urlscan.io logo urlscan.io
SecurityTrails logo

winbtc.website Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://winbtc.website/
Submission: On July 07 via manual from MA — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 15 domains to perform 33 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is winbtc.website.
TLS certificate: Issued by WE1 on July 6th 2024. Valid for: 3 months.
This is the only time winbtc.website was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 149.7.16.236 63023 (AS-GLOBAL...)
1 136.243.42.50 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42:200... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
3 216.58.206.68 15169 (GOOGLE)
1 172.67.192.54 13335 (CLOUDFLAR...)
8 139.45.197.242 9002 (RETN-AS)
3 188.114.97.3 13335 (CLOUDFLAR...)
1 172.67.182.202 13335 (CLOUDFLAR...)
2 148.251.1.246 24940 (HETZNER-AS)
1 139.45.195.8 9002 (RETN-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 139.45.197.151 9002 (RETN-AS)
33 17
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
winbtc.website
2    149.7.16.236 (London, United Kingdom)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 236-16-7-149.clients.gthost.com
news-cesato.com
1    136.243.42.50 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.50.42.243.136.clients.your-server.de
news-xmatapi.cc
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
3    216.58.206.68 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f4.1e100.net
www.google.com
1    172.67.192.54 (United States)

ASN13335 (CLOUDFLARENET, US)
static.surfe.be
8    139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)
thubanoa.com
3    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
winbtc.website
1    172.67.182.202 (United States)

ASN13335 (CLOUDFLARENET, US)
api.fpadserver.com
2    148.251.1.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.1.251.148.clients.your-server.de
ad.a-ads.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)
interstitial-08.com
Apex Domain
Subdomains		 Transfer
8 thubanoa.com
thubanoa.com — Cisco Umbrella Rank: 62194
150 KB
5 winbtc.website
winbtc.website
11 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 7
963 B
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
62 KB
2 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 24579
2 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 8542
461 KB
2 news-cesato.com
news-cesato.com
11 KB
1 interstitial-08.com
interstitial-08.com — Cisco Umbrella Rank: 206309
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1793
1 gstatic.com
www.gstatic.com
213 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 7214
543 B
1 fpadserver.com
api.fpadserver.com — Cisco Umbrella Rank: 411607
1 surfe.be
static.surfe.be — Cisco Umbrella Rank: 800725
245 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 85
102 KB
1 news-xmatapi.cc
news-xmatapi.cc
6 KB
33 15
Domain Requested by
8 thubanoa.com winbtc.website
thubanoa.com
5 winbtc.website winbtc.website
3 www.google.com winbtc.website
www.gstatic.com
3 cdn.jsdelivr.net winbtc.website
2 ad.a-ads.com winbtc.website
2 blogger.googleusercontent.com winbtc.website
2 news-cesato.com winbtc.website
news-cesato.com
1 interstitial-08.com thubanoa.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 my.rtmark.net thubanoa.com
1 api.fpadserver.com winbtc.website
1 static.surfe.be winbtc.website
1 www.googletagmanager.com winbtc.website
1 news-xmatapi.cc winbtc.website
33 15

This site contains links to these domains. Also see Links.

Domain
stake.com
www.yallashooty.online
surfe.be
a-ads.com
www.makejar.com
www.sigmatraffic.com
Subject Issuer Validity Valid
winbtc.website
WE1		 2024-07-06 -
2024-10-04		 3 months crt.sh
news-cesato.com
ZeroSSL ECC Domain Secure Site CA		 2024-06-19 -
2024-09-17		 3 months crt.sh
*.news-xmatapi.cc
E5		 2024-07-05 -
2024-10-03		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.googleusercontent.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
surfe.be
WE1		 2024-06-29 -
2024-09-27		 3 months crt.sh
thubanoa.com
R10		 2024-06-27 -
2024-09-25		 3 months crt.sh
fpadserver.com
WE1		 2024-06-28 -
2024-09-26		 3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2023-12-27 -
2025-01-26		 a year crt.sh
rtmark.net
R11		 2024-07-05 -
2024-10-03		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
interstitial-08.com
R10		 2024-06-09 -
2024-09-07		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://winbtc.website/
Frame ID: 94735D3DC1F07FB396F2771BBA4007EB
Requests: 27 HTTP requests in this frame

Frame: https://api.fpadserver.com/banner?id=599&size=728x90
Frame ID: 9045F4EC1E496C804682FFC1A8AA08B8
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/2333239?size=300x250
Frame ID: D3A208D3A6978F7CC44B0F7D72ABEF52
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/2333560?size=728x90
Frame ID: B3D5DE54AFFC23CBC4C884C00C8D8CCC
Requests: 1 HTTP requests in this frame

Frame: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D3088157882%26z%3D6866489%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D-ImH5CxQJ9-uwhZ7aAWgiXLH09M3Ex4-iYYa221I37GG9Cgu2hpX1l795kVPd6bXhFD1C7O8_0USnC_dYxj2Vfwv3E24K6PSMwFSA4iEvlcHC9lJJCCgrGLFKlynuSgxd-9x_3J3Q2-OaxN7tEH5jkOrazHnINpSHTeyLqk6Krs1TRtGMvS4V_63sHBeaOrPOmbCdQOBO3gJfA-oqdN-ioGVodHdq0bYckqeYq3ktGvwdUpWFoUsKfkKXVRc9VAjq2uoC4hghVqnt2DuaCEuU82WB5OVb3-ampdNsWQriy3RgOaJvd7sQO_dSSJvotlR%26bag%3DydU9kaAfa6I%3D%26ruid%3D4f5efe1b-b94e-4e55-838d-002e492c3cec%26os%3Dwin32%26os_version%3D10.0.0%26browser_version%3D126.0.6478.126%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwinbtc.website%252F%26wy%3D90%26wx%3D90%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26os%3Dwin32%26os_version%3D10.0.0%26browser_version%3D126.0.6478.126%26tbc%3D1
Frame ID: 501C67BF859250AA13D25F3D227EE142
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdkRmIiAAAAAFKlGcDrMEP1eN29BsfuXd4my2kO&co=aHR0cHM6Ly93aW5idGMud2Vic2l0ZTo0NDM.&hl=nl&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=l8x5rdzaj6ih
Frame ID: A81760BD00710929D1CD5A532A2FC0BA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LdkRmIiAAAAAFKlGcDrMEP1eN29BsfuXd4my2kO
Frame ID: 25BCF63D0D9990E4EAC361FF427C1D6E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Claim free bitcoin in your faucetpay with winbtc.website WINBTC

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

33
Requests

100 %
HTTPS

38 %
IPv6

15
Domains

15
Subdomains

17
IPs

4
Countries

1261 kB
Transfer

2303 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
winbtc.website/ 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://winbtc.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.29
Resource Hash
61b9867e6d19aa4126bddf846e3f96621c40b7d2e09d9faf34720115f1eed4ce
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
89f924f589146614-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 07 Jul 2024 16:17:23 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
unsafe-url
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WkpuHy%2BuyeCKups2eNFOtrXTe5Z4q3gkm0oJxp%2Ftqpscy63Nk%2BZUddMIuzs39SG33PWyUwRk5mc7gWCUxAnS02lpsQu11EQkKbQb%2Flx%2Bk6hcIuIGUD8251ax7wk3HeANWj8Y82LuEnf007soSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-powered-by
PHP/8.1.29
x-turbo-charged-by
LiteSpeed
https-v2.js
news-cesato.com/code/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news-cesato.com/code/https-v2.js?uid=181953&site=1232227064&banadu=0&sub1=sub1&sub2=sub2&sub3=sub3&sub4=sub4
Requested by
Host: winbtc.website
URL: https://winbtc.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.7.16.236 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
236-16-7-149.clients.gthost.com
Software
nginx /
Resource Hash
374e15e13c2c901690f8790b01e5009b5edc991681601d0e1e769d77a65db01f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 16:17:23 GMT
last-modified
Tue, 02 Jul 2024 15:38:04 GMT
server
nginx
etag
"66841edc-21d6"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
content-length
8662
expires
Thu, 31 Dec 2037 23:55:55 GMT
process.js
news-xmatapi.cc/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news-xmatapi.cc/process.js?id=1232227064&p1=sub1&p2=sub2&p3=sub3&p4=sub4
Requested by
Host: winbtc.website
URL: https://winbtc.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
be7f036b613d28dd185802e6d34fd37e19f0f2fc0e06445644fd814aa31517c3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Jul 2024 16:17:25 GMT
content-encoding
gzip
server
nginx
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
expires
0
js
www.googletagmanager.com/gtag/ 		307 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4Y6Q9VJDW4
Requested by
Host: winbtc.website
URL: https://winbtc.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
48e5fc62a034cd4af8f7ae4289842e1212840342b104d756ee7b9ad096c9d8d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 16:17:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104178
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 07 Jul 2024 16:17:24 GMT
bootstrap.min.css
cdn.jsdelivr.net/bootstrap/3.3.4/css/ 		115 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/bootstrap/3.3.4/css/bootstrap.min.css
Requested by
Host: winbtc.website
URL: https://winbtc.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 07 Jul 2024 16:17:23 GMT
age
3406971
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
20700
x-served-by
cache-fra-eddf8230068-FRA, cache-bru1480067-BRU
etag
W/"1ca39-7SkxXg/7PxQ4JDHyckI1v2f0TrM"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.min.js
cdn.jsdelivr.net/jquery/2.1.4/ 		82 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery/2.1.4/jquery.min.js
Requested by
Host: winbtc.website
URL: https://winbtc.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 07 Jul 2024 16:17:23 GMT
age
2267683
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
31371
x-served-by
cache-fra-eddf8230142-FRA, cache-bru1480067-BRU
etag
W/"1499c-gljQRvF908FaXTmE4YaLe10dsyk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
cdn.jsdelivr.net/bootstrap/3.3.4/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/bootstrap/3.3.4/js/bootstrap.min.js
Requested by
Host: winbtc.website
URL: https://winbtc.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 07 Jul 2024 16:17:23 GMT
age
4110967
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10263
x-served-by
cache-fra-etou8220127-FRA, cache-bru1480067-BRU
etag
W/"8c6f-JTcRxtgl3lWoNgVSVzvpUNoYBhQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
simplex.css
winbtc.website/templates/default/palettes/ 		407 B
510 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winbtc.website/templates/default/palettes/simplex.css
Requested by
Host: winbtc.website
URL: https://winbtc.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a0a2466e66e3b63ef4a097dc4e4b56e46da1482cf4fb002c1c47725ffc015e7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 16:17:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Dec 2019 19:25:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
65430
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kJubNrRUY7nQYRM7TizwDEkTBbixpf4eOpnH%2B5zPgnjsoffNDY5o0T9cGXkQuMHG19OMgznu%2BgFtqR4K%2BbmytcfQoxlGTg4GKbLhYOhFQ8p0s4J1DIIIctCU1TMVINhhf7iwpGqwPv%2Bp6ahRMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
89f924fbe8886614-AMS
alt-svc
h3=":443"; ma=86400
expires
Sat, 13 Jul 2024 22:06:53 GMT
stake728x90.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPiLkJKLo090FrFWKJGD3p0LCEG4WD9BRbOo76NaQHaBmW3WyuCQsx2Vh_kI55FdTKjUYaMFoH-olE93YLOpx7mxgJchO6qI2e8UmXlfy0-g2hryO-lmNpN8750RAm8483uMa4aAjR0No0sD3N... 		330 KB
330 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPiLkJKLo090FrFWKJGD3p0LCEG4WD9BRbOo76NaQHaBmW3WyuCQsx2Vh_kI55FdTKjUYaMFoH-olE93YLOpx7mxgJchO6qI2e8UmXlfy0-g2hryO-lmNpN8750RAm8483uMa4aAjR0No0sD3N4_xUmfEa5BWftV6hbsTYoWw9lZ-HHL-XlQlDUbJdcD4/s16000/stake728x90.gif
Requested by
Host: winbtc.website
URL: https://winbtc.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e3d69c3f47f26c5e75b7037a9913a47c156c1fd96480d349b2e8600eb8626ab3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 16:17:24 GMT
x-content-type-options
nosniff
server
fife
etag
"v52a"
vary
Origin
content-type
image/gif
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="stake728x90.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337920
x-xss-protection
0
expires
Mon, 08 Jul 2024 16:17:24 GMT
yalla%20shoot.PNG
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgk0-oJyHeVxqpjL74POX7BTxs-_wi2K9Sf7-6dYiJbJMhtGOUrEr6ECuAC0oh11jTd9p3T6DKKPMEjIwOot9UuYDjoMh6ptu1qcFChn2maafn0ZIIb6kNdqkJ4TM6FEDleFt0MT2E-f-gM92eQ... 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgk0-oJyHeVxqpjL74POX7BTxs-_wi2K9Sf7-6dYiJbJMhtGOUrEr6ECuAC0oh11jTd9p3T6DKKPMEjIwOot9UuYDjoMh6ptu1qcFChn2maafn0ZIIb6kNdqkJ4TM6FEDleFt0MT2E-f-gM92eQaPt9EFa2yGaVBU0vAxVJi1fBxuooA3noQ6QZZ6EWXCQ/s1600/yalla%20shoot.PNG
Requested by
Host: winbtc.website
URL: https://winbtc.website/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
838a0d742fe86fdb5c5bce28e368e8afe4263933d1fb307a5d446986f7bd60f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 16:17:24 GMT
x-content-type-options
nosniff
server
fife
etag
"v52c"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="yalla shoot.PNG"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133458
x-xss-protection
0
expires
Mon, 08 Jul 2024 16:17:24 GMT
api.js
www.google.com/recaptcha/ 		1 KB
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: winbtc.website
URL: https://winbtc.website/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f4.1e100.net
Software
GSE /
Resource Hash
70cf569b4dbdae1e3256d5dcf1a2dff34fab51852528f090275361dcd557b9eb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 16:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 07 Jul 2024 16:17:24 GMT
2-240x400en_.gif
static.surfe.be/images/banners/1123/ 		269 KB
245 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.surfe.be/images/banners/1123/2-240x400en_.gif
Requested by
Host: winbtc.website
URL: https://winbtc.website/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6a882d2fd47ac52b3efcdf5cd3e277d640daa6cb3a6313573d1af478a3a2c5e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 16:17:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 25 Dec 2023 11:59:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
9404
etag
W/"65896eaa-43527"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R7sN3jYjEnIf0Yf1AmWexEuDsT%2F7t69XNPFbCM3OPqHLN1ZYWdaD9U9Ilxv31FZw%2FzFPBHrMV84iYP%2F%2BUfU6nYmwmeQLaLkK%2BOgz8LU36ZJO02ZVAdOMICIrgJWhFQULcww%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=86400
cf-ray
89f924fcfdaa0b5c-AMS
alt-svc
h3=":443"; ma=86400
1
thubanoa.com/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thubanoa.com/1?z=6866489
Requested by
Host: winbtc.website
URL: https://winbtc.website/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d1598b3c2b98008cf170dc4b01304b9615629a42e3602969a551461b542bf993

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
1cf34cc1eca228c72c301c27d38b60a5
pragma
no-cache
date
Sun, 07 Jul 2024 16:17:23 GMT
content-encoding
gzip
x-sc
oAgoCGDj_8_Qdljlvea7FD0o1zjIyspnM0iMRjc-QqDYyT2-ZsWu00rYp5zKtcrNqLFfet8jdauduPoDX0P_6nYMCt4=
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Mon, 26 Jul 1997 05:00:00 GMT
advertisement.js
winbtc.website/libs/ 		81 B
540 B 		Script
General
Check archive.org
Download Go to
Full URL
https://winbtc.website/libs/advertisement.js?ad_ids=973&show_ad=434&banner_id=670
Requested by
Host: winbtc.website
URL: https://winbtc.website/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
726e6e6b7488328b9ad7746cf8a15ea2f0209c5a99a92100e1866883ca8a40eb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 16:17:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 03 Apr 2022 23:55:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NRTEVUOz9%2BHCAFZk%2BbKJH5NYUoQI%2Fq2h9iteFvlumlkYlgTTpdWgVA5%2Bl3%2Fq02yobSc%2FdJKyUYt3ymHHj602FdyBWs3xTYiWEEZ9mXHH%2FSifSCGaI82K4A71dPxEVccn6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
89f924fcab9ab969-AMS
alt-svc
h3=":443"; ma=86400
check.js
winbtc.website/libs/ 		947 B
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://winbtc.website/libs/check.js
Requested by
Host: winbtc.website
URL: https://winbtc.website/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b96667766edbf6c891ca57fbc6cc7c7c78e69292d41be0aef2796f0a34084e09

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 16:17:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 03 Apr 2022 23:46:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
728
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ZNiLDFotKka2j75Ps0oo1h9ioltoNUdMaMq16uA9OtudKVGXiShRmbpntwo52G7SuOsXbbZjqMh17NTS1ux7q6oT9iwvmRB%2BMubkQMwEjhqVkzbVVZfLe9uaeAkfQMfAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
89f924fcab9eb969-AMS
alt-svc
h3=":443"; ma=86400
banner
api.fpadserver.com/ Frame 9045 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.fpadserver.com/banner?id=599&size=728x90
Requested by
Host: winbtc.website
URL: https://winbtc.website/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.182.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://winbtc.website/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
89f924fcd9996610-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 07 Jul 2024 16:17:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BsRA%2FwnjmLcXwTU3ujFZPSmQjgTLx1ZuApytMpQmNYXC3OAij3lKAvlao7E3RUVIM9OMFIZAt%2BhwFZmvGHtSgWpMWmH0E1HFDJ0Sg5%2BBgOjecNkylZI4cxtPvwSJUYzNxkmJPGw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-server
ADS-Server
2333239
ad.a-ads.com/ Frame D3A2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/2333239?size=300x250
Requested by
Host: winbtc.website
URL: https://winbtc.website/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://winbtc.website/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Sun, 07 Jul 2024 16:17:24 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://winbtc.website/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
2333560
ad.a-ads.com/ Frame B3D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/2333560?size=728x90
Requested by
Host: winbtc.website
URL: https://winbtc.website/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.251.1.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.1.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://winbtc.website/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Sun, 07 Jul 2024 16:17:24 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://winbtc.website/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
shortlink.png
winbtc.website/templates/default/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winbtc.website/templates/default/shortlink.png
Requested by
Host: winbtc.website
URL: https://winbtc.website/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe2bcabe9c21571c9b7f7f5e56fa97704e1d61b1563d5b94fdbf2711083960be

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 16:17:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
726
alt-svc
h3=":443"; ma=86400
content-length
2383
last-modified
Mon, 23 Dec 2019 19:25:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ipTePO%2FQjNe%2BIJgGwuyAzVaNoW2yp4myaI9ydVYDfvp7SYk%2BkXdM1o9rWTT10%2FCXNx4W%2F21oqHjT4sZrG7cGG6WOXuAEIw%2BfRR0%2B5IRF84QZCXK0A2cF8dLJx9xba8Cdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
89f924fcaba7b969-AMS
expires
Sun, 14 Jul 2024 16:05:17 GMT
7552beb94fc0bdff7bbb33cad3d1ab0a
thubanoa.com/27/ 		404 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thubanoa.com/27/7552beb94fc0bdff7bbb33cad3d1ab0a
Requested by
Host: thubanoa.com
URL: https://thubanoa.com/1?z=6866489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b2ba9d8b2216d22f8f31a594bc22ee21f60e2b539474a650be1e87dea87d5ed7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
a1c548ed8bf752a5c9ecf2501c349ec1
date
Sun, 07 Jul 2024 16:17:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
last-modified
Thu, 18 Apr 2024 06:29:14 GMT
server
nginx
content-encoding
gzip
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
max-age:290304000, public
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Thu, 18 May 2084 06:29:14 GMT
gid.js
my.rtmark.net/ 		65 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: thubanoa.com
URL: https://thubanoa.com/27/7552beb94fc0bdff7bbb33cad3d1ab0a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
98eef0139f07171d69456df560f7e004709fc54c5d3bba00db6e817db9a5792b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 16:17:24 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://winbtc.website
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 		535 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae64db23eb03fc57c24c335a38e3ffb0ce8c74aa08c433bba1f13cb440d3f1cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Origin
https://winbtc.website
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 23:47:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
145823
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
217125
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 08:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 05 Jul 2025 23:47:01 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4Y6Q9VJDW4&gtm=45je4730v9186063891za200&_p=1720369043841&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1238452855.1720369044&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720369044&sct=1&seg=0&dl=https%3A%2F%2Fwinbtc.website%2F&dt=Claim%20free%20bitcoin%20in%20your%20faucetpay%20with%20winbtc.website%20WINBTC&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1489&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4Y6Q9VJDW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 07 Jul 2024 16:17:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://winbtc.website
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9
thubanoa.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://thubanoa.com/9?z=6866489&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fwinbtc.website%2F&wy=90&wx=90&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=&hil=1&ist=0&os=win32&os_version=10.0.0&browser_version=126.0.6478.126&oaid=0800924d91c64090f1bd399dd6ea038d
Requested by
Host: thubanoa.com
URL: https://thubanoa.com/27/7552beb94fc0bdff7bbb33cad3d1ab0a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
1ab80cc994fe338247e8010abcc152383fac025cdd540bcae4a691802bd55c88

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
092fdf6790b7f1f5aaa69c95c8646f47
pragma
no-cache
date
Sun, 07 Jul 2024 16:17:24 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://winbtc.website
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Mon, 26 Jul 1997 05:00:00 GMT
9
thubanoa.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://thubanoa.com/9?z=6866489&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fwinbtc.website%2F&wy=90&wx=90&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=&hil=1&ist=0&os=win32&os_version=10.0.0&browser_version=126.0.6478.126&oaid=0800924d91c64090f1bd399dd6ea038d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://winbtc.website
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://winbtc.website
cache-control
no-store, no-cache, must-revalidate, max-age=0
date
Sun, 07 Jul 2024 16:17:24 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
pragma
no-cache
server
nginx
11
thubanoa.com/ 		0
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thubanoa.com/11?rnd=2048549344&z=6866489&b=5362695&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=-ImH5CxQJ9-uwhZ7aAWgiXLH09M3Ex4-iYYa221I37GG9Cgu2hpX1l795kVPd6bXhFD1C7O8_0USnC_dYxj2Vfwv3E24K6PSMwFSA4iEvlcHC9lJJCCgrGLFKlynuSgxd-9x_3J3Q2-OaxN7tEH5jkOrazHnINpSHTeyLqk6Krs1TRtGMvS4V_63sHBeaOrPOmbCdQOBO3gJfA-oqdN-ioGVodHdq0bYckqeYq3ktGvwdUpWFoUsKfkKXVRc9VAjq2uoC4hghVqnt2DuaCEuU82WB5OVb3-ampdNsWQriy3RgOaJvd7sQO_dSSJvotlR&ruid=4f5efe1b-b94e-4e55-838d-002e492c3cec&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fwinbtc.website%2F&wy=90&wx=90&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=&hil=1&ist=0&os=win32&os_version=10.0.0&browser_version=126.0.6478.126&ot=72
Requested by
Host: thubanoa.com
URL: https://thubanoa.com/27/7552beb94fc0bdff7bbb33cad3d1ab0a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
223091b4d87d561e3113bf15005432d8
pragma
no-cache
date
Sun, 07 Jul 2024 16:17:24 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/jpeg
access-control-allow-origin
https://winbtc.website
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
interstitial-08.com/ Frame 501C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D3088157882%26z%3D6866489%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D-ImH5CxQJ9-uwhZ7aAWgiXLH09M3Ex4-iYYa221I37GG9Cgu2hpX1l795kVPd6bXhFD1C7O8_0USnC_dYxj2Vfwv3E24K6PSMwFSA4iEvlcHC9lJJCCgrGLFKlynuSgxd-9x_3J3Q2-OaxN7tEH5jkOrazHnINpSHTeyLqk6Krs1TRtGMvS4V_63sHBeaOrPOmbCdQOBO3gJfA-oqdN-ioGVodHdq0bYckqeYq3ktGvwdUpWFoUsKfkKXVRc9VAjq2uoC4hghVqnt2DuaCEuU82WB5OVb3-ampdNsWQriy3RgOaJvd7sQO_dSSJvotlR%26bag%3DydU9kaAfa6I%3D%26ruid%3D4f5efe1b-b94e-4e55-838d-002e492c3cec%26os%3Dwin32%26os_version%3D10.0.0%26browser_version%3D126.0.6478.126%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D5%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwinbtc.website%252F%26wy%3D90%26wx%3D90%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D3%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26os%3Dwin32%26os_version%3D10.0.0%26browser_version%3D126.0.6478.126%26tbc%3D1
Requested by
Host: thubanoa.com
URL: https://thubanoa.com/27/7552beb94fc0bdff7bbb33cad3d1ab0a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://winbtc.website/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 07 Jul 2024 16:17:24 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
backdrop.css
news-cesato.com/code/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news-cesato.com/code/css/backdrop.css
Requested by
Host: news-cesato.com
URL: https://news-cesato.com/code/https-v2.js?uid=181953&site=1232227064&banadu=0&sub1=sub1&sub2=sub2&sub3=sub3&sub4=sub4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.7.16.236 London, United Kingdom, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
236-16-7-149.clients.gthost.com
Software
nginx /
Resource Hash
eb0c77dc8e3554bc35c4d6e2d37dd4d675406c32e88f78b91926e4e19b576972

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 16:17:24 GMT
last-modified
Tue, 11 May 2021 16:26:38 GMT
server
nginx
etag
"609ab03e-8bc"
content-type
text/css
cache-control
max-age=315360000
accept-ranges
bytes
content-length
2236
expires
Thu, 31 Dec 2037 23:55:55 GMT
anchor
www.google.com/recaptcha/api2/ Frame A817 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdkRmIiAAAAAFKlGcDrMEP1eN29BsfuXd4my2kO&co=aHR0cHM6Ly93aW5idGMud2Vic2l0ZTo0NDM.&hl=nl&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=l8x5rdzaj6ih
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__nl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4YqxXBaTHlQQ2aoLL78wvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://winbtc.website/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-4YqxXBaTHlQQ2aoLL78wvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jul 2024 16:17:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
11
thubanoa.com/ 		0
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thubanoa.com/11?rnd=2048549344&z=6866489&b=5362695&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=-ImH5CxQJ9-uwhZ7aAWgiXLH09M3Ex4-iYYa221I37GG9Cgu2hpX1l795kVPd6bXhFD1C7O8_0USnC_dYxj2Vfwv3E24K6PSMwFSA4iEvlcHC9lJJCCgrGLFKlynuSgxd-9x_3J3Q2-OaxN7tEH5jkOrazHnINpSHTeyLqk6Krs1TRtGMvS4V_63sHBeaOrPOmbCdQOBO3gJfA-oqdN-ioGVodHdq0bYckqeYq3ktGvwdUpWFoUsKfkKXVRc9VAjq2uoC4hghVqnt2DuaCEuU82WB5OVb3-ampdNsWQriy3RgOaJvd7sQO_dSSJvotlR&ruid=4f5efe1b-b94e-4e55-838d-002e492c3cec&ng=1&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fwinbtc.website%2F&wy=90&wx=90&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=&hil=1&ist=0&os=win32&os_version=10.0.0&browser_version=126.0.6478.126&ri=1&wvd=0&wvr=1.0000&isions=1
Requested by
Host: thubanoa.com
URL: https://thubanoa.com/27/7552beb94fc0bdff7bbb33cad3d1ab0a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
ec2022201e3cf97cdb98fb743952187a
pragma
no-cache
date
Sun, 07 Jul 2024 16:17:24 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/jpeg
access-control-allow-origin
https://winbtc.website
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ 		152 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a5b11fb2b805c87ab9e5425e8c6f70b353c99cc11cb9ef8023f05d1d765c019

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
bframe
www.google.com/recaptcha/api2/ Frame 25BC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=nl&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LdkRmIiAAAAAFKlGcDrMEP1eN29BsfuXd4my2kO
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__nl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mwfHC2J82QB4zu2YHNB8DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://winbtc.website/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-mwfHC2J82QB4zu2YHNB8DQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jul 2024 16:17:25 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
15
thubanoa.com/ 		0
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thubanoa.com/15?rnd=1139652604&z=6866489&var=&varid=0&rb=-ImH5CxQJ9-uwhZ7aAWgiXLH09M3Ex4-iYYa221I37GG9Cgu2hpX1l795kVPd6bXhFD1C7O8_0USnC_dYxj2Vfwv3E24K6PSMwFSA4iEvlcHC9lJJCCgrGLFKlynuSgxd-9x_3J3Q2-OaxN7tEH5jkOrazHnINpSHTeyLqk6Krs1TRtGMvS4V_63sHBeaOrPOmbCdQOBO3gJfA-oqdN-ioGVodHdq0bYckqeYq3ktGvwdUpWFoUsKfkKXVRc9VAjq2uoC4hghVqnt2DuaCEuU82WB5OVb3-ampdNsWQriy3RgOaJvd7sQO_dSSJvotlR&ruid=4f5efe1b-b94e-4e55-838d-002e492c3cec&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.178%2C%22location%22%3A%22https%3A%2F%2Fwinbtc.website%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A5%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
Requested by
Host: thubanoa.com
URL: https://thubanoa.com/27/7552beb94fc0bdff7bbb33cad3d1ab0a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
f9dfe3107725a14e72afd08a0e2b7149
pragma
no-cache
date
Sun, 07 Jul 2024 16:17:25 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://winbtc.website
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Mon, 26 Jul 1997 05:00:00 GMT
15
thubanoa.com/ 		0
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thubanoa.com/15?rnd=1139652604&z=6866489&var=&varid=0&rb=-ImH5CxQJ9-uwhZ7aAWgiXLH09M3Ex4-iYYa221I37GG9Cgu2hpX1l795kVPd6bXhFD1C7O8_0USnC_dYxj2Vfwv3E24K6PSMwFSA4iEvlcHC9lJJCCgrGLFKlynuSgxd-9x_3J3Q2-OaxN7tEH5jkOrazHnINpSHTeyLqk6Krs1TRtGMvS4V_63sHBeaOrPOmbCdQOBO3gJfA-oqdN-ioGVodHdq0bYckqeYq3ktGvwdUpWFoUsKfkKXVRc9VAjq2uoC4hghVqnt2DuaCEuU82WB5OVb3-ampdNsWQriy3RgOaJvd7sQO_dSSJvotlR&ruid=4f5efe1b-b94e-4e55-838d-002e492c3cec&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A3.179%2C%22location%22%3A%22https%3A%2F%2Fwinbtc.website%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A5%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
Requested by
Host: thubanoa.com
URL: https://thubanoa.com/27/7552beb94fc0bdff7bbb33cad3d1ab0a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://winbtc.website/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-trace-id
ffcb24f7951faa59ac740592de01f1c4
pragma
no-cache
date
Sun, 07 Jul 2024 16:17:27 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://winbtc.website
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Mon, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 undefined| event object| fence object| sharedStorage function| gtag object| dataLayer function| $ function| jQuery object| atOptions object| _PHV2SITE object| webpackChunklands_static object| Sentry object| _phv2Activator object| regeneratorRuntime object| zfgformats object| zfgstorage boolean| zfgloadednative function| a0_0x23f5 function| encrypt_url function| a0_0x30d0 function| revoInit function| addSubscriber function| pagelocker function| _retranber object| syncCallbacks object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| _nps object| recaptcha object| closure_lm_668584 boolean| nsto

9 Cookies

Domain/Path Name / Value
winbtc.website/ Name: PHPSESSID
Value: ag1tk140s45m25dogo10p5io4f
thubanoa.com/ Name: scm
Value: 1
thubanoa.com/ Name: oaidts
Value: 1720369043
my.rtmark.net/ Name: ID
Value: 0800924d91c64090f1bd399dd6ea038d
.winbtc.website/ Name: _ga_4Y6Q9VJDW4
Value: GS1.1.1720369044.1.0.1720369044.0.0.0
.winbtc.website/ Name: _ga
Value: GA1.1.1238452855.1720369044
thubanoa.com/ Name: OAID
Value: 0800924d91c64090f1bd399dd6ea038d
thubanoa.com/ Name: oaidvc
Value: 1
thubanoa.com/ Name: CNT
Value: 1_v1_B9RRAAEAAADHTQAA

1 Console Messages

Source Level URL
Text
other error URL: https://winbtc.website/
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
api.fpadserver.com
blogger.googleusercontent.com
cdn.jsdelivr.net
interstitial-08.com
my.rtmark.net
news-cesato.com
news-xmatapi.cc
region1.google-analytics.com
static.surfe.be
thubanoa.com
winbtc.website
www.google.com
www.googletagmanager.com
www.gstatic.com
136.243.42.50
139.45.195.8
139.45.197.151
139.45.197.242
148.251.1.246
149.7.16.236
172.67.182.202
172.67.192.54
188.114.97.3
2001:4860:4802:32::36
216.58.206.68
2a00:1450:4001:80f::2001
2a00:1450:4001:812::2008
2a00:1450:4001:82a::2003
2a04:4e42:200::485
2a06:98c1:3121::3
0a0a2466e66e3b63ef4a097dc4e4b56e46da1482cf4fb002c1c47725ffc015e7
0a5b11fb2b805c87ab9e5425e8c6f70b353c99cc11cb9ef8023f05d1d765c019
1ab80cc994fe338247e8010abcc152383fac025cdd540bcae4a691802bd55c88
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
374e15e13c2c901690f8790b01e5009b5edc991681601d0e1e769d77a65db01f
48e5fc62a034cd4af8f7ae4289842e1212840342b104d756ee7b9ad096c9d8d6
61b9867e6d19aa4126bddf846e3f96621c40b7d2e09d9faf34720115f1eed4ce
70cf569b4dbdae1e3256d5dcf1a2dff34fab51852528f090275361dcd557b9eb
726e6e6b7488328b9ad7746cf8a15ea2f0209c5a99a92100e1866883ca8a40eb
838a0d742fe86fdb5c5bce28e368e8afe4263933d1fb307a5d446986f7bd60f1
98eef0139f07171d69456df560f7e004709fc54c5d3bba00db6e817db9a5792b
ae64db23eb03fc57c24c335a38e3ffb0ce8c74aa08c433bba1f13cb440d3f1cc
b2ba9d8b2216d22f8f31a594bc22ee21f60e2b539474a650be1e87dea87d5ed7
b96667766edbf6c891ca57fbc6cc7c7c78e69292d41be0aef2796f0a34084e09
be7f036b613d28dd185802e6d34fd37e19f0f2fc0e06445644fd814aa31517c3
c6a882d2fd47ac52b3efcdf5cd3e277d640daa6cb3a6313573d1af478a3a2c5e
d1598b3c2b98008cf170dc4b01304b9615629a42e3602969a551461b542bf993
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d69c3f47f26c5e75b7037a9913a47c156c1fd96480d349b2e8600eb8626ab3
eb0c77dc8e3554bc35c4d6e2d37dd4d675406c32e88f78b91926e4e19b576972
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
fe2bcabe9c21571c9b7f7f5e56fa97704e1d61b1563d5b94fdbf2711083960be