m.iwin.com Open in urlscan Pro
3.226.80.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://securegames.iwin.com/data/gtm.json
Effective URL:
https://m.iwin.com/online-games
Submission: On March 01 via manual (March 1st 2024, 2:44:41 pm UTC) from CA — Scanned from CA

Summary HTTP 176 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 31 IPs in 2 countries across 17 domains to perform 176 HTTP transactions. The main IP is 3.226.80.254, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is m.iwin.com. The Cisco Umbrella rank of the primary domain is 560157.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 23rd 2023. Valid for: a year.

This is the only time m.iwin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 59	108.139.47.94 108.139.47.94	16509 (AMAZON-02) (AMAZON-02)
1	3.226.80.254 3.226.80.254	14618 (AMAZON-AES) (AMAZON-AES)
1 1	44.217.70.110 44.217.70.110	14618 (AMAZON-AES) (AMAZON-AES)
2	54.230.163.57 54.230.163.57	16509 (AMAZON-02) (AMAZON-02)
3	142.250.12.156 142.250.12.156	15169 (GOOGLE) (GOOGLE)
18	142.250.12.157 142.250.12.157	15169 (GOOGLE) (GOOGLE)
2	142.250.96.97 142.250.96.97	15169 (GOOGLE) (GOOGLE)
3	142.250.12.138 142.250.12.138	15169 (GOOGLE) (GOOGLE)
5	18.238.55.49 18.238.55.49	16509 (AMAZON-02) (AMAZON-02)
1 10	142.250.96.156 142.250.96.156	15169 (GOOGLE) (GOOGLE)
1	142.250.80.10 142.250.80.10	15169 (GOOGLE) (GOOGLE)
3	142.251.32.100 142.251.32.100	15169 (GOOGLE) (GOOGLE)
1	142.250.12.94 142.250.12.94	15169 (GOOGLE) (GOOGLE)
3	104.21.19.128 104.21.19.128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.123.96 104.16.123.96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.12.132 142.250.12.132	15169 (GOOGLE) (GOOGLE)
2	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.253.126.95 172.253.126.95	15169 (GOOGLE) (GOOGLE)
8	142.250.96.94 142.250.96.94	15169 (GOOGLE) (GOOGLE)
1 21	142.250.96.132 142.250.96.132	15169 (GOOGLE) (GOOGLE)
1	74.119.119.65 74.119.119.65	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.130 74.119.119.130	19750 (AS-CRITEO) (AS-CRITEO)
7	74.119.119.131 74.119.119.131	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
11	74.119.119.80 74.119.119.80	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.149 74.119.119.149	19750 (AS-CRITEO) (AS-CRITEO)
4	142.250.12.139 142.250.12.139	15169 (GOOGLE) (GOOGLE)
1	142.250.96.138 142.250.96.138	15169 (GOOGLE) (GOOGLE)
1	142.250.12.100 142.250.12.100	15169 (GOOGLE) (GOOGLE)
1	172.253.126.102 172.253.126.102	15169 (GOOGLE) (GOOGLE)
1	142.250.96.157 142.250.96.157	15169 (GOOGLE) (GOOGLE)
176	31

59 108.139.47.94 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-94.jfk50.r.cloudfront.net

securegames.iwin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.226.80.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-80-254.compute-1.amazonaws.com

m.iwin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.217.70.110 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-70-110.compute-1.amazonaws.com

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.163.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-57.ewr53.r.cloudfront.net

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.12.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ge-in-f156.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ge-in-f157.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.96.97 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: gg-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.12.138 (United States)

ASN15169 (GOOGLE, US)
PTR: ge-in-f138.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.238.55.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-49.jfk52.r.cloudfront.net

cdn.optinly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.96.156 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: gg-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.10 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.32.100 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: ge-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.19.128 (None, )

ASN13335 (CLOUDFLARENET, US)

static.optinly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.123.96 (None, )

ASN13335 (CLOUDFLARENET, US)

www.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: ge-in-f132.1e100.net

e9df237540bb532ea59a082e6ca2fd97.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.253.126.95 (United States)

ASN15169 (GOOGLE, US)
PTR: gd-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.96.94 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: gg-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.96.132 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: gg-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.65 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.130 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 74.119.119.80 (United States)

ASN19750 (AS-CRITEO, US)

imageproxy.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.149 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.12.139 (United States)

ASN15169 (GOOGLE, US)
PTR: ge-in-f139.1e100.net

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.96.138 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: gg-in-f138.1e100.net

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.12.100 (United States)

ASN15169 (GOOGLE, US)
PTR: ge-in-f100.1e100.net

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.126.102 (United States)

ASN15169 (GOOGLE, US)
PTR: gd-in-f102.1e100.net

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.96.157 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: gg-in-f157.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	iwin.com 1 redirects securegames.iwin.com — Cisco Umbrella Rank: 373043 m.iwin.com — Cisco Umbrella Rank: 560157	1 MB
39	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 e9df237540bb532ea59a082e6ca2fd97.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 161	787 KB
19	criteo.net static.criteo.net — Cisco Umbrella Rank: 677 imageproxy.us.criteo.net — Cisco Umbrella Rank: 3146 csm.us.criteo.net — Cisco Umbrella Rank: 3267	83 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com	447 KB
13	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	297 KB
8	optinly.net cdn.optinly.net — Cisco Umbrella Rank: 150955 static.optinly.net — Cisco Umbrella Rank: 152200	185 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 368 fonts.googleapis.com — Cisco Umbrella Rank: 30	37 KB
3	criteo.com ads.us.criteo.com — Cisco Umbrella Rank: 3191 rtb.va.us.criteo.com — Cisco Umbrella Rank: 6766 cat.va.us.criteo.com — Cisco Umbrella Rank: 3391	45 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	21 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2945	83 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	171 KB
2	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 4035	45 KB
1	cloudflare.com www.cloudflare.com — Cisco Umbrella Rank: 6062	449 B
1	google.ca www.google.ca — Cisco Umbrella Rank: 9781	408 B
1	quantcast.com 1 redirects cmp.quantcast.com — Cisco Umbrella Rank: 4872	220 B
176	17

	Domain	Requested by
59	securegames.iwin.com	1 redirects m.iwin.com
21	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com m.iwin.com
17	pagead2.googlesyndication.com	m.iwin.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
11	imageproxy.us.criteo.net	ads.us.criteo.com
9	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
7	static.criteo.net	ads.us.criteo.com
6	www.gstatic.com	www.google.com m.iwin.com googleads.g.doubleclick.net
5	fonts.googleapis.com	srcdoc googleads.g.doubleclick.net m.iwin.com
5	cdn.optinly.net	www.googletagmanager.com cdn.optinly.net ajax.googleapis.com srcdoc
4	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
3	static.optinly.net	cdn.optinly.net srcdoc
3	www.google.com	m.iwin.com ajax.googleapis.com tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	securepubads.g.doubleclick.net	m.iwin.com securepubads.g.doubleclick.net
2	www.googleadservices.com
2	fonts.gstatic.com	fonts.googleapis.com
2	stackpath.bootstrapcdn.com	srcdoc stackpath.bootstrapcdn.com
2	www.googletagmanager.com	m.iwin.com www.googletagmanager.com
2	cmp.inmobi.com	m.iwin.com cmp.quantcast.com
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	csm.us.criteo.net	ads.us.criteo.com
1	cat.va.us.criteo.com	ads.us.criteo.com
1	rtb.va.us.criteo.com	googleads.g.doubleclick.net
1	ads.us.criteo.com	googleads.g.doubleclick.net
1	e9df237540bb532ea59a082e6ca2fd97.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.cloudflare.com	ajax.googleapis.com
1	www.google.ca	m.iwin.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ajax.googleapis.com	cdn.optinly.net
1	cmp.quantcast.com	1 redirects
1	m.iwin.com
176	33

This site contains links to these domains. Also see Links.

Domain
www.iwin.com
iwin.zendesk.com
www.jewelquest.com

Subject Issuer	Validity	Valid
*.iwin.com Amazon RSA 2048 M02	`2023-04-23` - `2024-05-21`	a year	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2023-08-18` - `2024-08-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.optinly.net Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
optinly.net GTS CA 1P5	`2024-01-22` - `2024-04-21`	3 months	crt.sh
www.cloudflare.com GTS CA 1P5	`2024-02-23` - `2024-05-23`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-12` - `2024-04-12`	3 months	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-31` - `2024-05-01`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-29` - `2024-05-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://m.iwin.com/online-games
Frame ID: 289705F232104D362ACF6F97CC3BBB17
Requests: 89 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: D77A0C3451B6A47DCADB2084AF169C28
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3849277388049950&output=html&adk=522671305&adf=1178619241&lmt=1702059192&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fm.iwin.com%2Fonline-games&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709304275161&bpp=5&bdt=1025&idt=437&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=43799660394&frm=20&pv=2&ga_vid=130313236.1709304275&ga_sid=1709304276&ga_hid=590834392&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081080%2C42532523%2C44795921%2C95325752%2C95326317%2C31081466%2C31080990%2C95324160&oid=2&pvsid=3262139290089889&tmod=418012534&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=492
Frame ID: 98355942F0128BC6BA2790AC7AFFF2C5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3849277388049950&output=html&h=280&slotname=1488786073&adk=378574185&adf=2724509456&pi=t.ma~as.1488786073&w=1200&fwrn=4&fwrnh=100&lmt=1702059192&rafmt=1&format=1200x280&url=https%3A%2F%2Fm.iwin.com%2Fonline-games&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709304275166&bpp=3&bdt=1031&idt=501&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43799660394&frm=20&pv=1&ga_vid=130313236.1709304275&ga_sid=1709304276&ga_hid=590834392&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=2102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081080%2C42532523%2C44795921%2C95325752%2C95326317%2C31081466%2C31080990%2C95324160&oid=2&pvsid=3262139290089889&tmod=418012534&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=508
Frame ID: 77A53CF22D868853CABB19A46FE185C6
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3849277388049950&output=html&h=280&slotname=1488786073&adk=378574185&adf=4155431597&pi=t.ma~as.1488786073&w=1200&fwrn=4&fwrnh=100&lmt=1702059192&rafmt=1&format=1200x280&url=https%3A%2F%2Fm.iwin.com%2Fonline-games&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709304275169&bpp=1&bdt=1033&idt=519&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=43799660394&frm=20&pv=1&ga_vid=130313236.1709304275&ga_sid=1709304276&ga_hid=590834392&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=3932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081080%2C42532523%2C44795921%2C95325752%2C95326317%2C31081466%2C31080990%2C95324160&oid=2&pvsid=3262139290089889&tmod=418012534&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=522
Frame ID: 4A32B9FF88BA4550E281CD7C3B0C4596
Requests: 1 HTTP requests in this frame

Frame: https://e9df237540bb532ea59a082e6ca2fd97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D378CFD2EE2659D066318A9F0D63BCEC
Requests: 1 HTTP requests in this frame

Frame: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Frame ID: F0220838DEFBCD51E18BECC9DA99A82B
Requests: 7 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZeHp0wAK6scFKOfgAACuIW1kJiXEZ9y8PjQRug&u=%7CsEcLhWDDtXauu29P8ueI9E4%2FgtnyU7m1TG3YS5GsC8k%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEblbnwQa_69I0muim5-1IsJwflnlktVVLpNKNkS2aGPN7cog3mUk5jHkP0BiQ6iXrBoZSv-MnF1o2xK6b5rg2-R7p8Vj-BFMaUz-2l-3dFDHolU0z3X8-Y9RuHr9YmRv5d_aOs0hv6WONHcwLg9AXT5MQezF62cSUN2L2be-SH9R8OLnLiA9YIJ8P3_ysujOsHezIVtparuM1C2u1xTkTK8CZMx85kYMsxTTbiurq7MkmHtknM7h9QwKd8PuYZDrzlnA6n6wGVDXqBQHK9M632kQ7VEdV7T-HLg09e9RLijwI963Ej8ietnJfMobERGXEHmlV40Q4tFbe6RfuWhGusgFb7XA0HsUXRbliheMf6UwIaSelWH9ITk7NJXOMRi_Pj3uuiL9xM0JlRSo35GTtN__KJcpQZadGamHxNTADmXQWDb8tgpgFiYzq4Kk2mmw7EtbO3SiDG2XMvS64fEavQM8lnFXyFFlacD1Ej4e7y_PMGoa4shM69zrGq-KPciSLUNSDcaPa0lXRq_BvMEeb9yLlfr5Bi1jYMyqJclijVv5Thmx7vDQOiVTzMUGkQV6TcRPF_t-zc-Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQDuG0-nhZcfVK-DPo9kPodyCuAScge-wXOLDuM6jAcCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi0zODQ5Mjc3Mzg4MDQ5OTUwyAEJqAMByAMCqgTwAU_QRI_PZGU6qtZXdatfxNLSWyvMdnxVKD1m7rIGWKNYnCAWZMVvcGAndcyPmdn9zeyLL1efpgcXZaOOy7QvUx7M0gI8tUTwgdVg6pQPBoFeoHnTpbvdkMqxIZ0JysUyH8gks2CvLg5hhjtv7vLWyTXyKujc2meGMT9yIgLrTwCuaySlLo2fBw3W2LcJmJnJPZD7Bkic2qv5D8eBoazAr9nBEKJKBUAJzwcpClb7fary8vXcT_j1PWVhAS8yhxIkJSGNl3bUarpQd1WvmqQnMDf8ob0blWJdZ4wLfp0Z-6nKnSkadDKtQH8n2cEOrNdShIAG76qg5bmF4fNZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYpuyq0abThAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uZ5ITsNlbDs_PVEpphBwIA0kroA%26client%3Dca-pub-3849277388049950%26adurl%3D
Frame ID: 59FF8E82DC1708A387CB8487003A1FB1
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: 92EBF02EF3EE2C01066B6BA15E02CA9F
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: 722A3C8A6A28A3A76C2BBEC77399FC10
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: D1DD8600D718B7225F88D985CE617CAB
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 000B86BC5CE2AD79356497517C92468F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CF785E191602C720068575F94CF44A76
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: 9CE5898282E25BF364178600062A313C
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Frame ID: 1B2ED16970C45DF6630AF34B12220305
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Frame ID: C0C53599C87F2D50FD2C4CA358E470D2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Frame ID: D96F6DB1CF0D19A2DD321B9E8E8B199D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Online Games for Mobile and Tablets - iWin.com

Page URL History Show full URLs

https://securegames.iwin.com/data/gtm.json HTTP 301
https://m.iwin.com/online-games Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

176
Requests

98 %
HTTPS

0 %
IPv6

17
Domains

33
Subdomains

31
IPs

2
Countries

3371 kB
Transfer

6852 kB
Size

15
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.iwin.com/
Title: Download Games

Search URL Search Domain Scan URL

URL: https://iwin.zendesk.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://www.iwin.com/series/jewel-quest
Title: Jewel Quest Series

Search URL Search Domain Scan URL

URL: https://www.jewelquest.com/
Title: Jewel Quest History

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://securegames.iwin.com/data/gtm.json HTTP 301
https://m.iwin.com/online-games Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cmp.quantcast.com/choice/jz45mW29YrM5Y/m.iwin.com/choice.js?tag_version=V2 HTTP 301
https://cmp.inmobi.com/choice/jz45mW29YrM5Y/m.iwin.com/choice.js?tag_version=V2

Request Chain 163

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODKsISAGBCwCRiwCTIIg2EjdsoEQjM HTTP 301
https://tpc.googlesyndication.com/simgad/1968095088982329748

Request Chain 171

https://googleads.g.doubleclick.net/pagead/adview?ai=Clw_K0-nhZajrLJvQqMwPxc2dsAWrvPrzdcyP_t-pEsfbja-dDhABIJu3ziBg_aCZgegDoAGhwJjxKMgBCakCeNhruAOlgj6oAwHIA8sEqgT0AU_Q_Q7e6on65EoLX2pxWZ2fPsPQELJ4Jn3xW4JFRyULjJz4o8Xf2-d3ONryq_ZumCs6YogRbGbwd0GKHPMBunqbVdv1XRObZmDfSrD7OrdZFDPUIWVaoTwrFCEUPeMREr3egubC0pRBqMGBZnBoJyqdWYBRskuNwATibopL3UX4vLC7yMtOv5K3RXEet-7nV2v8wkpOdfP6WgmDuuwnXdQdbGVIrVMRXpl0oJ8rVYJA3jVXU-r03I8L-Q54SnpXwe3Y3LczcTTgmH1wJucVoUKVGWaQMecf-BhdohUvHhtpUd5T1Y6N5wUPIjXL8q0BMHJf-LDABLSo4rbVBIgFp4-znk6SBQQIBBgBkgUECAUYBKAGLoAHw-WDhQSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAemvhvYBwDyBwQQkfAG0ggkCIBhEAEYHzICigI6CYBAgMCAgICAKEi9_cE6WOr-q9Gm04QDmgmBAmh0dHBzOi8vd3d3LnRlbXUuY29tL2NhL2t1aXBlci91bjEuaHRtbD9zdWJqPWZlZWQtdW4mX2JnX2ZzPTEmX3BfbWF0MV90eXBlPTEmX3BfanVtcF9pZD03MjUmX3hfdnN0X3NjZW5lPWFkZyZsb2NhbGVfb3ZlcnJpZGU9Mzd-ZW5-Q0FEJmdvb2RzX2lkPTYwMTA5OTUxMzk3Mzc1MiZfcF9yZnM9MSZfeF9hZHNfY2hhbm5lbD1nb29nbGUmX3hfYWRzX3N1Yl9jaGFubmVsPW90aGVyJl94X2JnX2FkaWQ9Z2QyNjQ3MjU4LTQmdG9waWNfY2xhc3NpZnk9MTI0gAoByAsB2gwRCgsQwJWInbvSnqisARICAQPYEwvQFQGAFwGyFxwKGggAEhRwdWItMzg0OTI3NzM4ODA0OTk1MBgA&sigh=aQNugtbQZ-k&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqFzZl6k3bIXA7AjBWVqpUq4OmNmPdxoko23-PoVdHUfNCnki18XBlS5ksIisLs_Frickf2USLt0Kftf7Uc8D4hpeN8xdFpKfulS8YAQ&template_id=494&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7a1415a06ec61ce20000000000000000%22,%222%22:%220x8d06fd3e287f07b10000000000000000%22,%223%22:%220x9d0dbd0960cee55d0000000000000000%22,%224%22:%220xc989459ec894068b0000000000000000%22,%225%22:%220xf9d830eedcc5c45f0000000000000000%22},%22debug_key%22:%2212232473857557458570%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2203-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221481467617453835409%22}&andc=true

176 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request online-games Show response
m.iwin.com/
Redirect Chain

https://securegames.iwin.com/data/gtm.json
https://m.iwin.com/online-games

104 KB
15 KB

169ms
35ms

Document
text/html

3.226.80.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://m.iwin.com/online-games

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.226.80.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-80-254.compute-1.amazonaws.com

Software

Resource Hash

6e923c9175b2e878e38be0452882107ab1b41cadffbcc3bfe7a7019caaacbb93

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
access-control-allow-origin: *
access-control-request-method: *
age: 3526
cache-control: public, max-age=1800
content-encoding: gzip
content-length: 15019
content-type: text/html; charset=utf-8
date: Fri, 01 Mar 2024 14:44:34 GMT
etag: "65735cb8-19e5e"
expires: Fri, 01 Mar 2024 14:15:47 GMT
last-modified: Fri, 08 Dec 2023 18:13:12 GMT
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=Edge,chrome=1

Redirect headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Request-Method: *
Age: 6155
Connection: keep-alive
Content-Length: 184
Content-Type: text/html; charset=utf-8
Date: Fri, 01 Mar 2024 13:01:58 GMT
Location: https://m.iwin.com/online-games
Vary: Accept-Encoding
Via: 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
X-Amz-Cf-Id: k4YgiWbhZ3WJ0NbbPgQ0BJzf3pToTV7p2_xRokxyvs_zR8IL9HEJag==
X-Amz-Cf-Pop: JFK50-P1
X-Cache: Hit from cloudfront
X-FRAME-OPTIONS: SAMEORIGIN
X-UA-Compatible: IE=Edge,chrome=1

GET
H2

200

choice.js Show response
cmp.inmobi.com/choice/jz45mW29YrM5Y/m.iwin.com/
Redirect Chain

https://cmp.quantcast.com/choice/jz45mW29YrM5Y/m.iwin.com/choice.js?tag_version=V2
https://cmp.inmobi.com/choice/jz45mW29YrM5Y/m.iwin.com/choice.js?tag_version=V2

3 KB
2 KB

530ms
426ms

Script
application/javascript

54.230.163.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/jz45mW29YrM5Y/m.iwin.com/choice.js?tag_version=V2
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: H2
Server: 54.230.163.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-57.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85094c8922be168bc694a1858365c11bc40159382b5c33f869306dd4138efedb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:35 GMT
content-encoding: br
via: 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 14:55:52 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
x-amz-server-side-encryption: AES256
etag: W/"c12a728f15a83f156a94ae1325fed6b4"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: MFPGmiesYeZssidVVQYoDmjkmXfNovgvixMrl83o3nwKMMOhD_0dUA==

Redirect headers

date: Fri, 01 Mar 2024 14:44:34 GMT
server: awselb/2.0
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
location: https://cmp.inmobi.com/choice/jz45mW29YrM5Y/m.iwin.com/choice.js?tag_version=V2
access-control-allow-origin: *
cache-control: max-age=900
content-length: 0

GET
H/1.1 200
OK iwin-logo_v2.png
securegames.iwin.com/m/iwin/platform/ 3 KB
3 KB 33ms
31ms Image
image/png 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/iwin/platform/iwin-logo_v2.png
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 6a9b4402c0aadb5f439d506d01ad03a384bf192fafb2247503c1821fc01e9ecb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 03:25:35 GMT
Via: 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
Last-Modified: Wed, 06 Oct 2021 13:10:05 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 4533539
ETag: "2763988926"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 2816
X-Amz-Cf-Id: Ag2ZLVJlP6u503WO13z2sqShQ-qj3uJxRfN-d3XPmatjBCj2TV9ZmA==
Expires: Wed, 08 Jan 2025 03:25:35 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/uclick/spotthedifference/v_8/ 10 KB
11 KB 171ms
32ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/uclick/spotthedifference/v_8/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: ff637ed10aa02eb85b92a18b06ba79d66873f2143775379b543b0f91177a3878

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:49:20 GMT
Via: 1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:30:08 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 4049714
ETag: "1094704787"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 10276
X-Amz-Cf-Id: JmQ3LLG-aWWc-GQEx2_si8uvA85iWnVYfnJrHlE5yX2FH8c3PH0yJQ==
Expires: Mon, 13 Jan 2025 17:49:20 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/uclick/unolingo/v_4/ 9 KB
10 KB 172ms
30ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/uclick/unolingo/v_4/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: f7ca01190e4d71ed7318bdf9f61c3cf40181a9e4d7536bd715909677283fe186

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 08 Jan 2024 02:05:05 GMT
Via: 1.1 fa2a1404411f25eb7c3c4def0c2864e6.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:30:08 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 4624769
ETag: "2072582465"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 9702
X-Amz-Cf-Id: -izK60szgfUxfj3S1VXsi-al5r6y4GhaYQF1oHXQHKeWDUNEpQyLsQ==
Expires: Tue, 07 Jan 2025 02:05:05 GMT

GET
H/1.1 200
OK thumb200x200v2.jpg
securegames.iwin.com/m/iwin/dailydifference/v_54/ 10 KB
10 KB 175ms
31ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/iwin/dailydifference/v_54/thumb200x200v2.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 973df09fa629c5d419011330cbcb183a6a5e44144431c834aedce43acd8e1341

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 14:09:29 GMT
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:00:13 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 5272505
ETag: "4185840904"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 10108
X-Amz-Cf-Id: gjoE8qpa97-VsadC-Zwq9OD_3JOK1Lul-EaOP_8EDjh5Cx1QBrzSEg==
Expires: Mon, 30 Dec 2024 14:09:29 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/uclick/kenken/v_12/ 9 KB
9 KB 176ms
31ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/uclick/kenken/v_12/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 0a337152931cf9ad6ccacf28ca46233f3ce49508bf8089d8aa799fd3aee45f46

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 09:57:47 GMT
Via: 1.1 1d2861d9b6c0fd303c8b7539b394c190.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:30:08 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 2177207
ETag: "2723860159"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 8978
X-Amz-Cf-Id: 2JKeFfe6iKAl1dLJ44SfUuzrW_7pxdBmOp-hdbuEwjT9KDcNnGsFSA==
Expires: Tue, 04 Feb 2025 09:57:47 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/uclick/jumble/v_12/ 11 KB
12 KB 178ms
33ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/uclick/jumble/v_12/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 7a6c9462fad6835b6079c54fac39e13a7bdc85da441aee70b96a2e07fd14fa02

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 08:47:53 GMT
Via: 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:30:08 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 4514201
ETag: "3779022207"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 11470
X-Amz-Cf-Id: ppiLM92TaUiOWu0BaQrsPm2BD3iXHo7dq6CC79huCGWjpzpIJjmmzg==
Expires: Wed, 08 Jan 2025 08:47:53 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/uclick/playfour/v_9/ 10 KB
10 KB 63ms
34ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/uclick/playfour/v_9/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: e7f647c9006dba0129375ff7b7d7c40a3aece9ccf81300d80f46c970f6a7ef51

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 00:45:04 GMT
Via: 1.1 1d2861d9b6c0fd303c8b7539b394c190.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:30:08 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 9122370
ETag: "1634323552"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 9916
X-Amz-Cf-Id: h1XrZRgG0izrT7jTcrbOCcRwQ9DmxGGu-vhzwl4F_-DI-v-uJfdQQA==
Expires: Sat, 16 Nov 2024 00:45:04 GMT

GET
H/1.1 200
OK thumb200x200.png
securegames.iwin.com/m/iwin/dond_fp/v_1/ 58 KB
58 KB 58ms
30ms Image
image/png 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/iwin/dond_fp/v_1/thumb200x200.png
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 03f5c295d291b88c4ce43e92f5ca2ebd6c56ff35dc7f0504f0a4d175f30e959d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 00:50:08 GMT
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:00:13 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 6098066
ETag: "1296736161"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 59264
X-Amz-Cf-Id: PaggLSZ2czITRmtQTnZP8iVcFY2yCHEjlWkIJiKL4cUYqojKNAaZPQ==
Expires: Sat, 21 Dec 2024 00:50:08 GMT

GET
H/1.1 200
OK thumb200x200v2.jpg
securegames.iwin.com/m/iwin/bubbletown/v_83/ 19 KB
20 KB 58ms
30ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/iwin/bubbletown/v_83/thumb200x200v2.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: b28a2a6d228c1a8ff7249717ae282ee158f7dcc54829daad71855ac6dd19427c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 22:54:20 GMT
Via: 1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:00:13 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 3945014
ETag: "1550633039"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 19599
X-Amz-Cf-Id: XFbZp0ELlTas3AsBfPz6aQM27O_3M-5noRinT61Dl6fKypvURv7dfg==
Expires: Tue, 14 Jan 2025 22:54:20 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/inlogic/mahjongquest/v_1/ 24 KB
24 KB 58ms
31ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/inlogic/mahjongquest/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 9f2671255236be2b00e59e22bdf9ef40729d19729cf2d7cb6d16d93345569266

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 06:30:40 GMT
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Last-Modified: Wed, 01 Feb 2023 18:00:16 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 9360834
ETag: "3125547303"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 24243
X-Amz-Cf-Id: CIsFHYQcdElR9_FyE6VwbRFSmJKBVD6cFG8cF6C6P-n_riyo645agQ==
Expires: Wed, 13 Nov 2024 06:30:40 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/gamehouse/Text_Twist_2/v_1/ 8 KB
9 KB 60ms
32ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/gamehouse/Text_Twist_2/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 5ff3cc097839f865f6aa7d848e3e07cb6242fa421cfd341c2a757e6df6f77168

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 07:14:02 GMT
Via: 1.1 fa2a1404411f25eb7c3c4def0c2864e6.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 14:50:04 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 4519832
ETag: "2479571613"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 8674
X-Amz-Cf-Id: utWNBOE2XepFPa-z6q3uA7qNsFbTjTCl52jWdH7Sn_Tg4BkPCLGe2Q==
Expires: Wed, 08 Jan 2025 07:14:02 GMT

GET
H/1.1 200
OK thumb200x200v2.jpg
securegames.iwin.com/m/iwin/puzzle_match3_jewelquest/v_205/ 12 KB
13 KB 36ms
34ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/iwin/puzzle_match3_jewelquest/v_205/thumb200x200v2.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: ea1dc143e026c655238e7783f91e7dc5ce57110ac2cf780e33a3b4379f37b43d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 00:45:04 GMT
Via: 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:10:05 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 9122370
ETag: "3355743397"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 12529
X-Amz-Cf-Id: __BJSOld9KEZMf8K1gJR04LntLk2MB_QwAneyarMXZBHk_iHVNnGCQ==
Expires: Sat, 16 Nov 2024 00:45:04 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/gamehouse/bubbles_shooter/v_1/ 12 KB
13 KB 71ms
34ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/gamehouse/bubbles_shooter/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 0fbb124f851569a4815b3cda3d51eaccabe5f4841cdf5533ecd72baa28ae346a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 12 Feb 2024 11:36:44 GMT
Via: 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 14:50:04 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 1566470
ETag: "3228538046"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 12522
X-Amz-Cf-Id: XTfwirZQxpediCQErziPIXzNKs7i_d3ckG_3xPHj_86LNt7Qwry7Mg==
Expires: Tue, 11 Feb 2025 11:36:44 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/monstera/christmas_dreamland/v_1/ 47 KB
48 KB 63ms
36ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/monstera/christmas_dreamland/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: e1c6f28d717b88127a6d227a372f94ee0c18249df70cbee1b060258618b1fe55

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 07:14:04 GMT
Via: 1.1 1d2861d9b6c0fd303c8b7539b394c190.cloudfront.net (CloudFront)
Last-Modified: Fri, 08 Dec 2023 17:20:09 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 4519830
ETag: "2486862632"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 48328
X-Amz-Cf-Id: EPyie-9U-rflWy564h25FVDiECXKyHhSFDeJNIblHcDP1MzwaycFqw==
Expires: Wed, 08 Jan 2025 07:14:04 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/monstera/holly_jolly_christmas/v_1/ 38 KB
38 KB 55ms
30ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/monstera/holly_jolly_christmas/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: c71fcb3dd405f666d12525d9d47f39745f51bcde99970bd02a0b02ae52ec389f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 14:47:27 GMT
Via: 1.1 fa2a1404411f25eb7c3c4def0c2864e6.cloudfront.net (CloudFront)
Last-Modified: Fri, 08 Dec 2023 17:20:09 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 2851027
ETag: "2889712237"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 38613
X-Amz-Cf-Id: ge6XMphP7gz-jcam7Ki3blXxSLtkVlO1PlkZhdP8Qn0JnS8L10pZCQ==
Expires: Mon, 27 Jan 2025 14:47:27 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/monstera/christmas_freecell/v_1/ 32 KB
32 KB 67ms
34ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/monstera/christmas_freecell/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: a3f2d2e1770b781752f069750517375b77d0ab8b41c3b08b2ea5d3f57c95bd7c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Fri, 29 Dec 2023 02:20:44 GMT
Via: 1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
Last-Modified: Fri, 08 Dec 2023 17:20:09 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 5487830
ETag: "4027537703"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 32357
X-Amz-Cf-Id: M22I12NLYmZ56kts7kxyXnFyd3EjptdshoZTecXgpkRnLYmB6VT6Wg==
Expires: Sat, 28 Dec 2024 02:20:44 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/monstera/christmas_jigsaw/v_1/ 33 KB
34 KB 67ms
32ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/monstera/christmas_jigsaw/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: c98bd224121931d5049d2cee7de2e381e0413b83eabe4bbb6e4ff2bf22cf52f4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 14:47:27 GMT
Via: 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
Last-Modified: Fri, 08 Dec 2023 17:20:09 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 2851027
ETag: "3742313945"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 34187
X-Amz-Cf-Id: sSz78o0ZCLu0eIbEzgbN_ktXreUWQpLRAzK2IEAvbcsXN0PT5rAJwA==
Expires: Mon, 27 Jan 2025 14:47:27 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/monstera/magical_christmas_story/v_1/ 43 KB
43 KB 76ms
32ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/monstera/magical_christmas_story/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: d1279d7d7cb773ca25b3fae48019b95539446f94817275fc17c56ccecf6f1602

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 07:00:45 GMT
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Last-Modified: Fri, 08 Dec 2023 17:20:09 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 2879029
ETag: "1661474701"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 43827
X-Amz-Cf-Id: YlJHhtPo_kbRTriQ0t8NgCs_173AJ_Xcp_wiTC5eSfFvJRWzfiJRzQ==
Expires: Mon, 27 Jan 2025 07:00:45 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/monstera/christmas_crush/v_1/ 33 KB
34 KB 71ms
36ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/monstera/christmas_crush/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 8841e5d4ee6b9138905eb6bba67bedb925a1b656e49266724f5fa83b8df74bef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 01:34:39 GMT
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Last-Modified: Fri, 08 Dec 2023 17:20:09 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 4108195
ETag: "1529206477"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 33785
X-Amz-Cf-Id: eKwDGcbSWkFIJGil5_f3KIHw_GHebyUNNLreOM_qguaiZKIXLb3vkQ==
Expires: Mon, 13 Jan 2025 01:34:39 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/inlogic/jewellegend/v_1/ 43 KB
44 KB 31ms
30ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/inlogic/jewellegend/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: ba0e0a13241b5533852c147b51cf0fbcf8ca32eedef1a25f1ce6b16d55d5fae3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 27 Dec 2023 09:49:54 GMT
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:00:11 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 5633680
ETag: "3897719090"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 44059
X-Amz-Cf-Id: 7yoeHmdZ7p08aSn3OvP_t64JEjbJ4U1lAKna3uFhackk_ZQN99H6fQ==
Expires: Thu, 26 Dec 2024 09:49:54 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/gamehouse/the_legend_of_el_dorado/v_1/ 14 KB
14 KB 31ms
30ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/gamehouse/the_legend_of_el_dorado/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 0a9d526e2bf14769127cf459f8199a5b6bf3eb441b8a5f7c706f0d99e3eed754

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 02:42:23 GMT
Via: 1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:00:13 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 7905731
ETag: "1233045327"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 13833
X-Amz-Cf-Id: qWlLbyCSlm9Lz6lMXXkMceXDABqgUAyHTlPzNIoR5FutY1ZcB0KjEQ==
Expires: Sat, 30 Nov 2024 02:42:23 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/alawar/treasures_of_montezuma_3/v_4/ 13 KB
14 KB 30ms
30ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/alawar/treasures_of_montezuma_3/v_4/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 7dbb67f936230c049e12ff3f19fb8dba4b9f01d217639dfdac8c01fbdd123b24

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 07:50:39 GMT
Via: 1.1 fa2a1404411f25eb7c3c4def0c2864e6.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 14:50:04 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 3912835
ETag: "1635631343"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 13599
X-Amz-Cf-Id: l-C6jzC5h6a-rI9hmv2uxlU-6ruOuAkK0Xrrb_5mH4P1EJITpaEmBg==
Expires: Wed, 15 Jan 2025 07:50:39 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/inlogic/jewelroyalsaga/v_1/ 21 KB
21 KB 33ms
32ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/inlogic/jewelroyalsaga/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 759fd3a5552930a439ba9b85d6b1f38ade72a427bea84ad74e6c947327db7e7f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 07:14:10 GMT
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Last-Modified: Thu, 15 Jun 2023 12:20:33 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 4519824
ETag: "3681906291"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 21023
X-Amz-Cf-Id: ygRdCEd1TZEjDf_Cle_Y671lUCTErM-oUrzHEhmJVPq34LtlUSqktQ==
Expires: Wed, 08 Jan 2025 07:14:10 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/gamehouse/gold_rush_treasure_hunt/v_1/ 11 KB
12 KB 30ms
30ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/gamehouse/gold_rush_treasure_hunt/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 3f2ed52cd2849b2f8258867dfd3e5496bd5babaf0306f047c6d55bd66ac780c2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 11:29:55 GMT
Via: 1.1 1d2861d9b6c0fd303c8b7539b394c190.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 14:50:04 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 6837279
ETag: "3428078745"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 11403
X-Amz-Cf-Id: f4xZAYz9nYHwZ-5gMg7gMD1Y4PkzfHztExILY1suLG0VjQUgceUjag==
Expires: Thu, 12 Dec 2024 11:29:55 GMT

GET
H/1.1 200
OK thumb200x200_v2.jpg
securegames.iwin.com/m/iwin/bubble-town-quest/v_259/ 43 KB
43 KB 33ms
33ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/iwin/bubble-town-quest/v_259/thumb200x200_v2.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 332859d981fcfba394cef9a65576bada824a9137ca32168985dbc1419f2f3cc0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 12 Feb 2024 00:50:07 GMT
Via: 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:00:13 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 1605267
ETag: "2704519902"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 44000
X-Amz-Cf-Id: sDtdWZejl19yS8UMZ7ohGwo6iBHOUmGYpcxuUEP8x4eAY8cSj8AtZQ==
Expires: Tue, 11 Feb 2025 00:50:07 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/softgames/bubble_shooter_hd/v_1/ 10 KB
10 KB 31ms
30ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/softgames/bubble_shooter_hd/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: a80e60fb7a8a3db4d46cc11e8c80320fae53858e28b5454ea592ac585eea8759

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 14:10:32 GMT
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:10:04 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 6482042
ETag: "93982330"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 9740
X-Amz-Cf-Id: dN0sbjK2k329GoUz_Xd4fn50JTM65ZIEx7hjPBDDnI9fJTMa3p_SJQ==
Expires: Mon, 16 Dec 2024 14:10:32 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/inlogic/marblesgarden/v_1/ 23 KB
23 KB 31ms
31ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/inlogic/marblesgarden/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3bf350386b30f55251609ad97179c1ddd89f14cae869fcae02929ef29409755

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Fri, 29 Dec 2023 02:20:44 GMT
Via: 1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
Last-Modified: Fri, 20 Jan 2023 10:00:28 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 5487830
ETag: "3137042803"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 23430
X-Amz-Cf-Id: o3UxMv64AQ1JdpF57dhyRK1nfuEJrBT_q4KWkCn3CXntPMM8AwLiRA==
Expires: Sat, 28 Dec 2024 02:20:44 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/gamehouse/sparkle_2/v_1/ 10 KB
10 KB 30ms
30ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/gamehouse/sparkle_2/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 475237b3661bd876d83ce7256b724a3533f8aca10ccebf351122d9bad6d4f423

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 14:17:12 GMT
Via: 1.1 fa2a1404411f25eb7c3c4def0c2864e6.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 14:50:04 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 2161642
ETag: "3498280621"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 9769
X-Amz-Cf-Id: KJaTspB2PLEhwtnN_myOrcIcAyqSpDb6ebSLs23q9paANJUiMKSumg==
Expires: Tue, 04 Feb 2025 14:17:12 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/gamehouse/mahjong_everyday/v_1/ 9 KB
10 KB 31ms
30ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/gamehouse/mahjong_everyday/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 0b1dc5c44bc1cbe3589099ebf09b4aa24414d2f1907655e8992fcc49fe96ef3c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 06:56:52 GMT
Via: 1.1 1d2861d9b6c0fd303c8b7539b394c190.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 14:50:04 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 6248862
ETag: "289638049"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 9705
X-Amz-Cf-Id: t7tc1hoY-swPTOQqhVbbQRIpwJ90ZRM-GPpZf2de6SsTwMYIZnXhTg==
Expires: Thu, 19 Dec 2024 06:56:52 GMT

GET
H/1.1 200
OK thumb200x200.png
securegames.iwin.com/m/inlogic/woodventure2/v_1/ 63 KB
64 KB 30ms
30ms Image
image/png 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/inlogic/woodventure2/v_1/thumb200x200.png
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: e988b2a0dc03b84fd5bda56242216fa752142cb3a3cfb3e79b06f280a57ef3e5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 04 Feb 2024 00:41:59 GMT
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:00:13 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 2296955
ETag: "2488302442"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 64896
X-Amz-Cf-Id: rVzwOcsVEBBpDqqqIJWjOlFMA5xzun13yIdLg5P5Y4QUZiiYNR3n0w==
Expires: Mon, 03 Feb 2025 00:41:59 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/softgames/best_classic_mahjong_connect/v_1/ 11 KB
12 KB 30ms
30ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/softgames/best_classic_mahjong_connect/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: ca51158929c428276f3d1682a74c96642571d2ae4cd4d11701e57319ea0261a9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 08:29:54 GMT
Via: 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:10:04 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 4515280
ETag: "2382746149"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 11765
X-Amz-Cf-Id: kR6xplL_LWR4_PV6mARoSuVSgobILKGJcAom1VAIC2XPNb8KweNDIQ==
Expires: Wed, 08 Jan 2025 08:29:54 GMT

GET
H/1.1 200
OK thumb200x200.png
securegames.iwin.com/m/inlogic/ludolegend/v_1/ 49 KB
50 KB 35ms
35ms Image
image/png 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/inlogic/ludolegend/v_1/thumb200x200.png
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 95b0b11f4fae6ac92158ca66b5e47b4d89c1bd18ffa2639fb59a9cb2c17914cf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 18 Dec 2023 17:59:38 GMT
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:00:09 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 6381896
ETag: "1617462477"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 50281
X-Amz-Cf-Id: fZ6Chr0IJ6PCzYt3_4QSYl_RC3XibgQViuE0cM8iuun1sOqp6QrNaQ==
Expires: Tue, 17 Dec 2024 17:59:38 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/gamehouse/mahjong_fortuna_2/v_1/ 11 KB
12 KB 30ms
30ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/gamehouse/mahjong_fortuna_2/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: afdd6af12ca53041f947675d6e662073fd9921946950f958b530dcc8a6c86d59

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 16:07:06 GMT
Via: 1.1 fa2a1404411f25eb7c3c4def0c2864e6.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 14:50:04 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 7166248
ETag: "4113932281"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 11734
X-Amz-Cf-Id: WXtDmAn01482g3Da99rqs5wuvvpM42y0f1hXO3XFdvsC-Jiqc3EIEg==
Expires: Sun, 08 Dec 2024 16:07:06 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/softgames/2020_connect_deluxe/v_1/ 9 KB
10 KB 31ms
31ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/softgames/2020_connect_deluxe/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: cdfee4a786ea4af4acf30e0ffe0cd3d191497bbca11e06a064c8cd70e60d44c1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 18 Dec 2023 17:59:38 GMT
Via: 1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:10:04 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 6381896
ETag: "2965602882"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 9487
X-Amz-Cf-Id: 27Oy9iHSeXeraInQ28WBmwqLEKyHWs5ckTjop7XaBpMixVkwjl3wmg==
Expires: Tue, 17 Dec 2024 17:59:38 GMT

GET
H/1.1 200
OK thumb200x200v2.jpg
securegames.iwin.com/m/iwin/solitaire-frontier/v_33/ 9 KB
9 KB 32ms
32ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/iwin/solitaire-frontier/v_33/thumb200x200v2.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 153aa9ce0f9a31cbdeccaf13473e4e17202acfc027f0e9d771126bf9c525bd4a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 10:48:19 GMT
Via: 1.1 1d2861d9b6c0fd303c8b7539b394c190.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:10:05 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 5716575
ETag: "2827604233"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 8847
X-Amz-Cf-Id: xhPdwoHmztmXZPymGoqvPpx3t9YYlW_MhRKx-AiHqbgWklisOAMTyA==
Expires: Wed, 25 Dec 2024 10:48:19 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/warren_schwader/spider2suits/v_5/ 9 KB
9 KB 31ms
30ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/warren_schwader/spider2suits/v_5/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 6659cc5af4fb7a490d83aa402c106b547b38f5fd4bc08e742329253ebd0311dc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 21:51:56 GMT
Via: 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:30:08 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 6281558
ETag: "1271468361"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 8741
X-Amz-Cf-Id: 8tgUJ0shhfnm0oJB5e0wLltaWmBlhfrMiaWs3Tvxtvmo_aF_j6bpSQ==
Expires: Wed, 18 Dec 2024 21:51:56 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/warren_schwader/fortythieves/v_5/ 10 KB
11 KB 32ms
32ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/warren_schwader/fortythieves/v_5/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 7d5ff83064bd7b5efa5a278037f54a0c35864fcb516c90f4e608fb319aa8973a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 21:51:56 GMT
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:30:08 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 6281558
ETag: "2302624955"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 10354
X-Amz-Cf-Id: avo8CyhOb4M2rtyyTzeygLqq9ps77abAPkTLnZdg2vlurQn4CrFKoQ==
Expires: Wed, 18 Dec 2024 21:51:56 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/warren_schwader/scorpion/v_5/ 12 KB
12 KB 33ms
32ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/warren_schwader/scorpion/v_5/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 4abe765c7818ddc6f6625bad872a55d97f09c3f0980aa8d0fd10b122bc0bbf90

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 18 Feb 2024 00:26:20 GMT
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:30:08 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 1088294
ETag: "2807960597"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 11800
X-Amz-Cf-Id: -ZF9DMBmxqL6ZGdnZ_Zo1RpNwxRqWfYf1vtBwLb3EIrocDwGyZLQzA==
Expires: Mon, 17 Feb 2025 00:26:20 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/warren_schwader/australianpatience/v_5/ 12 KB
12 KB 33ms
32ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/warren_schwader/australianpatience/v_5/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: c7a11cc158d76ae4aeed092268d6321485c00164c55284c2d7943c9e1def4214

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 07:25:51 GMT
Via: 1.1 fa2a1404411f25eb7c3c4def0c2864e6.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:30:08 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 6333523
ETag: "3546158163"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 11937
X-Amz-Cf-Id: vj3qIw0HzKU1fnLe8eQB5lby0bvUTo7HdYbO94RBPMlwrwqk74C0kQ==
Expires: Wed, 18 Dec 2024 07:25:51 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/inlogic/freecell-solitaire/v_1/ 9 KB
10 KB 31ms
31ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/inlogic/freecell-solitaire/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 0d71e47fba56475523b4105f21435173c2d4e0e68f4b34277df5e3e9341d350b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 05 Feb 2024 13:16:40 GMT
Via: 1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:00:11 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 2165274
ETag: "4071329118"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 9318
X-Amz-Cf-Id: on3ZaBXwEhHesm9yIGHIin1iC6NMQS5xSAqGLjlS51END58j2c5sag==
Expires: Tue, 04 Feb 2025 13:16:40 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/novel/wordgrid/v_1/ 10 KB
10 KB 31ms
31ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/novel/wordgrid/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 7c5bdf07146529ee8d8b95de45eb2ba57607d298604a91f44aade71a8e00ed19

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 10:09:27 GMT
Via: 1.1 1d2861d9b6c0fd303c8b7539b394c190.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:10:04 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 2781307
ETag: "2838775799"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 10036
X-Amz-Cf-Id: vkm64qN3vIKAlzkTtWrkyzOx0Ka9aJCBemaw5RPP5k179_V_fgH62A==
Expires: Tue, 28 Jan 2025 10:09:27 GMT

GET
H/1.1 200
OK thumb200x200v2.jpg
securegames.iwin.com/m/uclick/sevenlittlewords/v_4/ 11 KB
11 KB 33ms
33ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/uclick/sevenlittlewords/v_4/thumb200x200v2.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 921622830a54fd0038fdf6d0652040195d2bff8cd2c5e4b57c0a3118d818d18a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Fri, 29 Dec 2023 02:20:45 GMT
Via: 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:30:08 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 5487829
ETag: "3107933233"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 11104
X-Amz-Cf-Id: 66vS7MLqMtFut-iNWwz-VR16ANaVEo6WPy1mv7gz2K5uD45jA2A9qg==
Expires: Sat, 28 Dec 2024 02:20:45 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/jellimatic/jelly_collapse/v_3/ 8 KB
8 KB 31ms
31ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/jellimatic/jelly_collapse/v_3/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: d26fea0dff7d62caa2db40d645e1704307a70fe3e47f1b6e80dedfd6b3ab0365

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 02:42:38 GMT
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:10:05 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 7905716
ETag: "866292064"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 8095
X-Amz-Cf-Id: okdj2mDb_pqwaC772tRoNHQ0YZYr8a4L6TheY13ej1OuplqL9aWUcw==
Expires: Sat, 30 Nov 2024 02:42:38 GMT

GET
H/1.1 200
OK thumb200x200.png
securegames.iwin.com/m/inlogic/halloweenpuzzle/v_1/ 16 KB
17 KB 33ms
33ms Image
image/png 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/inlogic/halloweenpuzzle/v_1/thumb200x200.png
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 92a324d76a4f5da9bb46d8c37e9acc8e125f28f385dd3b69d8dd59aaced36190

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 17 Feb 2024 12:51:00 GMT
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Last-Modified: Fri, 22 Oct 2021 13:30:11 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 1130014
ETag: "2546935861"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 16562
X-Amz-Cf-Id: ndCazkC4LMSvLGdIwCHA0X-Cwdl4wzIGK-nxP1UoXwb2yFmx1J_RUA==
Expires: Sun, 16 Feb 2025 12:51:00 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/inlogic/jewelblocksquest/v_1/ 15 KB
15 KB 33ms
32ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/inlogic/jewelblocksquest/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 0b49add4d07703b389afc23af8c09c64ad2ccc332a67a77cfd120b123fd3299c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 07:52:20 GMT
Via: 1.1 fa2a1404411f25eb7c3c4def0c2864e6.cloudfront.net (CloudFront)
Last-Modified: Fri, 13 Jan 2023 11:50:08 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 6504734
ETag: "3544484464"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 15160
X-Amz-Cf-Id: 5WevXrCU1tdJLzHhhazQtO4wO-K45VhcohNxjjHW3jpeSDePtXOsKg==
Expires: Mon, 16 Dec 2024 07:52:20 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/inlogic/2048x2mergeblocks/v_1/ 15 KB
16 KB 45ms
45ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/inlogic/2048x2mergeblocks/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 14884238478377116d1887d311aedadc5d53153f837544f1a25e7fa6c706665c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 18 Dec 2023 11:26:16 GMT
Via: 1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
Last-Modified: Fri, 13 Jan 2023 11:50:07 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 6405498
ETag: "2789656744"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 15420
X-Amz-Cf-Id: 08aflYFjFmdPD1tsdsaC7HsOxsFH7LzAsNaBLNT86VJJTW2DbfyIHg==
Expires: Tue, 17 Dec 2024 11:26:16 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/monstera/hiddenantiqueshop/v_1/ 35 KB
35 KB 30ms
30ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/monstera/hiddenantiqueshop/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 7eaca0e636ab4657954b03f9c7bcee36c1637de40ee338686ec266a0809e0876

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 13:59:04 GMT
Via: 1.1 1d2861d9b6c0fd303c8b7539b394c190.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jul 2023 17:30:10 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 6655530
ETag: "3155149672"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 35665
X-Amz-Cf-Id: Ltvlx_j4_c9GUN1CgLL2YysAIOx9fGAB9g7Bd10eIcRKempQYq1tRA==
Expires: Sat, 14 Dec 2024 13:59:04 GMT

GET
H/1.1 200
OK thumb200x200.png
securegames.iwin.com/m/inlogic/santasmagicchristmas/v_1/ 15 KB
15 KB 30ms
30ms Image
image/png 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/inlogic/santasmagicchristmas/v_1/thumb200x200.png
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: ba993c1660de9d244e5eca4f5d1e571a2b202feacd58f6826594e277e3f828b2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 07:33:02 GMT
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Last-Modified: Tue, 21 Dec 2021 12:00:17 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 6851492
ETag: "385148053"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 14969
X-Amz-Cf-Id: yswZ3rtFEngFCjb6xxD1N5RV6Vq1ga0fEB1LFqSt_sF-BsLXAv6bsQ==
Expires: Thu, 12 Dec 2024 07:33:02 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/inlogic/pinballbrickmania/v_1/ 11 KB
12 KB 34ms
34ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/inlogic/pinballbrickmania/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 4ecbffb5ff799ac9f91abb843c3a654a3011701e9ac22fe4bbb408b6282ef57b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Fri, 29 Dec 2023 01:34:04 GMT
Via: 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
Last-Modified: Fri, 10 Mar 2023 12:40:20 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 5490630
ETag: "3747362364"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 11537
X-Amz-Cf-Id: DAp2t7a2FdualQp8KoG4Nr0V_jNxqdDsLd3Sb_caVmQlWkcKLV4beg==
Expires: Sat, 28 Dec 2024 01:34:04 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/inlogic/cookingmania/v_1/ 24 KB
25 KB 30ms
30ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/inlogic/cookingmania/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: bb4337fed25fc4f0941df1e41bdd5ac62bb794271f322a0421794a1f8b71f95c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 17:03:38 GMT
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Last-Modified: Thu, 15 Jun 2023 12:20:39 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 5780456
ETag: "1381275043"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 24923
X-Amz-Cf-Id: HpyCWFoF1DLR3ahqKopUWgkvCPL7icPj7I_BaQVb6KknRbyurslemA==
Expires: Tue, 24 Dec 2024 17:03:38 GMT

GET
H/1.1 200
OK thumb200x200.png
securegames.iwin.com/m/inlogic/ballsandbricks/v_1/ 31 KB
32 KB 30ms
30ms Image
image/png 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/inlogic/ballsandbricks/v_1/thumb200x200.png
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: fae43284d901f1b729fecf12b364ac8018dc9c18fad52f6a6386740909bdff5f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 18:13:17 GMT
Via: 1.1 fa2a1404411f25eb7c3c4def0c2864e6.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:00:12 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 7590677
ETag: "2370619140"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 32078
X-Amz-Cf-Id: VGYkpz1jH6xEvoP2-RhLSqVShFFpS_IvEtpsYG3uiuxPeaDhNe7P8A==
Expires: Tue, 03 Dec 2024 18:13:17 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/inlogic/minigolfclash/v_1/ 19 KB
20 KB 32ms
32ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/inlogic/minigolfclash/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 9c90fe9e5a6760be046234582d24a2dcbc5bdcbe5896a5447fa6022829f7a604

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 22 Nov 2023 14:34:05 GMT
Via: 1.1 1d2861d9b6c0fd303c8b7539b394c190.cloudfront.net (CloudFront)
Last-Modified: Thu, 15 Jun 2023 12:20:24 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 8640629
ETag: "796273490"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 19734
X-Amz-Cf-Id: 0keNJsfQSrE51OAySC5Ty6gzGhU5Lm7iFhvImtEXca3M0CoE6bhrvA==
Expires: Thu, 21 Nov 2024 14:34:05 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/inlogic/towerdefensezombies/v_1/ 20 KB
21 KB 32ms
31ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/inlogic/towerdefensezombies/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: dbbdd0e26cf052255303c7ef3337ac6c6c3af1b808667475156838e226535c48

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 13:45:51 GMT
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Last-Modified: Thu, 15 Jun 2023 12:20:27 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 8038723
ETag: "3982338477"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 20556
X-Amz-Cf-Id: yx5gjyvcKGGf-z7MuDZCR2jBweoC5CC9m3pgDHKgyzqno0-dv5Jg8g==
Expires: Thu, 28 Nov 2024 13:45:51 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/flowplay/vegasworld/v_3/ 19 KB
20 KB 33ms
32ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/flowplay/vegasworld/v_3/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: d26e25a298c6d2ad478fe2b9262020be0a44d79df0fdc5434eb0ff1e9e2e28be

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 07:26:15 GMT
Via: 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 14:50:04 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 6765499
ETag: "691396535"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 19648
X-Amz-Cf-Id: smVTruTb_EG34R45E0RsPsiQA2V-2hpHLD4KcOpO9yR4o2DKjBtM7Q==
Expires: Fri, 13 Dec 2024 07:26:15 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/novel/ginrummy/v_3/ 9 KB
10 KB 31ms
31ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/novel/ginrummy/v_3/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 9926b11f9adb61a9c2940da2864315828cfb30741930e5d96e23037c25dc62bb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 08:37:19 GMT
Via: 1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 15:10:04 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 6242835
ETag: "2558711895"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 9594
X-Amz-Cf-Id: j2Jxp920DrzCVgDPYTZhAA-1Az65usYfcLOQX55jCPozCSiWdJVMtg==
Expires: Thu, 19 Dec 2024 08:37:19 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/gamehouse/delicous10/v_2/ 11 KB
12 KB 31ms
31ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/gamehouse/delicous10/v_2/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 6b0874a5b7978a6d7837b61bdb254280b5bf87bf2f6d80abb97ecfdabc2f9b18

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 30 Dec 2023 16:05:03 GMT
Via: 1.1 f577ca8c3771798c088df2efc06d2bc4.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 14:50:04 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 5351971
ETag: "2958316561"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 11645
X-Amz-Cf-Id: k5Q-zupZHTWXH3ewfiDBBzUJhleY-SGJfjeFNDvcrgUT8cNujnaewg==
Expires: Sun, 29 Dec 2024 16:05:03 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/gamehouse/delicious10webxmas/v_4/ 12 KB
12 KB 32ms
32ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/gamehouse/delicious10webxmas/v_4/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: b371e33384879af7c412103b266f2be33f7e61a6895b3bce21c99cb7c1981fbf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 13:30:43 GMT
Via: 1.1 fa2a1404411f25eb7c3c4def0c2864e6.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Oct 2021 14:50:04 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 4497231
ETag: "3360968147"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 12152
X-Amz-Cf-Id: UbxIr0Sm0Z9wS8JadgxLAnVaOazbyvTAe5C2MrlTu6L3DsxhXsqZDA==
Expires: Wed, 08 Jan 2025 13:30:43 GMT

GET
H/1.1 200
OK thumb200x200.jpg
securegames.iwin.com/m/inlogic/lasvegaspoker/v_1/ 20 KB
20 KB 31ms
31ms Image
image/jpeg 108.139.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securegames.iwin.com/m/inlogic/lasvegaspoker/v_1/thumb200x200.jpg
Requested by: Host: m.iwin.com
URL: https://m.iwin.com/online-games
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-94.jfk50.r.cloudfront.net
Software: /
Resource Hash: 2314ce3d00723e13ea07bb047775694ecca2df61244b93374d545b0275587450

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 02:25:45 GMT
Via: 1.1 1d2861d9b6c0fd303c8b7539b394c190.cloudfront.net (CloudFront)
Last-Modified: Fri, 10 Mar 2023 12:40:12 GMT
X-Amz-Cf-Pop: JFK50-P1
Age: 7906729
ETag: "1297083251"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 20057
X-Amz-Cf-Id: V19UJ5pPUHqgrNU7J8Owpluq8H9In_mC_saVeoyL-RuFgmzV8WRxhQ==
Expires: Sat, 30 Nov 2024 02:25:45 GMT

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/ 164 KB
43 KB 36ms
36ms Script
text/javascript 54.230.163.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=m.iwin.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/jz45mW29YrM5Y/m.iwin.com/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-57.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12ccf01f8a2e959b70523bb71ec51563d7ef3a3b8f0c7f04a9c78e55207bd2f4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:05:14 GMT
content-encoding: br
via: 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
age: 2361
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 01 Mar 2024 10:04:44 GMT
server: AmazonS3
etag: W/"cac85fee3a51a62faa3ce9d10b3ba671"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
x-amz-cf-id: taLi0n5L3ayvj1IekjJ-a3Ipqu6_BZiNvyGfm7Utha9SetfUe3DOpQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 88 KB
28 KB 525ms
403ms Script
text/javascript 142.250.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: m.iwin.com
URL: https://m.iwin.com/online-games

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f156.1e100.net

Software

cafe /

Resource Hash

993ace0c3882d772d9da318966e7b8aa594dc40644fe882a0ccc732ea3b44490

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28650
x-xss-protection: 0
server: cafe
etag: 244 / 19783 / m202402220101 / config-hash: 18075438754468141728
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 14:44:35 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 188ms
104ms Script
text/javascript 142.250.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3849277388049950

Requested by

Host: m.iwin.com
URL: https://m.iwin.com/online-games

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f157.1e100.net

Software

cafe /

Resource Hash

df02b5b622334734e94746912c88de109d7eea8c18d84c727708063ecc5a2cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.iwin.com/
Origin: https://m.iwin.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51062
x-xss-protection: 0
server: cafe
etag: 12408892648551514671
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 01 Mar 2024 14:44:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
77 KB 157ms
74ms Script
application/javascript 142.250.96.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-59HKRB6

Requested by

Host: m.iwin.com
URL: https://m.iwin.com/online-games

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.96.97 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

38e0563612422bdc69da01ca7786becfef5173a13b7b34817f615c0fa80c2b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78830
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Mar 2024 14:44:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
94 KB 77ms
76ms Script
application/javascript 142.250.96.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ERS08K7E8X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59HKRB6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.96.97 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

69d86dab1c559d374ba320fb90cb02c14adbd9dc5e1068f2ea5137c5347f401a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96051
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Mar 2024 14:44:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 130ms
40ms Script
text/javascript 142.250.12.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59HKRB6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.12.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Mar 2024 14:07:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2238
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 01 Mar 2024 16:07:17 GMT

GET
H2 200 optinly.js Show response
cdn.optinly.net/v1/ 26 KB
9 KB 142ms
31ms Script
binary/octet-stream 18.238.55.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optinly.net/v1/optinly.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59HKRB6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-49.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 282cd50199b3b3458cfc5192bc218aa7bbbf64cf4a381571265fc62a70b4f096

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: TUIOUPCwjaUnsbMlhUxEejRQdC7sknPS
content-encoding: gzip
via: 1.1 2c8fc98e914dd92124c9f02bae44cffc.cloudfront.net (CloudFront)
date: Fri, 01 Mar 2024 07:37:41 GMT
x-amz-cf-pop: JFK52-P4
age: 25617
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8946
last-modified: Mon, 08 Aug 2022 11:31:01 GMT
server: AmazonS3
etag: "2de05314cbafd59feac7c6015e2b1bc6"
vary: Accept-Encoding
content-type: binary/octet-stream
accept-ranges: bytes
x-amz-cf-id: EzU7hgIbJbuyAPzBBXZ842M17ZHCZLGA47rjmSEyI4UFh3tT488GzQ==

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/ 406 KB
138 KB 283ms
282ms Script
text/javascript 142.250.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js?bust=31081466

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3849277388049950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f156.1e100.net

Software

cafe /

Resource Hash

79ea360daeac6fe276e09e82242d5920c1a8c22ff549abb466514c8305ff6e26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140992
x-xss-protection: 0
server: cafe
etag: 1395369997285880361
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 14:44:35 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/ Frame D77A 9 KB
4 KB 123ms
40ms Document
text/html 142.250.96.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3849277388049950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.96.156 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f156.1e100.net

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.iwin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 73211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 18:24:24 GMT
etag: 5035419970550746386
expires: Thu, 14 Mar 2024 18:24:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
167 B 45ms
45ms Ping
text/plain 142.250.12.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ERS08K7E8X&gtm=45je42s0v896068520z8896067274za200&_p=1709304274903&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&cid=130313236.1709304275&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709304275&sct=1&seg=0&dl=https%3A%2F%2Fm.iwin.com%2Fonline-games&dt=Free%20Online%20Games%20for%20Mobile%20and%20Tablets%20-%20iWin.com&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1486
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ERS08K7E8X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.12.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ge-in-f138.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 14:44:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.iwin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
94 B 47ms
46ms XHR
text/plain 142.250.12.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=590834392&t=pageview&_s=1&dl=https%3A%2F%2Fm.iwin.com%2Fonline-games&ul=en-us&de=UTF-8&dt=Free%20Online%20Games%20for%20Mobile%20and%20Tablets%20-%20iWin.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=445050595&gjid=1912556688&cid=130313236.1709304275&tid=UA-5552039-3&_gid=1185683893.1709304275&_r=1&_slc=1&gtm=45He42s0n8159HKRB6v896067274za200&gcd=13l3l3l3l1&dma=0&tcfd=10000&z=485453352

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.12.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.iwin.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 14:44:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.iwin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 88ms
27ms Script
text/javascript 142.250.80.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: cdn.optinly.net
URL: https://cdn.optinly.net/v1/optinly.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.10 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f10.1e100.net

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 09:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 09:05:44 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
345 B 49ms
48ms XHR
text/plain 142.250.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-5552039-3&cid=130313236.1709304275&jid=445050595&gjid=1912556688&_gid=1185683893.1709304275&_u=YADAAEAAAAAAACAAI~&z=152022213

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.iwin.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 01 Mar 2024 14:44:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.iwin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 124ms
52ms Image
image/gif 142.251.32.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5552039-3&cid=130313236.1709304275&jid=445050595&_u=YADAAEAAAAAAACAAI~&z=1496165699

Requested by

Host: m.iwin.com
URL: https://m.iwin.com/online-games

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.100 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 14:44:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 145ms
46ms Image
image/gif 142.250.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5552039-3&cid=130313236.1709304275&jid=445050595&_u=YADAAEAAAAAAACAAI~&z=1496165699

Requested by

Host: m.iwin.com
URL: https://m.iwin.com/online-games

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 14:44:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 styles.css
cdn.optinly.net/v1/ 16 KB
2 KB 36ms
35ms Stylesheet
text/css 18.238.55.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optinly.net/v1/styles.css
Requested by: Host: cdn.optinly.net
URL: https://cdn.optinly.net/v1/optinly.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-49.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2700c19ad2c1fa932eb5015e656600ef5cf054335f828acfaf7bffbcf659680

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: R1ST_VvryjvnX.EhKupJYycxE2FH.Iag
content-encoding: gzip
via: 1.1 2c8fc98e914dd92124c9f02bae44cffc.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 08:09:45 GMT
x-amz-cf-pop: JFK52-P4
age: 3911221
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1991
last-modified: Mon, 18 Jul 2022 10:33:30 GMT
server: AmazonS3
etag: "aa61cd1c2b50474a014884e8b2275c4b"
content-type: text/css
cache-control: max-age=8640000
accept-ranges: bytes
x-amz-cf-id: 4nKf46wUAdE7qwqCLxNHaDYeyO9lS85d5SKz1r924wDXslLFm0q7mg==

GET
H2 200 settings.json Show response
static.optinly.net/sites/ee9f2e6c-8715-4d40-9d34-e1c5891d3068/ 857 B
1 KB 167ms
116ms XHR
application/octet-stream 104.21.19.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.optinly.net/sites/ee9f2e6c-8715-4d40-9d34-e1c5891d3068/settings.json?_=1709304275436
Requested by: Host: cdn.optinly.net
URL: https://cdn.optinly.net/v1/optinly.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da78b751a715d296d5e921d73eb864dbfbb856eb5f0a9dc9293dd49014b052ef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: X79EZBR9ZFQVHS11
alt-svc: h3=":443"; ma=86400
content-length: 857
x-amz-id-2: U+Md/QX0iRgYr7Q4TnUgSJ2ZSz0Y/9vDYHqH/Z8IEbt9F9gS/8LA3+IP2DScxXYZpdpS66QI78k=
last-modified: Thu, 01 Dec 2022 11:02:22 GMT
server: cloudflare
etag: "02ba0cc44276959fd5b63bad1a3ccd7b"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/octet-stream; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1F5nI4wcSu1cdI7LOruIIKjAmdHEICItiM8D5bUMOaa0uDf4xfJixyGfClgtblmP58ZEnx%2FkK0EjvHjuoai5nNwlhV8uUyPjEC4%2BRc75ihqW57UNAGU3Ihwu3i6%2F4qZzjPdaRnk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 85d9ed09df1c36bc-YYZ

GET
H2 200 trace Show response
www.cloudflare.com/cdn-cgi/ 310 B
449 B 88ms
15ms XHR
text/plain 104.16.123.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cloudflare.com/cdn-cgi/trace

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.123.96 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f9484efd1dcc4c72b4963f1152496196c77ac2ebdfcc0a110affec444f763a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Referer: https://m.iwin.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 85d9ed0a0d1f5437-YYZ
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/ 428 KB
134 KB 44ms
43ms Script
text/javascript 142.250.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f157.1e100.net

Software

cafe /

Resource Hash

e518d28fc305914d99970e7793785ff5143eb03b1ff3eaf90f980d3e28758cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 19:07:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70609
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137662
x-xss-protection: 0
server: cafe
etag: 2919427224111863329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 28 Feb 2025 19:07:46 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9835 599 KB
101 KB 897ms
895ms Document
text/html 142.250.96.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3849277388049950&output=html&adk=522671305&adf=1178619241&lmt=1702059192&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fm.iwin.com%2Fonline-games&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709304275161&bpp=5&bdt=1025&idt=437&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=43799660394&frm=20&pv=2&ga_vid=130313236.1709304275&ga_sid=1709304276&ga_hid=590834392&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081080%2C42532523%2C44795921%2C95325752%2C95326317%2C31081466%2C31080990%2C95324160&oid=2&pvsid=3262139290089889&tmod=418012534&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=492

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js?bust=31081466

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.96.156 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f156.1e100.net

Software

cafe /

Resource Hash

16b95a196438a712b01022b1e4d476491d266753b7ede96f281223de72904a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.iwin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 103592
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 14:44:36 GMT
expires: Fri, 01 Mar 2024 14:44:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 77A5 35 KB
14 KB 352ms
351ms Document
text/html 142.250.96.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3849277388049950&output=html&h=280&slotname=1488786073&adk=378574185&adf=2724509456&pi=t.ma~as.1488786073&w=1200&fwrn=4&fwrnh=100&lmt=1702059192&rafmt=1&format=1200x280&url=https%3A%2F%2Fm.iwin.com%2Fonline-games&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709304275166&bpp=3&bdt=1031&idt=501&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43799660394&frm=20&pv=1&ga_vid=130313236.1709304275&ga_sid=1709304276&ga_hid=590834392&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=2102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081080%2C42532523%2C44795921%2C95325752%2C95326317%2C31081466%2C31080990%2C95324160&oid=2&pvsid=3262139290089889&tmod=418012534&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=508

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js?bust=31081466

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.96.156 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f156.1e100.net

Software

cafe /

Resource Hash

4181e6eb5a3353d1b69694ef266a1309f586f1133f7a289f30c708563c7b8b64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.iwin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14600
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 14:44:36 GMT
expires: Fri, 01 Mar 2024 14:44:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 popup.js Show response
cdn.optinly.net/v1/ 8 KB
3 KB 31ms
30ms Script
binary/octet-stream 18.238.55.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optinly.net/v1/popup.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-49.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9f2710e6deff5fb97c28044cb514f2d49f9f496df958516a8ddb2db1ed4e9de

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: jIuLKnMo3Ykkt2A.UwXn0NBhx3P9hAn_
content-encoding: gzip
via: 1.1 2c8fc98e914dd92124c9f02bae44cffc.cloudfront.net (CloudFront)
date: Fri, 01 Mar 2024 13:36:48 GMT
x-amz-cf-pop: JFK52-P4
age: 4083
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2362
last-modified: Mon, 08 Aug 2022 11:31:02 GMT
server: AmazonS3
etag: "ceccdb90aaf59d29e6e5cb37d26ca143"
vary: Accept-Encoding
content-type: binary/octet-stream
accept-ranges: bytes
x-amz-cf-id: rJdkpCRS0x5Y377SxJLzNwfF-MeAj061g8zOUXxte1UTAV5RPTS5uA==

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4A32 838 B
578 B 382ms
381ms Document
text/html 142.250.96.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3849277388049950&output=html&h=280&slotname=1488786073&adk=378574185&adf=4155431597&pi=t.ma~as.1488786073&w=1200&fwrn=4&fwrnh=100&lmt=1702059192&rafmt=1&format=1200x280&url=https%3A%2F%2Fm.iwin.com%2Fonline-games&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709304275169&bpp=1&bdt=1033&idt=519&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=43799660394&frm=20&pv=1&ga_vid=130313236.1709304275&ga_sid=1709304276&ga_hid=590834392&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=3932&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081080%2C42532523%2C44795921%2C95325752%2C95326317%2C31081466%2C31080990%2C95324160&oid=2&pvsid=3262139290089889&tmod=418012534&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=522

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js?bust=31081466

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.96.156 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f156.1e100.net

Software

cafe /

Resource Hash

1f3c2f250fa3310fb1c2b0eda7b7aa8c4697c073197477e6db94c5e24bc3ebe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.iwin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 406
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 14:44:36 GMT
expires: Fri, 01 Mar 2024 14:44:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 745 B
362 B 101ms
101ms Fetch
text/plain 142.250.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3262139290089889&correlator=3921438038019222&eid=31081517%2C31081350%2C31079527&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=430837318%2CTOTAL_TAS%2CiWin_inc&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1709304275736&lmt=1702059192&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fm.iwin.com%2Fonline-games&vis=1&psz=1600x6334&msz=0x-1&fws=128&ohw=0&ga_vid=130313236.1709304275&ga_sid=1709304276&ga_hid=590834392&ga_fc=true&dlt=1709304274136&idt=1572&prev_scp=tmPtS%3D%26tmPtM%3D%26tmDmn%3Dm.iwin.com%26tmClnt%3DiWin%2520inc&adks=2162959182&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f157.1e100.net

Software

cafe /

Resource Hash

ff5ded7c8895c3fd5d44d48c6959aae3070ed96e15d32cae740f6ec6049f08a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://m.iwin.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e9df237540bb532ea59a082e6ca2fd97.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D378 6 KB
3 KB 156ms
52ms Document
text/html 142.250.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9df237540bb532ea59a082e6ca2fd97.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.iwin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 14:44:35 GMT
expires: Sat, 01 Mar 2025 14:44:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
static.optinly.net/sites/ee9f2e6c-8715-4d40-9d34-e1c5891d3068/b4a08351-30b7-42ec-881d-079d5665ecef/ 17 KB
4 KB 69ms
68ms XHR
text/html 104.21.19.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.optinly.net/sites/ee9f2e6c-8715-4d40-9d34-e1c5891d3068/b4a08351-30b7-42ec-881d-079d5665ecef/index.html?_=1709304275761
Requested by: Host: cdn.optinly.net
URL: https://cdn.optinly.net/v1/optinly.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d4813c8fd576c2181cbc5088ab9a66e4a340b1de3bbae4060ab7b2362a58764

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 01 Dec 2022 11:02:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: X79BX3W1G1EHJ688
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOxXq%2FOrAsdh1yt4a7YjBuIlJ7wk7tCxydawsrXzS5qt%2BUdXPiLUPuVq7R7DwcxT%2BDL82jx4RJkhiO0qOBDskiPTd38T8Cxz0oG9Iz3XlCps7Roz8FxWIcbz8JMehwWOx%2B8Eo7Q%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 85d9ed0b89bd36bc-YYZ
alt-svc: h3=":443"; ma=86400
x-amz-id-2: wGZnGCWu1KD+7pA9SVDyMoPgbm6gZIY5oyiFOWV4kLkxVa92fY69EPG7w3GtqZ0QEM5GAGsS9pE=

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame F022 30 KB
7 KB 95ms
30ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.iwin.com/
Origin: https://m.iwin.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 871
age: 40
cdn-cachedat: 10/31/2023 18:51:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7ec3abe8a526bd57fb258f001f59177b
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85d9ed0c9e3236bf-YYZ
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ Frame F022 2 KB
1 KB 130ms
47ms Stylesheet
text/css 172.253.126.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter&display=swap

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.126.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gd-in-f95.1e100.net

Software

ESF /

Resource Hash

134d30ed9c825909dd32af40d469aaafedfe1b17447abee0ed6c43c7254d2a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 14:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 13:37:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Mar 2024 14:44:35 GMT

GET
H2 200 quill.css
cdn.optinly.net/v1/ Frame F022 23 KB
4 KB 39ms
38ms Stylesheet
text/css 18.238.55.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optinly.net/v1/quill.css
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-49.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 55348fb235e75d184f7bc528883b7920c5dd3549098d1d09a1532c03caa87419

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: Indl6TjRvBV8NpGzxpgFwCKnl6YnKnoA
content-encoding: gzip
via: 1.1 2c8fc98e914dd92124c9f02bae44cffc.cloudfront.net (CloudFront)
date: Tue, 13 Feb 2024 07:31:06 GMT
last-modified: Mon, 18 Jul 2022 10:33:30 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 1573534
x-amz-server-side-encryption: AES256
etag: W/"70e7e5b6c0fc2a3b65006b1ae69b74e6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=8640000
x-amz-cf-id: W-ItdX2eat1YwVMSnl-k81dIuT0Ty82aTSMCZCnUktWdzOWU6Am_7Q==

GET
H3 200 291a79afe7a53a0fd0431b59658606ac.jpg
static.optinly.net/sites/ee9f2e6c-8715-4d40-9d34-e1c5891d3068/b4a08351-30b7-42ec-881d-079d5665ecef/assets/ Frame F022 124 KB
124 KB 99ms
42ms Image
image/jpeg 104.21.19.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.optinly.net/sites/ee9f2e6c-8715-4d40-9d34-e1c5891d3068/b4a08351-30b7-42ec-881d-079d5665ecef/assets/291a79afe7a53a0fd0431b59658606ac.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8261c6bf6bd4af89d491b8df25a80262f10a156fd5734ea104e531b20cd0a3c4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C4WS0A7DG90GK9HW
age: 1866
alt-svc: h3=":443"; ma=86400
content-length: 126595
x-amz-id-2: ct2J6El/PrULYiAOROCWp1OOQkzGCv4dG2Wf+/Z/93PS2167Zb7HeJy76DoxeW4K2/4Y3LBDkrM=
last-modified: Thu, 03 Nov 2022 12:48:41 GMT
server: cloudflare
etag: "7e8d3c311e859a47b5fa980457990baf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FV7QRC%2BgFOl%2F5J81oi4nx3Bg4N%2FO7YidvP9sGjbHIuGBzy3CARbNrAAZwP2tX%2BTvfJXysCqw0cwpkPY1%2FeUWxle0MeH5uhIm%2FYgbjfilVIvqF6FlDbUVjvQ0ReIvhdwds8L%2BbEg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85d9ed0c8bca36d6-YYZ

GET
H2 200 popup-form.js Show response
cdn.optinly.net/v1/ Frame F022 106 KB
37 KB 39ms
39ms Script
binary/octet-stream 18.238.55.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optinly.net/v1/popup-form.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-49.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 152c59024bceabf4af9b26e5b937eb5d835614e43ef5ddbd9dbb859229e04201

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: YWWBwXRkZmTG0MuK6qF39HXkhKQixnkx
content-encoding: gzip
via: 1.1 2c8fc98e914dd92124c9f02bae44cffc.cloudfront.net (CloudFront)
date: Fri, 01 Mar 2024 07:34:16 GMT
x-amz-cf-pop: JFK52-P4
age: 26024
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 37382
last-modified: Tue, 28 Jun 2022 07:30:42 GMT
server: AmazonS3
etag: "43b12dca43fbf3b9911d58bcef5039a8"
vary: Accept-Encoding
content-type: binary/octet-stream
accept-ranges: bytes
x-amz-cf-id: p1Am_QZFWk4pytcklf9kENfpBLRuc8LITrxz_Ei51wVu1j9LQSmi0g==

GET
H2 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v13/ Frame F022 21 KB
22 KB 123ms
40ms Font
font/woff2 142.250.96.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.96.94 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f94.1e100.net

Software

sffe /

Resource Hash

2301bb030a2bcaa9c763cc4771bd717aac16709c29eaba00673fcbe7cdf99a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://m.iwin.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:51:08 GMT
x-content-type-options: nosniff
age: 78808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21564
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 16:51:08 GMT

GET
H2 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame F022 75 KB
76 KB 22ms
22ms Font
font/woff2 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://m.iwin.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1029
age: 41
cdn-cachedat: 10/31/2023 19:21:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a656848cb84cde3ec9bf214ce1e40a58
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85d9ed0d0ec536bf-YYZ
cdn-requestpullsuccess: True

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 52ms
50ms Script
text/javascript 142.251.32.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.100 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f4.1e100.net

Software

GSE /

Resource Hash

793414a5c29820d33c9a6a7120fdbbf4fdbabaf3f3cc0176a53336cc5bb4da5c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 01 Mar 2024 14:44:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 77A5 3 KB
1 KB 129ms
45ms Script
text/javascript 142.250.96.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3849277388049950&output=html&h=280&slotname=1488786073&adk=378574185&adf=2724509456&pi=t.ma~as.1488786073&w=1200&fwrn=4&fwrnh=100&lmt=1702059192&rafmt=1&format=1200x280&url=https%3A%2F%2Fm.iwin.com%2Fonline-games&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709304275166&bpp=3&bdt=1031&idt=501&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43799660394&frm=20&pv=1&ga_vid=130313236.1709304275&ga_sid=1709304276&ga_hid=590834392&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=2102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081080%2C42532523%2C44795921%2C95325752%2C95326317%2C31081466%2C31080990%2C95324160&oid=2&pvsid=3262139290089889&tmod=418012534&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:08:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 77A5 20 KB
8 KB 125ms
43ms Script
text/javascript 142.250.96.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f132.1e100.net

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:08:48 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 77A5 207 KB
63 KB 44ms
43ms Script
text/javascript 142.250.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f157.1e100.net

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 15:12:58 GMT

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 59FF 135 KB
45 KB 191ms
112ms Document
text/html 74.119.119.65
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZeHp0wAK6scFKOfgAACuIW1kJiXEZ9y8PjQRug&u=%7CsEcLhWDDtXauu29P8ueI9E4%2FgtnyU7m1TG3YS5GsC8k%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEblbnwQa_69I0muim5-1IsJwflnlktVVLpNKNkS2aGPN7cog3mUk5jHkP0BiQ6iXrBoZSv-MnF1o2xK6b5rg2-R7p8Vj-BFMaUz-2l-3dFDHolU0z3X8-Y9RuHr9YmRv5d_aOs0hv6WONHcwLg9AXT5MQezF62cSUN2L2be-SH9R8OLnLiA9YIJ8P3_ysujOsHezIVtparuM1C2u1xTkTK8CZMx85kYMsxTTbiurq7MkmHtknM7h9QwKd8PuYZDrzlnA6n6wGVDXqBQHK9M632kQ7VEdV7T-HLg09e9RLijwI963Ej8ietnJfMobERGXEHmlV40Q4tFbe6RfuWhGusgFb7XA0HsUXRbliheMf6UwIaSelWH9ITk7NJXOMRi_Pj3uuiL9xM0JlRSo35GTtN__KJcpQZadGamHxNTADmXQWDb8tgpgFiYzq4Kk2mmw7EtbO3SiDG2XMvS64fEavQM8lnFXyFFlacD1Ej4e7y_PMGoa4shM69zrGq-KPciSLUNSDcaPa0lXRq_BvMEeb9yLlfr5Bi1jYMyqJclijVv5Thmx7vDQOiVTzMUGkQV6TcRPF_t-zc-Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQDuG0-nhZcfVK-DPo9kPodyCuAScge-wXOLDuM6jAcCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi0zODQ5Mjc3Mzg4MDQ5OTUwyAEJqAMByAMCqgTwAU_QRI_PZGU6qtZXdatfxNLSWyvMdnxVKD1m7rIGWKNYnCAWZMVvcGAndcyPmdn9zeyLL1efpgcXZaOOy7QvUx7M0gI8tUTwgdVg6pQPBoFeoHnTpbvdkMqxIZ0JysUyH8gks2CvLg5hhjtv7vLWyTXyKujc2meGMT9yIgLrTwCuaySlLo2fBw3W2LcJmJnJPZD7Bkic2qv5D8eBoazAr9nBEKJKBUAJzwcpClb7fary8vXcT_j1PWVhAS8yhxIkJSGNl3bUarpQd1WvmqQnMDf8ob0blWJdZ4wLfp0Z-6nKnSkadDKtQH8n2cEOrNdShIAG76qg5bmF4fNZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYpuyq0abThAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uZ5ITsNlbDs_PVEpphBwIA0kroA%26client%3Dca-pub-3849277388049950%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.65 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1ceb13fb1aac5c3e02aecfc6789e13be61453bd332e5fc2a54a9a03b128b1280

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 14:44:35 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=6sZH2HcPkep9nLR5-jCBooF9dDJl7vxT1MnGzjSNhL8a5JrZn3TftFxYHNfNxLq4O5gEiWxJUOkojjVXKR6MwuC4UoCmC-f9KnKAIPg4yfJIkqEpuKQ7QJ0Gwk8O-xt4CTUF4ELxt7pCQ18mypPKbRMSrh8O2EENvRp0DJfhQ9n8RhS5Yytw8i8f9b7A_ebbTA1BnsIs_VR5OprmAEtyY6phzbK3GEXXEHFK8ZZ98PuXqHGEIIHy_t9qXDeXHe38UFFxPQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 74115520
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ 492 KB
196 KB 122ms
40ms Script
text/javascript 142.250.96.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.96.94 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f94.1e100.net

Software

sffe /

Resource Hash

2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.iwin.com/
Origin: https://m.iwin.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 22:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199830
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Feb 2025 22:05:03 GMT

GET
DATA 200
OK truncated
/ Frame 77A5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35cb5a6b8315956373bb0f27ce936ded0e2149a379177c2dd32367b0db860f98

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 77A5 0
23 B 131ms
130ms Image
text/html 142.250.96.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cgd-w0-nhZcfVK-DPo9kPodyCuAScge-wXOLDuM6jAcCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi0zODQ5Mjc3Mzg4MDQ5OTUwyAEJqAMByAMCqgTtAU_QRI_PZGU6qtZXdatfxNLSWyvMdnxVKD1m7rIGWKNYnCAWZMVvcGAndcyPmdn9zeyLL1efpgcXZaOOy7QvUx7M0gI8tUTwgdVg6pQPBoFeoHnTpbvdkMqxIZ0JysUyH8gks2CvLg5hhjtv7vLWyTXyKujc2meGMT9yIgLrTwCuaySlLo2fBw3W2LcJmJnJPZD7Bkic2qv5D8eBoazAr9nBEKJKBUAJzwcpClb7fary8vXcT_j1PWVhAS8yhxIkJSGNl3bUarpQNVePCGKa2011SoLPGVu6wz0EVpQ3421RblOTvYyzbGemHVU3S4AG76qg5bmF4fNZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYpuyq0abThAOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzg0OTI3NzM4ODA0OTk1MBgA&sigh=b-Z89lx2tpQ&uach_m=%5BUACH%5D&cid=CAQSTgB7FLtqOVnXcjSuKyOm2v7ZzdZkEPu9GwNZ5lF9KFuieRSmLRsa3F9tm9Bliz-U0YWuaJgVTa1ebrQesL1KSSRxRLDptrVZmViOFxIaKBgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.156 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3849277388049950&output=html&h=280&slotname=1488786073&adk=378574185&adf=2724509456&pi=t.ma~as.1488786073&w=1200&fwrn=4&fwrnh=100&lmt=1702059192&rafmt=1&format=1200x280&url=https%3A%2F%2Fm.iwin.com%2Fonline-games&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709304275166&bpp=3&bdt=1031&idt=501&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43799660394&frm=20&pv=1&ga_vid=130313236.1709304275&ga_sid=1709304276&ga_hid=590834392&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=2102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081080%2C42532523%2C44795921%2C95325752%2C95326317%2C31081466%2C31080990%2C95324160&oid=2&pvsid=3262139290089889&tmod=418012534&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=508
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 01 Mar 2024 14:44:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Mar 2024 14:44:36 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 77A5 0
126 B 105ms
33ms Image
text/plain 74.119.119.130
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kurNEcX5RLAJmALiIp0XAgAAAIZ31R79013FKEK2XhDT6eFlqqNoPvAtQPWmVAAAEgAACgpBUVVCQ2dFUENn&wp=ZeHp0wAK6scFKOfgAACuIW1kJiXEZ9y8PjQRug&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.130 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:35 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 128590
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 59FF 2 KB
1 KB 111ms
36ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZeHp0wAK6scFKOfgAACuIW1kJiXEZ9y8PjQRug&u=%7CsEcLhWDDtXauu29P8ueI9E4%2FgtnyU7m1TG3YS5GsC8k%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEblbnwQa_69I0muim5-1IsJwflnlktVVLpNKNkS2aGPN7cog3mUk5jHkP0BiQ6iXrBoZSv-MnF1o2xK6b5rg2-R7p8Vj-BFMaUz-2l-3dFDHolU0z3X8-Y9RuHr9YmRv5d_aOs0hv6WONHcwLg9AXT5MQezF62cSUN2L2be-SH9R8OLnLiA9YIJ8P3_ysujOsHezIVtparuM1C2u1xTkTK8CZMx85kYMsxTTbiurq7MkmHtknM7h9QwKd8PuYZDrzlnA6n6wGVDXqBQHK9M632kQ7VEdV7T-HLg09e9RLijwI963Ej8ietnJfMobERGXEHmlV40Q4tFbe6RfuWhGusgFb7XA0HsUXRbliheMf6UwIaSelWH9ITk7NJXOMRi_Pj3uuiL9xM0JlRSo35GTtN__KJcpQZadGamHxNTADmXQWDb8tgpgFiYzq4Kk2mmw7EtbO3SiDG2XMvS64fEavQM8lnFXyFFlacD1Ej4e7y_PMGoa4shM69zrGq-KPciSLUNSDcaPa0lXRq_BvMEeb9yLlfr5Bi1jYMyqJclijVv5Thmx7vDQOiVTzMUGkQV6TcRPF_t-zc-Sw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQDuG0-nhZcfVK-DPo9kPodyCuAScge-wXOLDuM6jAcCNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi0zODQ5Mjc3Mzg4MDQ5OTUwyAEJqAMByAMCqgTwAU_QRI_PZGU6qtZXdatfxNLSWyvMdnxVKD1m7rIGWKNYnCAWZMVvcGAndcyPmdn9zeyLL1efpgcXZaOOy7QvUx7M0gI8tUTwgdVg6pQPBoFeoHnTpbvdkMqxIZ0JysUyH8gks2CvLg5hhjtv7vLWyTXyKujc2meGMT9yIgLrTwCuaySlLo2fBw3W2LcJmJnJPZD7Bkic2qv5D8eBoazAr9nBEKJKBUAJzwcpClb7fary8vXcT_j1PWVhAS8yhxIkJSGNl3bUarpQd1WvmqQnMDf8ob0blWJdZ4wLfp0Z-6nKnSkadDKtQH8n2cEOrNdShIAG76qg5bmF4fNZoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgKAoSL39wTpYpuyq0abThAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1uZ5ITsNlbDs_PVEpphBwIA0kroA%26client%3Dca-pub-3849277388049950%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Feb 2025 14:44:36 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 59FF 2 KB
1 KB 115ms
41ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Feb 2025 14:44:36 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 59FF 308 B
637 B 108ms
35ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 24 Feb 2025 14:44:36 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 59FF 293 B
621 B 110ms
37ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 24 Feb 2025 14:44:36 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 59FF 43 B
348 B 111ms
38ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=n_eg54LBQAEemFze6QqzHi6r_UrNaQuR3kByA7AhlQCtTtRzaZNuUCA3G__JEu4kj4RBX3UCrwMDF1_5egvXIvje0g29OwevdqSfsSjqBijQj6mjOoXUuxeLSBMtQqqtpAfQBOf_1HqpOpggmzP6lTx_x8It601Y6RILZrdInHvdjNolLhgHynUa1XjO4HuJ41_87dAJmmGg5oYyLJ-frYJKtAra-PJ3Vwoodxn1BG5OkqyGCkE8bXfWPW4R0V-V8HyDPxsd7fQrBOPV-1pJQR2Pv45NJmrcN2KvITslwGzhmA9442f1u4ZNRAYPryg4if5mV3FYEniCmLc6G6HfRcI9-8K6DX3U-O59tgfAFTqFUfSY6z_s5SFfV44pMIJcXmyT3AAEHI3C66iJsnJpuacJa0a9Ri2zVdCbnmYQ9II6gAPuPOwHHFhBbJU8flmQyf3S0g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 14:44:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2714566
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 59FF 12 KB
6 KB 89ms
37ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Feb 2025 14:44:36 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 59FF 4 KB
4 KB 121ms
37ms Image
image/png 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=556&m=0&partner=56625&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F56625%2F220121%2F08c41a9a4fa3423f9444f2044e144658_capture.png&v=3&w=196&rid=4&s=FN571X4XeQnSXc4uW65OI0k0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2967bb928ab5a6053b252e31bbea511b93b2a9e882c177cefb1ba47e1615280d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3984
expires: Thu, 06 Feb 2025 01:38:31 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 59FF 4 KB
4 KB 129ms
45ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=56625&q=80&r=0&u=https%3A%2F%2Fwww.bogsfootwear.ca%2Fshop%2Fthumbnails%2F72786-337_t.jpg&v=3&w=400&rid=4&s=zXVu4XWuuYz7yqMJSUh4AqGq&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e9836b80370ed1556518b815d48b43cefbaf1e2f40a2dad34fae9363bba05d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 4156
expires: Fri, 01 Mar 2024 16:46:45 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 59FF 5 KB
5 KB 134ms
50ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=56625&q=80&r=0&u=https%3A%2F%2Fwww.bogsfootwear.ca%2Fshop%2Fthumbnails%2F72846-279_t.jpg&v=3&w=400&rid=4&s=Xg1HbFkijVKqJsV-Oky6VKyf&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1ae0b17ce61c64dbd4c371c2b2721f55129e5eecb809fae80cfae001dce4d7cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 4784
expires: Mon, 04 Mar 2024 19:40:25 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 59FF 5 KB
5 KB 137ms
53ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=56625&q=80&r=0&u=https%3A%2F%2Fwww.bogsfootwear.ca%2Fshop%2Fthumbnails%2F78889-013_t.jpg&v=3&w=400&rid=4&s=WTuJr2AirwTAEiU3VS1cWq-Q&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

966d576c8d8e752109b12404a4e4f6fd3c10f493fe30cbc07609e268fd3fce1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 4936
expires: Fri, 08 Mar 2024 07:39:42 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 59FF 6 KB
6 KB 139ms
56ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=56625&q=80&r=0&u=https%3A%2F%2Fwww.bogsfootwear.ca%2Fshop%2Fthumbnails%2F72225K-411_t.jpg&v=3&w=400&rid=4&s=uAuyQGm1J6EBdeXnF_If5hr3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

03695af3335159b1240db2c8b39a455e9e84a65be79a9704def0858f29964e4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 6440
expires: Fri, 08 Mar 2024 13:56:07 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 59FF 4 KB
4 KB 121ms
38ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=56625&q=80&r=0&u=https%3A%2F%2Fwww.bogsfootwear.ca%2Fshop%2Fthumbnails%2F72225K-020_t.jpg&v=3&w=400&rid=4&s=DWV9r19penwsvWPtzociKHFG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

07214e7f156426aa9939b09e0930c1bd2d4e3b664f6cfaf96d470156f738317c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 4292
expires: Fri, 08 Mar 2024 12:28:56 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 59FF 15 KB
16 KB 45ms
37ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=56625&q=80&r=0&u=https%3A%2F%2Fwww.bogsfootwear.ca%2Fshop%2Fthumbnails%2F72800-421_t.jpg&v=3&w=400&rid=4&s=1DK7VlmL-sHhuzvUEnyd_c-X&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c963f04921532f8de8636fec18f7bb483d70960eb0c6f8127a14630bcbfbeed4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 15784
expires: Fri, 08 Mar 2024 14:11:56 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 59FF 7 KB
7 KB 46ms
39ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=56625&q=80&r=0&u=https%3A%2F%2Fwww.bogsfootwear.ca%2Fshop%2Fthumbnails%2F72756-001_t.jpg&v=3&w=400&rid=4&s=yFGmvlHdoSSPVhSwHsd6El-8&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c4faaea3f9aaa1af9a6e8b5e3dff476505e3ea09acfccf19daec18d72fccbc40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 6792
expires: Wed, 06 Mar 2024 12:32:45 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 59FF 3 KB
4 KB 44ms
41ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=56625&q=80&r=0&u=https%3A%2F%2Fwww.bogsfootwear.ca%2Fshop%2Fthumbnails%2F72421-001_t.jpg&v=3&w=400&rid=4&s=6DFo3RqrsqdO-IdCYOQ0GGEF&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

86f43414590a2c7ad5a3d0b9fbcabba2ed191e7e1f6ad6e344d3339ab1306a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 3420
expires: Fri, 01 Mar 2024 16:12:53 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 59FF 4 KB
5 KB 47ms
46ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=56625&q=80&r=0&u=https%3A%2F%2Fwww.bogsfootwear.ca%2Fshop%2Fthumbnails%2F72698-001_t.jpg&v=3&w=400&rid=4&s=_SFA7ore_APv1JVslMo_MDHi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

43ac459508aaa2956036921fec23811ac97e1511f07a3cb1c37de2b88720c721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 4408
expires: Wed, 06 Mar 2024 18:06:05 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 59FF 10 KB
11 KB 45ms
44ms Image
image/webp 74.119.119.80
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=56625&q=80&r=0&u=https%3A%2F%2Fwww.bogsfootwear.ca%2Fshop%2Fthumbnails%2F72828-009_t.jpg&v=3&w=400&rid=4&s=QawdKefbCqidbBCoOsFxcihC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.80 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

431195fabc0638b983578e4bb893d70147fc9991f0c38f22f0514996d26d5824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 10564
expires: Wed, 06 Mar 2024 12:24:48 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 59FF 0
128 B 116ms
35ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=6sZH2HcPkep9nLR5-jCBooF9dDJl7vxT1MnGzjSNhL8a5JrZn3TftFxYHNfNxLq4O5gEiWxJUOkojjVXKR6MwuC4UoCmC-f9KnKAIPg4yfJIkqEpuKQ7QJ0Gwk8O-xt4CTUF4ELxt7pCQ18mypPKbRMSrh8O2EENvRp0DJfhQ9n8RhS5Yytw8i8f9b7A_ebbTA1BnsIs_VR5OprmAEtyY6phzbK3GEXXEHFK8ZZ98PuXqHGEIIHy_t9qXDeXHe38UFFxPQ&sds=2&rev=90888&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 01 Mar 2024 14:44:35 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 59FF 2 KB
1 KB 44ms
42ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Feb 2025 14:44:36 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 59FF 2 KB
1 KB 44ms
44ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 24 Feb 2025 14:44:36 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 97ms
95ms XHR
application/json 142.250.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240228&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js?bust=31081466

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f157.1e100.net

Software

cafe /

Resource Hash

e455bddc0d2c00c375a98f4c3bcab60f38c50d0787ce5926daef419b69e259c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12415
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/ 166 KB
56 KB 108ms
107ms Script
text/javascript 142.250.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/reactive_library_fy2021.js?bust=31081466

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js?bust=31081466

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f157.1e100.net

Software

cafe /

Resource Hash

217012c549ff0b9c104fbbf45bbd3066c2d8efa5c7721232060266e4564056f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57341
x-xss-protection: 0
server: cafe
etag: 16143343710168974546
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 14:44:36 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/ 90 KB
31 KB 410ms
410ms Script
text/javascript 142.250.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/slotcar_library_fy2021.js?bust=31081466

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3849277388049950

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f157.1e100.net

Software

cafe /

Resource Hash

3ebe9d2635d0adcd23fbb01484f82b38c46ad9332cf2a7782e6b92d0cf3cb16c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32088
x-xss-protection: 0
server: cafe
etag: 2856681281963911584
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 14:44:36 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 60ms
59ms Script
text/javascript 142.250.96.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js?bust=31081466

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 14:44:36 GMT

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/ Frame 92EB 9 KB
4 KB 44ms
43ms Document
text/html 142.250.96.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js?bust=31081466

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.156 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f156.1e100.net

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.iwin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 56559
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 23:01:57 GMT
etag: 5035419970550746386
expires: Thu, 14 Mar 2024 23:01:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/ Frame 722A 9 KB
4 KB 45ms
41ms Document
text/html 142.250.96.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js?bust=31081466

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.156 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f156.1e100.net

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.iwin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 56559
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 23:01:57 GMT
etag: 5035419970550746386
expires: Thu, 14 Mar 2024 23:01:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/ Frame D1DD 9 KB
4 KB 43ms
42ms Document
text/html 142.250.96.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402260101/show_ads_impl_fy2021.js?bust=31081466

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.156 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f156.1e100.net

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.iwin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 56559
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 23:01:57 GMT
etag: 5035419970550746386
expires: Thu, 14 Mar 2024 23:01:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 000B 13 KB
5 KB 45ms
43ms Document
text/html 142.250.96.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.iwin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 5993
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 13:04:43 GMT
expires: Sat, 01 Mar 2025 13:04:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CF78 829 B
560 B 51ms
50ms Document
text/html 142.251.32.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.100 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f4.1e100.net

Software

GSE /

Resource Hash

c97f5d0e2d3690a2ece8b77b472c9e846c2477ba051305c3dbbb0c3369d70e9c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LqyXHUoM-YAmQM0XYyRLtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://m.iwin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-LqyXHUoM-YAmQM0XYyRLtw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 14:44:36 GMT
expires: Fri, 01 Mar 2024 14:44:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ Frame 92EB 5 KB
790 B 49ms
47ms Stylesheet
text/css 172.253.126.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.126.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gd-in-f95.1e100.net

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 14:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 13:34:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Mar 2024 14:44:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9CE5 2 KB
564 B 52ms
50ms Stylesheet
text/css 172.253.126.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: m.iwin.com
URL: https://m.iwin.com/online-games

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.126.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gd-in-f95.1e100.net

Software

ESF /

Resource Hash

6700a61b5bd8006d07ddcdf84df499411e0ca045c8e124af25f72b8c4e82dab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 14:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 13:33:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Mar 2024 14:44:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 9CE5 2 KB
822 B 46ms
45ms Script
text/javascript 142.250.96.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: m.iwin.com
URL: https://m.iwin.com/online-games

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f132.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:21:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 16:21:33 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 9CE5 23 KB
9 KB 47ms
46ms Script
text/javascript 142.250.96.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js

Requested by

Host: m.iwin.com
URL: https://m.iwin.com/online-games

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f132.1e100.net

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 16:23:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 9CE5 3 KB
1 KB 49ms
46ms Script
text/javascript 142.250.96.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Host: m.iwin.com
URL: https://m.iwin.com/online-games

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:08:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 9CE5 20 KB
8 KB 50ms
47ms Script
text/javascript 142.250.96.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: m.iwin.com
URL: https://m.iwin.com/online-games

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f132.1e100.net

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:08:48 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9CE5 207 KB
63 KB 53ms
50ms Script
text/javascript 142.250.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: m.iwin.com
URL: https://m.iwin.com/online-games

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f157.1e100.net

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 15:12:58 GMT

GET
H3 200 eea50308dcf9de2b0c0fe89d3b5a5e83.js Show response
www.gstatic.com/mysidia/ Frame 9CE5 36 KB
15 KB 134ms
47ms Script
text/javascript 142.250.96.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: m.iwin.com
URL: https://m.iwin.com/online-games

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.94 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f94.1e100.net

Software

sffe /

Resource Hash

a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15206
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 00:55:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 May 2024 13:03:48 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/ Frame 92EB 15 KB
6 KB 50ms
50ms Script
text/javascript 142.250.96.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f132.1e100.net

Software

cafe /

Resource Hash

628752823728c98087a38cb07a2db44eb34acdc7e8d69d1e84281ed774eade67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 05:15:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6454
x-xss-protection: 0
server: cafe
etag: 7487576354850247333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Mar 2024 05:15:37 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 92EB 205 B
229 B 139ms
58ms Image
image/png 142.250.96.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.94 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f94.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 22:04:32 GMT
x-content-type-options: nosniff
age: 60005
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 28 Feb 2025 22:04:32 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 92EB 604 B
628 B 139ms
60ms Image
image/png 142.250.96.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.94 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f94.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:43:12 GMT
x-content-type-options: nosniff
age: 79285
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 28 Feb 2025 16:43:12 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/ Frame 92EB 22 KB
9 KB 52ms
52ms Script
text/javascript 142.250.96.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f132.1e100.net

Software

cafe /

Resource Hash

5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 19:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9093
x-xss-protection: 0
server: cafe
etag: 981128176822753981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 19:16:10 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 722A 4 KB
728 B 63ms
42ms Stylesheet
text/css 172.253.126.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.126.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gd-in-f95.1e100.net

Software

ESF /

Resource Hash

662dbb2e9a1eaa62f25fd7d00eca3d78b8112c88f96f064a49aca4a6be2892d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 14:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 13:28:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Mar 2024 14:44:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 722A 2 KB
822 B 51ms
45ms Script
text/javascript 142.250.96.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f132.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:21:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 16:21:33 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 722A 23 KB
9 KB 53ms
47ms Script
text/javascript 142.250.96.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f132.1e100.net

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 16:23:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 722A 3 KB
1 KB 51ms
46ms Script
text/javascript 142.250.96.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:08:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 722A 20 KB
8 KB 53ms
48ms Script
text/javascript 142.250.96.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f132.1e100.net

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:08:48 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 722A 207 KB
63 KB 53ms
49ms Script
text/javascript 142.250.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f157.1e100.net

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 15:12:58 GMT

GET
H3 200 eea50308dcf9de2b0c0fe89d3b5a5e83.js Show response
www.gstatic.com/mysidia/ Frame 722A 36 KB
15 KB 88ms
59ms Script
text/javascript 142.250.96.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.94 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f94.1e100.net

Software

sffe /

Resource Hash

a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15206
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 00:55:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 May 2024 13:03:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D1DD 4 KB
655 B 56ms
52ms Stylesheet
text/css 172.253.126.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.126.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gd-in-f95.1e100.net

Software

ESF /

Resource Hash

662dbb2e9a1eaa62f25fd7d00eca3d78b8112c88f96f064a49aca4a6be2892d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Mar 2024 14:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 13:27:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Mar 2024 14:44:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame D1DD 2 KB
822 B 48ms
47ms Script
text/javascript 142.250.96.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f132.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:21:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 16:21:33 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame D1DD 23 KB
9 KB 46ms
45ms Script
text/javascript 142.250.96.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f132.1e100.net

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 16:23:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame D1DD 3 KB
1 KB 52ms
51ms Script
text/javascript 142.250.96.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:08:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame D1DD 20 KB
8 KB 46ms
45ms Script
text/javascript 142.250.96.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f132.1e100.net

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 23:08:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 23:08:48 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D1DD 207 KB
63 KB 47ms
46ms Script
text/javascript 142.250.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f157.1e100.net

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 15:12:58 GMT

GET
H3 200 eea50308dcf9de2b0c0fe89d3b5a5e83.js Show response
www.gstatic.com/mysidia/ Frame D1DD 36 KB
15 KB 47ms
42ms Script
text/javascript 142.250.96.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.96.94 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f94.1e100.net

Software

sffe /

Resource Hash

a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15206
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 00:55:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 May 2024 13:03:48 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame D1DD 21 KB
21 KB 160ms
40ms Image
image/jpeg 142.250.12.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRfNpWGi3u49re7yDRfzd5XHx1C48N-EfOvD4MbtZTQFGxXJG-n1EVd-HEK2A&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.12.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f139.1e100.net

Software

sffe /

Resource Hash

545153c2ff2e4dfa27feb74b92b807c621a6a5fe977631cf10efea9a9527793b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 21:00:51 GMT
x-content-type-options: nosniff
age: 150226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21448
x-xss-protection: 0
last-modified: Fri, 19 Apr 2024 15:20:53 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 27 Feb 2025 21:00:51 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame D1DD 15 KB
15 KB 204ms
85ms Image
image/jpeg 142.250.12.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ006hGw8TTduX_cdcRqny6YnwRbsNC6Elj1gvQ50s6Exz28y39g9hb9I9dGyc&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.12.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f139.1e100.net

Software

sffe /

Resource Hash

cf22c013d05e2cfe17a1a2f78f22e2d1a77a9052917d49309b1e2f1e0ecd6a0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 08:24:34 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14982
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 01 Mar 2025 14:44:37 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame D1DD 16 KB
17 KB 127ms
40ms Image
image/jpeg 142.250.96.138
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRtLGadzkRQHxdEJc9T5R89wOOmgTGtTP-vtpfiUOtfHgOMDCmt2Kdc6WAlEr0&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.96.138 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f138.1e100.net

Software

sffe /

Resource Hash

17c4cc68f42949d5295d1a70c798099ec55bd4ee76bc3a85f66be465543de9b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 13:03:58 GMT
x-content-type-options: nosniff
age: 6039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16892
x-xss-protection: 0
last-modified: Sat, 23 Mar 2024 07:50:22 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 01 Mar 2025 13:03:58 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame D1DD 23 KB
23 KB 197ms
78ms Image
image/jpeg 142.250.12.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT45eYr3bLYGk5YgERdcyFbj9Us_LaZpvCbI04NoBQj_0a2jBEMdvBZB4mMaQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.12.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f139.1e100.net

Software

sffe /

Resource Hash

31e8b37128c4c59405e8bbdc168fc08758ea6035cdb03581c0ec18aadf5c4b13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 08 Jan 2024 20:56:16 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23871
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 01 Mar 2025 14:44:37 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame D1DD 28 KB
28 KB 172ms
54ms Image
image/jpeg 142.250.12.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTv03UJ2I-yEQ2nC0bJitdVdC0DEQoGbJvloP214BWppKnOF85vBhfIATosKZ8&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.12.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f139.1e100.net

Software

sffe /

Resource Hash

4f6365d0722546a60fc06ac32f7b396756a148a8348269be870fcd8a3f12d62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:37 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Mar 2024 04:38:58 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28313
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 01 Mar 2025 14:44:37 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame D1DD 23 KB
23 KB 159ms
42ms Image
image/jpeg 142.250.12.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcR1TYq39swCyyMCMr3CYH2MSqIUsAFcD83EKBfTHPnaeI3CWFNxXejy9WLggA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.12.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f100.1e100.net

Software

sffe /

Resource Hash

dac6dcb628b7b96896d8bba30617c2c10c335ef3cca12396bfcf39e0fd58904b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 01:45:46 GMT
x-content-type-options: nosniff
age: 133131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23515
x-xss-protection: 0
last-modified: Sat, 13 Apr 2024 03:53:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 28 Feb 2025 01:45:46 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame D1DD 35 KB
36 KB 170ms
53ms Image
image/jpeg 172.253.126.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTVRq2unDe28Nn035IQoJN7N9XbUVJUF2NOrzcrqMX0oUT55nPneHt4ovEDzw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.126.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

gd-in-f102.1e100.net

Software

sffe /

Resource Hash

fad14c1402526908b5fa5864bc72a9f556efdab4473b7b93c83b5b1a02b771bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 15 Apr 2024 17:33:43 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35889
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 01 Mar 2025 14:44:37 GMT

GET
H3

200

1968095088982329748
tpc.googlesyndication.com/simgad/ Frame D1DD
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODKsISAGBCwCRiwCTIIg2EjdsoEQjM
https://tpc.googlesyndication.com/simgad/1968095088982329748

77 KB
77 KB

52ms
52ms

Image
image/png

142.250.96.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1968095088982329748

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Server

142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f132.1e100.net

Software

sffe /

Resource Hash

87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Fri, 01 Mar 2024 14:44:37 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79088
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 11:51:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 01 Mar 2025 14:44:37 GMT

Redirect headers

date: Fri, 01 Mar 2024 08:43:40 GMT
x-content-type-options: nosniff
server: cafe
age: 21657
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/1968095088982329748
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 31 Mar 2024 08:43:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CF78 0
0 105ms
99ms Image
text/html 142.250.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240228&jk=3262139290089889&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ge-in-f157.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H3 200 hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js Show response
pagead2.googlesyndication.com/bg/ Frame 000B 40 KB
15 KB 43ms
43ms Script
text/javascript 142.250.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f157.1e100.net

Software

sffe /

Resource Hash

8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 16:43:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 252053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15753
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Feb 2025 16:43:44 GMT

GET
DATA 200
OK truncated
/ Frame D1DD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c422451c7acb915ecfe34fba06297c4ac97a4f42f3e7f107e2b2f01f4872ca3

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B2E 52 KB
20 KB 46ms
45ms Script
text/javascript 142.250.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js

Requested by

Host: m.iwin.com
URL: https://m.iwin.com/online-games

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f157.1e100.net

Software

sffe /

Resource Hash

b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:59:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 150294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20324
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 20:59:43 GMT

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame D1DD 21 KB
21 KB 40ms
39ms Font
font/woff2 142.250.96.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.96.94 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f94.1e100.net

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 16:51:19 GMT
x-content-type-options: nosniff
age: 78798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 16:51:19 GMT

GET
H3 200 sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js Show response
pagead2.googlesyndication.com/bg/ Frame C0C5 52 KB
20 KB 49ms
49ms Script
text/javascript 142.250.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js

Requested by

Host: m.iwin.com
URL: https://m.iwin.com/online-games

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f157.1e100.net

Software

sffe /

Resource Hash

b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:59:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 150294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20324
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 20:59:43 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 98ms
98ms Fetch
text/html 142.250.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3849277388049950
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ge-in-f157.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://m.iwin.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D1DD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Clw_K0-nhZajrLJvQqMwPxc2dsAWrvPrzdcyP_t-pEsfbja-dDhABIJu3ziBg_aCZgegDoAGhwJjxKMgBCakCeNhruAOlgj6oAwHIA8sEqgT0AU_Q_Q7e6on65EoLX2pxWZ2fPsPQELJ4Jn3...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7a1415a06ec61ce20000000000000000%22,%222%22:%220x8d06fd3e287f07b10000000000000000%22,%223%22:%220x9d0dbd...

0
0

124ms
123ms

Fetch
text/css

142.250.96.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7a1415a06ec61ce20000000000000000%22,%222%22:%220x8d06fd3e287f07b10000000000000000%22,%223%22:%220x9d0dbd0960cee55d0000000000000000%22,%224%22:%220xc989459ec894068b0000000000000000%22,%225%22:%220xf9d830eedcc5c45f0000000000000000%22},%22debug_key%22:%2212232473857557458570%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2203-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221481467617453835409%22}&andc=true

Protocol

Server

142.250.96.156 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:37 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x7a1415a06ec61ce20000000000000000","2":"0x8d06fd3e287f07b10000000000000000","3":"0x9d0dbd0960cee55d0000000000000000","4":"0xc989459ec894068b0000000000000000","5":"0xf9d830eedcc5c45f0000000000000000"},"debug_key":"12232473857557458570","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["03-01"],"6":["true"]},"priority":"500","source_event_id":"1481467617453835409"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Mar 2024 14:44:37 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 01 Mar 2024 14:44:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x7a1415a06ec61ce20000000000000000","2":"0x8d06fd3e287f07b10000000000000000","3":"0x9d0dbd0960cee55d0000000000000000","4":"0xc989459ec894068b0000000000000000","5":"0xf9d830eedcc5c45f0000000000000000"},"debug_key":"12232473857557458570","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["03-01"],"6":["true"]},"priority":"500","source_event_id":"1481467617453835409"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js Show response
pagead2.googlesyndication.com/bg/ Frame D96F 52 KB
20 KB 44ms
44ms Script
text/javascript 142.250.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js

Requested by

Host: m.iwin.com
URL: https://m.iwin.com/online-games

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f157.1e100.net

Software

sffe /

Resource Hash

b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:59:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 150294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20324
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 20:59:43 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 181ms
98ms Preflight
text/html 142.250.96.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.96.157 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gg-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Mar 2024 14:44:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 000B 0
10 B 40ms
40ms Image
text/plain 142.250.96.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hHUe7g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.96.132 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: gg-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 14:44:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 103ms
102ms Image
text/html 142.250.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240228&jk=3262139290089889&bg=!BgWlBUrNAAauXHXJjlw7ADQBe5WfOOkCp0m2Acgq8bEycE7nqeRVMDJfh0E34nDsYtM-7se06AUl4fJdmceoqTlQtvy-AgAAATVSAAAAAmgBBwoADopMflxUmR_8bCXB02SsmQLDZd3KoxsMjGOJ5cCRTkkui_QxIftKGEwjVCUFH-xLz3_ESqcY3MnjrKDErICoRUArnnowFTJMaFTceeTBglWG2IIwvnb4dFT0NSw7sA_mgTCw23tlEk5g1hJcBIFR4Egyh4oG5rapxSNBJv9NQvkXSLZSACaZPrhxLveHrYR7qSDqeA3-J-kXvfOGpVFY8IsiunxlouvSNwJFEPjUPOUbZwDvvkxw5VU0mR1Is3HI1A957JQu2Mp7pAVA9gJuj3PeKALcBKgOAA0IUcLRGkQ8R6qIWa-6NX6l3tN3fKztQVhaG2ZnxIvhGZxPrOf3vZErPBJ72bLJNt_7dMn8ri2mXpiEY5SE36Zdthu7UQckzYhOF2wDZAAxbdNJDizls3NJOWP_ho6_QAPjeRrkH7gskYmEfNxYVjjsR_IyvDZgfHENgLtpVqm62e9F3_xDDw-tl_IfvLtY2Egie6pkhDyc8LfIpBPdKzl31MvQdQkNpwZSY-5gzKr3v1NW8OBF7BL55oOYuUhFmfeflav5aaSeSTDn5ax_ZsFvOjy54oh66FatxT6pBUxtndmTEpzJeOHxBpRV5wd1jA-H-sAtju_S8WQsYD6eSznjPNitGKAxaCet7NKBbMglIuGG_8cYtaF28UloHKB9_UXfiAjEnS2QMOQ5mAeMyyGMxubvfssYcimV8I5SJF7HxEJ6eMzU4neKhuMjv0LA92W2bOOPw7o5jjfCD6xaYfBKStlIscrgRagySuJc_q9FH3X9K_K9gmFufnDE1mqtYw3Y7TsFE1OJ2msz5RjwlZ5pDOImqEXxZMzHrwzjp19HKn76ttpp9lnF77M_vM2-FjCjMgOIDGJKJ2Rp4AWFivyjzVjr-rbrKrYCxgtvNGm-IHZdgPgDpx3TQnfeH2MVb603R-K9Z3LN-nLYqaaFqBDPd33TI3w1sGFwGho
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ge-in-f157.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.iwin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D1DD 42 B
64 B 101ms
100ms Fetch
image/gif 142.250.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshXkWThOyRtD5tjYbYQr77rnV8N6e65w8S6t8Qn3M6WAmd_LbJZg6bvNgw7WBz0woKqFjw2rOKR15_GapWUnAw9VQHtEcvONVsOc5qQ9oXzzZZ0baHwvSiSBdOEchQtdh7IviHOU1uWcbXOWcP0Efqlr9nGL8xWjY&sai=AMfl-YT2TCHIeiv8yYanqBgeJIocRhK5-g0Zey9s2nwBOc-cFEuKJJBgwuQSC2BCJWX5ARMUpY3lnNWiVVHltISigtwiU06V44MM4EAGbgToosft0rTv2culkdxHN_QiodAERdJzre2LXnyo9JKOInqhtQ&sig=Cg0ArKJSzCclwB0uWOd9EAE&cid=CAQSTwB7FLtqFzZl6k3bIXA7AjBWVqpUq4OmNmPdxoko23-PoVdHUfNCnki18XBlS5ksIisLs_Frickf2USLt0Kftf7Uc8D4hpeN8xdFpKfulS8YAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=169,817,1000,1000,1000&tos=169,648,183,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=522671301&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=523707700&rst=1709304276812&rpt=415&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ge-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Mar 2024 14:44:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.iwin.com/	1970-01-21 04:24:24	Name: iwinmpdevice Value: pc-other
.iwin.com/	1970-01-21 04:24:24	Name: _ga_ERS08K7E8X Value: GS1.1.1709304275.1.0.1709304275.0.0.0
.iwin.com/	1970-01-21 04:24:24	Name: _ga Value: GA1.2.130313236.1709304275
.iwin.com/	1970-01-20 18:49:50	Name: _gid Value: GA1.2.1185683893.1709304275
.iwin.com/	1970-01-20 18:48:24	Name: _gat_UA-5552039-3 Value: 1
m.iwin.com/	1970-01-20 20:58:00	Name: optinly_last_session_time Value: 1709304275435
m.iwin.com/	1970-01-20 20:58:00	Name: optinly_sessions_count Value: 1
m.iwin.com/	1970-01-20 20:58:00	Name: optinly_page_views_count Value: 1
.iwin.com/	1970-01-21 04:10:00	Name: __gads Value: ID=415419e3469c9fb9:T=1709304275:RT=1709304275:S=ALNI_MZxabgqOQRfBVhHla1vJ5KXmmwryQ
.iwin.com/	1970-01-21 04:10:00	Name: __gpi Value: UID=00000dce5be11ab3:T=1709304275:RT=1709304275:S=ALNI_MY8HRLmbt0cV8rqpGuB8feq_BZpMQ
.iwin.com/	1970-01-20 23:07:36	Name: __eoi Value: ID=1bcfb5975d7e1f27:T=1709304275:RT=1709304275:S=AA-AfjYaz8T8UTSt5gtZOClFmvhv
.criteo.com/	1970-01-21 04:10:00	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 04:24:24	Name: IDE Value: AHWqTUmaSldYu59HAo7wz8V3V9-dDhZmoqMdhR-qLCQlkLDdzE6_tcxJ2tSNHdNTwbc
.doubleclick.net/	1970-01-20 18:48:25	Name: test_cookie Value: CheckForPermission
.googleadservices.com/	1970-01-20 20:58:00	Name: ar_debug Value: 1

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://m.iwin.com/online-games Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://m.iwin.com/online-games Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3849277388049950&output=html&h=280&slotname=1488786073&adk=378574185&adf=2724509456&pi=t.ma~as.1488786073&w=1200&fwrn=4&fwrnh=100&lmt=1702059192&rafmt=1&format=1200x280&url=https%3A%2F%2Fm.iwin.com%2Fonline-games&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709304275166&bpp=3&bdt=1031&idt=501&shv=r20240228&mjsv=m202402260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=43799660394&frm=20&pv=1&ga_vid=130313236.1709304275&ga_sid=1709304276&ga_hid=590834392&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=162&ady=2102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081080%2C42532523%2C44795921%2C95325752%2C95326317%2C31081466%2C31080990%2C95324160&oid=2&pvsid=3262139290089889&tmod=418012534&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=508 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://m.iwin.com/online-games Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://m.iwin.com/online-games Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://m.iwin.com/online-games Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://m.iwin.com/online-games Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://m.iwin.com/online-games Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://m.iwin.com/online-games Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://m.iwin.com/online-games Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://m.iwin.com/online-games Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://m.iwin.com/online-games Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://m.iwin.com/online-games Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://m.iwin.com/online-games Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://m.iwin.com/online-games Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://m.iwin.com/online-games Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://m.iwin.com/online-games Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.us.criteo.com
ajax.googleapis.com
cat.va.us.criteo.com
cdn.optinly.net
cmp.inmobi.com
cmp.quantcast.com
csm.us.criteo.net
e9df237540bb532ea59a082e6ca2fd97.safeframe.googlesyndication.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.us.criteo.net
m.iwin.com
pagead2.googlesyndication.com
rtb.va.us.criteo.com
securegames.iwin.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
static.criteo.net
static.optinly.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.cloudflare.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.16.123.96
104.18.10.207
104.21.19.128
108.139.47.94
142.250.12.100
142.250.12.132
142.250.12.138
142.250.12.139
142.250.12.156
142.250.12.157
142.250.12.94
142.250.80.10
142.250.96.132
142.250.96.138
142.250.96.156
142.250.96.157
142.250.96.94
142.250.96.97
142.251.32.100
172.253.126.102
172.253.126.95
18.238.55.49
3.226.80.254
44.217.70.110
54.230.163.57
74.119.119.130
74.119.119.131
74.119.119.147
74.119.119.149
74.119.119.65
74.119.119.80
03695af3335159b1240db2c8b39a455e9e84a65be79a9704def0858f29964e4c
03f5c295d291b88c4ce43e92f5ca2ebd6c56ff35dc7f0504f0a4d175f30e959d
07214e7f156426aa9939b09e0930c1bd2d4e3b664f6cfaf96d470156f738317c
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a337152931cf9ad6ccacf28ca46233f3ce49508bf8089d8aa799fd3aee45f46
0a9d526e2bf14769127cf459f8199a5b6bf3eb441b8a5f7c706f0d99e3eed754
0b1dc5c44bc1cbe3589099ebf09b4aa24414d2f1907655e8992fcc49fe96ef3c
0b49add4d07703b389afc23af8c09c64ad2ccc332a67a77cfd120b123fd3299c
0d71e47fba56475523b4105f21435173c2d4e0e68f4b34277df5e3e9341d350b
0fbb124f851569a4815b3cda3d51eaccabe5f4841cdf5533ecd72baa28ae346a
12ccf01f8a2e959b70523bb71ec51563d7ef3a3b8f0c7f04a9c78e55207bd2f4
134d30ed9c825909dd32af40d469aaafedfe1b17447abee0ed6c43c7254d2a48
14884238478377116d1887d311aedadc5d53153f837544f1a25e7fa6c706665c
152c59024bceabf4af9b26e5b937eb5d835614e43ef5ddbd9dbb859229e04201
153aa9ce0f9a31cbdeccaf13473e4e17202acfc027f0e9d771126bf9c525bd4a
16b95a196438a712b01022b1e4d476491d266753b7ede96f281223de72904a76
17c4cc68f42949d5295d1a70c798099ec55bd4ee76bc3a85f66be465543de9b8
1ae0b17ce61c64dbd4c371c2b2721f55129e5eecb809fae80cfae001dce4d7cc
1ceb13fb1aac5c3e02aecfc6789e13be61453bd332e5fc2a54a9a03b128b1280
1f3c2f250fa3310fb1c2b0eda7b7aa8c4697c073197477e6db94c5e24bc3ebe3
217012c549ff0b9c104fbbf45bbd3066c2d8efa5c7721232060266e4564056f0
2301bb030a2bcaa9c763cc4771bd717aac16709c29eaba00673fcbe7cdf99a59
2314ce3d00723e13ea07bb047775694ecca2df61244b93374d545b0275587450
282cd50199b3b3458cfc5192bc218aa7bbbf64cf4a381571265fc62a70b4f096
2967bb928ab5a6053b252e31bbea511b93b2a9e882c177cefb1ba47e1615280d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e8b37128c4c59405e8bbdc168fc08758ea6035cdb03581c0ec18aadf5c4b13
332859d981fcfba394cef9a65576bada824a9137ca32168985dbc1419f2f3cc0
35cb5a6b8315956373bb0f27ce936ded0e2149a379177c2dd32367b0db860f98
38e0563612422bdc69da01ca7786becfef5173a13b7b34817f615c0fa80c2b9d
3ebe9d2635d0adcd23fbb01484f82b38c46ad9332cf2a7782e6b92d0cf3cb16c
3f2ed52cd2849b2f8258867dfd3e5496bd5babaf0306f047c6d55bd66ac780c2
4181e6eb5a3353d1b69694ef266a1309f586f1133f7a289f30c708563c7b8b64
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
431195fabc0638b983578e4bb893d70147fc9991f0c38f22f0514996d26d5824
43ac459508aaa2956036921fec23811ac97e1511f07a3cb1c37de2b88720c721
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
475237b3661bd876d83ce7256b724a3533f8aca10ccebf351122d9bad6d4f423
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4abe765c7818ddc6f6625bad872a55d97f09c3f0980aa8d0fd10b122bc0bbf90
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ecbffb5ff799ac9f91abb843c3a654a3011701e9ac22fe4bbb408b6282ef57b
4f6365d0722546a60fc06ac32f7b396756a148a8348269be870fcd8a3f12d62b
4f9484efd1dcc4c72b4963f1152496196c77ac2ebdfcc0a110affec444f763a7
545153c2ff2e4dfa27feb74b92b807c621a6a5fe977631cf10efea9a9527793b
55348fb235e75d184f7bc528883b7920c5dd3549098d1d09a1532c03caa87419
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8
5ff3cc097839f865f6aa7d848e3e07cb6242fa421cfd341c2a757e6df6f77168
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628752823728c98087a38cb07a2db44eb34acdc7e8d69d1e84281ed774eade67
662dbb2e9a1eaa62f25fd7d00eca3d78b8112c88f96f064a49aca4a6be2892d5
6659cc5af4fb7a490d83aa402c106b547b38f5fd4bc08e742329253ebd0311dc
6700a61b5bd8006d07ddcdf84df499411e0ca045c8e124af25f72b8c4e82dab3
69d86dab1c559d374ba320fb90cb02c14adbd9dc5e1068f2ea5137c5347f401a
6a9b4402c0aadb5f439d506d01ad03a384bf192fafb2247503c1821fc01e9ecb
6b0874a5b7978a6d7837b61bdb254280b5bf87bf2f6d80abb97ecfdabc2f9b18
6d4813c8fd576c2181cbc5088ab9a66e4a340b1de3bbae4060ab7b2362a58764
6e923c9175b2e878e38be0452882107ab1b41cadffbcc3bfe7a7019caaacbb93
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
759fd3a5552930a439ba9b85d6b1f38ade72a427bea84ad74e6c947327db7e7f
793414a5c29820d33c9a6a7120fdbbf4fdbabaf3f3cc0176a53336cc5bb4da5c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79ea360daeac6fe276e09e82242d5920c1a8c22ff549abb466514c8305ff6e26
7a6c9462fad6835b6079c54fac39e13a7bdc85da441aee70b96a2e07fd14fa02
7c5bdf07146529ee8d8b95de45eb2ba57607d298604a91f44aade71a8e00ed19
7d5ff83064bd7b5efa5a278037f54a0c35864fcb516c90f4e608fb319aa8973a
7dbb67f936230c049e12ff3f19fb8dba4b9f01d217639dfdac8c01fbdd123b24
7eaca0e636ab4657954b03f9c7bcee36c1637de40ee338686ec266a0809e0876
8261c6bf6bd4af89d491b8df25a80262f10a156fd5734ea104e531b20cd0a3c4
85094c8922be168bc694a1858365c11bc40159382b5c33f869306dd4138efedb
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86f43414590a2c7ad5a3d0b9fbcabba2ed191e7e1f6ad6e344d3339ab1306a13
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
8841e5d4ee6b9138905eb6bba67bedb925a1b656e49266724f5fa83b8df74bef
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
8c422451c7acb915ecfe34fba06297c4ac97a4f42f3e7f107e2b2f01f4872ca3
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
921622830a54fd0038fdf6d0652040195d2bff8cd2c5e4b57c0a3118d818d18a
92a324d76a4f5da9bb46d8c37e9acc8e125f28f385dd3b69d8dd59aaced36190
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
95b0b11f4fae6ac92158ca66b5e47b4d89c1bd18ffa2639fb59a9cb2c17914cf
966d576c8d8e752109b12404a4e4f6fd3c10f493fe30cbc07609e268fd3fce1f
973df09fa629c5d419011330cbcb183a6a5e44144431c834aedce43acd8e1341
9926b11f9adb61a9c2940da2864315828cfb30741930e5d96e23037c25dc62bb
993ace0c3882d772d9da318966e7b8aa594dc40644fe882a0ccc732ea3b44490
9c90fe9e5a6760be046234582d24a2dcbc5bdcbe5896a5447fa6022829f7a604
9f2671255236be2b00e59e22bdf9ef40729d19729cf2d7cb6d16d93345569266
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2700c19ad2c1fa932eb5015e656600ef5cf054335f828acfaf7bffbcf659680
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3f2d2e1770b781752f069750517375b77d0ab8b41c3b08b2ea5d3f57c95bd7c
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a80e60fb7a8a3db4d46cc11e8c80320fae53858e28b5454ea592ac585eea8759
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afdd6af12ca53041f947675d6e662073fd9921946950f958b530dcc8a6c86d59
b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133
b28a2a6d228c1a8ff7249717ae282ee158f7dcc54829daad71855ac6dd19427c
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
b371e33384879af7c412103b266f2be33f7e61a6895b3bce21c99cb7c1981fbf
ba0e0a13241b5533852c147b51cf0fbcf8ca32eedef1a25f1ce6b16d55d5fae3
ba993c1660de9d244e5eca4f5d1e571a2b202feacd58f6826594e277e3f828b2
bb4337fed25fc4f0941df1e41bdd5ac62bb794271f322a0421794a1f8b71f95c
c4faaea3f9aaa1af9a6e8b5e3dff476505e3ea09acfccf19daec18d72fccbc40
c71fcb3dd405f666d12525d9d47f39745f51bcde99970bd02a0b02ae52ec389f
c7a11cc158d76ae4aeed092268d6321485c00164c55284c2d7943c9e1def4214
c963f04921532f8de8636fec18f7bb483d70960eb0c6f8127a14630bcbfbeed4
c97f5d0e2d3690a2ece8b77b472c9e846c2477ba051305c3dbbb0c3369d70e9c
c98bd224121931d5049d2cee7de2e381e0413b83eabe4bbb6e4ff2bf22cf52f4
ca51158929c428276f3d1682a74c96642571d2ae4cd4d11701e57319ea0261a9
cdfee4a786ea4af4acf30e0ffe0cd3d191497bbca11e06a064c8cd70e60d44c1
cf22c013d05e2cfe17a1a2f78f22e2d1a77a9052917d49309b1e2f1e0ecd6a0e
d1279d7d7cb773ca25b3fae48019b95539446f94817275fc17c56ccecf6f1602
d26e25a298c6d2ad478fe2b9262020be0a44d79df0fdc5434eb0ff1e9e2e28be
d26fea0dff7d62caa2db40d645e1704307a70fe3e47f1b6e80dedfd6b3ab0365
da78b751a715d296d5e921d73eb864dbfbb856eb5f0a9dc9293dd49014b052ef
dac6dcb628b7b96896d8bba30617c2c10c335ef3cca12396bfcf39e0fd58904b
dbbdd0e26cf052255303c7ef3337ac6c6c3af1b808667475156838e226535c48
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df02b5b622334734e94746912c88de109d7eea8c18d84c727708063ecc5a2cec
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e1c6f28d717b88127a6d227a372f94ee0c18249df70cbee1b060258618b1fe55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bf350386b30f55251609ad97179c1ddd89f14cae869fcae02929ef29409755
e455bddc0d2c00c375a98f4c3bcab60f38c50d0787ce5926daef419b69e259c6
e518d28fc305914d99970e7793785ff5143eb03b1ff3eaf90f980d3e28758cdd
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
e7f647c9006dba0129375ff7b7d7c40a3aece9ccf81300d80f46c970f6a7ef51
e9836b80370ed1556518b815d48b43cefbaf1e2f40a2dad34fae9363bba05d8a
e988b2a0dc03b84fd5bda56242216fa752142cb3a3cfb3e79b06f280a57ef3e5
ea1dc143e026c655238e7783f91e7dc5ce57110ac2cf780e33a3b4379f37b43d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7ca01190e4d71ed7318bdf9f61c3cf40181a9e4d7536bd715909677283fe186
f9f2710e6deff5fb97c28044cb514f2d49f9f496df958516a8ddb2db1ed4e9de
fad14c1402526908b5fa5864bc72a9f556efdab4473b7b93c83b5b1a02b771bb
fae43284d901f1b729fecf12b364ac8018dc9c18fad52f6a6386740909bdff5f
ff5ded7c8895c3fd5d44d48c6959aae3070ed96e15d32cae740f6ec6049f08a8
ff637ed10aa02eb85b92a18b06ba79d66873f2143775379b543b0f91177a3878

m.iwin.com Open in urlscan Pro 3.226.80.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

176 Requests

98 %HTTPS

0 %IPv6

17 Domains

33 Subdomains

31 IPs

2 Countries

3371 kBTransfer

6852 kBSize

15 Cookies

4 Outgoing links

Page URL History

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

m.iwin.com Open in urlscan Pro
3.226.80.254 Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

98 %
HTTPS

0 %
IPv6

17
Domains

33
Subdomains

31
IPs

2
Countries

3371 kB
Transfer

6852 kB
Size

15
Cookies

176 HTTP transactions
2 data transactions