwinstler.io%2F%3Fsource%3Dint%26campaign%3Dcpm-2921&channel_type=code&jsonp=__7qhvl6go3pa

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

a51efc8d5bf92476881e60de14277cbb20c84918ae428a10e13f7dfce95b7777

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://winstler.io/;
X-Frame-Options	allow-from https://winstler.io/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://winstler.io/;
date: Thu, 01 Feb 2024 20:42:13 GMT
content-length: 428
vary: Accept-Encoding
x-frame-options: allow-from https://winstler.io/
content-type: application/javascript; charset=UTF-8

POST
H3 200 84ed05079e48bba3 Show response
winstler.io/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame C35B 0
592 B 32ms
32ms XHR
text/plain 2606:4700:20::681a:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winstler.io/cdn-cgi/challenge-platform/h/b/jsd/r/84ed05079e48bba3
Requested by: Host: winstler.io
URL: https://winstler.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQ0aECX4pSc4I%2F97uXWwlCRv5My3Jxq2bjMyteDcA5o3sYDrcDg%2FQLP3plIagZNvFm%2BUYYBxhg%2BM5NFHAO5koqqTC%2FY8qrUql7PxyYApEisFyUbIW%2FyyUb4LhhLQ3Czy46ayLwO5qBaa"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 84ed050a4a061e10-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.4/customer/action/ 5 KB
2 KB 201ms
201ms Script
application/javascript 2.17.100.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=a60c8ac5-fa45-4a8b-aea9-efa8965e77b1&version=185643.2.2.216.298.207.110.21.2.60.2.1.186128&group_id=8&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8f329f3f898af07a27e2abfa5bbcb3dd98c0476120358d5a302948bf62f06bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:13 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
cache-control: public, max-age=600
content-length: 1653
expires: Thu, 01 Feb 2024 20:52:13 GMT

GET
H2 200 open_chat Show response
secure.livechatinc.com/customer/action/ Frame 1E47 9 KB
3 KB 205ms
204ms Document
text/html 2.17.100.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=14657979&group=8&embedded=1&widget_version=3&unique_groups=1
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b9e4962f54e9165292c569766c6db38f4e3b1269eac73d3858c17ac5562dbe4e

Request headers

Referer: https://winstler.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 2612
content-type: text/html; charset=utf-8
date: Thu, 01 Feb 2024 20:42:14 GMT
vary: Accept-Encoding

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.4/customer/action/ 11 KB
4 KB 266ms
265ms Script
application/javascript 2.17.100.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=a60c8ac5-fa45-4a8b-aea9-efa8965e77b1&version=075b79d72a19c7c515c01775c17428ae_316a444e3d92f09161f83f4cdcb8cc26&language=en&group_id=8&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 73a9ca934d9ef869fd1259525378485561d6a3538337e53466d262c28589e4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://winstler.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:42:14 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
cache-control: public, max-age=599
content-length: 3842
expires: Thu, 01 Feb 2024 20:52:13 GMT

GET
H2 200 0.8edb486d.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 1E47 210 KB
65 KB 17ms
17ms Script
application/javascript 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/0.8edb486d.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=14657979&group=8&embedded=1&widget_version=3&unique_groups=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4268fd3a9a8083a9724fda763379e07129cec27094ee1c9326eeee53423adf63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: hSCdgFK2B2KKyOhDftwxdfcLkgieJoCI
content-encoding: br
date: Thu, 01 Feb 2024 20:42:14 GMT
last-modified: Wed, 31 Jan 2024 13:52:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"811da62b09673b7ce2d816040f78e0fd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 1p4qs-SbgNpu-1OxFR7tIEUUzLTQOMrhi97SY_EQZHGZy-4Fa_NGwQ==
content-length: 66460
expires: Fri, 31 Jan 2025 20:42:14 GMT

GET
H2 200 1.8d6ac9ce.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 1E47 328 KB
93 KB 7ms
7ms Script
application/javascript 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/1.8d6ac9ce.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=14657979&group=8&embedded=1&widget_version=3&unique_groups=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: dcc96f40ae4373ac5adfd3c8fdfae2b2eb92323a679df9da61a2158d5c07ce82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: M8T7lulN0.udfkZshJkCO94m7CdmzVZt
content-encoding: br
date: Thu, 01 Feb 2024 20:42:14 GMT
last-modified: Wed, 31 Jan 2024 13:52:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: W/"a0e9ace30984b8a65ba9dfb4ce256a63"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: GMP4JcDRZnpqg3CL7DkQqfxJKTxNs7ky9m-VzLlh5w_WrSuc5at8OQ==
content-length: 94502
expires: Fri, 31 Jan 2025 20:42:14 GMT

GET
H2 200 iframe.96d548c7.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 1E47 530 KB
143 KB 22ms
22ms Script
application/javascript 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/iframe.96d548c7.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=14657979&group=8&embedded=1&widget_version=3&unique_groups=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f6b3e39421aa2c2ad0cf79462e02e841b34fc431e0195a5399e7c6defc46b4f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: KdK34o9L6dxCQ5PMY5eqgjpjBu80Kqjl
content-encoding: br
date: Thu, 01 Feb 2024 20:42:14 GMT
last-modified: Wed, 31 Jan 2024 13:53:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"6d5448698923d6af598cee49604499b8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: wWbHmJVCsHluzljru7SaPo1YLqRXwty9Iqi9NV7ZEsetJwflFAwPgQ==
content-length: 145587
expires: Fri, 31 Jan 2025 20:42:14 GMT

POST
H2 200 token Show response
accounts.livechatinc.com/v2/customer/a60c8ac5-fa45-4a8b-aea9-efa8965e77b1/8/ Frame 1E47 195 B
1 KB 204ms
203ms XHR
application/json 2.17.100.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.livechatinc.com/v2/customer/a60c8ac5-fa45-4a8b-aea9-efa8965e77b1/8/token
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/0.8edb486d.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: da10886de1ded1fe7abb00f7bcee9e378b5ced145962ce930a03cee74a4f5729

Request headers

Referer: https://secure.livechatinc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 20:42:14 GMT
content-type: application/json
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 195
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/a60c8ac5-fa45-4a8b-aea9-efa8965e77b1/8/token	1970-01-21 03:43:00	Name: __lc_cid Value: 152caa53-576b-4549-b5f1-d66688d96aae
.accounts.livechatinc.com/v2/customer/a60c8ac5-fa45-4a8b-aea9-efa8965e77b1/8/token	1970-01-21 03:43:00	Name: __lc_cst Value: 74c21a491b56653bc402f0ff7f637c166b3fbe8604805311cd6015594d455d49b8f470ade7a0b1547d129f6acecc626f45a2c9c924405b04562390106fca
.accounts.livechatinc.com/licence/g14657979_8/	1970-01-21 03:43:00	Name: __lc_cid Value: 152caa53-576b-4549-b5f1-d66688d96aae
.accounts.livechatinc.com/licence/g14657979_8/	1970-01-21 03:43:00	Name: __lc_cst Value: 74c21a491b56653bc402f0ff7f637c166b3fbe8604805311cd6015594d455d49b8f470ade7a0b1547d129f6acecc626f45a2c9c924405b04562390106fca
speedyurl.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: ar7o8d27ogtbvg8bt7oile5uln
speedyurl.net/	1970-01-20 18:07:01	Name: short_978 Value: 1
winstler.io/	1970-01-21 02:52:36	Name: XSRF-TOKEN Value: eyJpdiI6IkthUWhPR1hHeE53a0IvOStXamMzNVE9PSIsInZhbHVlIjoia1dyVGxsaUp1U2xYekdITVRKdm4ycm9UTXV6ZktOSUJybTFKRy9QTWJMSEZ6YkJ6L1psTTc1OGVocmhxNTZnU3pDVXZSMi9QRlBkMVRZNXViajdWVHByL2dReVU4SStwWDRscmpVQUl6OW45QWFYUDE3K3huL3JhODE4dnI4RXAiLCJtYWMiOiJkMDg2ZWVlODk1MzQ5YWM2ZTRmNWE3NTI4OGFiOWNjZmM2MmI5NjAwZGFmNGJhZTgxYThkMmJlZTkyODU1YTRkIiwidGFnIjoiIn0%3D
winstler.io/	1970-01-21 02:52:36	Name: winstler_session Value: eyJpdiI6IjY3TC9MUnlDaFJxUXBNUWdCSHdOUkE9PSIsInZhbHVlIjoiR1pKNWJnc0lFN3M1MnpMU1lEVjNUQzk0VmVnR0czRTM4T1RSeEhkL20yWURMREFvaGgzaHBmNGJSWTdGZVRaV1VyMld3VmNQd3BoWlhhMVk4b09YSysxamhZT28vc1YrdnBObjJ2YUNQSlJsMDdHelV2a3AwbkJsVDlkQUEvQisiLCJtYWMiOiI2YmVmNjVjNWViM2JkZWFkMjM4ODNkZGI1ODFhZWIwOWU5MjllNjA4OTIxNDVlOWQ0NzIwY2YwNDk3MmNjY2I3IiwidGFnIjoiIn0%3D
winstler.io/	1970-01-20 18:07:07	Name: source Value: eyJpdiI6IkhBdExHVnVISnlRUkVtVS8yTUhia3c9PSIsInZhbHVlIjoiWjBTVm5hd3FWZXkwMG9UK0RYVzRlL3U4dHBpMUZ5eloyU3d1bm5VV0VnYXU4RGdIUVEydXJ3cU1vaHg4UzVMZSIsIm1hYyI6Ijk2ZGM3NzI1NzY1Nzk1ZWZhNDJjM2IwZGRhNWZjYjZmZGNiOTY0ZWMzYzg3NDgwZWUzYzJmYjQyNTU4YmU0OTMiLCJ0YWciOiIifQ%3D%3D
winstler.io/	1970-01-20 18:07:07	Name: campaign Value: eyJpdiI6Im1jRkdwSTlXa1Z5RWRoclV3YnloaVE9PSIsInZhbHVlIjoieVN2WCttNFdBSER3MmpkbTRvc0YxVVVTbHdiQ2RONGEwR2JJbHg3Y3h5cjVUSlRpUXRtRktwUm9iQ3FqaS9QVTBHUkJVenlCdVdLQmdlUVNZUGJrMkE9PSIsIm1hYyI6Ijg0MWE0MDc2Njg1ODExMDA1YzZlMGNmNDQ0MjIxZDY5OTQ5MzllM2Q5MDA2NDBjZjZhZWE3ZjYwNWVjYzFhY2IiLCJ0YWciOiIifQ%3D%3D
.winstler.io/	1970-01-21 03:43:00	Name: _ga_XS3HR0HGPX Value: GS1.1.1706820133.1.0.1706820133.0.0.0
.winstler.io/	1970-01-21 03:43:00	Name: _ga Value: GA1.1.265091196.1706820133
.winstler.io/	1970-01-21 02:52:36	Name: mp_19991ba469ed165e1db5e82587257794_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A18d66686214256-015897f68cd14e-65335652-1d4c00-18d66686214257%22%2C%22%24device_id%22%3A%20%2218d66686214256-015897f68cd14e-65335652-1d4c00-18d66686214257%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.winstler.io/	1970-01-21 02:52:36	Name: cf_clearance Value: Dyz4AQJj3r_iFe4VHcDFxpjT.tFieJ3yrAfRMnhIxUw-1706820133-1-Ab7o3o9DbgJvpJROj20+M2U7bLalFIWUx/GPxGDOXXmUwbJtNfMaTHx67PZktnKhLhKP2pdZJ8grGMdPdlD4nHs=
accounts.livechatinc.com/	1970-01-20 18:07:00	Name: __oauth_redirect_detector Value: counter=1&t=1706820164&tag=51d9fe00ad51a7020c66e76ec3771b8925e126f2

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://winstler.io/?source=int&campaign=cpm-2921(Line 718) Message: Allow attribute will take precedence over 'allowfullscreen'.
other	warning	URL: https://winstler.io/?source=int&campaign=cpm-2921 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winstler.io/?source=int&campaign=cpm-2921 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winstler.io/?source=int&campaign=cpm-2921 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winstler.io/?source=int&campaign=cpm-2921 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winstler.io/?source=int&campaign=cpm-2921 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cdn.livechatinc.com/widget/static/js/iframe.96d548c7.chunk.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://cdn.livechatinc.com/tracking.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
ajax.googleapis.com
api.livechatinc.com
cdn.jsdelivr.net
cdn.livechatinc.com
cdn.mxpnl.com
cdn.usefathom.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
secure.livechatinc.com
speedyurl.net
winstler.io
www.googletagmanager.com
2.17.100.209
2001:4860:4802:32::36
23.36.162.25
2400:52e0:1e00::1082:1
2600:1901:0:bc29::
2606:4700:20::681a:df3
2606:4700::6810:5614
2606:4700::6811:180e
2a00:1450:4001:810::2008
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:82a::200a
94.156.77.202
01c7224a8363b7d2a6368d0e136ad00a6b2671f183cffb61491372472672a40e
07b82085d2bedb433b56df9a09a9d3f2786a03f186ef4aa7ea3bad09a5fe7768
0d7a01cfaf15e7419a2b6a1f3ec5617a3062f671dddd01a6db63f672808b9e68
19ddbd3f35a8f49ec6c6b5074c782c5b9324b8fda7859ee5f632d10e95c02e81
1c2808da7c2f06cb344888a2af355ec5689d98f06f5acbf58b559eae12b1c27f
1eeb704ce1dec593e4ee98594c46b7e74c2d318b75d20db504aac096c4ad72fc
1f132510bc7b665bbe5fb9227b0d2daafa5513296a72f88f88d38179eded9277
275d8126ef3dfb6c425ee7ad451c1cf110f3dc28bd01d6e65c7a7d59f29bde2a
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
314eadd1fe6abbb0e4bd5f269b0866d8ae1a577717901182339c80f93dc236df
322646249c79fa7e935eaf472d1dc04b146f9a843fe05014d9999d3200c1d4bd
322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac
4268fd3a9a8083a9724fda763379e07129cec27094ee1c9326eeee53423adf63
473f57751e5248bf409b7441b98a3cccd4936c7a42feb5fc1707aed0932da789
4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
57079db833ed1a56006d12eb39417f10f703009437922e7091ac20c1c51ed0cf
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
631cd5c67a5efa4ddee380397685f16dab9fcad1538c97c437d6e6cfda64b42c
68de5ad319292b1694c484116cdb3d704adb794a86518ffaabe822684d10bb2b
73a9ca934d9ef869fd1259525378485561d6a3538337e53466d262c28589e4e1
77103a5a80fa8c907ed39c24343d0f38a95d5ed24b3e1c5fc9c57136156e8613
7c8c80162beed3a216c6af3ca864853c9832527bb511c818b09641d9692b1ff9
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
82e25bf8a87e82a620f6a62f532f3538a0c45eea5e163cef7236c9b003581d61
8f329f3f898af07a27e2abfa5bbcb3dd98c0476120358d5a302948bf62f06bc0
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
992c37056654b5f7bf8659fd98c82f81379e7e7b074b87e1be25974a20ff0063
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
a51efc8d5bf92476881e60de14277cbb20c84918ae428a10e13f7dfce95b7777
a95a6d0e2bad78c24174639a632d679a16635cc25f4e5200d06ff47f109d65eb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4
adadf851ed4154aadc8ddd6fab83ccbfdaea0d04c63fac4bc12c5eb47f024b65
b35be4e05ac83212184e57a7138f944aa7a12f375a765e87ac39646b6cacff41
b9e4962f54e9165292c569766c6db38f4e3b1269eac73d3858c17ac5562dbe4e
d6559e15fa4090dd921467b6da0e02ef0198641f86b2c81faba5648dec24f113
da10886de1ded1fe7abb00f7bcee9e378b5ced145962ce930a03cee74a4f5729
dcc96f40ae4373ac5adfd3c8fdfae2b2eb92323a679df9da61a2158d5c07ce82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7552cc91be5333420da11c10d7cd8b99411a4f8667b83de28a365c84deebd7d
eb30c7bba08de1e383ee8ac3d8d52a6cdecfd0cc3867fc685d4dc96b97ea3b63
efc40747a8e97a4c653ed027b4c961696ebe8199960fe169f9a0a9f06a3df909
f4788a4718add85c5b5680c59e700dd973cc5d4ad87bf709ff3d370c528bf62f
f4e33196eb0d772b7cf9649be32efb5a691f63b5e9f21a10e633965dc719beae
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade
f6b3e39421aa2c2ad0cf79462e02e841b34fc431e0195a5399e7c6defc46b4f5
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fdaa8b72e5f72dc4b11244459070632baec41585fc4fa74741e54c8b006250bd

winstler.io Open in urlscan Pro 2606:4700:20::681a:df3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

98 %HTTPS

77 %IPv6

11 Domains

15 Subdomains

13 IPs

3 Countries

1377 kBTransfer

3035 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

winstler.io Open in urlscan Pro
2606:4700:20::681a:df3 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

98 %
HTTPS

77 %
IPv6

11
Domains

15
Subdomains

13
IPs

3
Countries

1377 kB
Transfer

3035 kB
Size

15
Cookies

47 HTTP transactions
3 data transactions