winz.ph Open in urlscan Pro
2606:4700:3031::ac43:93f7 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://winz.ph/
Submission: On December 05 via api (December 5th 2023, 6:44:59 am UTC) from US — Scanned from DE

Summary HTTP 68 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 15 domains to perform 68 HTTP transactions. The main IP is 2606:4700:3031::ac43:93f7, located in United States and belongs to CLOUDFLARENET, US. The main domain is winz.ph. The Cisco Umbrella rank of the primary domain is 721485.

This is the only time winz.ph was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3031::ac43:93f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3037::6815:47b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3038::6815:eb39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:440... 2606:4700:4400::ac40:994b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3038::6815:eb3a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	34.120.139.69 34.120.139.69	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.186.201.99 35.186.201.99	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
68	23

7 2606:4700:3031::ac43:93f7 (United States)

ASN13335 (CLOUDFLARENET, US)

winz.ph	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::6815:47b4 (United States)

ASN13335 (CLOUDFLARENET, US)

winz.ph	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3038::6815:eb39 (United States)

ASN13335 (CLOUDFLARENET, US)

www.chatbro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lpgs.chatbro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:4400::ac40:994b (United States)

ASN13335 (CLOUDFLARENET, US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3038::6815:eb3a (United States)

ASN13335 (CLOUDFLARENET, US)

www.chatbro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

dsp-media.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.139.69 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 69.139.120.34.bc.googleusercontent.com

dsp-trk.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.201.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.201.186.35.bc.googleusercontent.com

dsp-ap.eskimi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	crisp.chat client.crisp.chat — Cisco Umbrella Rank: 16959 image.crisp.chat — Cisco Umbrella Rank: 40752	186 KB
10	winz.ph winz.ph — Cisco Umbrella Rank: 721485	427 KB
8	chatbro.com www.chatbro.com — Cisco Umbrella Rank: 204799 lpgs.chatbro.com — Cisco Umbrella Rank: 212839	128 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	1002 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	535 KB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 248	4 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 203	33 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	16 KB
3	eskimi.com dsp-media.eskimi.com — Cisco Umbrella Rank: 40740 dsp-trk.eskimi.com — Cisco Umbrella Rank: 38884 dsp-ap.eskimi.com — Cisco Umbrella Rank: 17656	4 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	33 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6765	563 B
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 226	2 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	41 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138	2 KB
68	15

	Domain	Requested by
10	winz.ph	winz.ph
8	client.crisp.chat	winz.ph client.crisp.chat
8	www.youtube.com	winz.ph www.youtube.com
7	www.chatbro.com	winz.ph
6	www.googletagmanager.com	winz.ph www.googletagmanager.com
4	image.crisp.chat
4	jnn-pa.googleapis.com	www.youtube.com
4	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com www.youtube.com
3	www.google.com	1 redirects www.youtube.com winz.ph
2	www.google.de	winz.ph
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	www.youtube.com
1	www.gstatic.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	dsp-ap.eskimi.com	dsp-media.eskimi.com
1	dsp-trk.eskimi.com	dsp-media.eskimi.com
1	www.googleadservices.com	www.googletagmanager.com
1	dsp-media.eskimi.com	winz.ph
1	lpgs.chatbro.com	winz.ph
68	22

This site contains links to these domains. Also see Links.

Domain
winzir.ph
twitter.com
www.youtube.com
www.facebook.com
www.tiktok.com
www.instagram.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
winz.ph GTS CA 1P5	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
chatbro.com E1	`2023-11-05` - `2024-02-03`	3 months	crt.sh
crisp.chat Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eskimi.com GeoTrust TLS RSA CA G1	`2023-03-20` - `2024-04-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://winz.ph/
Frame ID: 8948FC1CA4DCDA04AB5A35D26221F98E
Requests: 61 HTTP requests in this frame

Frame: https://www.youtube.com/embed/qy12Q5JluKM?feature=oembed
Frame ID: 0222C61244F76B54F1248CE752BE3E44
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Winz.ph - Online Casino & Sportsbet Licensed by PAGCOR

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

68
Requests

81 %
HTTPS

86 %
IPv6

15
Domains

22
Subdomains

23
IPs

2
Countries

2432 kB
Transfer

7200 kB
Size

13
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://winzir.ph/affiliates/?btag=557078_l190884
Title: Register

Search URL Search Domain Scan URL

URL: https://twitter.com/winzirgaming
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCdzabv3Vq-weeVPYmym0Tlg
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/winzirgaming
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@winzirgames
Title: TikTok

Search URL Search Domain Scan URL

URL: https://www.instagram.com/winzirgames
Title: Instagram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 63

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11156927620/?random=1768301593&cv=11&fst=1701758694737&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v9115821783&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=http%3A%2F%2Fwinz.ph%2F&label=zjIzCJuB358YEITphMgp&hn=www.googleadservices.com&frm=0&tiba=Winz.ph%20-%20Online%20Casino%20%26%20Sportsbet%20Licensed%20by%20PAGCOR&did=dZTNiMT&gdid=dZTNiMT&gtm_ee=1&auid=249374011.1701758695&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=5sZuZe7aM8Or9u8PjuW9uAU&sscte=1&crd=&pscrd=EkxDaEFJZ0k2MnF3WVEyWXZWbUlpWl9mRm5FaVVBZkloUHNzVENqX0hqNkNNTXo5NlhlWENuUTdaN0l4OTN0Q09ldkt1ZzNhQTFJM2M0GldDaEFJZ0k2MnF3WVFwdGZCLUxMLWhkbHdFaTBBSDVqUHE5WFk5cXU4Q0tCbTJ4dndtVzFwNXlIaXNKTzBZM25XR1BkZmpTa19lYnotZmpjN1RVaGs0WUkiEwju5f-T2feCAxXDlf0HHY5yD1c HTTP 302
https://www.google.com/pagead/1p-conversion/11156927620/?random=1768301593&cv=11&fst=1701758694737&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v9115821783&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=http%3A%2F%2Fwinz.ph%2F&label=zjIzCJuB358YEITphMgp&hn=www.googleadservices.com&frm=0&tiba=Winz.ph%20-%20Online%20Casino%20%26%20Sportsbet%20Licensed%20by%20PAGCOR&did=dZTNiMT&gdid=dZTNiMT&gtm_ee=1&auid=249374011.1701758695&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0k2MnF3WVEyWXZWbUlpWl9mRm5FaVVBZkloUHNzVENqX0hqNkNNTXo5NlhlWENuUTdaN0l4OTN0Q09ldkt1ZzNhQTFJM2M0GldDaEFJZ0k2MnF3WVFwdGZCLUxMLWhkbHdFaTBBSDVqUHE5WFk5cXU4Q0tCbTJ4dndtVzFwNXlIaXNKTzBZM25XR1BkZmpTa19lYnotZmpjN1RVaGs0WUkiEwju5f-T2feCAxXDlf0HHY5yD1c&is_vtc=1&ocp_id=5sZuZe7aM8Or9u8PjuW9uAU&cid=CAQSKQDICaaNzR1MmZ1e4JsdFmBAQKixL_SFFdM7x9cd1Vb6F5_9DWLbrGdS&random=116994747 HTTP 302
https://www.google.de/pagead/1p-conversion/11156927620/?random=1768301593&cv=11&fst=1701758694737&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v9115821783&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=http%3A%2F%2Fwinz.ph%2F&label=zjIzCJuB358YEITphMgp&hn=www.googleadservices.com&frm=0&tiba=Winz.ph%20-%20Online%20Casino%20%26%20Sportsbet%20Licensed%20by%20PAGCOR&did=dZTNiMT&gdid=dZTNiMT&gtm_ee=1&auid=249374011.1701758695&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0k2MnF3WVEyWXZWbUlpWl9mRm5FaVVBZkloUHNzVENqX0hqNkNNTXo5NlhlWENuUTdaN0l4OTN0Q09ldkt1ZzNhQTFJM2M0GldDaEFJZ0k2MnF3WVFwdGZCLUxMLWhkbHdFaTBBSDVqUHE5WFk5cXU4Q0tCbTJ4dndtVzFwNXlIaXNKTzBZM25XR1BkZmpTa19lYnotZmpjN1RVaGs0WUkiEwju5f-T2feCAxXDlf0HHY5yD1c&is_vtc=1&ocp_id=5sZuZe7aM8Or9u8PjuW9uAU&cid=CAQSKQDICaaNzR1MmZ1e4JsdFmBAQKixL_SFFdM7x9cd1Vb6F5_9DWLbrGdS&random=116994747&ipr=y

68 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
winz.ph/ 190 KB
31 KB 1606ms
960ms Document
text/html 2606:4700:3031::ac43:93f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://winz.ph/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:93f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd2c965d51b2d9a45d8b57ff43986bbba3ee082f3067af349402253493117afb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 830a52b3da1039c2-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Dec 2023 06:44:53 GMT
Link: <https://winz.ph/wp-json/>; rel="https://api.w.org/"
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4us3CsejLrfrHULhRQDmYQeG1Ju6%2BXEV9kVVNnbDSihTm%2FX%2BMxdhpbZ%2FMDxMAnvk9F8la%2BCGhwAqaELttF20hCg8ll2nW3V0QSvOS%2Bo5kYVB%2BOBfsbfN4Pw0cvpxHzWOR9jj94b1"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding,Cookie
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK style.min.css
winz.ph/wp-includes/blocks/navigation/ 16 KB
3 KB 314ms
300ms Stylesheet
text/css 2606:4700:3031::ac43:93f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://winz.ph/wp-includes/blocks/navigation/style.min.css?ver=6.4.1
Requested by: Host: winz.ph
URL: http://winz.ph/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:93f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 06:44:53 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 08 Nov 2023 07:05:14 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jebqxHps5qmt2gqBkul%2BN%2BmnayLNpOcf9QrbgnGqhVKVeSbqUayQJQZp%2Bw41SSefpJoj3JW4PbkL57vtkCVAZZfJp6l3TKYbKDI%2FId4X54uZ%2B%2BZNGYcmyTkm8%2F2SvjG9tbYpVBoG"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 830a52b9fa680eaa-AMS
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK style.min.css
winz.ph/wp-includes/blocks/image/ 7 KB
2 KB 224ms
217ms Stylesheet
text/css 2606:4700:3031::ac43:93f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://winz.ph/wp-includes/blocks/image/style.min.css?ver=6.4.1
Requested by: Host: winz.ph
URL: http://winz.ph/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:93f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3efa3c6425365194636fb000719357c63e1dfed613742166e3f7a102cdf4f811

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 06:44:53 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 08 Nov 2023 07:05:14 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BfTvHbXSi2XvE3dGydRcj6VQTWmNnXLXHJVeJDXU0FyTS9p4q4nqPBaqJgsx2ikWvjmpPTxxeoZeJAUi2TWOZqgI0dhWTmLEDPrmnGsSNGuEYzuoXEzIJzWy3EfWoRHnyJJJDnn"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 830a52ba7f304d28-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK style.min.css
winz.ph/wp-includes/blocks/social-links/ 10 KB
2 KB 206ms
192ms Stylesheet
text/css 2606:4700:3031::ac43:93f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://winz.ph/wp-includes/blocks/social-links/style.min.css?ver=6.4.1
Requested by: Host: winz.ph
URL: http://winz.ph/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:93f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9753320d9396dd9dad26d1a302f52838f2a8ec7e272c5205ca4a5b090e5d0ded

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 06:44:53 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 08 Nov 2023 07:05:14 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWBK9CjCxgri5oNLjJ1ZeGiR3vb35SuNX8iLkXSO4jT1ZcdKCWINsnhgA4tJyyJs8NUUiE1UKr%2F4j4O%2F1zq8A6qIDsDcxLs2wbwhdFd9bv1w1m0mtKkfZOlHkV0RXohsiDaymKb7"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 830a52ba8aaef1a0-CDG
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK interactivity.min.js Show response
winz.ph/wp-includes/js/dist/ 32 KB
12 KB 296ms
294ms Script
application/javascript 2606:4700:3031::ac43:93f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://winz.ph/wp-includes/js/dist/interactivity.min.js?ver=6.4.1
Requested by: Host: winz.ph
URL: http://winz.ph/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:93f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8debf919f9d44ba37fa60607809c029f16307d1b27d5472eccb2234563d713bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 06:44:54 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 08 Nov 2023 07:05:14 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVPKmkWKKZeCaADUU8QlOkH%2B6Mo5X1%2BMUOP02%2BGK5SDPa0Q%2BOc365pMuLHBJxWBFHWbiQPt8NdLmBJQkVZQzx6nQVVMTRF6vABYSfhp8CY9oAe%2FURGNQIWLycVR5QUPNIVNehBqF"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 830a52bf48680eaa-AMS
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK view.min.js Show response
winz.ph/wp-includes/blocks/navigation/ 4 KB
2 KB 222ms
220ms Script
application/javascript 2606:4700:3031::ac43:93f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://winz.ph/wp-includes/blocks/navigation/view.min.js?ver=e3d6f3216904b5b42831
Requested by: Host: winz.ph
URL: http://winz.ph/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:93f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecfc357ad95e64230925cfe8fc310394fe5c1b4385eb08354b8fec69af0d6966

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 06:44:54 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 08 Nov 2023 07:05:14 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jetK5rgFaPQY40FCi6i5wKSr0Z0YeNX%2Bqw%2Fnfx0fBfs0K%2FYY9rmARBeV9zCYmaZcG6%2Bys9kDKjrgaFf5sHmXHO4fr9c3niIGv0L8op6wSMjoHKocx7I3XvdNDBEQXAex9O2EFjvk"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 830a52bf3b6b4d28-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 177ms
63ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-146877195-6

Requested by

Host: winz.ph
URL: http://winz.ph/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70da8653e844b60bc1f65dbc9615442c337ad10dd3c2ca5cdeb4066134113b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64908
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 06:44:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 304 KB
101 KB 252ms
139ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3QFXKV4T1P

Requested by

Host: winz.ph
URL: http://winz.ph/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8de61c0334e5f7a5f0ba2b09fec287a55fd28d7751d7b82f6a9b54890a80989e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103274
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 06:44:54 GMT

GET
H2 200 RECTANGLE-LOGO.png
winz.ph/wp-content/uploads/2023/04/ 116 KB
117 KB 361ms
325ms Image
image/png 2606:4700:3037::6815:47b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winz.ph/wp-content/uploads/2023/04/RECTANGLE-LOGO.png
Requested by: Host: winz.ph
URL: http://winz.ph/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:47b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3e1d17f1bb9c1b8ac5e4f613d1c183986c3d8db4cd98ee44de0fae77407257f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:54 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 09 Apr 2023 13:10:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soIrurvN3LjGwODNvciLGj1Ezi7FCB8Ngu7Hl654vN%2BUnyyEd2mllBIHljBmcRLjiQHx79JFqcsI23oOq0FHRDvlnDfPmWVHOJJqkxByONB2evMttnABPZfnbJJXJHPjYBOwaEf5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 830a52bf6bbf0a78-AMS
alt-svc: h3=":443"; ma=86400
content-length: 119032

GET
H2 200 314328738_141596495295496_3643016258630078652_n-1024x450.jpg
winz.ph/wp-content/uploads/2023/04/ 82 KB
82 KB 326ms
292ms Image
image/jpeg 2606:4700:3037::6815:47b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winz.ph/wp-content/uploads/2023/04/314328738_141596495295496_3643016258630078652_n-1024x450.jpg
Requested by: Host: winz.ph
URL: http://winz.ph/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:47b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1f5ab0c2213c1ff03640aa2633307ac1521ad2203438ce9d00df6bde8affe5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:54 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 09 Apr 2023 13:39:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0de96sGBVFEB3HPqVti%2FjT2eR5f1eLsz81k4q8Uc57EMJkPXel93XopoUe3bzumUIlirXTSTlujJoYNL5S%2BCgQuWHjif25BisHvcfc%2BFghWeR4RzGHyPK5K00qx0kn%2F0%2FJDnjOjI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 830a52bf7bc10a78-AMS
alt-svc: h3=":443"; ma=86400
content-length: 83544

GET
H2 200 339780299_1370042786907275_3850870054548181359_n-1024x682.jpg
winz.ph/wp-content/uploads/2023/04/ 143 KB
143 KB 338ms
308ms Image
image/jpeg 2606:4700:3037::6815:47b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winz.ph/wp-content/uploads/2023/04/339780299_1370042786907275_3850870054548181359_n-1024x682.jpg
Requested by: Host: winz.ph
URL: http://winz.ph/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:47b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3a18f64fabe4cc2356b36acec20e769ab2331a0009d597e6fed2f7db19ecd83

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:54 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 09 Apr 2023 13:19:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGvtJDa57LFEmylbNjMU3hNbUQCMvxfwIrDIUOJdRRbMC2AqGQa5UL37n5rPfH2UscTpBygzRkyYM%2FAtcWBk0bsv6Z54HSXAhRJMbIf04NGd8u8hZt2S9AtfbUKsswPAkWCQuZny"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 830a52bf7bc20a78-AMS
alt-svc: h3=":443"; ma=86400
content-length: 146232

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 216 KB
77 KB 268ms
154ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N2VLGZ9

Requested by

Host: winz.ph
URL: http://winz.ph/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

49a1e8f8d3760e1678c3f753539d5082078e6749598f1a46557f59e3de08623f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79119
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 06:44:54 GMT

GET
H2 200 qy12Q5JluKM Show response
www.youtube.com/embed/ Frame 0222 93 KB
40 KB 238ms
107ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/qy12Q5JluKM?feature=oembed

Requested by

Host: winz.ph
URL: http://winz.ph/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

128ceae9ac3ac5fdd350865d943d2b70547723412faab7802abb98394ca23ca0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://winz.ph/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 06:44:54 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 embed.js Show response
www.chatbro.com/ 537 KB
106 KB 275ms
224ms XHR
application/javascript 2606:4700:3038::6815:eb39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.chatbro.com/embed.js?eyJlbWJlZENoYXRzUGFyYW1ldGVycyI6W3siZW5jb2RlZENoYXRJZCI6IjY4bzY5In1dLCJsYW5nIjoiZW4tVVMiLCJuZWVkTG9hZENvZGUiOnRydWV9
Requested by: Host: winz.ph
URL: http://winz.ph/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40ace2573dd480230565d5183d888874ad5d36288740220bb1b6f3a31d07f5be

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:54 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 05 Dec 2023 06:44:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=729wWojVFf8V6wl3%2FesUoC2w3pZUZpKEOKBYnOAXla%2BYB208jj%2FAlZxdHW%2FYK%2BFhSjp4UF4CTFDhVKxgcfIGZrZ0M9PctabvWjKmfIS1t%2B6IcuCLR%2FwbGRU3qONdopoCP0POBFzygaBusd9eGWA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: http://winz.ph
cache-control: public, max-age=31536000, s-maxage=200
access-control-allow-credentials: true
cf-ray: 830a52bf9e5722af-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 l.js Show response
client.crisp.chat/ 8 KB
3 KB 43ms
17ms Script
application/javascript 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Host: winz.ph
URL: http://winz.ph/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74d73ce62bf4e55531f706c6d6dcf8c7b95208101207e608d39c3296a6fa8ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 11462
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
server: cloudflare
etag: W/"64e73b34-2023"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 830a52bf6b3c30f6-FRA
access-control-allow-headers: Content-Type, Origin
expires: Wed, 06 Dec 2023 06:44:54 GMT

GET
DATA 200
OK truncated
/ 136 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3a9a479ed9dc3b090aa69c12b12ac5d18c7af9a27496423058fb174cfb0baba

Request headers

Referer: http://winz.ph/
Origin: http://winz.ph
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 126 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c65c22c8cb4efd276a5496ab38ea69988d7cdded6cf7a25f5d309b98aa07bb21

Request headers

Referer: http://winz.ph/
Origin: http://winz.ph
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 626 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d238c993229cf80e21012245be30106bf34e7129a21a5526fe012a47fce7d8b

Request headers

Referer: http://winz.ph/
Origin: http://winz.ph
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 256 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd5b1c7d7b8c992506be342eeb2660ed55da4d41231de087c41a2b050fa6c456

Request headers

Referer: http://winz.ph/
Origin: http://winz.ph
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 574 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd4aa6c7764f573287eb53f17296a8d25bcc7260a9f2b175a17fd7be2d87bd21

Request headers

Referer: http://winz.ph/
Origin: http://winz.ph
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 300 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0276e8edf4c48e4bab8f0390e72fbf402700eb81358040241114ecc114b9c200

Request headers

Referer: http://winz.ph/
Origin: http://winz.ph
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 335 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3a372ef1038066f0824521cc1311800e87ad2c63878e29d9005713476ff4210

Request headers

Referer: http://winz.ph/
Origin: http://winz.ph
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 807 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1de7d4a979a26446c9592ffe7be88f38e04ede3fc67f5dc2b9b355e321cca5c7

Request headers

Referer: http://winz.ph/
Origin: http://winz.ph
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK albert-sans.woff2
winz.ph/wp-content/themes/launchify/assets/fonts/ 31 KB
32 KB 262ms
262ms Font
font/woff2 2606:4700:3031::ac43:93f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://winz.ph/wp-content/themes/launchify/assets/fonts/albert-sans.woff2
Requested by: Host: winz.ph
URL: http://winz.ph/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:93f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7372b629e997f9980d46c4dea3a384f8d1c9f2fcb21ad395711d14f80fda8c4

Request headers

Referer: http://winz.ph/
Origin: http://winz.ph
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 06:44:54 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 09 Apr 2023 12:49:16 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQNKjLgrwhufXoUHVTqgqRnAoY1YrcEdBQ4Ncyzd388J9QQt1CpT1qAP3j5DTJb%2B8yBqw8tLOuUo4UJ%2BKLQlecM%2Fa04FtU0dKKVDo%2FsGj%2BlLHCnjc8cKlYS18MnjP66D5kUOCFY2"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff2
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 830a52bf6e93f1a0-CDG
alt-svc: h3=":443"; ma=86400
Content-Length: 32208

GET
H2 200 client.js Show response
client.crisp.chat/static/javascripts/ 409 KB
102 KB 26ms
25ms Script
application/javascript 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?2940d8d

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75c8dd961325f7367f1b846efc96e829b6a3ebc03aebd108ad8f631ad28b872a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 77282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
server: cloudflare
etag: W/"64e73b34-6650b"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 830a52bfbb7a30f6-FRA
access-control-allow-headers: Content-Type, Origin
expires: Fri, 02 Dec 2033 06:44:54 GMT

GET
H2 200 client_default.css
client.crisp.chat/static/stylesheets/ 355 KB
48 KB 21ms
21ms Stylesheet
text/css 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?2940d8d

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cc061085907c749f4f81a853ae49a331efe4fcd538da758a65bb855dd1dcd2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3042
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 21 Nov 2023 09:15:39 GMT
server: cloudflare
etag: W/"655c753b-58c0e"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 830a52bfbb7830f6-FRA
access-control-allow-headers: Content-Type, Origin
expires: Fri, 02 Dec 2033 06:44:54 GMT

GET
H3 200 / Show response
client.crisp.chat/settings/website/1b116a5b-46cf-4ed0-8999-404a0b825f37/prelude/ 212 B
541 B 77ms
77ms Script
application/javascript 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/1b116a5b-46cf-4ed0-8999-404a0b825f37/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2023-11-5-7-44

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?2940d8d

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79f2854e912889da4ce0bb03aea158b084395b715de724ee24c08bf9b053a740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Dec 2023 06:44:54 GMT
server: cloudflare
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 830a52c05da3bbb0-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 05 Dec 2023 10:44:54 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/31e0b6d9/ Frame 0222 378 KB
48 KB 69ms
68ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qy12Q5JluKM?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

436743ad0889ad9399a1f33edb65d8bf1c71cfbce1b0fce549769e7705c9ceec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qy12Q5JluKM?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10658
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48920
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 04 Dec 2024 03:47:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0222 15 KB
16 KB 161ms
52ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qy12Q5JluKM?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 371878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0222 15 KB
15 KB 173ms
64ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qy12Q5JluKM?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 467007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:01:27 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/ Frame 0222 52 KB
16 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qy12Q5JluKM?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45ea1febaa3bfa8f5c4711c1ed96c1971654f98d5bcc5cf69d90a555f79a0c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qy12Q5JluKM?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40940
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16591
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 03 Dec 2024 19:22:34 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/ Frame 0222 321 KB
96 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qy12Q5JluKM?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d453a47ad0d1b30a7292b6f712d8645db141ed6adea69b8e7d802f8022365fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qy12Q5JluKM?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:47:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3462
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98499
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 04 Dec 2024 05:47:12 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/ Frame 0222 2 MB
767 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qy12Q5JluKM?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6329a84811954311b5424bbab6ac2dcc70441841a9b1fd441e3315cf540a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qy12Q5JluKM?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 785355
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 04 Dec 2024 06:34:41 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 179ms
57ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146877195-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 06:31:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 797
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Dec 2023 08:31:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 304 KB
101 KB 74ms
73ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-MKBFZMR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146877195-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c0427a0454dfcbe034be61a2e8102f418f0ed9b2cf4412b703210fabc2ef356

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 06:44:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 304 KB
101 KB 68ms
68ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3QFXKV4T1P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146877195-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25108ee41f29b6fe6015c393bf16f17f8b58abdaf8f75794e6ae02f9a5e0e677

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103289
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 06:44:54 GMT

POST
H2 200 g Show response
lpgs.chatbro.com/ 9 B
360 B 97ms
75ms XHR
text/plain 2606:4700:3038::6815:eb39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lpgs.chatbro.com/g
Requested by: Host: winz.ph
URL: http://winz.ph/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 077ef76fae1abf80b13f5b6395cbc53cb018ecafd5fd233d016b8e748dfa8b99

Request headers

Referer: http://winz.ph/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 05 Dec 2023 06:44:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfVqoH7PvUbaCMT%2B0isz%2F%2BrQolMdamVCwa7Wdx9uWKkImrBpp4%2FzzxonRSfqcrGYSI0YBUgAte3ump51EDzuBPhf%2FWiZw0n5bzX49RVoYkh5U8rT6kKCAoif33kqtz4L6sJx1hZ4UVaXcHgBa81s"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=utf-8
access-control-allow-origin: http://winz.ph
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 830a52c1b88722af-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 chatbro.woff
www.chatbro.com/fonts/ 14 KB
15 KB 153ms
119ms Font
application/font-woff 2606:4700:3038::6815:eb39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.chatbro.com/fonts/chatbro.woff?10
Requested by: Host: winz.ph
URL: http://winz.ph/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f74fcaf9c728521c218b7bf05a0bf7173b522e7769165c8f97fdf74734cf0907

Request headers

Referer: http://winz.ph/
Origin: http://winz.ph
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:54 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 30 Aug 2022 18:54:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"630e5cd2-383c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIVv2rns0WTKj%2BI3TUaFhjSirecy3C8jHzwEroEL5YZ%2Fh%2B7EAAXsP78PDCU2gqhfTpHNHXSpr1%2FC9cisjLU0vqYIjMHvh2ImGqMpNbz2xwg8wdxK4OO0xN57TuZrmN7stv3RkXeSOCx2%2BL%2FXZZo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 830a52c1cf0b0e87-AMS
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Dec 2023 06:54:54 GMT

GET
H/1.1 200
OK chat_vk_logo.png
www.chatbro.com/images/ 735 B
1 KB 33ms
20ms Image
image/png 2606:4700:3038::6815:eb3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.chatbro.com/images/chat_vk_logo.png
Requested by: Host: winz.ph
URL: http://winz.ph/
Protocol: HTTP/1.1
Server: 2606:4700:3038::6815:eb3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 163a89e59b219649c013ead3230f372f0e7dca9c8ea0dc0463f991b671b14404

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 06:44:54 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 469
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 735
Last-Modified: Tue, 30 Aug 2022 18:54:10 GMT
Server: cloudflare
ETag: "630e5cd2-2df"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1aIRCaQiSSlsyq8oqwiIl3c2NV%2Fj3pJ6Kz%2FlV1jPcKnOU9HETNTqGRzvuBsKz0C%2FuNYlHbyQbQ%2FUn1m%2Bw6tBc%2FOWPlMLD4srRE70ogpP1cg2O3lLVFnVQzweD93uw%2B6bGytiRG200UbahHDugc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 830a52c1ca06b909-AMS
Expires: Tue, 05 Dec 2023 06:47:05 GMT

GET
H/1.1 200
OK chat_telegram_logo.png
www.chatbro.com/images/ 777 B
2 KB 138ms
124ms Image
image/png 2606:4700:3038::6815:eb3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.chatbro.com/images/chat_telegram_logo.png
Requested by: Host: winz.ph
URL: http://winz.ph/
Protocol: HTTP/1.1
Server: 2606:4700:3038::6815:eb3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2f63f18bbbe390a7a2d93c0f42bd05c549d856969ccba17ee2f1fc734a77f51

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 06:44:54 GMT
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 777
Last-Modified: Tue, 30 Aug 2022 18:54:10 GMT
Server: cloudflare
ETag: "630e5cd2-309"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFATQiZH%2BW5J%2F3uIp1OeCE00E%2BzcKxvGMroxuSnCqrW7noGx%2BdXDuWVHRbNlm7n62wkzCRMj5WSWrp0zfvprrIDVON3tvP%2FW2KtMk9%2Bvpz63bH96EgDyuMX0%2F2GcLF3CMoVoOyj3qqzeMBidVSY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 830a52c1cb380eae-AMS
Expires: Tue, 05 Dec 2023 06:54:54 GMT

GET
H/1.1 200
OK chat_facebook_logo.png
www.chatbro.com/images/ 329 B
1 KB 129ms
114ms Image
image/png 2606:4700:3038::6815:eb3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.chatbro.com/images/chat_facebook_logo.png
Requested by: Host: winz.ph
URL: http://winz.ph/
Protocol: HTTP/1.1
Server: 2606:4700:3038::6815:eb3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d813de68c702196d2eeaa7e2e5d55167638741533191d3e5038e329ac3f54940

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 06:44:54 GMT
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 329
Last-Modified: Tue, 30 Aug 2022 18:54:10 GMT
Server: cloudflare
ETag: "630e5cd2-149"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eS5xLgO%2BTWRvJtluEoRGPYb4r9qvo4hlJ61OHiz791qV9JAuTW%2BKAfJ44zzd8fG7gZwRM4yLKX62NWS2mlC%2FEoxMDCsrgTaVDaJTRToxo4TqEF8ZN8YTRytH6l5djk4S6lY947TQPYtbCBE8NZE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 830a52c1c865f0db-CDG
Expires: Tue, 05 Dec 2023 06:54:54 GMT

GET
H/1.1 200
OK chat_google_logo.png
www.chatbro.com/images/ 656 B
1 KB 54ms
20ms Image
image/png 2606:4700:3038::6815:eb3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.chatbro.com/images/chat_google_logo.png
Requested by: Host: winz.ph
URL: http://winz.ph/
Protocol: HTTP/1.1
Server: 2606:4700:3038::6815:eb3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c1fc1f22827f0dabf3486fdc286f1c909e7acc4b5999365b9328c36c18d17d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 06:44:54 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 555
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 656
Last-Modified: Tue, 30 Aug 2022 18:54:10 GMT
Server: cloudflare
ETag: "630e5cd2-290"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQyINTum0gX1Ly%2F4tyNjZnEjbVVlfxfr0t11sLw54ENqsQ6QonN4h7CNd5effnkS3kO8Q%2Bl7x1jXgp5f0kyx78BJgKGT2OGydBgZ9Vz7soFVUmUN%2Bs1ZbUYc%2Bp1i60GsQ1hYl7PQeFJ5Pwp%2FbIE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 830a52c1ea23b909-AMS
Expires: Tue, 05 Dec 2023 06:45:39 GMT

GET
H2 200 no_connection.png
www.chatbro.com/images/ 2 KB
2 KB 21ms
21ms Image
image/png 2606:4700:3038::6815:eb39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.chatbro.com/images/no_connection.png
Requested by: Host: winz.ph
URL: http://winz.ph/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d026f555341e85649cd2edd6848b55b6cedfcca0c62bba5099e69b62ea713e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 326
alt-svc: h3=":443"; ma=86400
content-length: 1614
last-modified: Tue, 30 Aug 2022 18:54:10 GMT
server: cloudflare
etag: "630e5cd2-64e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjTueUQudDUK81CYvTQJ5tkeFb25%2FEiAGDKuAmdmTdq33FCcUaT%2FrJn8n%2BPhBubnQw6lUJZrU1taz5FLzfISX9CT1TCjp29wp610FvC7zMyVGSzlSupeiGTG2nqzbJraMwgnaAg04zpL8RCRJCo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830a52c1b88e22af-CDG
expires: Tue, 05 Dec 2023 06:49:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 68ms
67ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8ZN401MNS9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2VLGZ9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e25b7d2a1a6c9bec3132e5148438872608a9e9c641a4390ceabbf3c334f54667

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93102
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 06:44:54 GMT

GET
H2 200 gtr.min.js Show response
dsp-media.eskimi.com/assets/js/e/ 5 KB
3 KB 79ms
35ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4

Requested by

Host: winz.ph
URL: http://winz.ph/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1082 /

Resource Hash

2c86bcaebf54969da5081c17c6901cbe19ac041b80a3abda6890708eb545cec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 30 Oct 2024 19:01:13 GMT
date: Tue, 05 Dec 2023 06:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 10/31/2023 19:01:13
cdn-pullzone: 692289
last-modified: Fri, 04 Aug 2023 14:59:50 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"64cd1266-1353"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: bb4cae4093f8853ca0b374b2f14cddd6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 101ms
36ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3QFXKV4T1P&gtm=45je3bt0v9115821783&_p=1701758694271&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1535130109.1701758695&ul=en-us&sr=1600x1200&_s=1&sid=1701758694&sct=1&seg=0&dl=http%3A%2F%2Fwinz.ph%2F&dt=Winz.ph%20-%20Online%20Casino%20%26%20Sportsbet%20Licensed%20by%20PAGCOR&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2927
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3QFXKV4T1P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 06:44:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://winz.ph
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11156927620/ 3 KB
2 KB 187ms
67ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11156927620/?random=1701758694733&cv=11&fst=1701758694733&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v9115821783&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=http%3A%2F%2Fwinz.ph%2F&hn=www.googleadservices.com&frm=0&tiba=Winz.ph%20-%20Online%20Casino%20%26%20Sportsbet%20Licensed%20by%20PAGCOR&did=dZTNiMT&gdid=dZTNiMT&auid=249374011.1701758695&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3QFXKV4T1P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b32185ed6306738ecd224f11787e23d0b1c72ed3aa8b72cec075e6a8a0811f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 06:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1286
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11156927620/ 3 KB
2 KB 143ms
48ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11156927620/?random=1701758694737&cv=11&fst=1701758694737&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v9115821783&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=http%3A%2F%2Fwinz.ph%2F&label=zjIzCJuB358YEITphMgp&hn=www.googleadservices.com&frm=0&tiba=Winz.ph%20-%20Online%20Casino%20%26%20Sportsbet%20Licensed%20by%20PAGCOR&did=dZTNiMT&gdid=dZTNiMT&gtm_ee=1&auid=249374011.1701758695&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3QFXKV4T1P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

bed43f1884a262e5c1b00c6543163d40e75b404c0185c5dd7b9d466b6117a8fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 06:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1603
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cssession Show response
dsp-trk.eskimi.com/tracking/ 2 B
164 B 71ms
20ms XHR
text/plain 34.120.139.69
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp-trk.eskimi.com/tracking/cssession?tst&id=31340&url=http%3A%2F%2Fwinz.ph%2F&t=1701758694758
Requested by: Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.139.69 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 69.139.120.34.bc.googleusercontent.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: http://winz.ph
date: Tue, 05 Dec 2023 06:44:54 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/plain; charset=UTF-8

GET
H2 200 gtr Show response
dsp-ap.eskimi.com/v2/ 116 B
570 B 78ms
20ms XHR
application/json 35.186.201.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dsp-ap.eskimi.com/v2/gtr?id=31340&url=http%3A%2F%2Fwinz.ph%2F&t=1701758694759
Requested by: Host: dsp-media.eskimi.com
URL: https://dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.201.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.201.186.35.bc.googleusercontent.com
Software: /
Resource Hash: da07573d15690333d7ce263144c84387c3e0a93ca316b9de23d1e6f3b792b8d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: http://winz.ph
date: Tue, 05 Dec 2023 06:44:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 56ms
37ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8ZN401MNS9&gtm=45je3bt0v9127036941z89115823443&_p=1701758694271&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1535130109.1701758695&ul=en-us&sr=1600x1200&_s=1&sid=1701758694&sct=1&seg=0&dl=http%3A%2F%2Fwinz.ph%2F&dt=Winz.ph%20-%20Online%20Casino%20%26%20Sportsbet%20Licensed%20by%20PAGCOR&en=page_view&_fv=1&_ss=1&tfd=2973
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8ZN401MNS9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 06:44:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://winz.ph
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
client.crisp.chat/settings/website/1b116a5b-46cf-4ed0-8999-404a0b825f37/ 6 KB
2 KB 22ms
22ms Script
application/javascript 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/1b116a5b-46cf-4ed0-8999-404a0b825f37/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1701707553105

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?2940d8d

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83732a2d7c81839562e360b25a03adc8855b93553ce43fdf376055730a8a4b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Dec 2023 06:40:17 GMT
server: cloudflare
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 830a52c26f76bbb0-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 05 Dec 2023 10:44:54 GMT

GET
H3 200 en.js Show response
client.crisp.chat/static/javascripts/locales/ 7 KB
3 KB 32ms
32ms Script
application/javascript 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/en.js?2940d8d

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?2940d8d

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7ac26cc635252b12278db01f4616403bd626ed7823fcf5e52576eeeff3b3548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 77233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 12:01:16 GMT
server: cloudflare
etag: W/"64d22e8c-1c36"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
cf-ray: 830a52c29fb4bbb0-FRA
access-control-allow-headers: Content-Type, Origin
expires: Fri, 02 Dec 2033 06:44:54 GMT

GET
DATA 200
OK truncated
/ 881 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 0222
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
220 B

64ms
63ms

XHR
application/json

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qy12Q5JluKM?feature=oembed

Protocol

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5219344a8e439437ef17cca35c1b250323c7403d78f362fd969a8a217785b366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Dec 2023 06:44:54 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 0222 29 B
495 B 168ms
54ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:33:16 GMT
x-content-type-options: nosniff
age: 699
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Dec 2023 06:48:16 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
200 B 64ms
64ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1856916499&t=pageview&_s=1&dl=http%3A%2F%2Fwinz.ph%2F&ul=en-us&de=UTF-8&dt=Winz.ph%20-%20Online%20Casino%20%26%20Sportsbet%20Licensed%20by%20PAGCOR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=777812058&gjid=741319129&cid=1535130109.1701758695&tid=UA-146877195-6&_gid=1741169293.1701758695&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1090345050

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://winz.ph/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 06:44:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://winz.ph
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 176ms
61ms Preflight
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 05 Dec 2023 06:44:55 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0222 70 KB
32 KB 69ms
68ms XHR
application/json+protobuf 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

098aa0179db8a6c425cddc29e8ce9b3529ea5bbdfc0aeab25b33ec3af2c3782e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 05 Dec 2023 06:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32973
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/ Frame 0222 116 KB
33 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a80bd413f7dd15ff49d22ce8b5e99be2cea10ad2021f6408949ccf4d0a49191f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qy12Q5JluKM?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:21:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33684
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 03 Dec 2024 20:21:03 GMT

GET
H2 200 4MIqMSIrIBa2Tlo-FocJvTtTVUJhKzKWK9rP7XHIhmA.js Show response
www.google.com/js/th/ Frame 0222 39 KB
15 KB 169ms
54ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/4MIqMSIrIBa2Tlo-FocJvTtTVUJhKzKWK9rP7XHIhmA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0c22a31222b2016b64e5a3e168709bd3b535542612b32962bdacfed71c88660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15284
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 05:35:57 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/qy12Q5JluKM/ Frame 0222 41 KB
41 KB 176ms
59ms Image
image/jpeg 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/qy12Q5JluKM/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgSyg-MA8=&rs=AOn4CLDJhfDRFeN_E_d6OzTcHcRBRKOQ3A

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qy12Q5JluKM?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96b08001d7b72d4e665499fb3aeffad7add1fc5e4cb7ab633efb91c7ce07549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:35:29 GMT
x-content-type-options: nosniff
age: 566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41689
x-xss-protection: 0
server: sffe
etag: "1687797503"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 05 Dec 2023 08:35:29 GMT

GET
DATA 200
OK truncated
/ Frame 0222 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 CWLe-J90rDjyDTL7Eg_-gzYMoroBLCVzMJFoqhJUo0wgc-RasXwbZbgkGrXtHBwWz6xMhqF8NQw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 0222 2 KB
2 KB 178ms
56ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/CWLe-J90rDjyDTL7Eg_-gzYMoroBLCVzMJFoqhJUo0wgc-RasXwbZbgkGrXtHBwWz6xMhqF8NQw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qy12Q5JluKM?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3731a9e65e6dc75328635f86f88120e8e9a2f646cbbd2ee5c6c7c7068ab8ea8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:11:52 GMT
x-content-type-options: nosniff
age: 1983
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1927
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 06 Dec 2023 06:11:52 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/11156927620/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11156927620/?random=1768301593&cv=11&fst=1701758694737&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v9115821783&gcd=11l1l1l1l1&dma_cps=syph...
https://www.google.com/pagead/1p-conversion/11156927620/?random=1768301593&cv=11&fst=1701758694737&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v9115821783&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h...
https://www.google.de/pagead/1p-conversion/11156927620/?random=1768301593&cv=11&fst=1701758694737&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v9115821783&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=...

42 B
108 B

70ms
70ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/11156927620/?random=1768301593&cv=11&fst=1701758694737&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v9115821783&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=http%3A%2F%2Fwinz.ph%2F&label=zjIzCJuB358YEITphMgp&hn=www.googleadservices.com&frm=0&tiba=Winz.ph%20-%20Online%20Casino%20%26%20Sportsbet%20Licensed%20by%20PAGCOR&did=dZTNiMT&gdid=dZTNiMT&gtm_ee=1&auid=249374011.1701758695&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0k2MnF3WVEyWXZWbUlpWl9mRm5FaVVBZkloUHNzVENqX0hqNkNNTXo5NlhlWENuUTdaN0l4OTN0Q09ldkt1ZzNhQTFJM2M0GldDaEFJZ0k2MnF3WVFwdGZCLUxMLWhkbHdFaTBBSDVqUHE5WFk5cXU4Q0tCbTJ4dndtVzFwNXlIaXNKTzBZM25XR1BkZmpTa19lYnotZmpjN1RVaGs0WUkiEwju5f-T2feCAxXDlf0HHY5yD1c&is_vtc=1&ocp_id=5sZuZe7aM8Or9u8PjuW9uAU&cid=CAQSKQDICaaNzR1MmZ1e4JsdFmBAQKixL_SFFdM7x9cd1Vb6F5_9DWLbrGdS&random=116994747&ipr=y

Requested by

Host: winz.ph
URL: http://winz.ph/

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 06:44:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 06:44:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/11156927620/?random=1768301593&cv=11&fst=1701758694737&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v9115821783&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=http%3A%2F%2Fwinz.ph%2F&label=zjIzCJuB358YEITphMgp&hn=www.googleadservices.com&frm=0&tiba=Winz.ph%20-%20Online%20Casino%20%26%20Sportsbet%20Licensed%20by%20PAGCOR&did=dZTNiMT&gdid=dZTNiMT&gtm_ee=1&auid=249374011.1701758695&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0k2MnF3WVEyWXZWbUlpWl9mRm5FaVVBZkloUHNzVENqX0hqNkNNTXo5NlhlWENuUTdaN0l4OTN0Q09ldkt1ZzNhQTFJM2M0GldDaEFJZ0k2MnF3WVFwdGZCLUxMLWhkbHdFaTBBSDVqUHE5WFk5cXU4Q0tCbTJ4dndtVzFwNXlIaXNKTzBZM25XR1BkZmpTa19lYnotZmpjN1RVaGs0WUkiEwju5f-T2feCAxXDlf0HHY5yD1c&is_vtc=1&ocp_id=5sZuZe7aM8Or9u8PjuW9uAU&cid=CAQSKQDICaaNzR1MmZ1e4JsdFmBAQKixL_SFFdM7x9cd1Vb6F5_9DWLbrGdS&random=116994747&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11156927620/ 42 B
340 B 85ms
68ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11156927620/?random=1701758694733&cv=11&fst=1701756000000&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v9115821783&u_w=1600&u_h=1200&url=http%3A%2F%2Fwinz.ph%2F&frm=0&tiba=Winz.ph%20-%20Online%20Casino%20%26%20Sportsbet%20Licensed%20by%20PAGCOR&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNpD8i1FRB_gTW7Gg-4bRhX5M0B9KAiw&random=4217377697&rmt_tld=0&ipr=y

Requested by

Host: winz.ph
URL: http://winz.ph/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 06:44:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11156927620/ 42 B
455 B 180ms
65ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11156927620/?random=1701758694733&cv=11&fst=1701756000000&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v9115821783&u_w=1600&u_h=1200&url=http%3A%2F%2Fwinz.ph%2F&frm=0&tiba=Winz.ph%20-%20Online%20Casino%20%26%20Sportsbet%20Licensed%20by%20PAGCOR&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNpD8i1FRB_gTW7Gg-4bRhX5M0B9KAiw&random=4217377697&rmt_tld=1&ipr=y

Requested by

Host: winz.ph
URL: http://winz.ph/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 06:44:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 0222 4 KB
2 KB 182ms
70ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 06:44:55 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 0222 0
10 B 57ms
56ms Image
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?1bs8hg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/qy12Q5JluKM?feature=oembed
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/qy12Q5JluKM?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 64ms
64ms Preflight
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 05 Dec 2023 06:44:55 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0222 90 B
134 B 67ms
67ms XHR
application/json+protobuf 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07393a828ea807c63c7eb18d77e10ba7e03c5406556abd6460ab70ceeed934f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 05 Dec 2023 06:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 508 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcd9225b9818c4ab0636f4a8808f056873283f6b4e3fed7b4b0b9a3589cdec83

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 626caf211b150d21f5c20b05b378cb99540ae81d719b2af1cb1e29081704238d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 /
image.crisp.chat/avatar/operator/32b49a43-b01b-4f12-91ae-8d210566a95a/60/ 2 KB
2 KB 35ms
18ms Image
image/jpeg 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/avatar/operator/32b49a43-b01b-4f12-91ae-8d210566a95a/60/?1701707553105

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0646089a32cb714c08ea4b2562ae5c8ef877cf3f5ecfa48005e89c4f1094f135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 25553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1754
cf-bgj: h2pri
last-modified: Mon, 04 Dec 2023 02:07:56 GMT
server: cloudflare
etag: W/"6da-18c329504e7"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 830a52cf79ea30f6-FRA
expires: Fri, 02 Dec 2033 06:44:56 GMT

GET
H2 200 /
image.crisp.chat/process/thumbnail/ 1 KB
2 KB 34ms
17ms Image
image/jpeg 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/process/thumbnail/?url=https%3A%2F%2Fstorage.crisp.chat%2Fusers%2Favatar%2Foperator%2Ff05eabb43246e800%2Fwz-2_10oekpc.jpg&width=60&height=60&1701707553105

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e94b68e9eb17216e161cd5d69f203e74e86494b8c57d48160a3eb446574fed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 40773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1430
cf-bgj: h2pri
last-modified: Mon, 04 Dec 2023 17:24:20 GMT
server: cloudflare
etag: W/"596-18c35dc057b"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 830a52cf79f130f6-FRA
expires: Fri, 02 Dec 2033 06:44:56 GMT

GET
H2 200 /
image.crisp.chat/process/thumbnail/ 1 KB
2 KB 36ms
19ms Image
image/jpeg 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/process/thumbnail/?url=https%3A%2F%2Fstorage.crisp.chat%2Fusers%2Favatar%2Foperator%2F49f6c6740d147800%2Fwz-2_1i11smu.jpg&width=60&height=60&1701707553105

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e94b68e9eb17216e161cd5d69f203e74e86494b8c57d48160a3eb446574fed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1430
cf-bgj: h2pri
last-modified: Mon, 04 Dec 2023 23:02:21 GMT
server: cloudflare
etag: W/"596-18c37117aa7"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 830a52cf79ec30f6-FRA
expires: Fri, 02 Dec 2033 06:44:56 GMT

GET
H2 200 /
image.crisp.chat/avatar/website/1b116a5b-46cf-4ed0-8999-404a0b825f37/60/ 1 KB
2 KB 39ms
22ms Image
image/jpeg 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.crisp.chat/avatar/website/1b116a5b-46cf-4ed0-8999-404a0b825f37/60/?1701707553105

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d2d573fe2f2320385cfa39c5cb00048c012676639b91c0c27d60d78e5eacd04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://winz.ph/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 50501
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1512
cf-bgj: h2pri
last-modified: Sat, 02 Dec 2023 01:05:01 GMT
server: cloudflare
etag: W/"5e8-18c280eb277"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 830a52cf79ee30f6-FRA
expires: Fri, 02 Dec 2033 06:44:56 GMT

GET
DATA 200
OK truncated
/ 764 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5b32767b893aa35bec23319a725e6db8729383514c336925351ee4430b73eb0

Request headers

Referer
Origin: http://winz.ph
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 449 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28b6fc92e54e075015e01cf4fa3bd3fe256ffc69cda41d4978a5b6f3eb0fb9c5

Request headers

Referer
Origin: http://winz.ph
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 noto_sans_bold.woff2
client.crisp.chat/static/fonts/noto_sans/0020-007F/ 10 KB
10 KB 60ms
45ms Font
application/font-woff2 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_bold.woff2?2940d8d

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/stylesheets/client_default.css?2940d8d

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.crisp.chat/static/stylesheets/client_default.css?2940d8d
Origin: http://winz.ph
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10252
last-modified: Tue, 08 Aug 2023 12:01:16 GMT
server: cloudflare
etag: "64d22e8c-280c"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 830a52cf7d133a4f-FRA
access-control-allow-headers: Content-Type, Origin
expires: Fri, 02 Dec 2033 06:44:56 GMT

GET
H3 200 noto_sans_regular.woff2
client.crisp.chat/static/fonts/noto_sans/0020-007F/ 10 KB
10 KB 60ms
47ms Font
application/font-woff2 2606:4700:4400::ac40:994b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/fonts/noto_sans/0020-007F/noto_sans_regular.woff2?2940d8d

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/stylesheets/client_default.css?2940d8d

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:994b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.crisp.chat/static/stylesheets/client_default.css?2940d8d
Origin: http://winz.ph
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:44:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10340
last-modified: Tue, 08 Aug 2023 12:01:16 GMT
server: cloudflare
etag: "64d22e8c-2864"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 830a52cf7d113a4f-FRA
access-control-allow-headers: Content-Type, Origin
expires: Fri, 02 Dec 2033 06:44:56 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 0222 28 B
54 B 71ms
68ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
X-Goog-Request-Time: 1701758697239
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/qy12Q5JluKM?feature=oembed
X-YouTube-Client-Version: 1.20231128.01.01
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtuSVF4MVRyelcxSSjmjburBjIKCgJERRIEEgAgIA%3D%3D
X-YouTube-Ad-Signals: dt=1701758694743&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C959%2C539&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 05 Dec 2023 06:44:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Tue, 05 Dec 2023 06:44:57 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ZLyVTygeap4
.youtube.com/	1970-01-20 21:01:50	Name: VISITOR_INFO1_LIVE Value: nIQx1TrzW1I
.winz.ph/	1970-01-20 18:52:14	Name: _gcl_au Value: 1.1.249374011.1701758695
.winz.ph/	1970-01-21 02:18:38	Name: _ga_3QFXKV4T1P Value: GS1.1.1701758694.1.0.1701758694.0.0.0
.winz.ph/	1970-01-20 21:05:26	Name: crisp-client%2Fsession%2F1b116a5b-46cf-4ed0-8999-404a0b825f37 Value: session_621d0f22-8aab-4bf5-a325-ade318b5c57b
.winz.ph/	1970-01-21 02:18:38	Name: _ga_8ZN401MNS9 Value: GS1.1.1701758694.1.0.1701758694.0.0.0
.eskimi.com/	1970-01-20 17:25:50	Name: __eConsent Value: 1
.eskimi.com/	1970-01-20 17:25:50	Name: __eDId Value: 238817f8-f1e6-44b7-9f75-5e62986ebced
.eskimi.com/	1970-01-20 17:02:48	Name: __eP Value: 1
.winz.ph/	1970-01-21 02:18:38	Name: _ga Value: GA1.2.1535130109.1701758695
.winz.ph/	1970-01-20 16:44:05	Name: _gid Value: GA1.2.1741169293.1701758695
.winz.ph/	1970-01-20 16:42:38	Name: _gat_gtag_UA_146877195_6 Value: 1
.doubleclick.net/	1970-01-21 02:04:14	Name: IDE Value: AHWqTUlXcdGl5qB2iOd0ud-0w_lDppcniide6RQuTF230K4OtW-yUMTYVcwhGF-Z

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://winz.ph/(Line 325) Message: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

client.crisp.chat
dsp-ap.eskimi.com
dsp-media.eskimi.com
dsp-trk.eskimi.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
image.crisp.chat
jnn-pa.googleapis.com
lpgs.chatbro.com
region1.google-analytics.com
static.doubleclick.net
winz.ph
www.chatbro.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
142.250.185.98
2001:4860:4802:32::36
2400:52e0:1e00::1082:1
2606:4700:3031::ac43:93f7
2606:4700:3037::6815:47b4
2606:4700:3038::6815:eb39
2606:4700:3038::6815:eb3a
2606:4700:4400::ac40:994b
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2004
2a00:1450:4001:813::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2016
2a00:1450:4001:82f::2006
2a00:1450:4001:830::200a
34.120.139.69
35.186.201.99
0276e8edf4c48e4bab8f0390e72fbf402700eb81358040241114ecc114b9c200
0646089a32cb714c08ea4b2562ae5c8ef877cf3f5ecfa48005e89c4f1094f135
07393a828ea807c63c7eb18d77e10ba7e03c5406556abd6460ab70ceeed934f9
077ef76fae1abf80b13f5b6395cbc53cb018ecafd5fd233d016b8e748dfa8b99
098aa0179db8a6c425cddc29e8ce9b3529ea5bbdfc0aeab25b33ec3af2c3782e
0d2d573fe2f2320385cfa39c5cb00048c012676639b91c0c27d60d78e5eacd04
0e94b68e9eb17216e161cd5d69f203e74e86494b8c57d48160a3eb446574fed1
128ceae9ac3ac5fdd350865d943d2b70547723412faab7802abb98394ca23ca0
163a89e59b219649c013ead3230f372f0e7dca9c8ea0dc0463f991b671b14404
1de7d4a979a26446c9592ffe7be88f38e04ede3fc67f5dc2b9b355e321cca5c7
25108ee41f29b6fe6015c393bf16f17f8b58abdaf8f75794e6ae02f9a5e0e677
28b6fc92e54e075015e01cf4fa3bd3fe256ffc69cda41d4978a5b6f3eb0fb9c5
2c86bcaebf54969da5081c17c6901cbe19ac041b80a3abda6890708eb545cec3
2cc061085907c749f4f81a853ae49a331efe4fcd538da758a65bb855dd1dcd2d
3731a9e65e6dc75328635f86f88120e8e9a2f646cbbd2ee5c6c7c7068ab8ea8e
38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3efa3c6425365194636fb000719357c63e1dfed613742166e3f7a102cdf4f811
40ace2573dd480230565d5183d888874ad5d36288740220bb1b6f3a31d07f5be
436743ad0889ad9399a1f33edb65d8bf1c71cfbce1b0fce549769e7705c9ceec
45ea1febaa3bfa8f5c4711c1ed96c1971654f98d5bcc5cf69d90a555f79a0c9e
49a1e8f8d3760e1678c3f753539d5082078e6749598f1a46557f59e3de08623f
4c6329a84811954311b5424bbab6ac2dcc70441841a9b1fd441e3315cf540a2e
4d453a47ad0d1b30a7292b6f712d8645db141ed6adea69b8e7d802f8022365fd
5219344a8e439437ef17cca35c1b250323c7403d78f362fd969a8a217785b366
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
626caf211b150d21f5c20b05b378cb99540ae81d719b2af1cb1e29081704238d
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a3dd77dcb09b4dd4f21dc57d0babf83c04d10eedd13037572384179d30106e5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70da8653e844b60bc1f65dbc9615442c337ad10dd3c2ca5cdeb4066134113b5c
73d7d4ea3f62303b780f0225e5346e5047cfb41fcae7ac19e99af8a3e1950973
74d73ce62bf4e55531f706c6d6dcf8c7b95208101207e608d39c3296a6fa8ff4
75c8dd961325f7367f1b846efc96e829b6a3ebc03aebd108ad8f631ad28b872a
79f2854e912889da4ce0bb03aea158b084395b715de724ee24c08bf9b053a740
7c1fc1f22827f0dabf3486fdc286f1c909e7acc4b5999365b9328c36c18d17d7
83732a2d7c81839562e360b25a03adc8855b93553ce43fdf376055730a8a4b2f
8d238c993229cf80e21012245be30106bf34e7129a21a5526fe012a47fce7d8b
8de61c0334e5f7a5f0ba2b09fec287a55fd28d7751d7b82f6a9b54890a80989e
8debf919f9d44ba37fa60607809c029f16307d1b27d5472eccb2234563d713bc
9753320d9396dd9dad26d1a302f52838f2a8ec7e272c5205ca4a5b090e5d0ded
9c0427a0454dfcbe034be61a2e8102f418f0ed9b2cf4412b703210fabc2ef356
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
a2f63f18bbbe390a7a2d93c0f42bd05c549d856969ccba17ee2f1fc734a77f51
a80bd413f7dd15ff49d22ce8b5e99be2cea10ad2021f6408949ccf4d0a49191f
b32185ed6306738ecd224f11787e23d0b1c72ed3aa8b72cec075e6a8a0811f8d
b3e1d17f1bb9c1b8ac5e4f613d1c183986c3d8db4cd98ee44de0fae77407257f
b7372b629e997f9980d46c4dea3a384f8d1c9f2fcb21ad395711d14f80fda8c4
b7ac26cc635252b12278db01f4616403bd626ed7823fcf5e52576eeeff3b3548
bed43f1884a262e5c1b00c6543163d40e75b404c0185c5dd7b9d466b6117a8fc
c1f5ab0c2213c1ff03640aa2633307ac1521ad2203438ce9d00df6bde8affe5d
c3a372ef1038066f0824521cc1311800e87ad2c63878e29d9005713476ff4210
c65c22c8cb4efd276a5496ab38ea69988d7cdded6cf7a25f5d309b98aa07bb21
c96b08001d7b72d4e665499fb3aeffad7add1fc5e4cb7ab633efb91c7ce07549
cd4aa6c7764f573287eb53f17296a8d25bcc7260a9f2b175a17fd7be2d87bd21
d026f555341e85649cd2edd6848b55b6cedfcca0c62bba5099e69b62ea713e40
d3a9a479ed9dc3b090aa69c12b12ac5d18c7af9a27496423058fb174cfb0baba
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d813de68c702196d2eeaa7e2e5d55167638741533191d3e5038e329ac3f54940
da07573d15690333d7ce263144c84387c3e0a93ca316b9de23d1e6f3b792b8d5
dd2c965d51b2d9a45d8b57ff43986bbba3ee082f3067af349402253493117afb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0c22a31222b2016b64e5a3e168709bd3b535542612b32962bdacfed71c88660
e25b7d2a1a6c9bec3132e5148438872608a9e9c641a4390ceabbf3c334f54667
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b32767b893aa35bec23319a725e6db8729383514c336925351ee4430b73eb0
ecfc357ad95e64230925cfe8fc310394fe5c1b4385eb08354b8fec69af0d6966
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a18f64fabe4cc2356b36acec20e769ab2331a0009d597e6fed2f7db19ecd83
f74fcaf9c728521c218b7bf05a0bf7173b522e7769165c8f97fdf74734cf0907
fcd9225b9818c4ab0636f4a8808f056873283f6b4e3fed7b4b0b9a3589cdec83
fd5b1c7d7b8c992506be342eeb2660ed55da4d41231de087c41a2b050fa6c456

winz.ph Open in urlscan Pro 2606:4700:3031::ac43:93f7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

68 Requests

81 %HTTPS

86 %IPv6

15 Domains

22 Subdomains

23 IPs

2 Countries

2432 kBTransfer

7200 kBSize

13 Cookies

6 Outgoing links

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

winz.ph Open in urlscan Pro
2606:4700:3031::ac43:93f7 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

81 %
HTTPS

86 %
IPv6

15
Domains

22
Subdomains

23
IPs

2
Countries

2432 kB
Transfer

7200 kB
Size

13
Cookies

68 HTTP transactions
14 data transactions