urlscan.io logo urlscan.io
SecurityTrails logo

winetime.redentu.top Open in urlscan Pro
128.140.116.84  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://winetime.redentu.top/
Effective URL: https://winetime.redentu.top/ua
Submission: On December 04 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 14 domains to perform 98 HTTP transactions. The main IP is 128.140.116.84, located in Germany and belongs to HETZNER-AS Hetzner Online GmbH, DE. The main domain is winetime.redentu.top.
TLS certificate: Issued by R10 on December 3rd 2024. Valid for: 3 months.
This is the only time winetime.redentu.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 39 128.140.116.84 24940 (HETZNER-A...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f00... 32934 (FACEBOOK)
3 2a05:d018:ac8... 16509 (AMAZON-02)
1 148.251.3.114 24940 (HETZNER-A...)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2620:1ec:29:1... 8075 (MICROSOFT...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f10... 32934 (FACEBOOK)
2 4 142.250.80.70 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 142.250.65.166 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 63.32.133.59 16509 (AMAZON-02)
12 2606:4700:303... 13335 (CLOUDFLAR...)
4 23.96.124.68 8075 (MICROSOFT...)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
98 23
39    128.140.116.84 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.84.116.140.128.clients.your-server.de
winetime.redentu.top
3    2606:4700:20::ac43:4b3f (United States)

ASN13335 (CLOUDFLARENET, US)
www.artfut.com
5    2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f00e:13:face:b00c:0:3 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a05:d018:ac8:b920:bd60:a9c8:1112:459e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
esputnik.com
1    148.251.3.114 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.114.3.251.148.clients.your-server.de
statics.esputnik.com
2    2607:f8b0:4006:80c::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
3    2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
3    2606:4700:3037::ac43:d7e6 (United States)

ASN13335 (CLOUDFLARENET, US)
cralodas.com.ua
m.cralodas.com.ua
c.cralodas.com.ua
1    2606:4700::6812:1a32 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.mouseflow.com
2    2a03:2880:f10e:83:face:b00c:0:25de (Toronto, Canada)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    142.250.80.70 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f6.1e100.net
12695077.fls.doubleclick.net
4    2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
2    142.250.65.166 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f6.1e100.net
ad.doubleclick.net
1    2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c17::9a (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    63.32.133.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-133-59.eu-west-1.compute.amazonaws.com
site-script.esputnik.com
12    2606:4700:3030::ac43:cc91 (United States)

ASN13335 (CLOUDFLARENET, US)
winetime.com.ua
4    23.96.124.68 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
s.clarity.ms
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
39 redentu.top
winetime.redentu.top
11 MB
12 winetime.com.ua
winetime.com.ua
363 KB
12 doubleclick.net
12695077.fls.doubleclick.net
td.doubleclick.net — Cisco Umbrella Rank: 182
ad.doubleclick.net — Cisco Umbrella Rank: 145
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
4 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
s.clarity.ms — Cisco Umbrella Rank: 7882
c.clarity.ms — Cisco Umbrella Rank: 1269
31 KB
8 esputnik.com
esputnik.com — Cisco Umbrella Rank: 61564
statics.esputnik.com — Cisco Umbrella Rank: 100834
site-script.esputnik.com — Cisco Umbrella Rank: 155765
142 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
433 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 142
64 B
3 cralodas.com.ua
cralodas.com.ua — Cisco Umbrella Rank: 743313
m.cralodas.com.ua — Cisco Umbrella Rank: 872498
c.cralodas.com.ua — Cisco Umbrella Rank: 828276
4 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
3 artfut.com
www.artfut.com — Cisco Umbrella Rank: 40216
17 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
213 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
74 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 205
771 B
1 mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 7737
21 KB
98 14
Domain Requested by
39 winetime.redentu.top 1 redirects winetime.redentu.top
12 winetime.com.ua winetime.redentu.top
5 www.googletagmanager.com winetime.redentu.top
www.googletagmanager.com
4 s.clarity.ms www.clarity.ms
4 site-script.esputnik.com statics.esputnik.com
4 td.doubleclick.net www.googletagmanager.com
4 12695077.fls.doubleclick.net 2 redirects www.googletagmanager.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
winetime.redentu.top
3 esputnik.com winetime.redentu.top
3 www.artfut.com winetime.redentu.top
www.artfut.com
2 c.clarity.ms 1 redirects
2 analytics.google.com www.googletagmanager.com
2 ad.doubleclick.net winetime.redentu.top
2 www.facebook.com winetime.redentu.top
2 www.clarity.ms winetime.redentu.top
www.clarity.ms
2 www.google.com www.googletagmanager.com
winetime.redentu.top
2 connect.facebook.net winetime.redentu.top
connect.facebook.net
1 c.bing.com 1 redirects
1 c.cralodas.com.ua m.cralodas.com.ua
1 m.cralodas.com.ua cralodas.com.ua
1 stats.g.doubleclick.net www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 cdn.mouseflow.com winetime.redentu.top
1 cralodas.com.ua winetime.redentu.top
1 statics.esputnik.com winetime.redentu.top
98 25
Subject Issuer Validity Valid
winetime.redentu.top
R10		 2024-12-03 -
2025-03-03		 3 months crt.sh
artfut.com
WE1		 2024-10-26 -
2025-01-24		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-12 -
2024-12-11		 3 months crt.sh
*.esputnik.com
Sectigo RSA Domain Validation Secure Server CA		 2024-11-04 -
2025-11-28		 a year crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
cralodas.com.ua
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh
cdn.mouseflow.com
WE1		 2024-11-21 -
2025-02-19		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
winetime.com.ua
WE1		 2024-10-09 -
2025-01-07		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 8 frames:

Primary Page: https://winetime.redentu.top/ua
Frame ID: 69D69D7E55F17B23DC966308BF5E909E
Requests: 94 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fwinetime.redentu.top
Frame ID: B366C2EEBDCBBF3B5DFD0A16579FA4C6
Requests: 1 HTTP requests in this frame

Frame: https://12695077.fls.doubleclick.net/activityi;dc_pre=CPah0IOTjYoDFRlIRwEdTYEh0A;src=12695077;type=pvcxg0;cat=all_s0;ord=9483601745018;npa=0;auiddc=288798076.1733282109;ps=1;pcor=145859037;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190152539z8811926949za201zb811926949;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwinetime.redentu.top%2Fua
Frame ID: F7912102B8E68C604585BF3DE4828E72
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12695077;type=pvcxg0;cat=all_s0;ord=9483601745018;npa=0;auiddc=288798076.1733282109;ps=1;pcor=145859037;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190152539z8811926949za201zb811926949;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwinetime.redentu.top%2Fua
Frame ID: 229947965F45BBB0B658E1926F865B38
Requests: 1 HTTP requests in this frame

Frame: https://12695077.fls.doubleclick.net/activityi;dc_pre=CMGi0IOTjYoDFalaRwEdnhkPEg;src=12695077;type=pvcxg0;cat=allsi0;ord=1;num=7634782109093;npa=0;auiddc=288798076.1733282109;ps=1;pcor=526035949;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190152539z8811926949za201zb811926949;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwinetime.redentu.top%2Fua
Frame ID: BA4C109368F41A4A5DB2E1B8C52279F1
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12695077;type=pvcxg0;cat=allsi0;ord=1;num=7634782109093;npa=0;auiddc=288798076.1733282109;ps=1;pcor=526035949;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190152539z8811926949za201zb811926949;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwinetime.redentu.top%2Fua
Frame ID: 0A86A5B9BBE13FD49A704A2C05CD7DC0
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/998905891?random=1733282109819&cv=11&fst=1733282109819&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9197135589z8811926949za201zb811926949&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinetime.redentu.top%2Fua&hn=www.googleadservices.com&frm=0&tiba=WINETIME%20-%20%D1%96%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%20%D0%B2%D0%B8%D0%BD%D0%B0%2C%20%D1%81%D0%BF%D0%B8%D1%80%D1%82%D0%BD%D0%BE%D0%B3%D0%BE%2C%20%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%82%D1%96%D0%B2%2C&npa=0&pscdl=noapi&auid=288798076.1733282109&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 9B59CD62CA0850C455C1AD14BD07BD5E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-8MF7C5BJD5&gacid=1505209640.1733282110&gtm=45je4bk0v9103545765z8811926949za200zb811926949&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=1089140723
Frame ID: 76B346D588549D9C4D4E0DC8EA9FF325
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WINETIME - інтернет-магазин вина, спиртного, продуктів, напоїв, солодощів

Page URL History Show full URLs

  1. https://winetime.redentu.top/ HTTP 302
    https://winetime.redentu.top/ua Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com

Page Statistics

98
Requests

99 %
HTTPS

70 %
IPv6

14
Domains

25
Subdomains

23
IPs

4
Countries

12815 kB
Transfer

16783 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://winetime.redentu.top/ HTTP 302
    https://winetime.redentu.top/ua Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://12695077.fls.doubleclick.net/activityi;src=12695077;type=pvcxg0;cat=all_s0;ord=9483601745018;npa=0;auiddc=288798076.1733282109;ps=1;pcor=145859037;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190152539z8811926949za201zb811926949;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwinetime.redentu.top%2Fua HTTP 302
  • https://12695077.fls.doubleclick.net/activityi;dc_pre=CPah0IOTjYoDFRlIRwEdTYEh0A;src=12695077;type=pvcxg0;cat=all_s0;ord=9483601745018;npa=0;auiddc=288798076.1733282109;ps=1;pcor=145859037;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190152539z8811926949za201zb811926949;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwinetime.redentu.top%2Fua
Request Chain 32
  • https://12695077.fls.doubleclick.net/activityi;src=12695077;type=pvcxg0;cat=allsi0;ord=1;num=7634782109093;npa=0;auiddc=288798076.1733282109;ps=1;pcor=526035949;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190152539z8811926949za201zb811926949;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwinetime.redentu.top%2Fua HTTP 302
  • https://12695077.fls.doubleclick.net/activityi;dc_pre=CMGi0IOTjYoDFalaRwEdnhkPEg;src=12695077;type=pvcxg0;cat=allsi0;ord=1;num=7634782109093;npa=0;auiddc=288798076.1733282109;ps=1;pcor=526035949;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190152539z8811926949za201zb811926949;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwinetime.redentu.top%2Fua
Request Chain 98
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3852B0DE353D47FB8C2534B3022067D4&RedC=c.clarity.ms&MXFR=22A93C21705A605A17B9296A745A6E39 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3852B0DE353D47FB8C2534B3022067D4&MUID=0A1377674D2E6A400719622C4CEC6B1B

98 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ua
winetime.redentu.top/
Redirect Chain
  • https://winetime.redentu.top/
  • https://winetime.redentu.top/ua
786 KB
81 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
1cba53b3e1a242d84c2242e19fb6d241cf87a9f549fefd5399990d422e03ed67

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
must-revalidate,no-cache,no-store no-store, no-cache, must-revalidate, max-age=0, s-maxage=0, post-check=0, pre-check=0 no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 04 Dec 2024 03:15:07 GMT
expires
Sat, 26 Jul 1990 05:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding

Redirect headers

cache-control
must-revalidate,no-cache,no-store no-store, no-cache, must-revalidate, max-age=0, s-maxage=0, post-check=0, pre-check=0 no-cache, private
content-type
text/html; charset=UTF-8
date
Wed, 04 Dec 2024 03:15:05 GMT
expires
Sat, 26 Jul 1990 05:00:00 GMT
location
https://winetime.redentu.top/ua
pragma
no-cache
server
nginx
fontawesome-webfont.woff2
winetime.redentu.top/fonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://winetime.redentu.top/fonts/fontawesome-webfont.woff2
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://winetime.redentu.top
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"60bdbab6-34ec"
expires
Fri, 03 Jan 2025 03:15:09 GMT
accept-ranges
bytes
content-length
13548
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
font/woff2
last-modified
Mon, 07 Jun 2021 06:20:38 GMT
server
nginx
tagtag.min.js
www.artfut.com/static/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/tagtag.min.js?campaign_code=28b20b9035
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a44429f4e11a62335ca76e2dd9790dd80b005565fe962305a490fa3354abfee8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=rtpocA==, md5=SBL4/YPVz2ZR8LKPVJrgRQ==
cf-cache-status
REVALIDATED
etag
W/"4812f8fd83d5cf6651f0b28f549ae045"
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JGgCUL4kDWJRo3x4n248pjTpvnpxn4LLddN3M15uEplb8N%2BZ%2FhqGNiC4xWMK%2FmgkqWS%2BOdqT43o1xk3cajC70yFYoxHVUdULE2bcksLqtWQh1J%2FTUSO3fa%2FzYbkK00%2Fyw9np4lr10uw1r4qp"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Wed, 04 Dec 2024 04:15:09 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=8693&min_rtt=8677&rtt_var=2466&sent=7&recv=8&lost=0&retrans=0&sent_bytes=3993&recv_bytes=2257&delivery_rate=463320&cwnd=253&unsent_bytes=0&cid=426f654ee4e8c8b8&ts=254&x=0"
x-goog-stored-content-length
3293
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
application/javascript
last-modified
Mon, 25 Sep 2023 13:46:17 GMT
vary
Accept-Encoding
x-guploader-uploadid
ABPtcPoaGx3lMonuCXrTM0W0YKa8JFleRHio-s_Ar9aZHaFJVPa0rWqGIRaE3w6osOCW8nXsdBoGg6VngA
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8ec8a15f2fda32e2-EWR
x-goog-generation
1695649577073691
server
cloudflare
gtm.js
www.googletagmanager.com/ 		355 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WQQ3BQF
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
04dd89f7bc431b53e61812ffd398ad3885dd9d9f4a28da35c089c140f6411b3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 04 Dec 2024 03:15:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 04 Dec 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
120387
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d6350cefb90d29241d3e02629bb4cf96e2458fa3d1dd1bf0ff1a5870a4eb8f2f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-gExme5gO' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-gExme5gO' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=5685, tp=10, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
BocZH4/rBd759YtME5SZD92ZU+e0qBUNuv3xYTC4esSyjgHnZwN1xi2BDg6d7xAObIAUmBcOcoMZlf5ivCurjw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62128
x-xss-protection
0
origin-agent-cluster
?1
scripts
esputnik.com/scripts/v1/public/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esputnik.com/scripts/v1/public/scripts?apiKey=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI0NTI0ZWZhYTJkYzI2MGRmYTM4YTE1NDBlMWE3ZjE0OWRiYTIzOTFmMmU0NmZhODMxY2E1NGQ3MGQ2OGMwMjBlMjlhY2IxNzQwZWIzYTQzNjJhMTQ3N2ZmZGYwMWQwNDY1ZGIyYjEwMzU2MzQ2YWFhZjY3MzE1ZDMxOTA5YWQ0YWE2YzhhZTMzMzA2OTc0MTRmYzNjZTUzNGI4ODA0NTEyMDM4MmUwOTI5MTEzNjI1ZWYxMGFlNCJ9.Bg1rfSHUv3EbkBgpisKfs5SKw9C-Nkr1pXACTWq70rlOHPjRD5feGeic-VTZ-3D18RWZCsFBmY4VYyHgwwasDQ&domain=67461BD5-54DD-47E2-A37C-F56351F0FBB0
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:ac8:b920:bd60:a9c8:1112:459e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
73bb3490bf4655200f43d603986078362e21f5948aa827ab0324977ffdc18f5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=300
content-encoding
gzip
expires
Wed, 04 Dec 2024 03:20:09 GMT
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
DA1B8F9B05CF498790712AB865001125.js
statics.esputnik.com/scripts/ 		536 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics.esputnik.com/scripts/DA1B8F9B05CF498790712AB865001125.js
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
148.251.3.114 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.114.3.251.148.clients.your-server.de
Software
nginx /
Resource Hash
2c49f04a043b7e2cf4a241914c828ae7e77e64bfbcd5bc2fae937a3f16dd59d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

access-control-allow-headers
Origin, X-Requested-With, Access-Control-Allow-Headers, Content-Type, Accept, cl-customer-id, *
cache-control
max-age=30, public, must-revalidate
content-encoding
gzip
x-proxy-host
statics8
access-control-allow-methods
GET, POST, OPTIONS
x-proxy-cache
HIT
access-control-allow-origin
*
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
server
nginx
last-modified
Mon, 02 Dec 2024 14:45:49 GMT
x-amz-server-side-encryption
AES256
app--jot.css
winetime.redentu.top/client/css/ 		415 KB
69 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winetime.redentu.top/client/css/app--jot.css?v=1733282109
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
75ae6173ee94705e44340d3d25ea45362f34bde9a8847c58984a0fa3dec5ed66

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"6745ac47-67ac2"
expires
Fri, 03 Jan 2025 03:15:09 GMT
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
text/css
last-modified
Tue, 26 Nov 2024 11:08:55 GMT
server
nginx
vary
Accept-Encoding
header-logo-invert.svg
winetime.redentu.top/img/ 		24 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/img/header-logo-invert.svg?v=2
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
55328f4acbdd60d8de5ea89288da38642d8b4ffa1ffee6010bbd381ef8652c56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"67458acf-6166"
expires
Fri, 03 Jan 2025 03:15:09 GMT
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
image/svg+xml
last-modified
Tue, 26 Nov 2024 08:46:07 GMT
server
nginx
vary
Accept-Encoding
logo-header.svg
winetime.redentu.top/img/ 		28 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/img/logo-header.svg
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
ca773a3cbc190e1e8749d939267b9dd19f7b563543b8fb692e077f2067d36569

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"6720a6bf-6fab"
expires
Fri, 03 Jan 2025 03:15:09 GMT
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
image/svg+xml
last-modified
Tue, 29 Oct 2024 09:11:27 GMT
server
nginx
vary
Accept-Encoding
footer-logo.svg
winetime.redentu.top/img/ 		29 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/img/footer-logo.svg?v=1
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
f631041aa5cdbab42d241099113bb5aa636bddb55cfe6910c937cfd8a3091304

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"6720a6bf-7247"
expires
Fri, 03 Jan 2025 03:15:09 GMT
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
image/svg+xml
last-modified
Tue, 29 Oct 2024 09:11:27 GMT
server
nginx
vary
Accept-Encoding
footer-fox.svg
winetime.redentu.top/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/img/footer-fox.svg?v=1
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
6ad003edc5fd05c104953a6d12ff08cd267c24c12d7e6ff967a8de46fdc766fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"6720a6bf-bea"
expires
Fri, 03 Jan 2025 03:15:09 GMT
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
image/svg+xml
last-modified
Tue, 29 Oct 2024 09:11:27 GMT
server
nginx
vary
Accept-Encoding
app--jot.js
winetime.redentu.top/client/js/ 		1 MB
289 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winetime.redentu.top/client/js/app--jot.js?v=1733282109
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
8c5cf91c5bb3a1d3dfe1344f73be4d3903ed02b91ce780e4de0c8f6ffc76ceff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"6745ac47-116c26"
expires
Fri, 03 Jan 2025 03:15:09 GMT
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 26 Nov 2024 11:08:55 GMT
server
nginx
vary
Accept-Encoding
stylesheets
winetime.redentu.top/_debugbar/assets/ 		242 KB
126 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winetime.redentu.top/_debugbar/assets/stylesheets?v=1730204665
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
439e12b470077f8205e0c9b453104455f2bb7a3c3a7236e3bc4e3e2e34272304

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
must-revalidate,no-cache,no-store, no-store, no-cache, must-revalidate, max-age=0, s-maxage=0, post-check=0, pre-check=0, max-age=31536000, public, s-maxage=31536000
content-encoding
gzip
pragma
no-cache
expires
Sat, 26 Jul 1990 05:00:00 GMT
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
server
nginx
javascript
winetime.redentu.top/_debugbar/assets/ 		252 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winetime.redentu.top/_debugbar/assets/javascript?v=1730204665
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
332d27c33e16d4bdc2b41b2fdfb6ab94b41aabfaedaf890d3d88c3dd052ea6c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
must-revalidate,no-cache,no-store, no-store, no-cache, must-revalidate, max-age=0, s-maxage=0, post-check=0, pre-check=0, max-age=31536000, public, s-maxage=31536000
content-encoding
gzip
pragma
no-cache
expires
Sat, 26 Jul 1990 05:00:00 GMT
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
server
nginx
1137009113342954
connect.facebook.net/signals/config/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1137009113342954?v=2.9.176&r=stable&domain=winetime.redentu.top&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ef1e052b88c6eaabad49482da664f1f8e89f1933c8ac71cfe26ac5dd5e555bbe
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-AMHb3kGw' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-AMHb3kGw' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=76, mss=1232, tbw=71541, tp=66, tpl=0, uplat=54, ullat=0
pragma
public
x-fb-debug
R8yLUkKQdNM+8ZDoyoWc0I8JBMuDii/RKWAi0yOZ21Rr6qjlyP74qz8tkng/mja2QliDyx5q4Fd5VjFGThYepA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwinetime.redentu.top%2Fua&scrsrc=www.googletagmanager.com&frm=0&rnd=1818519133.1733282109&auid=288798076.1733282109&npa=0&gtm=45He4bk0v811926949za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&tft=1733282109453&tfd=6447&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQQ3BQF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers
js
www.googletagmanager.com/gtag/ 		425 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8MF7C5BJD5&l=dataLayer&cx=c&gtm=45He4bk0v811926949za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQQ3BQF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
221b0445feb1bfe64f127632284666e0a004f7012fabb4763d0c1457b251c24c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 04 Dec 2024 03:15:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
137752
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQQ3BQF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

content-encoding
gzip
age
2488
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 04:33:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 02:33:41 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
destination
www.googletagmanager.com/gtag/ 		228 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-12695077&l=dataLayer&cx=c&gtm=45He4bk0v811926949za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQQ3BQF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fb6381b429c367e80b2fff123d087fae1bc89e239835a995dcda3c24d40b97cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Wed, 04 Dec 2024 03:15:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 04 Dec 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83676
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		285 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-998905891&l=dataLayer&cx=c&gtm=45He4bk0v811926949za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQQ3BQF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f02714cce2e6c6a05415905b7eda181ae8787f1e149d200e7853ba42f50ed7ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Wed, 04 Dec 2024 03:15:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 04 Dec 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100355
x-xss-protection
0
server
Google Tag Manager
8n51gsezqc
www.clarity.ms/tag/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/8n51gsezqc?ref=gtm2
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0af48236cfacd482b6bcff50bd52128da16474dc7fd54c965a67b0b09f515cde

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
1056
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
application/x-javascript
x-azure-ref
20241204T031509Z-178cd9dd65f2l7nnhC1MNZc4wn0000001epg00000000trax
/
cralodas.com.ua/code/ 		309 B
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cralodas.com.ua/code/
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d7e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
669ec742aaec6f8a7dda1316b9e2543ad90f1686959d46f7a24776d7691a03e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0IGQ1mm46QGgYLnIrUkgxzogcEUnEbtfhuzDmFyymtplklvohw%2FIp%2Ba8X6DsAg8X4hE%2Fuyki8KcULTjHNG8%2Fv3%2B1nOTFtOddtVVKdqu%2BvvoRlhHI8zg0RC0X98%2Bl7%2BHDiYY6rSfH51D1cmG8aBU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ec8a160dab24411-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22383&min_rtt=19480&rtt_var=5264&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4156&recv_bytes=4305&delivery_rate=541&cwnd=12000&unsent_bytes=0&cid=71261f904a71fd8b&ts=172&x=1", cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
application/javascript
server
cloudflare
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
sw_iframe.html
www.googletagmanager.com/static/service_worker/4c30/ Frame B366 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fwinetime.redentu.top
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQQ3BQF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 03:15:09 GMT
expires
Thu, 04 Dec 2025 03:15:09 GMT
last-modified
Tue, 03 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
9b51efe9-ae29-4b80-b886-e0a77e819fee.js
cdn.mouseflow.com/projects/ 		71 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/9b51efe9-ae29-4b80-b886-e0a77e819fee.js
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d100b37f4ab95eebced457fa85e978a9697c4c62617c56d16181320109a2b8df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

access-control-expose-headers
*
content-encoding
gzip
cf-cache-status
HIT
etag
W/"59c04b543e42db1:0"
age
408443
x-mf-country
US
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 03:15:09 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding, Accept-Encoding
last-modified
Fri, 29 Nov 2024 09:09:00 GMT
priority
u=3,i=?0
x-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-mf-continent
NA
cache-control
public, max-age=86400
cf-ray
8ec8a16148c342ca-EWR
access-control-allow-origin
*
x-mf-script-region
non-enforced-privacy
server
cloudflare
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1137009113342954&ev=PageView&dl=https%3A%2F%2Fwinetime.redentu.top%2Fua&rl=&if=false&ts=1733282109605&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1733282109603.601325058170083085&ler=empty&cdl=API_unavailable&it=1733282109401&coo=false&rqm=GET
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=5730, tp=11, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1137009113342954&ev=PageView&dl=https%3A%2F%2Fwinetime.redentu.top%2Fua&rl=&if=false&ts=1733282109605&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1733282109603.601325058170083085&ler=empty&cdl=API_unavailable&it=1733282109401&coo=false&rqm=FGET
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7444389973817959228"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
w9dPIEGviYNn/bUkPAvWZjp5DqxEQV5iafMYd8Q5QQUKdtMxcHC/rZoO8WJNvtmuuPXpNskSI5RsRfI2Zq6W6g==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7444389973817959228", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=6098, tp=14, tpl=0, uplat=93, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
truncated
/ 		166 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9665e62448ee3561c1c6ec3a4637afe5efc24a9e4c8b1a59b6faae545224404b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
Montserrat-Regular.ttf
winetime.redentu.top/fonts/ 		193 KB
193 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://winetime.redentu.top/fonts/Montserrat-Regular.ttf
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
c3fb0280e4339f6c70cea42b8b432c6fb17fde130fbb12e9209c7cdfa79d976f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://winetime.redentu.top
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"670dd7fc-303f8"
expires
Fri, 03 Jan 2025 03:15:09 GMT
accept-ranges
bytes
content-length
197624
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
application/octet-stream
last-modified
Tue, 15 Oct 2024 02:48:28 GMT
server
nginx
Montserrat-Bold.ttf
winetime.redentu.top/fonts/ 		193 KB
194 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://winetime.redentu.top/fonts/Montserrat-Bold.ttf
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
98b1486810c2eccfaa17d4610a83c12794c0798ef5e9eb41aea038794292a187

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://winetime.redentu.top
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"670dd7fc-305e8"
expires
Fri, 03 Jan 2025 03:15:09 GMT
accept-ranges
bytes
content-length
198120
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
application/octet-stream
last-modified
Tue, 15 Oct 2024 02:48:28 GMT
server
nginx
Montserrat-SemiBold.ttf
winetime.redentu.top/fonts/ 		193 KB
194 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://winetime.redentu.top/fonts/Montserrat-SemiBold.ttf
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
e23dc6d21070d45a1840c2b8217fc17ddd8a502a4db652748ec2f40d3603dc2d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://winetime.redentu.top
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"670dd7fc-3054c"
expires
Fri, 03 Jan 2025 03:15:09 GMT
accept-ranges
bytes
content-length
197964
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
application/octet-stream
last-modified
Tue, 15 Oct 2024 02:48:28 GMT
server
nginx
activityi;dc_pre=CPah0IOTjYoDFRlIRwEdTYEh0A;src=12695077;type=pvcxg0;cat=all_s0;ord=9483601745018;npa=0;auiddc=288798076.1733282109;ps=1;pcor=145859037;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0...
12695077.fls.doubleclick.net/ Frame F791
Redirect Chain
  • https://12695077.fls.doubleclick.net/activityi;src=12695077;type=pvcxg0;cat=all_s0;ord=9483601745018;npa=0;auiddc=288798076.1733282109;ps=1;pcor=145859037;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;ua...
  • https://12695077.fls.doubleclick.net/activityi;dc_pre=CPah0IOTjYoDFRlIRwEdTYEh0A;src=12695077;type=pvcxg0;cat=all_s0;ord=9483601745018;npa=0;auiddc=288798076.1733282109;ps=1;pcor=145859037;uaa=;uab...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://12695077.fls.doubleclick.net/activityi;dc_pre=CPah0IOTjYoDFRlIRwEdTYEh0A;src=12695077;type=pvcxg0;cat=all_s0;ord=9483601745018;npa=0;auiddc=288798076.1733282109;ps=1;pcor=145859037;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190152539z8811926949za201zb811926949;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwinetime.redentu.top%2Fua?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12695077&l=dataLayer&cx=c&gtm=45He4bk0v811926949za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.70 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winetime.redentu.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
371
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 03:15:09 GMT
expires
Wed, 04 Dec 2024 03:15:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 03:15:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12695077.fls.doubleclick.net/activityi;dc_pre=CPah0IOTjYoDFRlIRwEdTYEh0A;src=12695077;type=pvcxg0;cat=all_s0;ord=9483601745018;npa=0;auiddc=288798076.1733282109;ps=1;pcor=145859037;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190152539z8811926949za201zb811926949;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwinetime.redentu.top%2Fua?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=12695077;type=pvcxg0;cat=all_s0;ord=9483601745018;npa=0;auiddc=288798076.1733282109;ps=1;pcor=145859037;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45...
td.doubleclick.net/td/fls/rul/ Frame 2299 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12695077;type=pvcxg0;cat=all_s0;ord=9483601745018;npa=0;auiddc=288798076.1733282109;ps=1;pcor=145859037;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190152539z8811926949za201zb811926949;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwinetime.redentu.top%2Fua?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12695077&l=dataLayer&cx=c&gtm=45He4bk0v811926949za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winetime.redentu.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 03:15:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CMGi0IOTjYoDFalaRwEdnhkPEg;src=12695077;type=pvcxg0;cat=allsi0;ord=1;num=7634782109093;npa=0;auiddc=288798076.1733282109;ps=1;pcor=526035949;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=...
12695077.fls.doubleclick.net/ Frame BA4C
Redirect Chain
  • https://12695077.fls.doubleclick.net/activityi;src=12695077;type=pvcxg0;cat=allsi0;ord=1;num=7634782109093;npa=0;auiddc=288798076.1733282109;ps=1;pcor=526035949;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua...
  • https://12695077.fls.doubleclick.net/activityi;dc_pre=CMGi0IOTjYoDFalaRwEdnhkPEg;src=12695077;type=pvcxg0;cat=allsi0;ord=1;num=7634782109093;npa=0;auiddc=288798076.1733282109;ps=1;pcor=526035949;ua...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://12695077.fls.doubleclick.net/activityi;dc_pre=CMGi0IOTjYoDFalaRwEdnhkPEg;src=12695077;type=pvcxg0;cat=allsi0;ord=1;num=7634782109093;npa=0;auiddc=288798076.1733282109;ps=1;pcor=526035949;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190152539z8811926949za201zb811926949;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwinetime.redentu.top%2Fua?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12695077&l=dataLayer&cx=c&gtm=45He4bk0v811926949za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.70 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winetime.redentu.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
376
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 03:15:09 GMT
expires
Wed, 04 Dec 2024 03:15:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 03:15:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12695077.fls.doubleclick.net/activityi;dc_pre=CMGi0IOTjYoDFalaRwEdnhkPEg;src=12695077;type=pvcxg0;cat=allsi0;ord=1;num=7634782109093;npa=0;auiddc=288798076.1733282109;ps=1;pcor=526035949;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190152539z8811926949za201zb811926949;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwinetime.redentu.top%2Fua?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=12695077;type=pvcxg0;cat=allsi0;ord=1;num=7634782109093;npa=0;auiddc=288798076.1733282109;ps=1;pcor=526035949;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;...
td.doubleclick.net/td/fls/rul/ Frame 0A86 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12695077;type=pvcxg0;cat=allsi0;ord=1;num=7634782109093;npa=0;auiddc=288798076.1733282109;ps=1;pcor=526035949;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190152539z8811926949za201zb811926949;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwinetime.redentu.top%2Fua?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12695077&l=dataLayer&cx=c&gtm=45He4bk0v811926949za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winetime.redentu.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 03:15:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=12695077;type=pvcxg0;cat=all_s0;ord=9483601745018;npa=0;auiddc=288798076.1733282109;ps=1;pcor=145859037;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=12695077;type=pvcxg0;cat=all_s0;ord=9483601745018;npa=0;auiddc=288798076.1733282109;ps=1;pcor=145859037;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190152539z8811926949za201zb811926949;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwinetime.redentu.top%2Fua?
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.166 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Wed, 04 Dec 2024 03:15:09 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"16578986297614697526"}],"aggregatable_trigger_data":[{"filters":[{"14":["13481272"]}],"key_piece":"0x2dd01c7b86a6de36","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xdb7bc1e03f8e2dac","not_filters":{"14":["13481272"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"10411709464937171140","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"16578986297614697526","filters":[{"14":["13481272"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"16578986297614697526","filters":[{"14":["13481272"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"16578986297614697526","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"16578986297614697526","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12695077"]}}
content-type
image/png
x-xss-protection
0
server
cafe
activity;register_conversion=1;src=12695077;type=pvcxg0;cat=allsi0;ord=1;num=7634782109093;npa=0;auiddc=288798076.1733282109;ps=1;pcor=526035949;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=12695077;type=pvcxg0;cat=allsi0;ord=1;num=7634782109093;npa=0;auiddc=288798076.1733282109;ps=1;pcor=526035949;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9190152539z8811926949za201zb811926949;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwinetime.redentu.top%2Fua?
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.166 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Wed, 04 Dec 2024 03:15:09 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"11017155195627751498"}],"aggregatable_trigger_data":[{"filters":[{"14":["13481275"]}],"key_piece":"0x309e686be1fa2cd0","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x3948a9f2543031ad","not_filters":{"14":["13481275"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"12970104121949728722","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"11017155195627751498","filters":[{"14":["13481275"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"11017155195627751498","filters":[{"14":["13481275"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"11017155195627751498","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"11017155195627751498","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12695077"]}}
content-type
image/png
x-xss-protection
0
server
cafe
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/998905891/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998905891/?random=1733282109819&cv=11&fst=1733282109819&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9197135589z8811926949za201zb811926949&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinetime.redentu.top%2Fua&hn=www.googleadservices.com&frm=0&tiba=WINETIME%20-%20%D1%96%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%20%D0%B2%D0%B8%D0%BD%D0%B0%2C%20%D1%81%D0%BF%D0%B8%D1%80%D1%82%D0%BD%D0%BE%D0%B3%D0%BE%2C%20%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%82%D1%96%D0%B2%2C&npa=0&pscdl=noapi&auid=288798076.1733282109&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-998905891&l=dataLayer&cx=c&gtm=45He4bk0v811926949za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d193c0541ed02c6bcec34a3f778ae85f4c70877ab048c717488ea5e6470261
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2394
date
Wed, 04 Dec 2024 03:15:09 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
998905891
td.doubleclick.net/td/rul/ Frame 9B59 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/998905891?random=1733282109819&cv=11&fst=1733282109819&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9197135589z8811926949za201zb811926949&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinetime.redentu.top%2Fua&hn=www.googleadservices.com&frm=0&tiba=WINETIME%20-%20%D1%96%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%20%D0%B2%D0%B8%D0%BD%D0%B0%2C%20%D1%81%D0%BF%D0%B8%D1%80%D1%82%D0%BD%D0%BE%D0%B3%D0%BE%2C%20%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%82%D1%96%D0%B2%2C&npa=0&pscdl=noapi&auid=288798076.1733282109&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-998905891&l=dataLayer&cx=c&gtm=45He4bk0v811926949za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winetime.redentu.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 03:15:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		3 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1857227612&t=pageview&_s=1&dl=https%3A%2F%2Fwinetime.redentu.top%2Fua&ul=en-us&de=UTF-8&dt=WINETIME%20-%20%D1%96%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%20%D0%B2%D0%B8%D0%BD%D0%B0%2C%20%D1%81%D0%BF%D0%B8%D1%80%D1%82%D0%BD%D0%BE%D0%B3%D0%BE%2C%20%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%82%D1%96%D0%B2%2C%20%D0%BD%D0%B0%D0%BF%D0%BE%D1%97%D0%B2%2C%20%D1%81%D0%BE%D0%BB%D0%BE%D0%B4%D0%BE%D1%89%D1%96%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1065896350&gjid=1369984001&cid=1505209640.1733282110&tid=UA-33424026-2&_gid=281814474.1733282110&_r=1&_slc=1&gtm=45He4bk0n81WQQ3BQFv811926949za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&z=796629810
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://winetime.redentu.top/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 03:15:09 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://winetime.redentu.top
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-8MF7C5BJD5&gtm=45je4bk0v9103545765za200zb811926949&_p=1733282109193&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=1505209640.1733282110&ecid=1731762067&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=1&sid=1733282109&sct=1&seg=0&dl=https%3A%2F%2Fwinetime.redentu.top%2Fua&dt=WINETIME%20-%20%D1%96%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%20%D0%B2%D0%B8%D0%BD%D0%B0%2C%20%D1%81%D0%BF%D0%B8%D1%80%D1%82%D0%BD%D0%BE%D0%B3%D0%BE%2C%20%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%82%D1%96%D0%B2%2C%20%D0%BD%D0%B0%D0%BF%D0%BE%D1%97%D0%B2%2C%20%D1%81%D0%BE%D0%BB%D0%BE%D0%B4%D0%BE%D1%89%D1%96%D0%B2&en=scroll&epn.percent_scrolled=90&_et=104&tfd=6901
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8MF7C5BJD5&l=dataLayer&cx=c&gtm=45He4bk0v811926949za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://winetime.redentu.top
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 03:15:10 GMT
content-type
text/plain
server
Golfe2
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-8MF7C5BJD5&gtm=45je4bk0v9103545765z8811926949za200zb811926949&_p=1733282109193&em=tv.1~em.oDuBvZU1H4HmFKKVMsh9R_dV49gU2TSxbeTKWUqb-E8&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=1505209640.1733282110&ecid=1731762067&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=2&sid=1733282109&sct=1&seg=0&dl=https%3A%2F%2Fwinetime.redentu.top%2Fua&dt=WINETIME%20-%20%D1%96%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%20%D0%B2%D0%B8%D0%BD%D0%B0%2C%20%D1%81%D0%BF%D0%B8%D1%80%D1%82%D0%BD%D0%BE%D0%B3%D0%BE%2C%20%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%82%D1%96%D0%B2%2C%20%D0%BD%D0%B0%D0%BF%D0%BE%D1%97%D0%B2%2C%20%D1%81%D0%BE%D0%BB%D0%BE%D0%B4%D0%BE%D1%89%D1%96%D0%B2&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=6903
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8MF7C5BJD5&l=dataLayer&cx=c&gtm=45He4bk0v811926949za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://winetime.redentu.top
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 03:15:10 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
557 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8MF7C5BJD5&cid=1505209640.1733282110&gtm=45je4bk0v9103545765z8811926949za200zb811926949&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8MF7C5BJD5&l=dataLayer&cx=c&gtm=45He4bk0v811926949za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://winetime.redentu.top
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 03:15:10 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 76B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-8MF7C5BJD5&gacid=1505209640.1733282110&gtm=45je4bk0v9103545765z8811926949za200zb811926949&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=1089140723
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8MF7C5BJD5&l=dataLayer&cx=c&gtm=45He4bk0v811926949za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://winetime.redentu.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 03:15:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
clarity.js
www.clarity.ms/s/0.7.56/ 		66 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.56/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/8n51gsezqc?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

x-azure-ref
20241204T031509Z-178cd9dd65f2l7nnhC1MNZc4wn0000001epg00000000trbf
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD0EDC462F0477"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
c1d59581-501e-0016-61c5-40d80c000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Wed, 04 Dec 2024 03:15:09 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 12:08:58 GMT
/
m.cralodas.com.ua/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.cralodas.com.ua/?t=0.8040348632014696
Requested by
Host: cralodas.com.ua
URL: https://cralodas.com.ua/code/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d7e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9f46f18a89095ef202df6a5079cc28b12cf2f8ca036fc02d175014ca8284483

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MMCJqCq7lstQnX%2BLxOVjRldbYpmAHlkOSt6N5g2GLBHop8AKh7xmr9xXfBT3qGNq%2F7cMrXt%2BtUQ30tA33u%2BSd1aPoeBnFZIb3PnIp6fHq61%2FnRvGuJnAdnQ%2F33lb67gXea0vn%2B1ad2S5kTuAodOcTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ec8a1633e284411-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22036&min_rtt=19480&rtt_var=4643&sent=13&recv=12&lost=0&retrans=0&sent_bytes=5126&recv_bytes=4624&delivery_rate=21207&cwnd=12000&unsent_bytes=0&cid=71261f904a71fd8b&ts=550&x=1", cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 03:15:10 GMT
content-type
application/javascript
server
cloudflare
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea641f4f3b0ebfb74e49c9b988de77864e34b78fae9f41f950d0f5263aafc6fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		338 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
207e6108661380ec64884ef550a4ea1f0c113b4a4707aa6c95b5a801399f1b53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		413 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5eb5b6597c136beeb124ce75c49d162234283f13127601c42f93d99378d4b7a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		96 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b57e3bb6c43f478abc7db5fd359ad5e293564c0d75f8ab1500f51ec64101a02b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://winetime.redentu.top
Referer

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/ 		375 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbea519d466270c186b0cd12c7d070a02a4f33d47165aec769a191e33541ccc3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
/
www.google.com/pagead/1p-user-list/998905891/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/998905891/?random=1733282109819&cv=11&fst=1733281200000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9197135589z8811926949za201zb811926949&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinetime.redentu.top%2Fua&hn=www.googleadservices.com&frm=0&tiba=WINETIME%20-%20%D1%96%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%20%D0%B2%D0%B8%D0%BD%D0%B0%2C%20%D1%81%D0%BF%D0%B8%D1%80%D1%82%D0%BD%D0%BE%D0%B3%D0%BE%2C%20%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%82%D1%96%D0%B2%2C&npa=0&pscdl=noapi&auid=288798076.1733282109&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dhJl8otAVr_v2Rnq2ArAwD82zY7FWZw&random=3528932793&rmt_tld=0&ipr=y
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 04 Dec 2024 03:15:10 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1857227612&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwinetime.redentu.top%2Fua&ul=en-us&de=UTF-8&dt=WINETIME%20-%20%D1%96%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%20%D0%B2%D0%B8%D0%BD%D0%B0%2C%20%D1%81%D0%BF%D0%B8%D1%80%D1%82%D0%BD%D0%BE%D0%B3%D0%BE%2C%20%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%82%D1%96%D0%B2%2C%20%D0%BD%D0%B0%D0%BF%D0%BE%D1%97%D0%B2%2C%20%D1%81%D0%BE%D0%BB%D0%BE%D0%B4%D0%BE%D1%89%D1%96%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1gqtday&_u=aDDAAEABAAAAACAAI~&jid=&gjid=&cid=1505209640.1733282110&tid=UA-33424026-2&_gid=281814474.1733282110&gtm=45He4bk0n81WQQ3BQFv811926949za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&cd6=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F8n51gsezqc%2F1ksfj1m%2F1gqtday&z=917026071
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

age
81146
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 04:42:45 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
event
site-script.esputnik.com/site-script/v1/ 		34 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://site-script.esputnik.com/site-script/v1/event
Requested by
Host: statics.esputnik.com
URL: https://statics.esputnik.com/scripts/DA1B8F9B05CF498790712AB865001125.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.133.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-133-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6f69de9cdb32a508852b2e7be4bdc73a185368f54114aca80c588b4144d52241

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/json; charset=UTF-8
Referer
https://winetime.redentu.top/

Response headers

access-control-allow-origin
*
content-length
34
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
application/json
event
site-script.esputnik.com/site-script/v1/ 		34 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://site-script.esputnik.com/site-script/v1/event
Requested by
Host: statics.esputnik.com
URL: https://statics.esputnik.com/scripts/DA1B8F9B05CF498790712AB865001125.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.133.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-133-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6f69de9cdb32a508852b2e7be4bdc73a185368f54114aca80c588b4144d52241

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/json; charset=UTF-8
Referer
https://winetime.redentu.top/

Response headers

access-control-allow-origin
*
content-length
34
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
application/json
/
c.cralodas.com.ua/ 		0
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.cralodas.com.ua/?id=0682057e-9ce3-6a89-a151-ff2a9f3e7e35&width=1600&height=1200&screen_width=1600&screen_height=1200&d=1&bd={%22l%22:[%22en-US%22,%22en%22],%22pc%22:5,%22p%22:true}&url=https%3A%2F%2Fwinetime.redentu.top%2Fua&ref=&t=0.9471093506991295
Requested by
Host: m.cralodas.com.ua
URL: https://m.cralodas.com.ua/?t=0.8040348632014696
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d7e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BOwqvOPm%2F3kOHO84DuAazsmU8h%2B%2F5Q1ph6CNJnbJdTnaHEVUtkaP%2BMXCl%2FHgu%2BzYaoqRvCbL7ZKjWWJZsyDvZLkQVXPlHwHR9HfblHEowlUnd8wAAVf%2Bit9diIWUh7JP%2F4RsXeP75ir1bjA9%2BnmSgg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ec8a16a3eae4411-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=21784&min_rtt=19480&rtt_var=3987&sent=16&recv=14&lost=0&retrans=0&sent_bytes=7302&recv_bytes=5099&delivery_rate=13989&cwnd=12000&unsent_bytes=0&cid=71261f904a71fd8b&ts=1655&x=1", cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
application/javascript
server
cloudflare
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
event
site-script.esputnik.com/site-script/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://site-script.esputnik.com/site-script/v1/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.133.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-133-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://winetime.redentu.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,Content-Type,Accept,X-Requested-With,Access-Control-Allow-Headers,cl-customer-id,Access-Control-Allow-Origin,*
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
*
date
Wed, 04 Dec 2024 03:15:11 GMT
vary
Access-Control-Request-Method, Access-Control-Request-Headers, Origin
event
site-script.esputnik.com/site-script/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://site-script.esputnik.com/site-script/v1/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.133.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-133-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://winetime.redentu.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,Content-Type,Accept,X-Requested-With,Access-Control-Allow-Headers,cl-customer-id,Access-Control-Allow-Origin,*
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
*
date
Wed, 04 Dec 2024 03:15:11 GMT
vary
Access-Control-Request-Method, Access-Control-Request-Headers, Origin
c89486dae04daadf7c41da95ecd2336a.png
winetime.redentu.top/storage/ 		245 KB
245 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/storage/c89486dae04daadf7c41da95ecd2336a.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
88a65f08a7e17b6601bacb4fae113355532a7ce79b96f0ff03f5fa81da9cc6dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"659e90b3-3d2a6"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
250534
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Wed, 10 Jan 2024 12:42:27 GMT
server
nginx
665d68884e45bf4dd1057483469c9bd1.png
winetime.redentu.top/storage/ 		210 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/storage/665d68884e45bf4dd1057483469c9bd1.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
bdaafb5de090dd05eb91ad057101257c0486db4ac862d31a4d500a49adbe9766

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"659f9242-346f9"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
214777
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Thu, 11 Jan 2024 07:01:22 GMT
server
nginx
1808cf64fa2707d5f02f96599742c0bd.jpeg
winetime.redentu.top/storage/ 		186 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/storage/1808cf64fa2707d5f02f96599742c0bd.jpeg
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
47644a05b1cdc06039cea3645d550d5e227c55c370b77f317cfc07fc99463c06

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"66965620-2e9d9"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
190937
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/jpeg
last-modified
Tue, 16 Jul 2024 11:14:40 GMT
server
nginx
2d70fa8fe5aac3337895b43bc757c84a.png
winetime.redentu.top/storage/ 		417 KB
418 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/storage/2d70fa8fe5aac3337895b43bc757c84a.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
3849932c80b1439668c305832c1a2d829669b7beb54b0a31be0ce72323f9b203

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"65a7de65-68575"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
427381
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Wed, 17 Jan 2024 14:04:21 GMT
server
nginx
8a9c7efb0b0514e08ed849c749f6a6c1.jpeg
winetime.redentu.top/storage/ 		295 KB
295 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/storage/8a9c7efb0b0514e08ed849c749f6a6c1.jpeg
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
a35f485216dde03b91f9fdf03cacb8ed32fd086402e7d299e73e1d78fb3cf8a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"66965659-49bf4"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
302068
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/jpeg
last-modified
Tue, 16 Jul 2024 11:15:37 GMT
server
nginx
a49acbb695b785f3907e47b7a40c9933.png
winetime.redentu.top/storage/ 		445 KB
446 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/storage/a49acbb695b785f3907e47b7a40c9933.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
4f54e52439d63e6f3b3d5e3d32a9d64b0a4ce73079483e402f265afade779a6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"65a641ab-6f59d"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
456093
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Tue, 16 Jan 2024 08:43:23 GMT
server
nginx
65318a2ab006c8d1265adb81bb7eb86a.jpeg
winetime.redentu.top/storage/ 		196 KB
197 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/storage/65318a2ab006c8d1265adb81bb7eb86a.jpeg
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
0777ca4708f4d664419c96e0c2e5f07a6117d2ad75c83c001312b2dc23368b8e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"66965685-31105"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
200965
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/jpeg
last-modified
Tue, 16 Jul 2024 11:16:21 GMT
server
nginx
df6366d4e6b26b11ebc7cf84645d2038.png
winetime.redentu.top/storage/ 		276 KB
276 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/storage/df6366d4e6b26b11ebc7cf84645d2038.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
e95bf2073a03125816fcf99c400de009440038cd337283b1a48b3632d27411df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"6502fd94-44e4a"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
282186
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Thu, 14 Sep 2023 12:33:24 GMT
server
nginx
36d2197a6adb3788317c1dff5d942234.png
winetime.redentu.top/storage/ 		212 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/storage/36d2197a6adb3788317c1dff5d942234.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
00e30e848394a9467e2de4c81f95dcfa90abfd05e3bb80fdc5ed0135f31cdbe4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"65044f73-34fdb"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
217051
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Fri, 15 Sep 2023 12:34:59 GMT
server
nginx
442b6e629256bc018614a97badb507dd.png
winetime.redentu.top/storage/ 		549 KB
550 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/storage/442b6e629256bc018614a97badb507dd.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
318cc722ef3c2c50f9a2326d49dff3051e06a9c0cccf1ba086693eb1aa1864a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"674f1064-89385"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
562053
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Tue, 03 Dec 2024 14:06:28 GMT
server
nginx
3f570b9a6506122bad9a3d660b30d8e7.jpeg
winetime.redentu.top/storage/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/storage/3f570b9a6506122bad9a3d660b30d8e7.jpeg
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
5c4db9011d540819f2a683b94ada16254c506da78b7cb0f33cb96bba41942874

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"66965726-15d0e"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
89358
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/jpeg
last-modified
Tue, 16 Jul 2024 11:19:02 GMT
server
nginx
044f214252aa1a238a8e5116db688ed7.jpeg
winetime.redentu.top/storage/ 		215 KB
216 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/storage/044f214252aa1a238a8e5116db688ed7.jpeg
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
28cf9238a4436d48ae5628aa8c4dd58cec870740069cab5b27140ae7be870bb4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"669657d9-35d93"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
220563
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/jpeg
last-modified
Tue, 16 Jul 2024 11:22:01 GMT
server
nginx
d7e14aa9a71269f23b5cd482121506c4.jpeg
winetime.redentu.top/storage/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/storage/d7e14aa9a71269f23b5cd482121506c4.jpeg
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
c2bd10b62124ffa8f34f84c28361f0b1757098c2f0c354e903d7237f1c92e0b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"66daaffe-118ad"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
71853
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/jpeg
last-modified
Fri, 06 Sep 2024 07:32:14 GMT
server
nginx
subscribe_bg.jpg
winetime.redentu.top/img/new-site/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/img/new-site/subscribe_bg.jpg
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
6da404edba1dd995f76a0b1bdb7256a0222a1a8a1808eedc1e4b767922608814

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"6093e9e3-17082"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
94338
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/jpeg
last-modified
Thu, 06 May 2021 13:06:43 GMT
server
nginx
restrict-popup-image.png
winetime.redentu.top/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/img/restrict-popup-image.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
418f60baa11ffdf56f667eb7e8ea726448fd6971d8041f8da24df7fd63558310

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"670dd7fc-2897"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
10391
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Tue, 15 Oct 2024 02:48:28 GMT
server
nginx
is-recommended.svg
winetime.redentu.top/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/img/is-recommended.svg
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
a06bcea514e583e79e0f59e7f2ccb5d44dac100d790f41c1b0c953f0df0ae244

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"65b342ec-b79"
expires
Fri, 03 Jan 2025 03:15:11 GMT
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/svg+xml
last-modified
Fri, 26 Jan 2024 05:28:12 GMT
server
nginx
vary
Accept-Encoding
our-import-1.svg
winetime.redentu.top/img/ 		129 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/img/our-import-1.svg?v=1
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
ace439fd2df94465343ba981f1b4919f9865abae72289e0ec6fd544288888978

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"670dd7fc-20444"
expires
Fri, 03 Jan 2025 03:15:11 GMT
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/svg+xml
last-modified
Tue, 15 Oct 2024 02:48:28 GMT
server
nginx
vary
Accept-Encoding
3DHfl_1621836462.png
winetime.com.ua/storage/geos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.com.ua/storage/geos/3DHfl_1621836462.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cc91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6002737fc0c263866aca08c3deaf5ab0fc30c3342cfd40d21b46cbb26e1918d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

cf-cache-status
HIT
etag
"60ab42ae-4c6"
age
1767761
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uchdeghJMAowqnWXO2%2F4RYBPqRUo1h3R8C%2BjMSFXDNn3YZwd9PJANjw2SJoXjHRqCyA0O7mxEH%2FNQ%2BT737TG24hy0EIYQZrsx0X5th8Yq%2BQ%2B3c9g82TRiFk0Jhf4HIRKo9prNl%2BNwb9gwx4VCgI%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 13 Dec 2024 16:12:30 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21928&min_rtt=21774&rtt_var=8275&sent=23&recv=15&lost=0&retrans=0&sent_bytes=15622&recv_bytes=6840&delivery_rate=121544&cwnd=12000&unsent_bytes=0&cid=192b01cec2fd1885&ts=62&x=1", cfHdrFlush;dur=23
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Mon, 24 May 2021 06:07:42 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec8a16dabb38c84-EWR
accept-ranges
bytes
content-length
1222
server
cloudflare
UtTxX_1622199970.png
winetime.com.ua/storage/geos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.com.ua/storage/geos/UtTxX_1622199970.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cc91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
501c2b0b62415b45570fa5c6ac89212d68975a1911886e19bca3d03a0904e7ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

cf-cache-status
HIT
etag
"60b0cea2-407"
age
1745807
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E59fPDcFEoL2kI7vcgd4WKhr4As12Zxgwnja0vKRBTL40YVJGQDBxpB4wfJr%2FEUgFCoQ6i1rlkphSTErjaz38hmNTHBw8LQG%2Ffap4a4mxJoc2j%2FfKBEev9%2BrpIMv8CtlznpnIJ5e0XoBIR8NEEw%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 13 Dec 2024 22:18:24 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21928&min_rtt=21774&rtt_var=8275&sent=23&recv=15&lost=0&retrans=0&sent_bytes=15622&recv_bytes=6840&delivery_rate=121544&cwnd=12000&unsent_bytes=0&cid=192b01cec2fd1885&ts=63&x=1", cfHdrFlush;dur=22
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Fri, 28 May 2021 11:06:10 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec8a16dabb78c84-EWR
accept-ranges
bytes
content-length
1031
server
cloudflare
mqkdM_1621842507.png
winetime.com.ua/storage/geos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.com.ua/storage/geos/mqkdM_1621842507.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cc91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8cb3de157660d3a67849164affffc43b112ced1dc67ba37ce08d1e388aa5075

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

cf-cache-status
HIT
etag
"60ab5a4b-4e4"
age
1745807
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uHTYZp3LRQ%2FSF636Oyl3DGDaMB4bDGJhe9HRzhtVSIhRnPYHXIZLoRtn%2B3qtCCtjZ7xm6tiGbcy6rWoGQSB%2BOfpo1m%2B6phCwY%2BpylEiWbi0bUYNB9BBF%2ByfMGQb5mORr6MxrDWCP9zLTQCYbC1M%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 13 Dec 2024 22:18:24 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21928&min_rtt=21774&rtt_var=8275&sent=12&recv=15&lost=0&retrans=0&sent_bytes=4204&recv_bytes=6840&delivery_rate=121544&cwnd=12000&unsent_bytes=0&cid=192b01cec2fd1885&ts=60&x=1", cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Mon, 24 May 2021 07:48:27 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec8a16dabb18c84-EWR
accept-ranges
bytes
content-length
1252
server
cloudflare
aIqXy_1621835923.png
winetime.com.ua/storage/geos/ 		833 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.com.ua/storage/geos/aIqXy_1621835923.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cc91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
188259fd3720a1bb2449467ceb130294120631f327f919b0c8085df42baa1af3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

cf-cache-status
HIT
etag
"60ab4093-341"
age
1745807
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qv12Ci8SMckyaehELMG2trJA%2B5U4csLBNXLw5FTLssis%2BFkN6Nr8pgFzi%2FOrhvQkbbXh4IDTQ%2Bsp7KQyNyuyJjHu7L%2F4odNKrwK8NLUpiNUzQ%2FGwi4eYqvwW0ww1KKtjolzOrzwareOb3jEs41s%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 13 Dec 2024 22:18:24 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21928&min_rtt=21774&rtt_var=8275&sent=23&recv=15&lost=0&retrans=0&sent_bytes=15622&recv_bytes=6840&delivery_rate=121544&cwnd=12000&unsent_bytes=0&cid=192b01cec2fd1885&ts=64&x=1", cfHdrFlush;dur=21
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Mon, 24 May 2021 05:58:43 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec8a16dabaa8c84-EWR
accept-ranges
bytes
content-length
833
server
cloudflare
LVadY_1621836478.png
winetime.com.ua/storage/geos/ 		637 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.com.ua/storage/geos/LVadY_1621836478.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cc91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
594f333e3a8fe65a0466e4f9c140dab97e6b6a073579edf130a87b86614d7ec8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

cf-cache-status
HIT
etag
"60ab42be-27d"
age
1767761
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fs7HXZDpARydfn%2B4n75OQtp9jijRnoFyoUF5zRNM9fYSNqI08YxoMGZxLZKNOfYel%2BA0%2F3pjIi%2B5hap0BugHcYFxlhkIL1escLMQy9Y6AKd7W4ckUeMPotlCJNDi9%2BjElL5U77kv7c0EBfS1UvI%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 13 Dec 2024 16:12:30 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21928&min_rtt=21774&rtt_var=8275&sent=14&recv=15&lost=0&retrans=0&sent_bytes=6216&recv_bytes=6840&delivery_rate=121544&cwnd=12000&unsent_bytes=0&cid=192b01cec2fd1885&ts=61&x=1", cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Mon, 24 May 2021 06:07:58 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec8a16daba58c84-EWR
accept-ranges
bytes
content-length
637
server
cloudflare
lCmdi_1621837253.png
winetime.com.ua/storage/geos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.com.ua/storage/geos/lCmdi_1621837253.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cc91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
679150136b5b550ba3406ed8f54184a21bb79aafd79c6b8e577398589b75b653

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

cf-cache-status
HIT
etag
"60ab45c5-405"
age
1757146
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2Bwg22swEeVa2hcFAE3uwQthVPgeLrDQNXrcw318P45Sw%2Ft32og6Cju%2BRn%2F1m%2FrcUOQ82E1lpc%2B8%2F%2BbHO%2FE0sahh8whggJaquGiPSDO6wVaUS7YRVSWto4Od2zTOFXR6FigZH3%2F0qF8ytMQ%2BM18%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 13 Dec 2024 19:09:25 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21928&min_rtt=21774&rtt_var=8275&sent=23&recv=15&lost=0&retrans=0&sent_bytes=15622&recv_bytes=6840&delivery_rate=121544&cwnd=12000&unsent_bytes=0&cid=192b01cec2fd1885&ts=64&x=1", cfHdrFlush;dur=21
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Mon, 24 May 2021 06:20:53 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec8a16dabac8c84-EWR
accept-ranges
bytes
content-length
1029
server
cloudflare
CRQic_1621837665.png
winetime.com.ua/storage/geos/ 		944 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.com.ua/storage/geos/CRQic_1621837665.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cc91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
028648c254b7c420708655a107f20fa88965f515320dedb07dcef65389462158

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

cf-cache-status
HIT
etag
"60ab4761-3b0"
age
616364
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f0PSWFEmt8h5cwxtfwmxnTGr3EJ7PCY%2F%2BTbVlVcrXn8EgDyDaXsGknZnj1eyqzJadyeYcG9r5m0GZ1eSYPDxAuoHFCcgIMF3DZn72PhW64OjyT1EwDFnyDF073TaLwUAn%2B2Xe9b4AcPKkHZWy0k%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 27 Dec 2024 00:02:27 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24926&min_rtt=21774&rtt_var=2469&sent=46&recv=27&lost=0&retrans=0&sent_bytes=40227&recv_bytes=8601&delivery_rate=468727&cwnd=24000&unsent_bytes=0&cid=192b01cec2fd1885&ts=106&x=1", cfHdrFlush;dur=3
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Mon, 24 May 2021 06:27:45 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec8a16dec0d8c84-EWR
accept-ranges
bytes
content-length
944
server
cloudflare
dN9lo_1621835909.png
winetime.com.ua/storage/geos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.com.ua/storage/geos/dN9lo_1621835909.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cc91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eaf80ed2c031815ebfa09774020ce851da6916993a4760f97b2d8580525abde

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

cf-cache-status
HIT
etag
"60ab4085-56b"
age
1767761
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XGumf7TyAgjzwvl2sdxskVt0x1pnZ%2BfQgIVaIjx7q3k0hBP1qaq3QTMhE2ejF8DZ468IdYcXmu%2F41PfNhnExEOJ855Tfy0Wc8pA%2Bjw%2BFj557Zuq%2F0zfHNGU%2BVhYgOU%2FJCns51EUW9QXXF2HBFzQ%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 13 Dec 2024 16:12:30 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24926&min_rtt=21774&rtt_var=2469&sent=46&recv=27&lost=0&retrans=0&sent_bytes=40227&recv_bytes=8601&delivery_rate=468727&cwnd=24000&unsent_bytes=0&cid=192b01cec2fd1885&ts=103&x=1", cfHdrFlush;dur=6
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Mon, 24 May 2021 05:58:29 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec8a16dec108c84-EWR
accept-ranges
bytes
content-length
1387
server
cloudflare
cn0yl_1621839896.png
winetime.com.ua/storage/geos/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.com.ua/storage/geos/cn0yl_1621839896.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cc91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c2112c7af1aff951d43864c7a8fcb089fe2202d7fbbd9d92d9e13f0406190ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

cf-cache-status
HIT
etag
"60ab5018-7a7"
age
1745807
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y573BBcZz66H6MQSywm0Ev%2BbEcWlun3MjuUKOkKolQvUxncGnXvqQsSAud6ILSuvG5F%2B%2BcW64x%2BIJaXbtR1zS3xKrVSFL7BUb%2BZ4iGaljri6%2FzZO0ic90wXPoEa7lItef3ArH12aR3yEMYn1O9c%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 13 Dec 2024 22:18:24 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23948&min_rtt=21774&rtt_var=515&sent=86&recv=37&lost=0&retrans=0&sent_bytes=87997&recv_bytes=9031&delivery_rate=951172&cwnd=48000&unsent_bytes=0&cid=192b01cec2fd1885&ts=110&x=1", cfHdrFlush;dur=24
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Mon, 24 May 2021 07:04:56 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec8a16dec138c84-EWR
accept-ranges
bytes
content-length
1959
server
cloudflare
4fhF6_1622198040.png
winetime.com.ua/storage/geos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.com.ua/storage/geos/4fhF6_1622198040.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cc91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34edc35eb3f575b1ff16b581773b7f682d0d155b3e61ddd15c44a70251c58752

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

cf-cache-status
HIT
etag
"60b0c718-535"
age
912545
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YS0dcsVhdnHnmnnF%2FTdYmg8xZMTWDnPiAZA0vEwCns86IhwsFc08prvyjdiXFRnaKjsNFL8zITEdS1rKduSsvlYF48u91Gv3p%2BCmDctCabE5ipHlnuCFK1LrK2joJu7w7l3c%2B6QqZ7j2qY33Qkw%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 23 Dec 2024 13:46:06 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23948&min_rtt=21774&rtt_var=515&sent=86&recv=37&lost=0&retrans=0&sent_bytes=87997&recv_bytes=9031&delivery_rate=951172&cwnd=48000&unsent_bytes=0&cid=192b01cec2fd1885&ts=110&x=1", cfHdrFlush;dur=24
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Fri, 28 May 2021 10:34:00 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec8a16dec148c84-EWR
accept-ranges
bytes
content-length
1333
server
cloudflare
no-photo-available.png
winetime.redentu.top/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/img/no-photo-available.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
21ab0c22c4a2eef5198a43db600ffceff99e19d161ccee841a3014a8dd8f09da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"6093e9e3-afd"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
2813
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Thu, 06 May 2021 13:06:43 GMT
server
nginx
tracking.min.js
www.artfut.com/static/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/tracking.min.js?campaign_code=28b20b9035
Requested by
Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=28b20b9035
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4133afc350d176f80eaa227f903be91646e1e2dec276f60eb8a15f9a1df96df8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=Y0ABmg==, md5=kqLtq/TqgjI1CgVo09fnlg==
cf-cache-status
REVALIDATED
etag
W/"92a2edabf4ea8232350a0568d3d7e796"
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9hXndaIECkPE%2BblzNZvSX9KI8q6MVS8ulZqqMYtQwY1XpzyiNYmDO5UnWDgr%2F14cZ9BTyJYweH6Ge7BAPdO3LBO4gaQxMMqBjThW2oFPti5oc%2FAUspk3kW8hRHL%2BoW87RWxcwKsuppJXp3sy"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Wed, 04 Dec 2024 04:15:11 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=8694&min_rtt=8612&rtt_var=1850&sent=24&recv=10&lost=0&retrans=0&sent_bytes=15047&recv_bytes=2425&delivery_rate=469127&cwnd=256&unsent_bytes=0&cid=426f654ee4e8c8b8&ts=2442&x=0"
x-goog-stored-content-length
20009
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
application/javascript
last-modified
Mon, 25 Sep 2023 13:46:17 GMT
vary
Accept-Encoding
x-guploader-uploadid
ABPtcPrIJXjhhv-LBbnTnlHOSq8aoikfZKN1W5frnyoVa1q7YVZudfhuIMuAJRMiGptPCVViWAM
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8ec8a16ccdf732e2-EWR
x-goog-generation
1695649577156587
server
cloudflare
crossdevice.min.js
www.artfut.com/static/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.artfut.com/static/crossdevice.min.js?campaign_code=28b20b9035
Requested by
Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=28b20b9035
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfd6129dcdcd1104f5c6836214d2641fd643988b097451c7515512057eeba23c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=qCFtfg==, md5=N2GcIozVvoriyogYngtWAg==
cf-cache-status
REVALIDATED
etag
W/"37619c228cd5be8ae2ca88189e0b5602"
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5THM0Eg5Dl6lkUoltyeJQR%2FR95EEl1hy%2Bznfb23C%2BtUsneoNG0wlJWgCqxQQlPPXQU%2FMPUorXhevII%2Fc3t%2BkfLU9vLZvg0ykm5pN3gSZiqcXlbk33qsqgJ2AKsoPWSDLmSjvAhHVH9A0%2BKvy"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Wed, 04 Dec 2024 04:15:11 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=8694&min_rtt=8612&rtt_var=1850&sent=11&recv=10&lost=0&retrans=0&sent_bytes=6302&recv_bytes=2425&delivery_rate=469127&cwnd=256&unsent_bytes=0&cid=426f654ee4e8c8b8&ts=2440&x=0"
x-goog-stored-content-length
26537
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
application/javascript
last-modified
Wed, 09 Oct 2024 12:43:12 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY37Ap0KmRQkKU17yUQbwDnsI81it1-1FHGW0EPeVhpM3a3hVRbOSquJ2d-xhKhKgt3FEzrfYSwMwg
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
8ec8a16ccdf932e2-EWR
x-goog-generation
1728477792681523
server
cloudflare
kiberponedilok.png
winetime.redentu.top/uploads/symlink/65000-66000/ 		5 MB
5 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/uploads/symlink/65000-66000/kiberponedilok.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
942096c9c3980173c8f8825fa0c3db9a2fe6770d285debf8e699b6da191cc34a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"67496109-4bdbe0"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
4971488
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Fri, 29 Nov 2024 06:36:57 GMT
server
nginx
c8a9b481a08d1d7b81cd70fdcaab41a3.jpeg
winetime.redentu.top/storage/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/storage/c8a9b481a08d1d7b81cd70fdcaab41a3.jpeg
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
8fde97718cb12ccaf7c30e4d64ee274adcfe2c447ae4dd30a90bbc970514a50b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"66ed4fef-c321"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
49953
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/jpeg
last-modified
Fri, 20 Sep 2024 10:35:27 GMT
server
nginx
53389220067_6cc8205011_b.jpg
winetime.com.ua/uploads/symlink/66000-67000/ 		230 KB
231 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.com.ua/uploads/symlink/66000-67000/53389220067_6cc8205011_b.jpg
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cc91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e4db2ccec8a66a5c003c8723749eee1890fe0a84b28a658b2dc1a3d5f414c8d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

cf-cache-status
HIT
etag
"6576dd82-39999"
age
1082591
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rPdzxwgtW0Ztc9ykTSnHwoPxIdOhZtzz2QEFBnIZUC4aXh3sTj9ppNfRC0OxSseAbBXbCjoGgwS1cpv68DJJg4ezNLl18cWD6tZgnyGqOmcNO%2FtCXuoQRtVQ%2BTI%2FxozLi%2BM2zDjAbtqTefDN5U0%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 21 Dec 2024 14:32:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21928&min_rtt=21774&rtt_var=8275&sent=23&recv=15&lost=0&retrans=0&sent_bytes=15622&recv_bytes=6840&delivery_rate=121544&cwnd=12000&unsent_bytes=0&cid=192b01cec2fd1885&ts=65&x=1", cfHdrFlush;dur=20
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/jpeg
last-modified
Mon, 11 Dec 2023 09:59:30 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec8a16dabb48c84-EWR
accept-ranges
bytes
content-length
235929
server
cloudflare
757820ff4f1ae9288b417a594535dc14.png
winetime.redentu.top/storage/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/storage/757820ff4f1ae9288b417a594535dc14.png
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
e224d59d3bc0563dc14ca8cfe06f2a08f35f2a75ee1eaf81cbc14f69d1af1ec5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"66ed1445-19e6a4"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
1697444
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/png
last-modified
Fri, 20 Sep 2024 06:20:53 GMT
server
nginx
53198193396_0d2cc490a1_b.jpg
winetime.com.ua/uploads/symlink/65000-66000/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.com.ua/uploads/symlink/65000-66000/53198193396_0d2cc490a1_b.jpg
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cc91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ea572ff2e9cce9c1cb9027c1d7ef4eaa4604fa235dc66c35ac64cd173980e60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

cf-cache-status
HIT
etag
"6509584b-1c459"
age
644366
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=esMAZWK4%2FfBERIwI1dmDk2ZYp%2BEwnaaTVTf8W%2BivlYtP4TLVRSYyiSbEEwvck2iwbtco7RLBP0VXjVZ3VvbiaQJi1%2B9rztfO2x2pkWwT6eWk7RUvx1FoCC%2FW4bf%2FlnrbMj3o6MjYMTfNxG9wWKM%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 26 Dec 2024 16:15:45 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21928&min_rtt=21774&rtt_var=8275&sent=16&recv=15&lost=0&retrans=0&sent_bytes=7574&recv_bytes=6840&delivery_rate=121544&cwnd=12000&unsent_bytes=0&cid=192b01cec2fd1885&ts=61&x=1", cfHdrFlush;dur=0
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/jpeg
last-modified
Tue, 19 Sep 2023 08:14:03 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec8a16daba28c84-EWR
accept-ranges
bytes
content-length
115801
server
cloudflare
ab6f1ce1939bd9310a069d84878e4c11.jpeg
winetime.redentu.top/storage/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/storage/ab6f1ce1939bd9310a069d84878e4c11.jpeg
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
4b1a056a7b1755fc31cdf3feca5a773a9ebf7f0b1b5a79eb9102e850ba153c37

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"669910c1-cf59"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
53081
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/jpeg
last-modified
Thu, 18 Jul 2024 12:55:29 GMT
server
nginx
wine-academy.jpg
winetime.redentu.top/img/ 		138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/img/wine-academy.jpg
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
06c7ef41105f074e485740ebc7ba743d71a7c6fd74ce3628f42412c1220933e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"670dd7fc-22674"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
140916
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/jpeg
last-modified
Tue, 15 Oct 2024 02:48:28 GMT
server
nginx
gift-certificates.jpg
winetime.redentu.top/img/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winetime.redentu.top/img/gift-certificates.jpg
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
0c8f4b4fbc75a1ebadf014dacdcc169c0e7a6c23fbe36a3d003afa3cca06336c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

cache-control
max-age=2592000
etag
"670dd7fc-5ae3"
expires
Fri, 03 Jan 2025 03:15:11 GMT
accept-ranges
bytes
content-length
23267
date
Wed, 04 Dec 2024 03:15:11 GMT
content-type
image/jpeg
last-modified
Tue, 15 Oct 2024 02:48:28 GMT
server
nginx
collect
s.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://winetime.redentu.top/

Response headers

Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
Access-Control-Allow-Origin
https://winetime.redentu.top
Date
Wed, 04 Dec 2024 03:15:11 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
webevent
esputnik.com/site-events/api/v1/ 		0
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esputnik.com/site-events/api/v1/webevent
Requested by
Host: winetime.redentu.top
URL: https://winetime.redentu.top/_debugbar/assets/javascript?v=1730204665
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:ac8:b920:bd60:a9c8:1112:459e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://winetime.redentu.top/

Response headers

access-control-allow-headers
Origin, X-Requested-With, Access-Control-Allow-Headers, Content-Type, Accept, cl-customer-id, *
access-control-allow-origin
*
content-length
0
date
Wed, 04 Dec 2024 03:15:12 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server
nginx
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
webevent
esputnik.com/site-events/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esputnik.com/site-events/api/v1/webevent
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:ac8:b920:bd60:a9c8:1112:459e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://winetime.redentu.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Access-Control-Allow-Headers, Content-Type, Accept, cl-customer-id, *
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 04 Dec 2024 03:15:12 GMT
server
nginx
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3852B0DE353D47FB8C2534B3022067D4&RedC=c.clarity.ms&MXFR=22A93C21705A605A17B9296A745A6E39
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3852B0DE353D47FB8C2534B3022067D4&MUID=0A1377674D2E6A400719622C4CEC6B1B
42 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3852B0DE353D47FB8C2534B3022067D4&MUID=0A1377674D2E6A400719622C4CEC6B1B
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"8d3dafd6e71fdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Wed, 04 Dec 2024 03:15:13 GMT
content-type
image/gif
last-modified
Wed, 16 Oct 2024 16:24:13 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3852B0DE353D47FB8C2534B3022067D4&MUID=0A1377674D2E6A400719622C4CEC6B1B
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E15145F208D24FFC9FE802AF16B0394D Ref B: PHL30EDGE0116 Ref C: 2024-12-04T03:15:13Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Wed, 04 Dec 2024 03:15:12 GMT
x-powered-by
ASP.NET
collect
s.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://winetime.redentu.top/

Response headers

Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
Access-Control-Allow-Origin
https://winetime.redentu.top
Date
Wed, 04 Dec 2024 03:15:13 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
favicon.ico
winetime.redentu.top/ 		1 KB
927 B 		Other
General
Check archive.org
Download Go to
Full URL
https://winetime.redentu.top/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
128.140.116.84 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.116.140.128.clients.your-server.de
Software
nginx /
Resource Hash
05bca6f28761a7a3dc3f65616c77e86d81c3b7bc13a227579d728041ac1a8cde

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://winetime.redentu.top/ua

Response headers

content-encoding
gzip
date
Wed, 04 Dec 2024 03:15:13 GMT
etag
W/"6093e4f3-47e"
content-type
image/x-icon
last-modified
Thu, 06 May 2021 12:45:39 GMT
server
nginx
vary
Accept-Encoding
collect
s.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://winetime.redentu.top/

Response headers

Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
Access-Control-Allow-Origin
https://winetime.redentu.top
Date
Wed, 04 Dec 2024 03:15:15 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
collect
s.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://winetime.redentu.top/

Response headers

Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
Access-Control-Allow-Origin
https://winetime.redentu.top
Date
Wed, 04 Dec 2024 03:15:18 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| dataLayer function| fbq function| _fbq string| esSdk function| es function| eS object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| clarity object| _mfq object| initialData string| cookie_name number| days_to_store string| deduplication_cookie_value string| channel_name function| getSourceParamFromUri function| getSourceCookie function| setSourceCookie object| ADMITAD function| onYouTubeIframeAPIReady object| gaGlobal object| GooglebQhCsO object| gaplugins object| gaData object| z object| aa function| M function| N function| ra function| O function| ta object| __es_sdk string| f boolean| mouseflowDisableKeyLogging object| mouseflowHeatmap object| mouseflow number| sttpd object| hljs object| PhpDebugBar function| Sfdump object| phpdebugbar function| SearchState object| _esConfig function| scriptLog09u8y9 number| globalHistoryLength function| _0x51f064 function| _0x243f function| _0x10ac object| mdr object| webpackChunk object| regeneratorRuntime string| locale string| localePrefix

23 Cookies

Domain/Path Name / Value
winetime.redentu.top/ Name: PHPSESSID
Value: i5uef17a4ulm7bocisj163s5nd
winetime.redentu.top/ Name: XSRF-TOKEN
Value: eyJpdiI6IkVubTRRSFwvSDYxNlpPWnZwaSs5R1NRPT0iLCJ2YWx1ZSI6ImpmWVI1VzlEZXhZckZIMXI3Q2d3cDZmR0tIc3VzNEpOWDVVSFRkV3F1QVpqVWgxT1c4SDBYWFFwMGdmY0dHQ24iLCJtYWMiOiIxYzA5OTY5NzhiNDYyMmUyOTNjNTcwMmU0YmVkNWVhY2E4NDc0ZjY2N2JhY2IxZGEyNzZlYmUyN2RiOTgzNGM1In0%3D
.redentu.top/ Name: _gcl_au
Value: 1.1.288798076.1733282109
.redentu.top/ Name: _fbp
Value: fb.1.1733282109603.601325058170083085
www.clarity.ms/ Name: CLID
Value: 567e797b5342402e8ddbf735ba6db4fd.20241204.20251204
winetime.redentu.top/ Name: winetimecomua_session
Value: eyJpdiI6IjRQXC9LRXNFUWFDRkRnWVVNXC9FK29WZz09IiwidmFsdWUiOiIxVmVSVHAxNVpZSXB6bWRZMHA2ZTdWYWlcL2NpR2Q0SWxabGM5SGJcL3NZaFUzZ1l0YXVuUkRqRXhHZUtGdlpNU1AiLCJtYWMiOiJlNGQzY2RhYjM4OWNhNjk2NzA4YjI5OGNkNzU5YjNiYTE1NmI0NDNlZmNiZTc0ZTI4NWJlMTZkNWJlYjI0NTMyIn0%3D
.redentu.top/ Name: _ga
Value: GA1.2.1505209640.1733282110
.redentu.top/ Name: _gid
Value: GA1.2.281814474.1733282110
.redentu.top/ Name: _gat_UA-33424026-2
Value: 1
.redentu.top/ Name: _ga_8MF7C5BJD5
Value: GS1.1.1733282109.1.0.1733282109.60.0.1731762067
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkUlTvDnCOCHi9calha0SZ8cO5jOiPPyFWlr1gP2U8cq1bn-m2wO20xuCITc7g
.redentu.top/ Name: _clck
Value: 1ksfj1m%7C2%7Cfrf%7C0%7C1799
.redentu.top/ Name: sc
Value: 47AEC988-4C90-AAD4-7012-73620218F886
.redentu.top/ Name: _clsk
Value: 1gqtday%7C1733282111833%7C1%7C1%7Cs.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 0A1377674D2E6A400719622C4CEC6B1B
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 0A1377674D2E6A400719622C4CEC6B1B
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0A1377674D2E6A400719622C4CEC6B1B
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://winetime.redentu.top/ua
Message:
[DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12695077.fls.doubleclick.net
ad.doubleclick.net
analytics.google.com
c.bing.com
c.clarity.ms
c.cralodas.com.ua
cdn.mouseflow.com
connect.facebook.net
cralodas.com.ua
esputnik.com
googleads.g.doubleclick.net
m.cralodas.com.ua
s.clarity.ms
site-script.esputnik.com
statics.esputnik.com
stats.g.doubleclick.net
td.doubleclick.net
winetime.com.ua
winetime.redentu.top
www.artfut.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
128.140.116.84
142.250.65.166
142.250.80.70
148.251.3.114
20.110.205.119
23.96.124.68
2606:4700:20::ac43:4b3f
2606:4700:3030::ac43:cc91
2606:4700:3037::ac43:d7e6
2606:4700::6812:1a32
2607:f8b0:4004:c17::9a
2607:f8b0:4006:80c::2004
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80e::2008
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::200e
2607:f8b0:4006:823::200e
2620:1ec:29:1::40
2620:1ec:c11::237
2a03:2880:f00e:13:face:b00c:0:3
2a03:2880:f10e:83:face:b00c:0:25de
2a05:d018:ac8:b920:bd60:a9c8:1112:459e
63.32.133.59
00e30e848394a9467e2de4c81f95dcfa90abfd05e3bb80fdc5ed0135f31cdbe4
028648c254b7c420708655a107f20fa88965f515320dedb07dcef65389462158
04dd89f7bc431b53e61812ffd398ad3885dd9d9f4a28da35c089c140f6411b3f
05bca6f28761a7a3dc3f65616c77e86d81c3b7bc13a227579d728041ac1a8cde
06c7ef41105f074e485740ebc7ba743d71a7c6fd74ce3628f42412c1220933e4
0777ca4708f4d664419c96e0c2e5f07a6117d2ad75c83c001312b2dc23368b8e
0af48236cfacd482b6bcff50bd52128da16474dc7fd54c965a67b0b09f515cde
0c8f4b4fbc75a1ebadf014dacdcc169c0e7a6c23fbe36a3d003afa3cca06336c
188259fd3720a1bb2449467ceb130294120631f327f919b0c8085df42baa1af3
1cba53b3e1a242d84c2242e19fb6d241cf87a9f549fefd5399990d422e03ed67
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
207e6108661380ec64884ef550a4ea1f0c113b4a4707aa6c95b5a801399f1b53
21ab0c22c4a2eef5198a43db600ffceff99e19d161ccee841a3014a8dd8f09da
221b0445feb1bfe64f127632284666e0a004f7012fabb4763d0c1457b251c24c
28cf9238a4436d48ae5628aa8c4dd58cec870740069cab5b27140ae7be870bb4
2c49f04a043b7e2cf4a241914c828ae7e77e64bfbcd5bc2fae937a3f16dd59d0
2e4db2ccec8a66a5c003c8723749eee1890fe0a84b28a658b2dc1a3d5f414c8d
318cc722ef3c2c50f9a2326d49dff3051e06a9c0cccf1ba086693eb1aa1864a1
332d27c33e16d4bdc2b41b2fdfb6ab94b41aabfaedaf890d3d88c3dd052ea6c5
34edc35eb3f575b1ff16b581773b7f682d0d155b3e61ddd15c44a70251c58752
3849932c80b1439668c305832c1a2d829669b7beb54b0a31be0ce72323f9b203
4133afc350d176f80eaa227f903be91646e1e2dec276f60eb8a15f9a1df96df8
418f60baa11ffdf56f667eb7e8ea726448fd6971d8041f8da24df7fd63558310
439e12b470077f8205e0c9b453104455f2bb7a3c3a7236e3bc4e3e2e34272304
47644a05b1cdc06039cea3645d550d5e227c55c370b77f317cfc07fc99463c06
4b1a056a7b1755fc31cdf3feca5a773a9ebf7f0b1b5a79eb9102e850ba153c37
4f54e52439d63e6f3b3d5e3d32a9d64b0a4ce73079483e402f265afade779a6d
501c2b0b62415b45570fa5c6ac89212d68975a1911886e19bca3d03a0904e7ca
55328f4acbdd60d8de5ea89288da38642d8b4ffa1ffee6010bbd381ef8652c56
594f333e3a8fe65a0466e4f9c140dab97e6b6a073579edf130a87b86614d7ec8
5c4db9011d540819f2a683b94ada16254c506da78b7cb0f33cb96bba41942874
6002737fc0c263866aca08c3deaf5ab0fc30c3342cfd40d21b46cbb26e1918d6
669ec742aaec6f8a7dda1316b9e2543ad90f1686959d46f7a24776d7691a03e8
679150136b5b550ba3406ed8f54184a21bb79aafd79c6b8e577398589b75b653
6ad003edc5fd05c104953a6d12ff08cd267c24c12d7e6ff967a8de46fdc766fb
6da404edba1dd995f76a0b1bdb7256a0222a1a8a1808eedc1e4b767922608814
6ea572ff2e9cce9c1cb9027c1d7ef4eaa4604fa235dc66c35ac64cd173980e60
6eaf80ed2c031815ebfa09774020ce851da6916993a4760f97b2d8580525abde
6f69de9cdb32a508852b2e7be4bdc73a185368f54114aca80c588b4144d52241
73bb3490bf4655200f43d603986078362e21f5948aa827ab0324977ffdc18f5a
75ae6173ee94705e44340d3d25ea45362f34bde9a8847c58984a0fa3dec5ed66
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d193c0541ed02c6bcec34a3f778ae85f4c70877ab048c717488ea5e6470261
88a65f08a7e17b6601bacb4fae113355532a7ce79b96f0ff03f5fa81da9cc6dc
8c2112c7af1aff951d43864c7a8fcb089fe2202d7fbbd9d92d9e13f0406190ce
8c5cf91c5bb3a1d3dfe1344f73be4d3903ed02b91ce780e4de0c8f6ffc76ceff
8fde97718cb12ccaf7c30e4d64ee274adcfe2c447ae4dd30a90bbc970514a50b
942096c9c3980173c8f8825fa0c3db9a2fe6770d285debf8e699b6da191cc34a
9665e62448ee3561c1c6ec3a4637afe5efc24a9e4c8b1a59b6faae545224404b
98b1486810c2eccfaa17d4610a83c12794c0798ef5e9eb41aea038794292a187
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a06bcea514e583e79e0f59e7f2ccb5d44dac100d790f41c1b0c953f0df0ae244
a35f485216dde03b91f9fdf03cacb8ed32fd086402e7d299e73e1d78fb3cf8a5
a44429f4e11a62335ca76e2dd9790dd80b005565fe962305a490fa3354abfee8
a5eb5b6597c136beeb124ce75c49d162234283f13127601c42f93d99378d4b7a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ace439fd2df94465343ba981f1b4919f9865abae72289e0ec6fd544288888978
b57e3bb6c43f478abc7db5fd359ad5e293564c0d75f8ab1500f51ec64101a02b
bdaafb5de090dd05eb91ad057101257c0486db4ac862d31a4d500a49adbe9766
c2bd10b62124ffa8f34f84c28361f0b1757098c2f0c354e903d7237f1c92e0b2
c3fb0280e4339f6c70cea42b8b432c6fb17fde130fbb12e9209c7cdfa79d976f
c9f46f18a89095ef202df6a5079cc28b12cf2f8ca036fc02d175014ca8284483
ca773a3cbc190e1e8749d939267b9dd19f7b563543b8fb692e077f2067d36569
cbea519d466270c186b0cd12c7d070a02a4f33d47165aec769a191e33541ccc3
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
d100b37f4ab95eebced457fa85e978a9697c4c62617c56d16181320109a2b8df
d6350cefb90d29241d3e02629bb4cf96e2458fa3d1dd1bf0ff1a5870a4eb8f2f
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfd6129dcdcd1104f5c6836214d2641fd643988b097451c7515512057eeba23c
e224d59d3bc0563dc14ca8cfe06f2a08f35f2a75ee1eaf81cbc14f69d1af1ec5
e23dc6d21070d45a1840c2b8217fc17ddd8a502a4db652748ec2f40d3603dc2d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e95bf2073a03125816fcf99c400de009440038cd337283b1a48b3632d27411df
ea641f4f3b0ebfb74e49c9b988de77864e34b78fae9f41f950d0f5263aafc6fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1e052b88c6eaabad49482da664f1f8e89f1933c8ac71cfe26ac5dd5e555bbe
f02714cce2e6c6a05415905b7eda181ae8787f1e149d200e7853ba42f50ed7ca
f631041aa5cdbab42d241099113bb5aa636bddb55cfe6910c937cfd8a3091304
f8cb3de157660d3a67849164affffc43b112ced1dc67ba37ce08d1e388aa5075
fb6381b429c367e80b2fff123d087fae1bc89e239835a995dcda3c24d40b97cd