wins.io Open in urlscan Pro
2606:4700:4400::6812:27bf Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://yern.finance/
Effective URL:
https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Submission: On January 19 via api (January 19th 2024, 7:02:26 pm UTC) from US — Scanned from DE

Summary HTTP 94 Redirects Behaviour Indicators

Summary

This website contacted 43 IPs in 10 countries across 50 domains to perform 94 HTTP transactions. The main IP is 2606:4700:4400::6812:27bf, located in United States and belongs to CLOUDFLARENET, US. The main domain is wins.io.
TLS certificate: Issued by GTS CA 1P5 on December 13th 2023. Valid for: 3 months.

This is the only time wins.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	54.67.42.145 54.67.42.145	16509 (AMAZON-02) (AMAZON-02)
1 1	188.114.96.9 188.114.96.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.18.38.141 104.18.38.141	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 34	2606:4700:440... 2606:4700:4400::6812:27bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	37.157.6.236 37.157.6.236	198622 (ADFORM) (ADFORM)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:440... 2606:4700:4400::ac40:9441	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2 12	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1	54.229.5.240 54.229.5.240	16509 (AMAZON-02) (AMAZON-02)
1	23.213.165.82 23.213.165.82	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.120.203.57 3.120.203.57	16509 (AMAZON-02) (AMAZON-02)
1	5.196.111.72 5.196.111.72	16276 (OVH) (OVH)
1	2607:ae80:4::26 2607:ae80:4::26	26558 (FREEWHEEL) (FREEWHEEL)
1	3.78.15.192 3.78.15.192	16509 (AMAZON-02) (AMAZON-02)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	77.243.51.122 77.243.51.122	42697 (NETIC-AS) (NETIC-AS)
3 4	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
3 3	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 4	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
5 5	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
1 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	54.75.58.229 54.75.58.229	16509 (AMAZON-02) (AMAZON-02)
2	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	54.217.93.219 54.217.93.219	16509 (AMAZON-02) (AMAZON-02)
1	52.218.98.35 52.218.98.35	16509 (AMAZON-02) (AMAZON-02)
5 6	62.141.38.122 62.141.38.122	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	91.210.226.72 91.210.226.72	48314 (IP-PROJECTS) (IP-PROJECTS)
1 1	139.162.147.24 139.162.147.24	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	80.85.85.173 80.85.85.173	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	52.209.60.100 52.209.60.100	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	65.9.66.43 65.9.66.43	16509 (AMAZON-02) (AMAZON-02)
2 3	52.16.166.255 52.16.166.255	16509 (AMAZON-02) (AMAZON-02)
2 2	52.49.110.165 52.49.110.165	16509 (AMAZON-02) (AMAZON-02)
1 1	18.185.146.45 18.185.146.45	16509 (AMAZON-02) (AMAZON-02)
2 2	3.76.149.124 3.76.149.124	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:211... 2600:9000:211e:2400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	52.29.105.89 52.29.105.89	16509 (AMAZON-02) (AMAZON-02)
94	43

2 54.67.42.145 (San Jose, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-67-42-145.us-west-1.compute.amazonaws.com

yern.finance	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cryptco.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.9 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

winzmedia.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.38.141 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

winz1.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.winz1.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2606:4700:4400::6812:27bf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

wins.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::ac40:9441 (United States)

ASN13335 (CLOUDFLARENET, US)

www.wins.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.157.6.243 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.5.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-5-240.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.165.82 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-82.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.203.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-203-57.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.196.111.72 (Lille, France)

ASN16276 (OVH, FR)
PTR: ip72.ip-5-196-111.eu

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:4::26 (United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.78.15.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-78-15-192.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.243.51.122 (Aalborg, Denmark) 3 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.51.121 (Aalborg, Denmark) 3 redirects

ASN42697 (NETIC-AS, DK)

se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.114.159.118 (Loerrach, Germany) 3 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.212 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.66 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.58.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-58-229.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.217.93.219 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-93-219.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.98.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 62.141.38.122 (Germany) 5 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm44.as.net

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.210.226.72 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.147.24 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: tags2.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.85.85.173 (London, United Kingdom) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li749-173.members.linode.com

cm.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.60.100 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-60-100.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-43.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.16.166.255 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-166-255.eu-west-1.compute.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.110.165 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-110-165.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.146.45 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-146-45.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.76.149.124 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-149-124.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:2400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.105.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-105-89.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	wins.io 2 redirects wins.io www.wins.io	1 MB
17	adform.net 2 redirects s2.adform.net — Cisco Umbrella Rank: 7060 a1.adform.net — Cisco Umbrella Rank: 11105 c1.adform.net — Cisco Umbrella Rank: 583 track.adform.net — Cisco Umbrella Rank: 5048 dmp.adform.net — Cisco Umbrella Rank: 3041	43 KB
7	adsafety.net 6 redirects cm.adsafety.net — Cisco Umbrella Rank: 20357 tags.adsafety.net — Cisco Umbrella Rank: 83214	12 KB
7	semasio.net 6 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1382 se.semasio.net — Cisco Umbrella Rank: 18095	4 KB
6	doubleclick.net 5 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	1 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 253 secure.adnxs.com — Cisco Umbrella Rank: 490	4 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2054	2 KB
3	adition.com 3 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2029	21 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 13701	629 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 875	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 239	1 KB
2	smartstream.tv 2 redirects ads.smartstream.tv — Cisco Umbrella Rank: 28629 cm.smartstream.tv — Cisco Umbrella Rank: 228371	1 KB
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 727	648 B
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 1780	957 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	1 KB
2	gstatic.com fonts.gstatic.com	50 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	169 KB
2	winz1.me 1 redirects winz1.me www.winz1.me	3 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2112	44 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 412	140 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 28504	49 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 662	238 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1376	163 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	1 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 357	149 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 544	492 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 23811	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 870	225 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 784	338 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 28921	407 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2043	264 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 853	264 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 451	98 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1074	344 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	146 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 562	636 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669	163 B
1	adscale.de ih.adscale.de — Cisco Umbrella Rank: 4137	38 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 477	214 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4474	235 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 698	199 B
1	seadform.net server.seadform.net — Cisco Umbrella Rank: 38442	466 B
1	google.de www.google.de — Cisco Umbrella Rank: 6518	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	408 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	1 KB
1	winzmedia.top 1 redirects winzmedia.top	616 B
1	cryptco.org 1 redirects cryptco.org	279 B
1	yern.finance 1 redirects yern.finance	267 B
94	50

	Domain	Requested by
34	wins.io	2 redirects www.winz1.me wins.io
9	c1.adform.net	2 redirects a1.adform.net c1.adform.net
6	cm.adsafety.net	5 redirects c1.adform.net
5	cm.g.doubleclick.net	5 redirects
4	se.semasio.net	3 redirects c1.adform.net
4	www.wins.io	wins.io
3	dmp.adform.net	c1.adform.net
3	a.audrte.com	2 redirects c1.adform.net
3	secure.adnxs.com	2 redirects c1.adform.net
3	dsp.adfarm1.adition.com	3 redirects
3	uipglob.semasio.net	3 redirects
3	a1.adform.net	s2.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	tags.bluekai.com	c1.adform.net
2	loadm.exelator.com	1 redirects c1.adform.net
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	www.google-analytics.com	www.googletagmanager.com wins.io
2	fonts.gstatic.com	wins.io
2	www.googletagmanager.com	wins.io www.googletagmanager.com
1	e1.emxdgt.com	c1.adform.net
1	eb2.3lift.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	match.adsrvr.org	c1.adform.net
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	cm.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	ads.smartstream.tv	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	sync.crwdcntrl.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	ib.adnxs.com	1 redirects
1	x.bidswitch.net	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	ih.adscale.de	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	ad.360yield.com	c1.adform.net
1	track.adform.net	a1.adform.net
1	server.seadform.net	wins.io
1	www.google.de	wins.io
1	www.google.com	wins.io
1	stats.g.doubleclick.net	wins.io
1	region1.google-analytics.com	www.googletagmanager.com
1	s2.adform.net	wins.io
1	fonts.googleapis.com	wins.io
1	www.winz1.me
1	winz1.me	1 redirects
1	winzmedia.top	1 redirects
1	cryptco.org	1 redirects
1	yern.finance	1 redirects
94	62

This site contains no links.

Subject Issuer	Validity	Valid
www.winz1.me E1	`2023-12-08` - `2024-03-07`	3 months	crt.sh
wins.io GTS CA 1P5	`2023-12-13` - `2024-03-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-08`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adscale.de Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2023-10-08` - `2024-11-06`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-11-20` - `2024-12-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Frame ID: BE74FE04C8D485FB25F9B9A9A02CF86A
Requests: 50 HTTP requests in this frame

Frame: https://a1.adform.net/serving/container/?pm=2449758&lid=109409460&ctype=0&media=0&PageName=sps_retargeting&rnd=1095749394&cpref=https%3a%2f%2fwww.winz1.me%2f&loc=https%3a%2f%2fwins.io%2fl%2fwelcome_wheel%2f%3fstag%3d120152_65aac73c36d10fc7f31016e0%26__layerref%3d
Frame ID: 79C4C7F5F1DE35557B021BBE16CA3AB9
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Frame ID: A92EB826FFFB536330DDD790CC6462B3
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Winz.io Casino: Spin the wheel to win $5,000!

Page URL History Show full URLs

http://yern.finance/ HTTP 302
http://cryptco.org/ HTTP 302
https://winzmedia.top/a91ebf3ae HTTP 302
https://winz1.me/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0 HTTP 301
https://www.winz1.me/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0 Page URL
https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref= Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

94
Requests

84 %
HTTPS

21 %
IPv6

50
Domains

62
Subdomains

43
IPs

10
Countries

1426 kB
Transfer

2944 kB
Size

54
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://yern.finance/ HTTP 302
http://cryptco.org/ HTTP 302
https://winzmedia.top/a91ebf3ae HTTP 302
https://winz1.me/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0 HTTP 301
https://www.winz1.me/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0 Page URL
https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://yern.finance/ HTTP 302
http://cryptco.org/ HTTP 302
https://winzmedia.top/a91ebf3ae HTTP 302
https://winz1.me/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0 HTTP 301
https://www.winz1.me/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0

Request Chain 10

https://wins.io/api/info/currencies HTTP 302
https://www.wins.io/api/info/currencies

Request Chain 11

https://wins.io/api/current_ip HTTP 302
https://www.wins.io/api/current_ip

Request Chain 62

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9091491143578068788&expiration=1706900542 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9091491143578068788&expiration=1706900542&C=1

Request Chain 63

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=9091491143578068788&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=9091491143578068788&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=9091491143578068788&gdpr=&sInitiator=external HTTP 302
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/647471?sExtCookieId=7325886812993157279&sInitiator=internal&gdpr= HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=988804950717989738&sInitiator=internal&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=NTlBQjZEMkE2MkVFNEI5Nw&gdpr= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEElnCmVg-ffR5aHIK7jWMZc&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEElnCmVg-ffR5aHIK7jWMZc&sInitiator=internal&google_cver=1&gdpr=

Request Chain 65

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=9091491143578068788 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=9091491143578068788&xl8blockcheck=1

Request Chain 70

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 71

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=9091491143578068788 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM1202401191973d42ac3a9bcd88673b&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=21e86557c5ad7eaefc3bf39e1b3e141a&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyNDAxMTkxOTczZDQyYWMzYTliY2Q4ODY3M2I&gdpr_consent=&gdpr=0 HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEIHUdClI-LZSTKHG0cg5dxM&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM1202401191973d42ac3a9bcd88673b&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&gdpr=0&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=21e86557c5ad7eaefc3bf39e1b3e141a HTTP 302
https://dsp.adfarm1.adition.com/cookie/?ssp=6 HTTP 302
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7325886812993157279 HTTP 302
https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7325886812993157279 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM1202401191973d42ac3a9bcd88673b HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=9091491143578068788

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=OTA5MTQ5MTE0MzU3ODA2ODc4OA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=OTA5MTQ5MTE0MzU3ODA2ODc4OA&google_tc= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJx_U8zp1lYMbtbXdgUHy2M&google_cver=1&google_ula=1641347,0

Request Chain 75

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=988804950717989738&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=9091491143578068788

Request Chain 78

https://a.audrte.com/a?adform_uid=9091491143578068788 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZmI4cktjSGplaTJRRHVjeXVhLVpWbHJiQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 79

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=9091491143578068788&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=9091491143578068788&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=91099169210831512863092464273828205285&noredirect=1

Request Chain 80

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=9091491143578068788 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216563104766004044236

Request Chain 81

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7325886812991191195

Request Chain 83

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=wC80ASxr1RqU8e5

Request Chain 86

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=132885632 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=rfyFfz1YKRKe66tEHbK2.e

94 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
www.winz1.me/l/welcome_wheel/
Redirect Chain

http://yern.finance/
http://cryptco.org/
https://winzmedia.top/a91ebf3ae
https://winz1.me/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0
https://www.winz1.me/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0

5 KB
2 KB

164ms
124ms

Document
text/html

104.18.38.141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winz1.me/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.38.141 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d781d937704c06da03d78b57c9d4b2010483977f5d4cf0ee04a96b7658abd9b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 848154db3ef99208-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 19 Jan 2024 19:02:20 GMT
etag: W/"507995cb5a53bcb8b66828afee5d740a"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8yfooPxSsJT47M4Lmvrx%2FXiXNyVyPGmPJSJq31IqpExZERQtNyfiAO10Q21WO7Dgbm4sqtX%2FT8jKwi8LCqpmZo590s0qwyqIvWUvoIQBDluv1DBxO%2FRLF04dralHpQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

cache-control: max-age=3600
cf-ray: 848154dada7a1ca9-FRA
date: Fri, 19 Jan 2024 19:02:20 GMT
expires: Fri, 19 Jan 2024 20:02:20 GMT
location: https://www.winz1.me/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0
server: cloudflare
vary: Accept-Encoding

GET
H2 200 favicon.png
wins.io/resources/images/ 12 KB
12 KB 100ms
59ms Image
image/png 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wins.io/resources/images/favicon.png?1705690940816

Requested by

Host: www.winz1.me
URL: https://www.winz1.me/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.winz1.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:20 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
content-length: 12456
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Oct 2023 06:42:08 GMT
server: cloudflare
etag: W/"30a8-18b18524ba4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=5184000
accept-ranges: bytes
cf-ray: 848154dc5c77bbad-FRA
expires: Tue, 19 Mar 2024 19:02:20 GMT

GET
H2 200 Primary Request / Show response
wins.io/l/welcome_wheel/ 10 KB
2 KB 47ms
47ms Document
text/html 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Requested by: Host: www.winz1.me
URL: https://www.winz1.me/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 408eda4afcd3e1e7434bd93fd5282baeaaaad6bfe0c3024f35229b3fe3b6cf7f

Request headers

Referer: https://www.winz1.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=5184000
cf-cache-status: DYNAMIC
cf-ray: 848154dccd1ebbad-FRA
content-encoding: gzip
content-type: text/html
date: Fri, 19 Jan 2024 19:02:20 GMT
expires: Tue, 19 Mar 2024 19:02:20 GMT
last-modified: Fri, 08 Dec 2023 12:54:36 GMT
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 181ms
33ms Font
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:300,400,500,700

Requested by

Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f0557d2a1bea048a13650fab57f2665ac5acb3995c72be792a894486d205671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wins.io/
Origin: https://wins.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 17:28:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jan 2024 19:02:21 GMT

GET
H2 200 runtime.62cb7e8778da6c75.js Show response
wins.io/l/welcome_wheel/ 1 KB
738 B 66ms
66ms Script
application/javascript 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wins.io/l/welcome_wheel/runtime.62cb7e8778da6c75.js
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7067f8d1e4258aa5c7461fb813faba3fac1e53988b5380b1c12ce43e01e28680

Request headers

Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Origin: https://wins.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 08 Dec 2023 12:54:37 GMT
server: cloudflare
etag: W/"6573120d-42a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 848154dd1d91bbad-FRA
expires: Fri, 26 Jan 2024 19:02:21 GMT

GET
H2 200 polyfills.3f07d1feb00df8b0.js Show response
wins.io/l/welcome_wheel/ 33 KB
13 KB 67ms
67ms Script
application/javascript 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wins.io/l/welcome_wheel/polyfills.3f07d1feb00df8b0.js
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dce92ec8ec03253675e8ba935359cf12e3af7f805607f5a24ad913d7bf68b94

Request headers

Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Origin: https://wins.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 08 Dec 2023 12:54:37 GMT
server: cloudflare
etag: W/"6573120d-8457"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 848154dd1d92bbad-FRA
expires: Fri, 26 Jan 2024 19:02:21 GMT

GET
H2 200 main.57748e82d0ac3975.js Show response
wins.io/l/welcome_wheel/ 202 KB
73 KB 65ms
65ms Script
application/javascript 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wins.io/l/welcome_wheel/main.57748e82d0ac3975.js
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6e7bc2150046aeed4f8ae19c30191b515e62e10642896aeb340bb3a920539a3

Request headers

Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Origin: https://wins.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 08 Dec 2023 12:54:36 GMT
server: cloudflare
etag: W/"6573120c-32603"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 848154dd1d93bbad-FRA
expires: Fri, 26 Jan 2024 19:02:21 GMT

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
31 KB 160ms
22ms Script
application/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx000004a99d1e4c6dfecaa-00646c8ee1-32950a49-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 216 KB
75 KB 168ms
31ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KMK34SR

Requested by

Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

497f1153ead42e825592580788eaff8b23bbdec92ee70a0df3d932ff325c6908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76449
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Jan 2024 19:02:21 GMT

GET
H2 200 styles.2498e3cc448b9113.css
wins.io/l/welcome_wheel/ 2 KB
789 B 46ms
46ms Stylesheet
text/css 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wins.io/l/welcome_wheel/styles.2498e3cc448b9113.css
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f16f3a81dc5a0f04673ee011a0fe07024bc6a811eaf48300b20aeb74ac936648

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 08 Dec 2023 12:54:36 GMT
server: cloudflare
etag: W/"6573120c-665"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=5184000
cf-ray: 848154dd1da7bbad-FRA
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2 200 iJWKBXyIfDnIV7nBrXyw023e.woff2
fonts.gstatic.com/s/rubik/v28/ 34 KB
35 KB 112ms
24ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXyw023e.woff2

Requested by

Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

add2474dc337e3ccd718e7052da920b3aa81a274c599131ce65e376d9ba36623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wins.io/
Origin: https://wins.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:03:51 GMT
x-content-type-options: nosniff
age: 269910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35320
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:18:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 16:03:51 GMT

GET
H2

200

currencies Show response
www.wins.io/api/info/
Redirect Chain

https://wins.io/api/info/currencies
https://www.wins.io/api/info/currencies

3 KB
794 B

34ms
33ms

XHR
application/vnd.softswiss.v1+json

2606:4700:4400::ac40:9441
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wins.io/api/info/currencies

Requested by

Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=

Protocol

Server

2606:4700:4400::ac40:9441 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fe09532698793679fd89e20bb0cc4f59bcece52defc4d4b412e48b89dc0abfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-softswiss-media-type: softswiss.v1
x-xss-protection: 1; mode=block
x-request-id: 848154de782b30e4-FRA
x-runtime: 0.006581
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3fe09532698793679fd89e20bb0cc4f5"
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://wins.io
access-control-expose-headers: Location
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-type: application/vnd.softswiss.v1+json; charset=utf-8
vary: Origin
cf-ray: 848154de782b30e4-FRA

Redirect headers

date: Fri, 19 Jan 2024 19:02:21 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: text/html
location: https://www.wins.io/api/info/currencies
cache-control: max-age=5184000
cf-ray: 848154dddea0bbad-FRA
content-length: 170
x-xss-protection: 1; mode=block
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2

200

current_ip Show response
www.wins.io/api/
Redirect Chain

https://wins.io/api/current_ip
https://www.wins.io/api/current_ip

97 B
214 B

28ms
27ms

XHR
application/json

2606:4700:4400::ac40:9441
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wins.io/api/current_ip
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Server: 2606:4700:4400::ac40:9441 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9db8be7094bba6ff2aba0cfb3b24cea93111f3a5f8a430658ca3922f686ddb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-runtime: 0.001269
date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://wins.io
access-control-expose-headers: Location
access-control-allow-credentials: true
content-type: application/json
cf-ray: 848154de782d30e4-FRA
x-request-id: 848154de782d30e4-FRA

Redirect headers

date: Fri, 19 Jan 2024 19:02:21 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: text/html
location: https://www.wins.io/api/current_ip
cache-control: max-age=5184000
cf-ray: 848154dddea1bbad-FRA
content-length: 170
x-xss-protection: 1; mode=block
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2 200 config.json Show response
wins.io//l/welcome_wheel//assets/ 4 KB
2 KB 45ms
45ms XHR
application/json 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wins.io//l/welcome_wheel//assets/config.json
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/polyfills.3f07d1feb00df8b0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32911eed50f32c16bc510c89674b8af9961796826a1224fa8c4cb465e13cdafa

Request headers

Accept: application/vnd.softswiss.v1+json
Cache-control: no-cache
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 14 Jun 2023 13:02:38 GMT
server: cloudflare
etag: W/"6489ba6e-1180"
content-type: application/json
access-control-allow-origin: *
cf-ray: 848154dddea2bbad-FRA

GET
H2 200 logo.svg
wins.io/l/welcome_wheel/assets/images/ 34 KB
14 KB 79ms
79ms Image
image/svg+xml 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins.io/l/welcome_wheel/assets/images/logo.svg
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d1c37a4c7f71f426b6747d35b727362e541c08b4b4922b062105a51f04c339b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 21 Dec 2022 10:10:07 GMT
server: cloudflare
etag: W/"63a2db7f-88b9"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=5184000
cf-ray: 848154ddeeabbbad-FRA
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2 200 crypto-icons-desktop.svg
wins.io/l/welcome_wheel/assets/images/ 10 KB
4 KB 73ms
72ms Image
image/svg+xml 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins.io/l/welcome_wheel/assets/images/crypto-icons-desktop.svg
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7517558d04f390913070406e062326b9551598d4c3b2c0bb498d977bd2acfd9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 21 Dec 2022 10:10:06 GMT
server: cloudflare
etag: W/"63a2db7e-26da"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=5184000
cf-ray: 848154ddeeaebbad-FRA
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2 200 crypto-icons.svg
wins.io/l/welcome_wheel/assets/images/ 10 KB
4 KB 81ms
80ms Image
image/svg+xml 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins.io/l/welcome_wheel/assets/images/crypto-icons.svg
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4827d72113686f3d792ee354fa9e218a9ec68ba35b918cfc1695ed89552734b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 21 Dec 2022 10:10:06 GMT
server: cloudflare
etag: W/"63a2db7e-2645"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=5184000
cf-ray: 848154ddeeb1bbad-FRA
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2 200 footer-icons.png
wins.io/l/welcome_wheel/assets/images/ 6 KB
6 KB 50ms
50ms Image
image/png 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins.io/l/welcome_wheel/assets/images/footer-icons.png
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f98b409dac6ab01f7f5a59732a2759490a9077d51169dc692a8457c318d87932

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
cf-cache-status: MISS
last-modified: Wed, 21 Dec 2022 10:10:06 GMT
server: cloudflare
etag: "63a2db7e-1760"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=5184000
accept-ranges: bytes
cf-ray: 848154ddeeb2bbad-FRA
content-length: 5984
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2 200 check.svg
wins.io/l/welcome_wheel/assets/images/ 1 KB
715 B 71ms
71ms Image
image/svg+xml 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins.io/l/welcome_wheel/assets/images/check.svg
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab201718371815cc601198afbe933a672ac787582f5894ddc19d5a3f060b5d7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 21 Dec 2022 10:10:07 GMT
server: cloudflare
etag: W/"63a2db7f-44a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=5184000
cf-ray: 848154ddeeb3bbad-FRA
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2 200 offer-top-line.2e5c0ab24c408abe.svg
wins.io/l/welcome_wheel/ 599 B
422 B 56ms
56ms Image
image/svg+xml 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins.io/l/welcome_wheel/offer-top-line.2e5c0ab24c408abe.svg
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26642fb731a8aa7daa296d201d980e4da3df964deb70c2575e834076fb2f8685

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 08 Dec 2023 12:54:36 GMT
server: cloudflare
etag: W/"6573120c-257"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=5184000
cf-ray: 848154ddeeb4bbad-FRA
expires: Tue, 19 Mar 2024 19:02:21 GMT

OPTIONS
H2 200 currencies
www.wins.io/api/info/ Frame 0
0 74ms
26ms Preflight 2606:4700:4400::ac40:9441
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wins.io/api/info/currencies
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9441 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type
Access-Control-Request-Method: GET
Origin: https://wins.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: cache-control,content-type
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://wins.io
access-control-expose-headers: Location
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 848154de4fcc30e4-FRA
date: Fri, 19 Jan 2024 19:02:21 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-request-id: 848154de4fcc30e4-FRA
x-runtime: 0.000165

GET
H2 200 medal-1.svg
wins.io/l/welcome_wheel/assets/images/ 9 KB
4 KB 60ms
60ms Image
image/svg+xml 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins.io/l/welcome_wheel/assets/images/medal-1.svg
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60564c3d953725bed0df56e75a83aab7eec03a62e0cb3a379060fd1f1acff191

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 21 Dec 2022 10:10:07 GMT
server: cloudflare
etag: W/"63a2db7f-24f3"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=5184000
cf-ray: 848154de2f1dbbad-FRA
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2 200 medal-2.svg
wins.io/l/welcome_wheel/assets/images/ 8 KB
3 KB 31ms
30ms Image
image/svg+xml 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins.io/l/welcome_wheel/assets/images/medal-2.svg
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ac3a26a0d7ba2e15ba52097dd937fb122705250bda26ca076315620eb864948

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 21 Dec 2022 10:10:07 GMT
server: cloudflare
age: 775457
etag: W/"63a2db7f-1fbf"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=5184000
cf-ray: 848154de2f21bbad-FRA
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2 200 medal-3.svg
wins.io/l/welcome_wheel/assets/images/ 9 KB
3 KB 66ms
66ms Image
image/svg+xml 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins.io/l/welcome_wheel/assets/images/medal-3.svg
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 256aea5fd2bc07c39bc6bf5fe75ec725cce38f0f9aeb4c847b9b35d10584c2a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 21 Dec 2022 10:10:07 GMT
server: cloudflare
etag: W/"63a2db7f-22d6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=5184000
cf-ray: 848154de2f23bbad-FRA
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2 200 player-postfix.svg
wins.io/l/welcome_wheel/assets/images/ 454 B
374 B 59ms
58ms Image
image/svg+xml 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins.io/l/welcome_wheel/assets/images/player-postfix.svg
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af125caf2d6d556c3aa6fc5033ff73767f1e9563f4297bc42e3bad1578ee96b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 21 Dec 2022 10:10:06 GMT
server: cloudflare
etag: W/"63a2db7e-1c6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=5184000
cf-ray: 848154de2f28bbad-FRA
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2 200 wheel_d_p.png
wins.io/l/welcome_wheel/assets/images/ 112 KB
112 KB 67ms
67ms Image
image/png 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins.io/l/welcome_wheel/assets/images/wheel_d_p.png
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c386561c7ef1c95c844c68afa17b2f0faf6260834f29b2b1c42829fd7e9f598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
cf-cache-status: MISS
last-modified: Tue, 24 Jan 2023 09:43:29 GMT
server: cloudflare
etag: "63cfa841-1bef0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=5184000
accept-ranges: bytes
cf-ray: 848154de2f2abbad-FRA
content-length: 114416
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2 206 wheel_d.mp4
wins.io/l/welcome_wheel/assets/images/ 64 KB
0 99ms
99ms Media
video/mp4 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wins.io/l/welcome_wheel/assets/images/wheel_d.mp4
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
cf-cache-status: MISS
last-modified: Thu, 18 May 2023 04:41:15 GMT
server: cloudflare
etag: "6465ac6b-a8c80"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-691327/691328
cache-control: public, max-age=14400
cf-ray: 848154de3f2ebbad-FRA
Content-Length: 691328
expires: Fri, 19 Jan 2024 23:02:21 GMT

GET
H2 200 spin_bg.webp
wins.io/l/welcome_wheel/assets/images/ 54 KB
54 KB 25ms
23ms Image
image/webp 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins.io/l/welcome_wheel/assets/images/spin_bg.webp
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ced279b0ff276d9663310b0442430e4e147db0a8affdc11894e4892952065590

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
cf-cache-status: HIT
last-modified: Wed, 21 Dec 2022 10:10:06 GMT
server: cloudflare
age: 349048
etag: "63a2db7e-d7e2"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=5184000
accept-ranges: bytes
cf-ray: 848154de3f31bbad-FRA
content-length: 55266
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2 200 ask-gamblers.99aa4e15ef019b32.svg
wins.io/l/welcome_wheel/ 13 KB
5 KB 67ms
67ms Image
image/svg+xml 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins.io/l/welcome_wheel/ask-gamblers.99aa4e15ef019b32.svg
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e73ee5c40224bac2c3a08f085b8f80a88c5a74a0d19d303fde27b46bf0ffc01f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 08 Dec 2023 12:54:35 GMT
server: cloudflare
etag: W/"6573120b-33f7"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=5184000
cf-ray: 848154de3f34bbad-FRA
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2 200 p1-min.be18a4d712afaad4.png
wins.io/l/welcome_wheel/ 13 KB
14 KB 65ms
65ms Image
image/png 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins.io/l/welcome_wheel/p1-min.be18a4d712afaad4.png
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee028c5e3a2d32a497516438c5382f734e1c66b2ccac6231701d2ce4a115381e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Dec 2023 12:54:35 GMT
server: cloudflare
etag: "6573120b-35ae"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=5184000
accept-ranges: bytes
cf-ray: 848154de3f35bbad-FRA
content-length: 13742
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2 200 players-bg-q.2a5ab8290500e9e3.svg
wins.io/l/welcome_wheel/ 409 B
346 B 61ms
60ms Image
image/svg+xml 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins.io/l/welcome_wheel/players-bg-q.2a5ab8290500e9e3.svg
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82e1421866e06b46d663b15d58432ce3e23dd482ac4da510b95b81ad63fc1879

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 08 Dec 2023 12:54:37 GMT
server: cloudflare
etag: W/"6573120d-199"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=5184000
cf-ray: 848154de3f36bbad-FRA
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2 200 p2-min.c5538c146afefb06.png
wins.io/l/welcome_wheel/ 15 KB
15 KB 70ms
70ms Image
image/png 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins.io/l/welcome_wheel/p2-min.c5538c146afefb06.png
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02ee7889dc20ab49a618aaaa436515e6560f96cec9dd632bb0450da6c4fcae3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Dec 2023 12:54:36 GMT
server: cloudflare
etag: "6573120c-3c15"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=5184000
accept-ranges: bytes
cf-ray: 848154de3f38bbad-FRA
content-length: 15381
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2 200 p3-min.57ffad931f39b4cb.png
wins.io/l/welcome_wheel/ 16 KB
17 KB 66ms
66ms Image
image/png 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins.io/l/welcome_wheel/p3-min.57ffad931f39b4cb.png
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 155473da394e2f8499db8b3e90646afe6e271dac2412b2d3419b7bc45e285bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Dec 2023 12:54:37 GMT
server: cloudflare
etag: "6573120d-41f9"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=5184000
accept-ranges: bytes
cf-ray: 848154de3f3abbad-FRA
content-length: 16889
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2 200 p4-min.33be8ccf2e3a59b8.png
wins.io/l/welcome_wheel/ 22 KB
22 KB 25ms
25ms Image
image/png 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wins.io/l/welcome_wheel/p4-min.33be8ccf2e3a59b8.png
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40d6ba1c51d31bda79b2f72ca984027033f2a6b04241eb68b5c15d70346dcfa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Dec 2023 12:54:36 GMT
server: cloudflare
age: 349048
etag: "6573120c-57e2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=5184000
accept-ranges: bytes
cf-ray: 848154de3f3bbbad-FRA
content-length: 22498
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2 200 iJWKBXyIfDnIV7nFrXyw023e1Ik.woff2
fonts.gstatic.com/s/rubik/v28/ 15 KB
15 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nFrXyw023e1Ik.woff2

Requested by

Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64e028da4b57b5396b018a843b464c9d8348494f42d04e8282a476c0f68cee82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wins.io/
Origin: https://wins.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 05:26:32 GMT
x-content-type-options: nosniff
age: 308149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15084
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:48:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 05:26:32 GMT

OPTIONS
H2 200 current_ip
www.wins.io/api/ Frame 0
0 32ms
27ms Preflight 2606:4700:4400::ac40:9441
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wins.io/api/current_ip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9441 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type
Access-Control-Request-Method: GET
Origin: https://wins.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: cache-control,content-type
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://wins.io
access-control-expose-headers: Location
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 848154de4fd130e4-FRA
date: Fri, 19 Jan 2024 19:02:21 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-request-id: 848154de4fd130e4-FRA
x-runtime: 0.000178

GET
H2 206 wheel_m.mp4
wins.io/l/welcome_wheel/assets/images/ 638 KB
0 57ms
57ms Media
video/mp4 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wins.io/l/welcome_wheel/assets/images/wheel_m.mp4
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
cf-cache-status: MISS
last-modified: Mon, 31 Jul 2023 07:43:30 GMT
server: cloudflare
etag: "64c76622-c8ce2"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-822497/822498
cache-control: public, max-age=14400
cf-ray: 848154de4f4fbbad-FRA
Content-Length: 822498
expires: Fri, 19 Jan 2024 23:02:21 GMT

GET
H2 200 / Show response
a1.adform.net/Serving/TrackPoint/ 848 B
1 KB 399ms
290ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?pm=2449758&ADFPageName=sps_retargeting&ADFdivider=%7C&ord=349215898123&ADFtpmode=2&loc=https%3A%2F%2Fwins.io%2Fl%2Fwelcome_wheel%2F%3Fstag%3D120152_65aac73c36d10fc7f31016e0%26__layerref%3D&CPref=https%3A%2F%2Fwww.winz1.me%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

45a8579ac938803dba8def656f384335ef5e5a8b405617b7100f6a10e5554f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 524
expires: -1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 329ms
13ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMK34SR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 Jan 2024 17:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4452
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 19 Jan 2024 19:48:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 288 KB
94 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QSBV6CNL1J&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMK34SR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc1237b112d965e16ce2d6becd40d36015f27261dfce4d3f5a1dfd2335b3919a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96144
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 Jan 2024 19:02:21 GMT

GET
H2 200 check.svg
wins.io/assets/images/ 1 KB
813 B 73ms
73ms Image
image/svg+xml 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wins.io/assets/images/check.svg

Requested by

Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ab201718371815cc601198afbe933a672ac787582f5894ddc19d5a3f060b5d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 10 Oct 2023 06:42:08 GMT
server: cloudflare
x-powered-by: Express
etag: W/"44a-18b18524b9c"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=5184000
cf-ray: 848154decfd7bbad-FRA
x-xss-protection: 1; mode=block
expires: Tue, 19 Mar 2024 19:02:21 GMT

GET
H2 206 wheel_d.mp4
wins.io/l/welcome_wheel/assets/images/ 127 KB
0 48ms
48ms Media
video/mp4 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wins.io/l/welcome_wheel/assets/images/wheel_d.mp4
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=65536-

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
cf-cache-status: HIT
last-modified: Thu, 18 May 2023 04:41:15 GMT
server: cloudflare
age: 0
etag: "6465ac6b-a8c80"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 65536-691327/691328
cache-control: public, max-age=14400
cf-ray: 848154df185abbad-FRA
Content-Length: 625792
expires: Fri, 19 Jan 2024 23:02:21 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
239 B 58ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QSBV6CNL1J&gtm=45je41h0v899012826z8830096661&_p=1705690940976&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=697116644.1705690941&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705690941&sct=1&seg=0&dl=https%3A%2F%2Fwins.io%2Fl%2Fwelcome_wheel%2F%3Fstag%3D120152_65aac73c36d10fc7f31016e0%26__layerref%3D&dr=https%3A%2F%2Fwww.winz1.me%2F&dt=Winz.io%20Casino%3A%20Spin%20the%20wheel%20to%20win%20%245%2C000!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=406
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QSBV6CNL1J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wins.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 wheel_d.mp4
wins.io/l/welcome_wheel/assets/images/ 64 KB
0 27ms
27ms Media
video/mp4 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wins.io/l/welcome_wheel/assets/images/wheel_d.mp4
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=163840-

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
cf-cache-status: HIT
last-modified: Thu, 18 May 2023 04:41:15 GMT
server: cloudflare
age: 0
etag: "6465ac6b-a8c80"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 163840-691327/691328
cache-control: public, max-age=14400
cf-ray: 848154df5897bbad-FRA
Content-Length: 527488
expires: Fri, 19 Jan 2024 23:02:21 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
203 B 26ms
25ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=530006568&t=pageview&_s=1&dl=https%3A%2F%2Fwins.io%2Fl%2Fwelcome_wheel%2F%3Fstag%3D120152_65aac73c36d10fc7f31016e0%26__layerref%3D&dr=https%3A%2F%2Fwww.winz1.me%2F&ul=en-us&de=UTF-8&dt=Winz.io%20Casino%3A%20Spin%20the%20wheel%20to%20win%20%245%2C000!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=691236394&gjid=972930590&cid=697116644.1705690941&tid=UA-152826195-1&_gid=708880007.1705690942&_r=1&_slc=1&gtm=45He41h0n81KMK34SRv830096661&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=343309068

Requested by

Host: wins.io
URL: https://wins.io/l/welcome_wheel/polyfills.3f07d1feb00df8b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wins.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wins.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
a1.adform.net/Serving/TrackPoint/ 1 KB
1 KB 727ms
726ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2449758&ADFPageName=sps_retargeting&ADFdivider=%7C&ord=349215898123&ADFtpmode=2&loc=https%3A%2F%2Fwins.io%2Fl%2Fwelcome_wheel%2F%3Fstag%3D120152_65aac73c36d10fc7f31016e0%26__layerref%3D&CPref=https%3A%2F%2Fwww.winz1.me%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24&frpid=1583244514594614974

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94155da02921511bed7e772e7276106531af0470f215bae16550935f9d0fc299

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 876
expires: -1

GET
H2 206 wheel_m.mp4
wins.io/l/welcome_wheel/assets/images/ 195 KB
196 KB 18ms
18ms Media
video/mp4 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wins.io/l/welcome_wheel/assets/images/wheel_m.mp4
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0360e59f329ae5ac2d0d5a0710126e633bbd7f2630301a6b3f502c86519b978

Request headers

Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=622592-

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
cf-cache-status: HIT
last-modified: Mon, 31 Jul 2023 07:43:30 GMT
server: cloudflare
age: 0
etag: "64c76622-c8ce2"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 622592-822497/822498
cache-control: public, max-age=14400
cf-ray: 848154e10abbbbad-FRA
Content-Length: 199906
expires: Fri, 19 Jan 2024 23:02:21 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
343 B 164ms
19ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-152826195-1&cid=697116644.1705690941&jid=691236394&gjid=972930590&_gid=708880007.1705690942&_u=YADAAEAAAAAAACAAI~&z=58038055

Requested by

Host: wins.io
URL: https://wins.io/l/welcome_wheel/polyfills.3f07d1feb00df8b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wins.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 19 Jan 2024 19:02:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wins.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 wheel_d.mp4
wins.io/l/welcome_wheel/assets/images/ 547 KB
548 KB 18ms
18ms Media
video/mp4 2606:4700:4400::6812:27bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wins.io/l/welcome_wheel/assets/images/wheel_d.mp4
Requested by: Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9f9141289ea1841e4541b2c4ad93234fe9680f560e6901a5df783cc702f2baf

Request headers

Referer: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=131072-

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
cf-cache-status: HIT
last-modified: Thu, 18 May 2023 04:41:15 GMT
server: cloudflare
age: 0
etag: "6465ac6b-a8c80"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 131072-691327/691328
cache-control: public, max-age=14400
cf-ray: 848154e18b80bbad-FRA
Content-Length: 560256
expires: Fri, 19 Jan 2024 23:02:21 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 95ms
38ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-152826195-1&cid=697116644.1705690941&jid=691236394&_u=YADAAEAAAAAAACAAI~&z=1232691175

Requested by

Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 77ms
42ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-152826195-1&cid=697116644.1705690941&jid=691236394&_u=YADAAEAAAAAAACAAI~&z=1232691175

Requested by

Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
a1.adform.net/serving/container/ Frame 79C4 996 B
1 KB 26ms
25ms Document
text/html 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/serving/container/?pm=2449758&lid=109409460&ctype=0&media=0&PageName=sps_retargeting&rnd=1095749394&cpref=https%3a%2f%2fwww.winz1.me%2f&loc=https%3a%2f%2fwins.io%2fl%2fwelcome_wheel%2f%3fstag%3d120152_65aac73c36d10fc7f31016e0%26__layerref%3d

Requested by

Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5aa1b2aee141976a364960b78eefc82ff2c7b88b6bbebad631b021d5e0ca805a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wins.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 19 Jan 2024 19:02:22 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame A92E 4 KB
2 KB 77ms
23ms Document
text/html 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725

Requested by

Host: a1.adform.net
URL: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2449758&ADFPageName=sps_retargeting&ADFdivider=%7C&ord=349215898123&ADFtpmode=2&loc=https%3A%2F%2Fwins.io%2Fl%2Fwelcome_wheel%2F%3Fstag%3D120152_65aac73c36d10fc7f31016e0%26__layerref%3D&CPref=https%3A%2F%2Fwww.winz1.me%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24&frpid=1583244514594614974

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a9db6c8ae690066bc60ddd65007807723f8cb342d5ffd61dc74343b5d3893a50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wins.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 19 Jan 2024 19:02:22 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
466 B 597ms
279ms Image
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=9091491143578068788&stamp=mrIRNcgg1l8DvP-67D9Y4w2

Requested by

Host: wins.io
URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wins.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2 200 /
track.adform.net/Serving/TrackPoint/ Frame 79C4 35 B
518 B 32ms
25ms Image
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=1923849&ADFPageName=Winz__all_pages&ADFdivider=|

Requested by

Host: a1.adform.net
URL: https://a1.adform.net/serving/container/?pm=2449758&lid=109409460&ctype=0&media=0&PageName=sps_retargeting&rnd=1095749394&cpref=https%3a%2f%2fwww.winz1.me%2f&loc=https%3a%2f%2fwins.io%2fl%2fwelcome_wheel%2f%3fstag%3d120152_65aac73c36d10fc7f31016e0%26__layerref%3d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame A92E 0
384 B 24ms
23ms Image
text/plain 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 match
ad.360yield.com/ Frame A92E 43 B
199 B 124ms
34ms Image
image/gif 54.229.5.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=9091491143578068788&Expiration=1706900542
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.229.5.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-5-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 19 Jan 2024 19:02:22 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame A92E 0
235 B 106ms
78ms Image
text/plain 23.213.165.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=9091491143578068788
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-82.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2024 19:02:22 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Thu, 18 Jan 2024 19:02:22 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame A92E 0
214 B 76ms
16ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=9091491143578068788
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: b71bced807741b20dd93dce6c2d26405
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 tpui
ih.adscale.de/adscale-ih/ Frame A92E 0
38 B 29ms
8ms Image
text/plain 3.120.203.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=9091491143578068788&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.203.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-203-57.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:22 GMT
content-length: 0

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame A92E 43 B
163 B 66ms
20ms Image
image/gif 5.196.111.72
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=9091491143578068788&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.72 Lille, France, ASN16276 (OVH, FR),
Reverse DNS: ip72.ip-5-196-111.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:21 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame A92E 43 B
636 B 62ms
15ms Image
image/gif 2607:ae80:4::26
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=9091491143578068788
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2024 19:02:22 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1705690942393071-525

GET
H2 200 sync
x.bidswitch.net/ Frame A92E 43 B
146 B 34ms
11ms Image
image/gif 3.78.15.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=70&user_id=9091491143578068788
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.78.15.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-78-15-192.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame A92E
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9091491143578068788&expiration=1706900542
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9091491143578068788&expiration=1706900542&C=1

43 B
341 B

30ms
27ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=9091491143578068788&expiration=1706900542&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4LsqDMHFaKV4Y%2BSxUtugON5fr6EVv%2Bd73rUFVNVGzppIeqL%2FsvZP2%2BWOXlWGWICwhI6aDTySHKrLbl0U48aBCEwo%2Bv87%2BsaXDUy4675j1VeWqHO1wNja9jF0weusv3HzpQiZcdzhev7KA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 848154e64c849bd7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=untqlvOwx%2ByTZ3iwofpOG1IRA25DzB9sVFD8MpTqheQaXFYscAGswQBCsLc26JDM7qyjfHNDF%2FQthHk0%2BliLab%2B6ny9p8VR9vAqrZbkpAIw517g9BPDrSdpUAQ3cAv6kvv%2Bh%2Ft23xU9GuA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=9091491143578068788&expiration=1706900542&C=1
cache-control: no-cache
cf-ray: 848154e61c4c9bd7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

12092831
se.semasio.net/sync/1/ Frame A92E
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=9091491143578068788&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=9091491143578068788&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=9091491143578068788&gdpr=&sInitiator=external
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/647471?sExtCookieId=7325886812993157279&sInitiator=internal&gdpr=
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/4354957?sExtCookieId=988804950717989738&sInitiator=internal&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=NTlBQjZEMkE2MkVFNEI5Nw&gdpr=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEElnCmVg-ffR5aHIK7jWMZc&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEElnCmVg-ffR5aHIK7jWMZc&sInitiator=internal&google_cver=1&gdpr=

0
415 B

29ms
29ms

Image
text/plain

77.243.51.121
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEElnCmVg-ffR5aHIK7jWMZc&sInitiator=internal&google_cver=1&gdpr=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: HTTP/1.1
Server: 77.243.51.121 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:25 GMT
uip-status: Ok
frontend-id: 03
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:26 GMT
frontend-id: 5
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEElnCmVg-ffR5aHIK7jWMZc&sInitiator=internal&google_cver=1&gdpr=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame A92E 0
344 B 43ms
8ms Image
text/plain 3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=9091491143578068788&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 19:02:22 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

204

/
loadm.exelator.com/load/ Frame A92E
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=9091491143578068788
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=9091491143578068788&xl8blockcheck=1

0
93 B

1034ms
1034ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=9091491143578068788&xl8blockcheck=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:23 GMT
server: nginx
server-timing: total;dur=1.000
etag: "60ec6d76-0"

Redirect headers

date: Fri, 19 Jan 2024 19:02:27 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=9091491143578068788&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame A92E 0
98 B 60ms
28ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=9091491143578068788
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 404 gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=9091491143578068788/gdpr=/ Frame A92E 49 B
264 B 118ms
33ms Image
image/gif 54.75.58.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=9091491143578068788/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.58.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-58-229.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.2.12
content-length: 49
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame A92E 62 B
218 B 259ms
214ms Image
image/gif 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=9091491143578068788
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 19 Jan 2024 19:02:22 GMT
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame A92E 43 B
264 B 67ms
21ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9091491143578068788
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame A92E
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

116ms
39ms

Image
image/gif

52.218.98.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: HTTP/1.1
Server: 52.218.98.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 19:02:23 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: 9G3X6H6D68RXTYKE
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: VzL5UiiaEoebA7Xx+cH2Vf+M1LYHdRRV7I9Y4B0WH/5nDtvES6SFf64+/cupiYD4ZBrewiUkC6A=

Redirect headers

X-Error-Reason: Missing UserId
Date: Fri, 19 Jan 2024 19:02:22 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame A92E
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=9091491143578068788
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM1202401191973d42ac3a9bcd88673b&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=21e86557c5ad7eaefc3bf39e1b3e141a&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyNDAxMTkxOTczZDQyYWMzYTliY2Q4ODY3M2I&gdpr_consent=&gdpr=0
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEIHUdClI-LZSTKHG0cg5dxM&gdpr_consent=&gdpr=0&google_cver=1
https://tags.adsafety.net/v1/cm?cm_uid=CM1202401191973d42ac3a9bcd88673b&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&...
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=21e86557c5ad7eaefc3bf39e1b3e141a
https://dsp.adfarm1.adition.com/cookie/?ssp=6
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7325886812993157279
https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7325886812993157279
https://c1.adform.net/serving/cookie/match?party=28&cid=CM1202401191973d42ac3a9bcd88673b
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=9091491143578068788

43 B
2 KB

16ms
15ms

Image
image/gif

62.141.38.122
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=9091491143578068788
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: HTTP/1.1
Server: 62.141.38.122 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: cm44.as.net
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Jan 2024 19:02:23 GMT
Last-Modified: Fri, 19 Jan 2024 19:02:23 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=9091491143578068788
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame A92E 0
338 B 101ms
32ms Image
text/plain 52.209.60.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=9091491143578068788
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.60.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-60-100.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: beacon-n014-dub-prod.krxd.net
date: Fri, 19 Jan 2024 19:02:22 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1705690942
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame A92E 0
384 B 24ms
23ms Image
text/plain 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame A92E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=OTA5MTQ5MTE0MzU3ODA2ODc4OA
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=OTA5MTQ5MTE0MzU3ODA2ODc4OA&google_tc=
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJx_U8zp1lYMbtbXdgUHy2M&google_cver=1&google_ula=1641347,0

35 B
600 B

23ms
23ms

Image
image/gif

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJx_U8zp1lYMbtbXdgUHy2M&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJx_U8zp1lYMbtbXdgUHy2M&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
secure.adnxs.com/ Frame A92E
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=988804950717989738&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=9091491143578068788

43 B
1003 B

14ms
14ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=9091491143578068788

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:22 GMT
an-x-request-uuid: a7d09f81-826f-4e4e-add3-c42d6cbebfa9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.132; 178.162.209.132; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=9091491143578068788
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame A92E 0
225 B 45ms
13ms Image
text/html 198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=9091491143578068788
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Fri, 19 Jan 2024 19:02:21 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame A92E 43 B
444 B 53ms
9ms Image
image/gif 65.9.66.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-43.fra56.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 23:54:42 GMT
Via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: FRA56-C1
Age: 68860
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: RIsf3W1GcXFXsh3R0T-GTMtn6vSDMhzgWccLFodPX87KvmZNLOIbGg==

GET
H/1.1

200

p
a.audrte.com/ Frame A92E
Redirect Chain

https://a.audrte.com/a?adform_uid=9091491143578068788
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZmI4cktjSGplaTJRRHVjeXVhLVpWbHJiQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

34ms
34ms

Image
image/png

52.16.166.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: HTTP/1.1
Server: 52.16.166.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-166-255.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Fri, 19 Jan 2024 19:02:22 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Fri, 19 Jan 2024 19:02:22 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame A92E
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=9091491143578068788&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=9091491143578068788&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=91099169210831512863092464273828205285&noredirect=1

35 B
591 B

25ms
25ms

Image
image/gif

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=91099169210831512863092464273828205285&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

dcs: dcs-prod-irl1-1-v054-08e40c941.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 19 Jan 2024 19:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: YpJmmuLLQmg=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://c1.adform.net/serving/cookie/match?party=1007&cid=91099169210831512863092464273828205285&noredirect=1
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame A92E
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=9091491143578068788
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216563104766004044236

35 B
591 B

30ms
29ms

Image
image/gif

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216563104766004044236

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:22 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=216563104766004044236
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame A92E
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7325886812991191195

35 B
591 B

27ms
27ms

Image
image/gif

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7325886812991191195

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7325886812991191195
Date: Fri, 19 Jan 2024 19:02:22 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame A92E 62 B
430 B 181ms
181ms Image
image/gif 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=9091491143578068788
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 19 Jan 2024 19:02:22 GMT
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame A92E
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=wC80ASxr1RqU8e5

35 B
591 B

26ms
25ms

Image
image/gif

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=wC80ASxr1RqU8e5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Fri, 19 Jan 2024 19:02:21 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-092dd177afc8cc107@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=wC80ASxr1RqU8e5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A92E 70 B
149 B 116ms
34ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:22 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 0.gif
id5-sync.com/s/10/ Frame A92E 43 B
1 KB 29ms
7ms Image
image/gif 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=9091491143578068788

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 19 Jan 2024 19:02:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame A92E
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=132885632
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=rfyFfz1YKRKe66tEHbK2.e

35 B
591 B

24ms
24ms

Image
image/gif

37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=rfyFfz1YKRKe66tEHbK2.e

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725

Protocol

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 19 Jan 2024 19:02:22 GMT
via: 1.1 google
last-modified: Fri, 19 Jan 2024 19:02:22 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=rfyFfz1YKRKe66tEHbK2.e
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame A92E 23 B
163 B 93ms
49ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=9091491143578068788
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 19 Jan 2024 19:02:22 GMT
pragma: no-cache
date: Fri, 19 Jan 2024 19:02:22 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 204 /
s.ad.smaato.net/c/ Frame A92E 0
238 B 61ms
40ms Image
text/plain 2600:9000:211e:2400:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=9091491143578068788
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:22 GMT
cache-control: no-cache, must-revalidate
via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: tvFVv4yjp7fkOe9V8jD_pwJZBd_xsWnl_GfIFzJoBTADqgNqh5xyAw==
x-cache: Miss from cloudfront

GET
H2 200 9091491143578068788
match.contentexchange.me/adform/ Frame A92E 0
49 B 91ms
29ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/9091491143578068788?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:22 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame A92E 37 B
140 B 35ms
9ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=9091491143578068788&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 put
e1.emxdgt.com/ Frame A92E 0
44 B 46ms
6ms Image
text/plain 52.29.105.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=9091491143578068788
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.105.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-105-89.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:22 GMT
server: awselb/2.0

GET
H2 200 plf
c1.adform.net/imatch/ Frame A92E 0
384 B 24ms
23ms Image
text/plain 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=9091491143578068788&agencyId=7766&advertiserId=2103627&src=tp&rnd=951725
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:02:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
winzmedia.top/	1970-01-20 18:31:22	Name: 8241649609f88ccd2a0a Value: 65aac73c36d10fc7f31016e0
.wins.io/	1970-01-21 03:24:10	Name: _ga_QSBV6CNL1J Value: GS1.1.1705690941.1.0.1705690941.0.0.0
.adform.net/	1970-01-20 18:32:49	Name: C Value: 1
.adform.net/	1970-01-20 19:14:34	Name: receive-cookie-deprecation Value: 1
.wins.io/	1970-01-21 03:24:10	Name: _ga Value: GA1.2.697116644.1705690941
.wins.io/	1970-01-20 17:49:37	Name: _gid Value: GA1.2.708880007.1705690942
.wins.io/	1970-01-20 17:48:11	Name: _gat_UA-152826195-1 Value: 1
wins.io/	1970-01-20 18:31:22	Name: adformfrpid Value: 1583244514594614974
.adform.net/	1970-01-20 19:14:35	Name: uid Value: 9091491143578068788
.adform.net/	1970-01-20 17:49:37	Name: CM Value: 1\|1
.adform.net/	1970-01-20 18:08:20	Name: CM14 Value: 1705777342_1705690942_1_Hu7u4e4e4R7u4e4REREeEREREA
.casalemedia.com/	1970-01-21 02:33:46	Name: CMID Value: ZarHPkfWmGnin-cNxvXjYgAA
.casalemedia.com/	1970-01-20 19:57:46	Name: CMPS Value: 3297
.casalemedia.com/	1970-01-20 19:57:46	Name: CMPRO Value: 3297
.eyeota.net/	1970-01-20 17:48:11	Name: SERVERID Value: 23841~DM
.ads.stickyadstv.com/	1970-01-20 19:14:34	Name: uid-bp-617 Value: 9091491143578068788
.ads.stickyadstv.com/	1970-01-20 18:31:22	Name: UID Value: 7b2132f7b7e8560346cbfc87c6af
.semasio.net/	1970-01-21 02:33:46	Name: SEUNCY Value: 59AB6D2A62EE4B97
cm.adsafety.net/	1970-01-21 02:33:46	Name: UID Value: CM1202401191973d42ac3a9bcd88673b
.adsafety.net/	1970-01-21 02:33:46	Name: cm_uid Value: CM1202401191973d42ac3a9bcd88673b
.exelator.com/	1970-01-20 20:40:58	Name: EE Value: "c3a3bb1d3c32cb068e5a33c43aad6ca2"
.exelator.com/	1970-01-20 20:40:58	Name: ud Value: "eJxrXxzq6XKLQSHZONE4KckwxTjZ2Cg5ycDMItU00dg42cQ4MTHFLDnRaHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVywAswJcw1asCS%252FKDN9kYvr4qKUNMZFJcWngo9N7AUAeRooGQ%253D%253D"
.adnxs.com/	1970-01-20 19:57:46	Name: uuid2 Value: 988804950717989738
.doubleclick.net/	1970-01-21 03:09:46	Name: IDE Value: AHWqTUkxAzru3XJd-PV69rEpmF8zKIV9X0yDslMWKmosfm68nT5HgnJN34jEt2hO7Os
.krxd.net/	1970-01-20 22:07:22	Name: _kuid_ Value: QC6ly5zS
.agkn.com/	1970-01-21 02:33:46	Name: ab Value: 0001%3ANlLdmEEyJHW8h%2Bawk0ZmFmMs%2Bm8sYPon
.adfarm1.adition.com/	1970-01-20 19:57:46	Name: UserID1 Value: 7325886812993157279
.demdex.net/	1970-01-20 22:07:22	Name: demdex Value: 91099169210831512863092464273828205285
.audrte.com/	1970-01-20 18:09:46	Name: arcki2 Value: fb8rKcHjei2QDucyua-ZVlrbA!20220908!1705690942703!ip#178.162.209.132
.audrte.com/	1970-01-20 18:09:46	Name: arcki2_adform Value: 9091491143578068788!20220908!1705690942703
.w55c.net/	1970-01-21 03:19:51	Name: wfivefivec Value: wC80ASxr1RqU8e5
.dpm.demdex.net/	1970-01-20 22:07:22	Name: dpm Value: 91099169210831512863092464273828205285
.w55c.net/	1970-01-20 18:31:22	Name: matchadform Value: 5
.audrte.com/	1970-01-20 18:09:46	Name: arcki2_ddp2 Value: fb8rKcHjei2QDucyua-ZVlrbA!20220908!1705690942776
.bluekai.com/	1970-01-20 22:10:15	Name: bku Value: aG/99efc3ZP+fn9e
.bluekai.com/	1970-01-20 22:10:15	Name: bkpa Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwEAymEW6mEWhBe1NBpQyBMQlmeQe9JlnYWG=
.weborama.fr/	1970-01-21 03:14:06	Name: AFFICHE_W Value: D9N9sUlOi@YP38
.adnxs.com/	1970-01-21 03:24:10	Name: XANDR_PANID Value: t1nsYQybMBTYxda7SagkcAZYdJAPfau2L4Dg-4S16ETT77YIwC69yAC0BOxPi9JpBq7id4HM-FnpMPjxInlVfvzrqtWtrUlfJy-DlysE7pg.
.adnxs.com/	1970-01-20 19:57:46	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2IldhJ%pA!]tbPl1M66+q([OUf!@?Z7nfFXvVAN[S`d9VB(5-OyyJ>jWImebpRzqF1`*baXA(`+3:
.seadform.net/	1970-01-20 19:14:34	Name: uid Value: 9091491143578068788
ads.smartstream.tv/	1970-01-21 02:33:46	Name: DID Value: 21e86557c5ad7eaefc3bf39e1b3e141a
ads.smartstream.tv/	1970-01-21 02:33:46	Name: idt Value: 100
ads.smartstream.tv/	1970-01-21 02:33:46	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 18:31:22	Name: cm_uid Value: CM1202401191973d42ac3a9bcd88673b
cm.adsafety.net/	1970-01-21 02:33:46	Name: permanent Value: 1
tags.adsafety.net/	1970-01-21 02:33:46	Name: UID Value: 21e86557c5ad7eaefc3bf39e1b3e141a
tags.adsafety.net/	1970-01-21 02:33:46	Name: DID Value: 21e86557c5ad7eaefc3bf39e1b3e141a
tags.adsafety.net/	1970-01-21 02:33:46	Name: IDT Value: 100
tags.adsafety.net/	1970-01-21 02:33:46	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 18:31:22	Name: block_reset Value: 1
.adsafety.net/	1970-01-21 02:33:46	Name: ct_uid Value: 21e86557c5ad7eaefc3bf39e1b3e141a
.adsafety.net/	1970-01-21 02:33:46	Name: ct_did Value: 21e86557c5ad7eaefc3bf39e1b3e141a
.adsafety.net/	1970-01-21 02:33:46	Name: ct_idt Value: 100
cm.adsafety.net/	1970-01-21 02:33:46	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaeFIwSnJpWWluS2s5bGJDNmJvc096enRuTkJ1L01iK1A1S01CWExCa2l5eVlSVW9hbUhNb3JmcW1xWUI1d29jWlJMOERZd1VMMTY0ditMRmZweTdrdEczVW1qNmw2clR5VVdjMm9UYWxoTm8wRU5JeFBKS0oxdjY2VlFXL2dESG5VUk43MGU2UDNkZmdFU2l0N290NjhBTlNrK0dPc3M0NW9XdFFlalRiOWdRRzZyWHN5cEk2QUtaaVFuOUlxbnVWSkRoOXUzalpxRjJJREdZWDhXK2VSQzBhMkFET1o0Vm1DVnNsbEY0dk43ZzBUMnNuME1TUEpBNGo3Q0k3bk82S0U4UXdQaTZyd0lFZ2xQZlgyMlJZV1lzdFB0RkFDUkF0c3QvaGdqTkVSWWVxZ25OL1hFYTZXZXdIRDMyZExrOWhyQnpwdStGcWpLMUVDV3I2QW5mWndrTmlCVThoTXBuZWhrenRWa0JjWVgvbzhhaEgwejAvclgydHZhS0lTZHRlUlZZUGEwdEw0MkNvNW9vRXVNblpvaWs0MmV1RlpkSVlYd3lFbDh6MGFFT3RLUGlaYWNZamVxYm1iVHh2MGtzNWZRb0ROall6T0tDMkRIVTZQSkRnQW9QTS9vdzF6cVF5THNTcWVYWkJ0REVYcDZFUEFEdENVczZwcjNKY0x4cEVRN3FtZ2NBMUh1ejBXanZsQ2NSVFcwd011aU9YM3IwTkdvbUg3U3o0emRxbmkwdzFjVkNwUHNyYWY0QTFnZU9ubDBpYXVPT042OTZtamZiUmZnYkt5V2JvZVZwaGpiaXBOMTRZNStHNTZ1Y0lUNDhRaWE2UVZBRkpFckJqU1NKUmdEQWJPQ0E0djY2VkFVMDlma1hxcjl5SWpmeTd2amhBUDBVTWxJcWdJQUFCTXg5VmtjcklRVXI4bGxRR0YzVy92VGx5Y3lhMGpxV3dCSytibE43QVh0RU5EWTRzVUJuMmZ6aFkwVzB0L2IvZThrRmdXcVhCYlNraTRBSDVoREo0cGM2dEkvWEt1Um9hOVFHeE13MmtQM2RLRDVLUjhleUFLV29ZbHd3d0Vsb0tCeEg1bWFuSnhHVU1VeGV3d28xRjhuVk1IZlNIaGhiZFdPaXRmOVBtSFArd2JPbEtoNVVheTZ2NEdUVXVaTjRpVC9veXJGZ1hGZEV2amxOUE02NUdkYnZaNisyNkRNVnRoRjRmVWVkQU02Umd0bG5ESGpCRXFmaFlmcldPditqa0VTanFQa2MwbFNBczQ2UG0vMVhzNGV4d050aGc4ZFBIRnZybmJKeTNCaUZZemZKR0ZwZHBGZVlEdXUzRkV4bA%3D%3D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=9091491143578068788 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=9091491143578068788/gdpr=/gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://wins.io/l/welcome_wheel/?stag=120152_65aac73c36d10fc7f31016e0&__layerref= Message: The resource https://fonts.googleapis.com/css?family=Rubik:300,400,500,700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a1.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
api.adrtx.net
beacon.krxd.net
c1.adform.net
cm.adsafety.net
cm.g.doubleclick.net
cm.smartstream.tv
cryptco.org
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
pdw-adf.userreport.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
region1.google-analytics.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
server.seadform.net
simage2.pubmatic.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.teads.tv
tags.adsafety.net
tags.bluekai.com
token.rubiconproject.com
track.adform.net
uipglob.semasio.net
wins.io
winz1.me
winzmedia.top
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.wins.io
www.winz1.me
x.bidswitch.net
yern.finance
104.18.38.141
139.162.147.24
142.250.186.66
162.19.138.120
172.64.151.101
18.185.146.45
185.89.210.212
188.114.96.9
198.47.127.205
2001:4860:4802:34::36
23.213.165.82
23.35.237.56
2600:9000:211e:2400:1b:5138:8a40:93a1
2606:4700:4400::6812:27bf
2606:4700:4400::ac40:9441
2607:ae80:4::26
2a00:1450:4001:810::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:400c:c09::9d
3.120.203.57
3.124.210.90
3.76.149.124
3.78.15.192
34.98.64.218
35.190.24.218
35.244.174.68
35.71.131.137
37.157.4.29
37.157.6.236
37.157.6.243
46.19.11.36
5.196.111.72
52.16.166.255
52.209.60.100
52.218.98.35
52.29.105.89
52.49.110.165
54.217.93.219
54.229.5.240
54.67.42.145
54.75.58.229
54.78.254.47
62.141.38.122
65.9.66.43
69.173.144.138
72.246.169.24
76.223.111.18
77.243.51.121
77.243.51.122
80.85.85.173
85.114.159.118
91.210.226.72
02ee7889dc20ab49a618aaaa436515e6560f96cec9dd632bb0450da6c4fcae3d
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
155473da394e2f8499db8b3e90646afe6e271dac2412b2d3419b7bc45e285bc0
1c386561c7ef1c95c844c68afa17b2f0faf6260834f29b2b1c42829fd7e9f598
1f0557d2a1bea048a13650fab57f2665ac5acb3995c72be792a894486d205671
256aea5fd2bc07c39bc6bf5fe75ec725cce38f0f9aeb4c847b9b35d10584c2a6
26642fb731a8aa7daa296d201d980e4da3df964deb70c2575e834076fb2f8685
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dce92ec8ec03253675e8ba935359cf12e3af7f805607f5a24ad913d7bf68b94
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32911eed50f32c16bc510c89674b8af9961796826a1224fa8c4cb465e13cdafa
3fe09532698793679fd89e20bb0cc4f59bcece52defc4d4b412e48b89dc0abfe
408eda4afcd3e1e7434bd93fd5282baeaaaad6bfe0c3024f35229b3fe3b6cf7f
40d6ba1c51d31bda79b2f72ca984027033f2a6b04241eb68b5c15d70346dcfa3
45a8579ac938803dba8def656f384335ef5e5a8b405617b7100f6a10e5554f6a
4827d72113686f3d792ee354fa9e218a9ec68ba35b918cfc1695ed89552734b6
497f1153ead42e825592580788eaff8b23bbdec92ee70a0df3d932ff325c6908
4ac3a26a0d7ba2e15ba52097dd937fb122705250bda26ca076315620eb864948
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1c37a4c7f71f426b6747d35b727362e541c08b4b4922b062105a51f04c339b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5aa1b2aee141976a364960b78eefc82ff2c7b88b6bbebad631b021d5e0ca805a
60564c3d953725bed0df56e75a83aab7eec03a62e0cb3a379060fd1f1acff191
64e028da4b57b5396b018a843b464c9d8348494f42d04e8282a476c0f68cee82
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7067f8d1e4258aa5c7461fb813faba3fac1e53988b5380b1c12ce43e01e28680
7517558d04f390913070406e062326b9551598d4c3b2c0bb498d977bd2acfd9a
82e1421866e06b46d663b15d58432ce3e23dd482ac4da510b95b81ad63fc1879
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
94155da02921511bed7e772e7276106531af0470f215bae16550935f9d0fc299
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a9db6c8ae690066bc60ddd65007807723f8cb342d5ffd61dc74343b5d3893a50
ab201718371815cc601198afbe933a672ac787582f5894ddc19d5a3f060b5d7e
add2474dc337e3ccd718e7052da920b3aa81a274c599131ce65e376d9ba36623
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af125caf2d6d556c3aa6fc5033ff73767f1e9563f4297bc42e3bad1578ee96b0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c6e7bc2150046aeed4f8ae19c30191b515e62e10642896aeb340bb3a920539a3
c9db8be7094bba6ff2aba0cfb3b24cea93111f3a5f8a430658ca3922f686ddb3
ced279b0ff276d9663310b0442430e4e147db0a8affdc11894e4892952065590
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d781d937704c06da03d78b57c9d4b2010483977f5d4cf0ee04a96b7658abd9b2
dc1237b112d965e16ce2d6becd40d36015f27261dfce4d3f5a1dfd2335b3919a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73ee5c40224bac2c3a08f085b8f80a88c5a74a0d19d303fde27b46bf0ffc01f
e9f9141289ea1841e4541b2c4ad93234fe9680f560e6901a5df783cc702f2baf
ee028c5e3a2d32a497516438c5382f734e1c66b2ccac6231701d2ce4a115381e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0360e59f329ae5ac2d0d5a0710126e633bbd7f2630301a6b3f502c86519b978
f16f3a81dc5a0f04673ee011a0fe07024bc6a811eaf48300b20aeb74ac936648
f98b409dac6ab01f7f5a59732a2759490a9077d51169dc692a8457c318d87932

wins.io Open in urlscan Pro 2606:4700:4400::6812:27bf Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

94 Requests

84 %HTTPS

21 %IPv6

50 Domains

62 Subdomains

43 IPs

10 Countries

1426 kBTransfer

2944 kBSize

54 Cookies

0 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wins.io Open in urlscan Pro
2606:4700:4400::6812:27bf Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

84 %
HTTPS

21 %
IPv6

50
Domains

62
Subdomains

43
IPs

10
Countries

1426 kB
Transfer

2944 kB
Size

54
Cookies

94 HTTP transactions
0 data transactions