www.winloot.com Open in urlscan Pro
52.21.228.160 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.mg.winloot.com/c/eJx9kTFvgzAQhX8NLMjIPhsbDwwQkqnqUEXKGNlgiFsMKJiQ_Ps6Sit1qvSWe3r36Z6uLQhtDdOxbe8FFVQSSmJbAAYSFC...
Effective URL:
https://www.winloot.com/Site/Denied
Submission: On February 19 via manual (February 19th 2021, 2:58:04 pm UTC) from US

Summary HTTP 80 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 16 domains to perform 80 HTTP transactions. The main IP is 52.21.228.160, located in United States and belongs to AMAZON-AES, US. The main domain is www.winloot.com.
TLS certificate: Issued by R3 on January 4th 2021. Valid for: 3 months.

This is the only time www.winloot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.39.51.203 52.39.51.203	16509 (AMAZON-02) (AMAZON-02)
1 37	52.21.228.160 52.21.228.160	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1 2	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100::687e:2471	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2600:9000:218... 2600:9000:2182:d800:2:268:2600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.14.217 151.101.14.217	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b140:28d8:9783:2a08:4b54	14618 (AMAZON-AES) (AMAZON-AES)
1	52.86.196.188 52.86.196.188	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
80	26

1 52.39.51.203 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-51-203.us-west-2.compute.amazonaws.com

email.mg.winloot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 52.21.228.160 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-228-160.compute-1.amazonaws.com

www.winloot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.87 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

contributor.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::687e:2471 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2182:d800:2:268:2600:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.winloot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

tag.perfectaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

p.d.2enm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b140:28d8:9783:2a08:4b54 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.196.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-196-188.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	winloot.com 2 redirects email.mg.winloot.com www.winloot.com static.winloot.com	554 KB
6	google.com contributor.google.com www.google.com	37 KB
4	google.de www.google.de	769 B
4	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	4 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	liadm.com 1 redirects b-code.liadm.com rp.liadm.com rp4.liadm.com	11 KB
3	googletagmanager.com www.googletagmanager.com	116 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
2	gstatic.com fonts.gstatic.com	25 KB
2	bing.com bat.bing.com	9 KB
2	2enm.com p.d.2enm.com	2 KB
2	googleadservices.com www.googleadservices.com	28 KB
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	perfectaudience.com tag.perfectaudience.com	339 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
80	16

	Domain	Requested by
37	www.winloot.com	1 redirects www.winloot.com
6	static.winloot.com	www.winloot.com
4	www.google.de	www.winloot.com
4	www.google.com	www.winloot.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.winloot.com
3	googleads.g.doubleclick.net	www.googleadservices.com
3	www.googletagmanager.com	www.winloot.com www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	bat.bing.com	www.winloot.com
2	p.d.2enm.com	www.winloot.com
2	www.googleadservices.com	www.winloot.com www.googletagmanager.com
2	contributor.google.com	www.winloot.com
2	platform.twitter.com	www.winloot.com platform.twitter.com
2	secure.adnxs.com	1 redirects www.winloot.com
2	fonts.googleapis.com	www.winloot.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	syndication.twitter.com	platform.twitter.com
1	tag.perfectaudience.com	www.winloot.com
1	b-code.liadm.com	www.winloot.com
1	maxcdn.bootstrapcdn.com	www.winloot.com
1	email.mg.winloot.com	1 redirects
80	23

This site contains links to these domains. Also see Links.

Domain
winloot.zendesk.com
blog.winloot.com
bonusgiveaway.winloot.com

Subject Issuer	Validity	Valid
www.winloot.com R3	`2021-01-04` - `2021-04-04`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
b-code.liadm.com DigiCert Secure Site ECC CA-1	`2020-06-23` - `2021-09-22`	a year	crt.sh
static.winloot.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
b2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-02-11` - `2021-08-15`	6 months	crt.sh
*.d.0emm.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-30` - `2021-11-29`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.liadm.com Amazon	`2020-03-31` - `2021-04-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.winloot.com/Site/Denied
Frame ID: E18BD8B1257015390E54A465B2CF4451
Requests: 78 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fwww.winloot.com
Frame ID: 694471F111D2A2C9EA3E33FB89FF0B70
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://email.mg.winloot.com/c/eJx9kTFvgzAQhX8NLMjIPhsbDwwQkqnqUEXKGNlgiFsMKJiQ_Ps6Sit1qvSWe3r36Z6uLQhtDd... HTTP 302
https://www.winloot.com/Register?invitation=b66ff8c3-10c6-4459-a628-aff3f46bb7c6&email=debbie.j.fett... HTTP 302
https://www.winloot.com/Site/Denied Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

80
Requests

100 %
HTTPS

75 %
IPv6

16
Domains

23
Subdomains

26
IPs

4
Countries

947 kB
Transfer

2338 kB
Size

10
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://winloot.zendesk.com/forums/21955052-FAQ
Title: CONTACT

Search URL Search Domain Scan URL

URL: http://blog.winloot.com/
Title: BLOG

Search URL Search Domain Scan URL

URL: http://bonusgiveaway.winloot.com/
Title: $500 bonus giveaway located here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.mg.winloot.com/c/eJx9kTFvgzAQhX8NLMjIPhsbDwwQkqnqUEXKGNlgiFsMKJiQ_Ps6Sit1qvSWe3r36Z6uLQhtDdOxbe8FFVQSSmJbAAYSFCbMiEhJSjFwDBkGALKvoY4Ydn262XGYJp82k4svhda50LTtJAihOg3CZFxpSoA1baaojIfi4v28RLSM4BC0bdtfRHA-TG8Xb64RPdjxZr3ydhojWmvOuy5vKCK44YixTCLFIUeq62jHuNai4RFw45QdQrw1WluTfqad8YE2PMK56zIvaT_dQizg61ICE7lgSGKRIZZzhqpst0cVw7jMSlZJEk7kq3fnZVqvjQk7L_zLbKbRm9EH9_SW1Kf35GBac4cqAUQkApLsBtt8nRlHHCfH1wARVL_rys3K9s9udYA-kv2TnRyNmwflzU_KmdauLmR-P3Mt_qv2DUOBi14 HTTP 302
https://www.winloot.com/Register?invitation=b66ff8c3-10c6-4459-a628-aff3f46bb7c6&email=debbie.j.fetterly@usps.gov&r=A9247874-9075-4864-B5CE-B400A5A4B91F&utm_source=email&utm_content=WL+DWN+Fedex2B+2-19-21+Click_46-60+TClick_2+&utm_campaign=Daily+Email+Template&utm_medium=3739131 HTTP 302
https://www.winloot.com/Site/Denied Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://secure.adnxs.com/seg?add=19756850&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19756850%26t%3D1

Request Chain 74

https://rp.liadm.com/j?tna=v2.0.1&aid=a-03ba&wpn=lc-bundle&pu=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&duid=bca5bbfbc6c7--01eyxcr0wrgfa08hyrg5y50h0d&se=e30&dtstmp=1613746668557 HTTP 302
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-03ba&wpn=lc-bundle&pu=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&duid=bca5bbfbc6c7--01eyxcr0wrgfa08hyrg5y50h0d&se=e30&dtstmp=1613746668557&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

80 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set Denied Show response
www.winloot.com/Site/
Redirect Chain

http://email.mg.winloot.com/c/eJx9kTFvgzAQhX8NLMjIPhsbDwwQkqnqUEXKGNlgiFsMKJiQ_Ps6Sit1qvSWe3r36Z6uLQhtDdOxbe8FFVQSSmJbAAYSFCbMiEhJSjFwDBkGALKvoY4Ydn262XGYJp82k4svhda50LTtJAihOg3CZFxpSoA1baaojIfi4v2...
https://www.winloot.com/Register?invitation=b66ff8c3-10c6-4459-a628-aff3f46bb7c6&email=debbie.j.fetterly@usps.gov&r=A9247874-9075-4864-B5CE-B400A5A4B91F&utm_source=email&utm_content=WL+DWN+Fedex2B+...
https://www.winloot.com/Site/Denied

31 KB
32 KB

237ms
237ms

Document
text/html

52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ddb5351359ad80f2910cf20c27063dd000212153400cf7c7db66396cd7a153e9

Request headers

Host: www.winloot.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ASP.NET_SessionId=rwn325yng5h2nxcuzvupmojm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: WL_LAYOUT=ID=gf1fBTTAz7UPM1cbMOmGlQ==&CSS=D+9QbEXKomSAlb6JTvdVJx/WF4WqDjA6PE7cNIbkLTw=&SUF=Tjdmy0VSCVtRIpb7yvRClw==&ADC=hTrBGFJHfvWejme+Z80Bdw==&EXP=FALSE; expires=Sun, 21-Mar-2021 13:57:36 GMT; path=/
X-Powered-By: ASP.NET
Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Length: 31970

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /Site/Denied
Server: Microsoft-IIS/8.5
Set-Cookie: ASP.NET_SessionId=rwn325yng5h2nxcuzvupmojm; path=/; HttpOnly
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Length: 129

GET
H2 200 css
fonts.googleapis.com/ 5 KB
702 B 17ms
11ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,700,500

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11f2ff9a96e72bbf795dca5cecd18071fbdd860e816d1e936b9401dfdcd6824e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 14:56:36 GMT
server: ESF
date: Fri, 19 Feb 2021 14:57:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Feb 2021 14:57:47 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 16ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 14:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H/1.1 200
OK addtohomescreen.min.js Show response
www.winloot.com/js/AddToHomescreen/ 24 KB
8 KB 576ms
218ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/AddToHomescreen/addtohomescreen.min.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 345741f4b4cf571a306feeb77dfad0098f7eaabfdfad65208aa47de3d443b721

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 7953

GET
H/1.1 200
OK addtohomescreen.css
www.winloot.com/css/ 10 KB
5 KB 213ms
118ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/css/addtohomescreen.css
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 84ef3e9712d1db9defde9af98521c439379a103bbf9b78679b2ff93631480af6

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:46 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b73cba3dd0d31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 5318

GET
H/1.1 200
OK index.css
www.winloot.com/css/play/ 5 KB
2 KB 329ms
116ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/css/play/index.css?v=71
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3d5c0f99d3a1f778f4ece14cb7d99587aafcf3ac1714372ca05048536e6520e3

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jun 2018 21:23:10 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "07375bdeef9d31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1441

GET
H/1.1 200
OK popup.css
www.winloot.com/css/play/ 1 KB
1 KB 348ms
115ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/css/play/popup.css?v=71
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1136f84db7704df75126ab728df0925bed6918dce51271484f6a8bae29918ea2

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Last-Modified: Mon, 09 Apr 2018 20:02:46 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b73cba3dd0d31:0"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1077

GET
H/1.1 200
OK jquery-ui.min.css
www.winloot.com/css/ 29 KB
7 KB 449ms
215ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/css/jquery-ui.min.css
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 55949df83494fbcb2fe71fabaaae0108dbeac98c8d8c0ff22f5b5f8247fdf389

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jun 2018 21:23:10 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "07375bdeef9d31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 7229

GET
H/1.1 200
OK jquery.fancybox-1.3.4.css
www.winloot.com/css/ 9 KB
2 KB 350ms
116ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/css/jquery.fancybox-1.3.4.css
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b27ec2595ea128259b968383c3f6e5e3b4d0a3e2c7e70399c68c01254d43bff4

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:46 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b73cba3dd0d31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1878

GET
H/1.1 200
OK odometer-theme-default.css
www.winloot.com/css/ 4 KB
916 B 353ms
117ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/css/odometer-theme-default.css
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b0e0af57cc9e25cd25e89c3bb7f884cba9592fc6521616f4b13b467374632587

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Feb 2019 15:56:07 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80c5d0cb7dc4d41:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 623

GET
H/1.1 200
OK fonts.css
www.winloot.com/css/ 4 KB
906 B 356ms
118ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/css/fonts.css
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2ea1836b9da6aa185e935fabb060935699829575363fdc593c97fbfe5ef7047f

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jun 2018 21:23:10 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "07375bdeef9d31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 614

GET
H/1.1 200
OK animate.css
www.winloot.com/Content/ 25 KB
3 KB 445ms
116ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/Content/animate.css
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cb09ab0572c6a6549a782e2843218c00285cb737ae50fe29a5061ca96aff0234

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Nov 2018 16:13:36 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b8a6d46b7bd41:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2936

GET
H/1.1 200
OK bootstrap.min.css
www.winloot.com/css/ 107 KB
18 KB 564ms
217ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/css/bootstrap.min.css?v=3.1039
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9cd5d3ff4872d20f07c8443a5d1dff15e79ecf3c367dfae064dea93ed5d10053

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:46 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b73cba3dd0d31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 18044

GET
H/1.1 200
OK common.css
www.winloot.com/css/ 66 KB
6 KB 467ms
117ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/css/common.css?v=3.1039
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 50f178316c34e1058d082379f13579d6343e09858ba9fea1c2b8c8e537198421

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Jul 2020 19:43:15 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80bb758a95bd61:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 5608

GET
H/1.1 200
OK _MasterLayoutWhite.css
www.winloot.com/css/ 82 KB
12 KB 571ms
218ms Stylesheet
text/css 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/css/_MasterLayoutWhite.css?v=3.1039
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a6ce9a009f60fee30bd85144ffcb3fbbb5c9ed030aa5a73878d0195c1e7dcf7e

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Apr 2020 16:44:06 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "04f4912fc17d61:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 12190

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=19756850&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19756850%26t%3D1

0
1 KB

66ms
66ms

Script
application/javascript

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19756850%26t%3D1

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 14:57:47 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid: 1991d0cf-87e4-4b25-bb83-0bfd3eaafde2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 19 Feb 2021 14:57:47 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.84:80
AN-X-Request-Uuid: 1a4ee66d-31b9-40ca-9f04-cd4363bbd819
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19756850%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
www.winloot.com/Scripts/ 92 KB
33 KB 567ms
122ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/Scripts/jquery-1.10.2.min.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 52e63816d8b679f42d993be492bb99c713067c028df87032d8fd54b4dde74e3f

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:46 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0b73cba3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 33422

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 57ms
12ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC2) /
Resource Hash: c34f5c51cea0ee9e05108c79c404086a24b73fbecb0999654fc9116b4c4b755e

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 21:21:01 GMT
Server: ECS (amb/6BC2)
Age: 388
Etag: "11a0c75a945561958f0b924da0e67334+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28744

GET
H/1.1 200
OK bootstrap.min.js Show response
www.winloot.com/js/ 31 KB
9 KB 566ms
119ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/bootstrap.min.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 36a326c783a12f72498d41fb32371da87fe0cbd1595248f3f154fd939f07f10c

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 8541

GET
H/1.1 200
OK odometer.min.js Show response
www.winloot.com/js/ 10 KB
4 KB 583ms
117ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/odometer.min.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c2e0787633e616a414524e6e4e00a8eb18640dd67c2f566cadd8c6b0e6f7bdb2

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3638

GET
H/1.1 200
OK jquery.tinyscrollbar.min.js Show response
www.winloot.com/js/compress/ 3 KB
1 KB 680ms
115ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/compress/jquery.tinyscrollbar.min.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 887ad483dbb92ca26aa2a7030643c545fe34e525c152db9d8927a8d14c133a82

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1073

GET
H/1.1 200
OK default.js Show response
www.winloot.com/js/ 7 KB
3 KB 684ms
117ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/default.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 03e3bf4f71ad94cdb180db4a58d470bf73a46efe6715c1173b0fd447d04cb3d1

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2366

GET
H/1.1 200
OK dateSelect.js Show response
www.winloot.com/js/ 2 KB
3 KB 688ms
117ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/dateSelect.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2675d2d890cf6e372afec413374a542617f9a79f5b1a084aa238bc2116ea2816

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2504

GET
H/1.1 200
OK jquery.blockUI.js Show response
www.winloot.com/js/ 20 KB
7 KB 693ms
120ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/jquery.blockUI.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 28a71436ac0dc932da5f3bee332164e898ac890aba1e4ed9b6b7225e711fdd9d

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Jan 2018 14:59:08 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "06a2bc3586d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 6640

GET
H/1.1 200
OK marquee.js Show response
www.winloot.com/js/ 42 KB
8 KB 692ms
118ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/marquee.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1a6e059e6586d56c40e2904a0fbbf14a5c00cd396423c1663ceba6ad66c965b7

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 8138

GET
H/1.1 200
OK js.cookie.js Show response
www.winloot.com/js/ 5 KB
2 KB 699ms
116ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/js.cookie.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 93f4dd3c5b2cef3ccc537de7e7285c420622626f72387ea06e7feb26dff5ec70

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1479

GET
H/1.1 200
OK jquery-ui.min.js Show response
www.winloot.com/js/jquery-ui-1.12.1/ 248 KB
67 KB 801ms
122ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/jquery-ui-1.12.1/jquery-ui.min.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 33d4c7601998bd383738dcb9de16fe2a0d71ee0f7378ce936ab8955d543cb822

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 67854

GET
H/1.1 200
OK jquery.mousewheel-3.0.4.pack.js Show response
www.winloot.com/js/compress/ 1 KB
2 KB 800ms
116ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/compress/jquery.mousewheel-3.0.4.pack.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 55c6098fa90bd7ef1b43434546ff045a2f0ace1fa68dcdebca761975a14383b5

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:36 GMT
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1503

GET
H/1.1 200
OK jquery.fancybox-1.3.4.pack.js Show response
www.winloot.com/js/compress/ 63 KB
14 KB 810ms
122ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/compress/jquery.fancybox-1.3.4.pack.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5ac68b973b51de63b2861b532d0819385850ec5833f50a4dcd3c13a315d0204b

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Jul 2016 16:01:26 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0cf7a2269e3d11:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 14479

GET
H/1.1 200
OK targetPix.js Show response
www.winloot.com/js/compress/ 579 B
838 B 808ms
116ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/compress/targetPix.js?v=71
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0efc85e6eebfe6b9aa34601a041df17b4a2a9febec1a76a3b9605f48c244c426

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:36 GMT
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 579

GET
H/1.1 200
OK mobile.js Show response
www.winloot.com/js/ 406 B
665 B 811ms
118ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/mobile.js?v=71
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7d9c3aadac62869858af794adf28abf1720c88ec80ceb960152e973a2d936ed6

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:36 GMT
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 406

GET
H/1.1 200
OK jquery.matchHeight.js Show response
www.winloot.com/js/ 12 KB
3 KB 816ms
117ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/jquery.matchHeight.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e5d0f614fe452ad780d549d8056b7143e3fdd4b98b4491988ad92ecd9458a0dd

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3046

GET
H/1.1 200
OK BlockAdBlockV2.js Show response
www.winloot.com/js/ 1 KB
1 KB 916ms
117ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/BlockAdBlockV2.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5fb2937d4f136eba20499dea2ee71531d046da180f39d16cc2a1fb904f8aa898

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:36 GMT
Last-Modified: Wed, 11 Nov 2020 20:12:24 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "56ce31f866b8d61:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1236

GET
H/1.1 200
OK bigtext.js Show response
www.winloot.com/js/ 12 KB
3 KB 925ms
118ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/bigtext.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c771655a26103a33c2ea0c36e4b79674f897d1a7847897acfd73925b3fd58344

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jul 2020 18:06:39 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80e19dafd25ad61:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3222

GET
H/1.1 200
OK bootstrap-toggle.js Show response
www.winloot.com/Scripts/ 6 KB
2 KB 929ms
119ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/Scripts/bootstrap-toggle.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 59b433cefe6bb1115502408961048b94168decd7fccc72d3d3a6d0009d93ddec

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Mar 2017 18:10:56 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "038c5543798d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1596

GET
H/1.1 200
OK bootstrap-dialog.min.js Show response
www.winloot.com/js/ 20 KB
5 KB 932ms
122ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/bootstrap-dialog.min.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9469cb5999139af08a3d999ef5765edc26bf38b6a038411b290d9280e63cd170

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Apr 2018 20:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0119fbc3dd0d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5122

GET
H/1.1 200
OK howler.js Show response
www.winloot.com/js/ 39 KB
9 KB 936ms
121ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/howler.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1295982ebdf7bd253fdefb02820b149e4ecb6fbf70106dae9c0cd9abe1d15ddb

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Jan 2018 14:59:08 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "06a2bc3586d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 8798

GET
H/1.1 200
OK post-entry-page.js Show response
www.winloot.com/js/ 502 B
761 B 1035ms
119ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/post-entry-page.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5ada7a18d5286a65bcc65f8c5d7a674202b0079125e6141b1c9fb3bb271592c0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:36 GMT
Last-Modified: Fri, 01 Jun 2018 21:23:10 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "07375bdeef9d31:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 502

GET
H/1.1 200
OK bigtext-group.js Show response
www.winloot.com/js/ 2 KB
2 KB 1043ms
118ms Script
application/javascript 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/js/bigtext-group.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: bb020fbd63f7f52804c123600d2e995ea0bdebad66e932ca8db99329ba3f09da

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 14:57:36 GMT
Last-Modified: Thu, 01 Mar 2018 04:27:42 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "1a5bbaa315b1d31:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1902

GET
H2 200 loader.js Show response
contributor.google.com/scripts/7511681ba629b376/ 101 KB
35 KB 168ms
145ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/7511681ba629b376/loader.js

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3be259dd375543fb6ed4bb74e079e568acb0ca6b7fcf5033afd310af380dbd3d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wiHDNmQzybarhLiNQHrsNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-wiHDNmQzybarhLiNQHrsNw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 14:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private, max-age=86400
content-security-policy: script-src 'report-sample' 'nonce-wiHDNmQzybarhLiNQHrsNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-wiHDNmQzybarhLiNQHrsNw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 19 Feb 2021 14:57:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-36371770-1

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

385a17bdb62813232ec802a9e2568253ab336136d33e68fc4f9081dd3bdb6009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 14:57:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39256
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Feb 2021 14:57:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 22ms
20ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1069804508

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cc5563d2c3c62b29b76afffe70e878713f4eb3adeb2c322763cb681aed6d14b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 14:57:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39256
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Feb 2021 14:57:48 GMT

GET
H2 200 a-03ba.min.js Show response
b-code.liadm.com/ 25 KB
10 KB 153ms
127ms Script
application/javascript 2a02:26f0:7100::687e:2471
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-03ba.min.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::687e:2471 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fb17446a0ae8a6fd8cc85f7615a74be77ac6aad208050164c8cbe337dc3bfc9c

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 14:57:48 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 14:41:09 GMT
etag: "4d911e6307236239f6c566edfbdfeeb8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3549
accept-ranges: bytes
content-length: 9832

GET
H2 200 winloot-logo.png
static.winloot.com/images/bs-responsive/ 39 KB
40 KB 79ms
17ms Image
image/png 2600:9000:2182:d800:2:268:2600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.winloot.com/images/bs-responsive/winloot-logo.png
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:d800:2:268:2600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e97275bb9aa10c30a2cd2b9978c3f3a85ecb8a3c17ace9fae33aa696e417843

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 02:43:52 GMT
via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
last-modified: Fri, 27 Oct 2017 20:06:20 GMT
server: AmazonS3
age: 44037
etag: "9fd57fc8038be9925da265bd69387d99"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 40357
x-amz-cf-id: S27h2n2hq3SPD6UUmAsg-sFhvYDVB6U2keJEyLmifpC1vFOA_GKPKQ==

GET
H2 200 warningsign.png
static.winloot.com/images/error/ 11 KB
11 KB 73ms
12ms Image
image/png 2600:9000:2182:d800:2:268:2600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.winloot.com/images/error/warningsign.png
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:d800:2:268:2600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb64c81741e64df26169d95d60fec8d82aa21531563d3a2a51bb3dd77be3049b

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 03:14:41 GMT
via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
last-modified: Tue, 22 May 2018 22:42:36 GMT
server: AmazonS3
age: 42188
etag: "3dce4a7fa23920f12e1586370d0647db"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 10962
x-amz-cf-id: z6JEa9sQUuYDXbWU7TKuYwhxT7bUogxJ8orMEf2_o6Jy2FlZz32fMw==

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 39 KB
16 KB 93ms
38ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9c5ab1950026e5f71d3844b6d623acb56375ec4a48a464f630e8e676f4e153be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 14:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 15276
x-xss-protection: 0
server: cafe
etag: 16660854009805157968
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 14:57:48 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 4 KB
1 KB 42ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,900

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/css/_MasterLayoutWhite.css?v=3.1039

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df5d32449347ffff2b72243a756d1565dbd38c0b0b5636fdfa91d2367b3b4275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/css/_MasterLayoutWhite.css?v=3.1039
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 14:52:22 GMT
server: ESF
date: Fri, 19 Feb 2021 14:57:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Feb 2021 14:57:47 GMT

GET
H2 200 51e053efa412ffe26100009b.js Show response
tag.perfectaudience.com/serve/ 124 B
339 B 190ms
125ms Script
text/javascript 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.perfectaudience.com/serve/51e053efa412ffe26100009b.js

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/js/compress/targetPix.js?v=71

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

40cb29c6823e44efb83a3f11ea4d5f63f6ba7d029afa2058205dbecfa7d9ca30

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 14:57:48 GMT
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
server: Cowboy
age: 0
x-served-by: cache-fra19180-FRA
vary: Accept-Encoding
x-cache: MISS
content-type: text/javascript
content-encoding: gzip
cache-control: max-age=1800
accept-ranges: bytes
x-timer: S1613746668.316795,VS0,VE101
content-length: 110
x-cache-hits: 0

GET
H3-Q050 200 checksub Show response
contributor.google.com/scripts/7511681ba629b376:D:deabc554145b6c/ 392 B
1 KB 56ms
42ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/7511681ba629b376:D:deabc554145b6c/checksub

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorTargetingClientJs.en_US.YGeNQN83jwA.es5.O/d=1/ct=zgms/rs=AJlcJMyYcaqGGXSyBeBIFqr09nFcZdHFPg/m=contributor

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

900de576d7704280b05e677016d64d8061ee17055b4e240295d045ee23ba5485

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mBgOWBmzRj+lF4MBDrpPhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-mBgOWBmzRj+lF4MBDrpPhg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 14:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.winloot.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-mBgOWBmzRj+lF4MBDrpPhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-mBgOWBmzRj+lF4MBDrpPhg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AAAACgAA2_E7qwwiu8z1hyiLhJ2bkgAA_SIol2A00864hDLeqTaeMPyDAn8zmzrfECT3_ykeqGUJjzjf5FT7hgxMCKjem0n_JGc2M7kEJI9vA1eeqwltR6qHgA2ep_94w9Ycoi4Sdm5IO0ULEM44cO Show response
p.d.2enm.com/v4/ 27 B
1 KB 111ms
20ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p.d.2enm.com/v4/AAAACgAA2_E7qwwiu8z1hyiLhJ2bkgAA_SIol2A00864hDLeqTaeMPyDAn8zmzrfECT3_ykeqGUJjzjf5FT7hgxMCKjem0n_JGc2M7kEJI9vA1eeqwltR6qHgA2ep_94w9Ycoi4Sdm5IO0ULEM44cO

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae378cc0e18efafcf095c3e9e563635537e7bd409133a2c08897fa1bc5e91c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5tCLsw4bdmj6s5Bjx9Mv/Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingLegacyAdsaverDetection/cspreport;worker-src 'self', script-src 'nonce-5tCLsw4bdmj6s5Bjx9Mv/Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingLegacyAdsaverDetection/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 14:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"boq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingLegacyAdsaverDetection/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
origin-trial: AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
content-security-policy: script-src 'report-sample' 'nonce-5tCLsw4bdmj6s5Bjx9Mv/Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingLegacyAdsaverDetection/cspreport;worker-src 'self', script-src 'nonce-5tCLsw4bdmj6s5Bjx9Mv/Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingLegacyAdsaverDetection/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="boq"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AAAACgAA2_E7qwwiu8z1hyiLhJ2bkgAA_DhVDrw0107KjHozy3K-RoFAwU8IVZEZWh4PmXSEB6KZlalRqht4qJCf0ZVD7EvzVCfDDjpdBfuGv6wkNkteBeiQeGCFrPk5N5KqcIuBIcqsA9vkBdxTxUMTYxMzc0NjY2ODIzNQ==%7C Show response
p.d.2enm.com/v4/ 0
387 B 112ms
20ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p.d.2enm.com/v4/AAAACgAA2_E7qwwiu8z1hyiLhJ2bkgAA_DhVDrw0107KjHozy3K-RoFAwU8IVZEZWh4PmXSEB6KZlalRqht4qJCf0ZVD7EvzVCfDDjpdBfuGv6wkNkteBeiQeGCFrPk5N5KqcIuBIcqsA9vkBdxTxUMTYxMzc0NjY2ODIzNQ==%7C

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3KJK0r2pDzaPvZ3j+UeBSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingLegacyAdsaverDetection/cspreport;worker-src 'self', script-src 'nonce-3KJK0r2pDzaPvZ3j+UeBSA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingLegacyAdsaverDetection/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 14:57:48 GMT
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-3KJK0r2pDzaPvZ3j+UeBSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingLegacyAdsaverDetection/cspreport;worker-src 'self', script-src 'nonce-3KJK0r2pDzaPvZ3j+UeBSA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingLegacyAdsaverDetection/cspreport
content-type: application/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
8 KB 30ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 14:57:48 GMT
content-encoding: gzip
last-modified: Wed, 03 Feb 2021 20:48:20 GMT
x-msedge-ref: Ref A: FD0D7B3E192D40379AAB7BC9AB826CE4 Ref B: FRAEDGE1210 Ref C: 2021-02-19T14:57:48Z
etag: "042b8e76dfad61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H2 200 DesktopTopNav.jpg
static.winloot.com/images/vzk/ 131 KB
132 KB 81ms
25ms Image
image/jpeg 2600:9000:2182:d800:2:268:2600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.winloot.com/images/vzk/DesktopTopNav.jpg
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/css/common.css?v=3.1039
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:d800:2:268:2600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c950e7e505a7fd2b94945025460ca25bfe4ee1504b77ff0ba8968b298434156

Request headers

Referer: https://www.winloot.com/css/common.css?v=3.1039
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 08:39:56 GMT
via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
last-modified: Mon, 07 Jan 2019 22:01:16 GMT
server: AmazonS3
age: 22673
etag: "c75f55d2d4b6921f61fa6a0c30a5047f"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 134453
x-amz-cf-id: nVY4eJGKMj0P8OeG-cE1xzDdsI0GWEWMfCnuDCdESI4nDxSJUQYmUg==

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.winloot.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 04:47:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 36592
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13324
x-xss-protection: 0
expires: Sat, 19 Feb 2022 04:47:56 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 12 KB
12 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5620b6fdc194c2b1e77eb54fcfd53e1d1685987a5af1e9d85c647489b87d794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.winloot.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 10:22:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:18 GMT
server: sffe
age: 102934
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12484
x-xss-protection: 0
expires: Fri, 18 Feb 2022 10:22:14 GMT

GET
H2 206 CoineNoise2Sec.wav
static.winloot.com/sounds/ 44 KB
44 KB 15ms
15ms Media
audio/x-wav 2600:9000:2182:d800:2:268:2600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.winloot.com/sounds/CoineNoise2Sec.wav
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:d800:2:268:2600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62b756566e6915a3b88cbb124c14d63ce14afb3d477591008726be6a28a7b30f

Request headers

Referer: https://www.winloot.com/Site/Denied
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 19 Feb 2021 05:54:26 GMT
via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
last-modified: Tue, 13 Nov 2018 15:22:35 GMT
server: AmazonS3
age: 32603
etag: "5b6459b67a1aaa82b210eb8c9848ab21"
x-cache: Hit from cloudfront
content-type: audio/x-wav
Content-Range: bytes 0-45035/45036
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
Content-Length: 45036
x-amz-cf-id: rafEfxdJ8f9_BbvuyBXrBBj9s0KXnIwuP3MfEmR3OgGYOvR9hibLKQ==

GET
H2 206 CoinNoise1sec.mp3
static.winloot.com/sounds/ 17 KB
18 KB 16ms
15ms Media
audio/mpeg 2600:9000:2182:d800:2:268:2600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.winloot.com/sounds/CoinNoise1sec.mp3
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:d800:2:268:2600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7350a3e25156cef3c4fbc4b5f0686a6e524ed15ec63cba58c75612dc642068de

Request headers

Referer: https://www.winloot.com/Site/Denied
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 19 Feb 2021 06:09:23 GMT
via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
last-modified: Tue, 13 Nov 2018 15:23:07 GMT
server: AmazonS3
age: 31706
etag: "2eac7ab8c95c98c83fa8ce79cde7e2de"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-17552/17553
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
Content-Length: 17553
x-amz-cf-id: 02KR_Piw1Sgf7i2_KFbcGrX7ffJJq9qMlJ9RFMkV_ea074DEVbOyFg==

GET
H2 206 CoinNoise.5sec.mp3
static.winloot.com/sounds/ 10 KB
10 KB 16ms
16ms Media
audio/mpeg 2600:9000:2182:d800:2:268:2600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.winloot.com/sounds/CoinNoise.5sec.mp3
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:d800:2:268:2600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26f9d499c579b450814f2511d338fd1ee9bd20494b2f5b48ef6a1e10781c9336

Request headers

Referer: https://www.winloot.com/Site/Denied
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 19 Feb 2021 05:54:26 GMT
via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
last-modified: Tue, 13 Nov 2018 15:22:44 GMT
server: AmazonS3
age: 32602
etag: "77fd98d2ce05ed87360029f21126494e"
x-cache: Hit from cloudfront
content-type: audio/mpeg
Content-Range: bytes 0-10029/10030
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
Content-Length: 10030
x-amz-cf-id: zphuEJauRpzpznX_NUPvv-K0Ete5sSAjBIFlGLiytoJyB6IkYfJU0w==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069804508/ 2 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069804508/?random=1613746668376&cv=9&fst=1613746668376&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&tiba=Winloot%20-%20Unavailable%20In%20Your%20Region&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2b098b04f061d3ea78b03d3bb6bca3d9ad090b292f39918dccfb156b44dcdfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 14:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1004
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK Status Show response
www.winloot.com/Monitor/ 20 KB
20 KB 132ms
131ms XHR
text/html 52.21.228.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winloot.com/Monitor/Status
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Scripts/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.21.228.160 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-228-160.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 70c87485b03e03fbb994a540eb7eeacbb9f86b15a9adae171560e2733c5d4d59

Request headers

Accept: */*
Referer: https://www.winloot.com/Site/Denied
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 19 Feb 2021 14:57:36 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 20531

GET
H/1.1 200
OK widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html Show response
platform.twitter.com/widgets/ Frame 6944 320 KB
104 KB 13ms
12ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fwww.winloot.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB7) /
Resource Hash: 99adb384fd992660be76df488633e76fe86ed9bba2a7cdf143a97e03fc3ee94d

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.winloot.com/Site/Denied
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.winloot.com/Site/Denied

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 841894
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 19 Feb 2021 14:57:48 GMT
Etag: "d9fdaa7a36dc36e57ad53c2039f52486+gzip"
Last-Modified: Mon, 08 Feb 2021 21:19:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BB7)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105677

GET
H2 204 0
bat.bing.com/action/ 0
93 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4029304&Ver=2&mid=65bbeb9f-21d9-41ca-846f-21e50c3d593b&sid=d4c6db5072c211eb9cbde9c30c06b63f&vid=d4c704e072c211eb8e2fa9cde0e6687a&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Winloot%20-%20Unavailable%20In%20Your%20Region&p=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&r=&lt=2408&evt=pageLoad&msclkid=N&sv=1&rn=695989
Requested by: Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 19 Feb 2021 14:57:48 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: F0FC60CB470B4D2597A24141B51F6787 Ref B: FRAEDGE1210 Ref C: 2021-02-19T14:57:48Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 48ms
35ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1069804508&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36371770-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38169b45e3fde173c9581e8318d64a0ec9b27f7ec516450bb4d2997069880054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 14:57:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39272
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Feb 2021 14:57:48 GMT

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 31 KB
13 KB 44ms
30ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1069804508

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11e4390972243444bef13a861d73eed252a6d4c9cc43e98a7e4e19bceb46bee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 14:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12360
x-xss-protection: 0
server: cafe
etag: 195370021859676167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 14:57:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36371770-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3996
date: Fri, 19 Feb 2021 13:51:12 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 19 Feb 2021 15:51:12 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1069804508/ 42 B
138 B 88ms
88ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1069804508/?random=1613746668376&cv=9&fst=1613743200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&tiba=Winloot%20-%20Unavailable%20In%20Your%20Region&fmt=3&is_vtc=1&random=1618734456&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 14:57:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1069804508/ 42 B
108 B 20ms
20ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1069804508/?random=1613746668376&cv=9&fst=1613743200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&tiba=Winloot%20-%20Unavailable%20In%20Your%20Region&fmt=3&is_vtc=1&random=1618734456&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 14:57:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
126 B 46ms
13ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=813595538&t=pageview&_s=1&dl=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&ul=en-us&de=UTF-8&dt=Winloot%20-%20Unavailable%20In%20Your%20Region&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=oGBAAUABAAAAAC~&jid=563760551&gjid=1001020244&cid=1069500113.1613746668&tid=UA-36371770-1&_gid=1188849909.1613746668&_r=1&gtm=2ou2a1&z=9771667

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 14:57:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winloot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
384 B 31ms
20ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=813595538&t=event&_s=2&dl=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&ul=en-us&de=UTF-8&dt=Winloot%20-%20Unavailable%20In%20Your%20Region&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=user_dimension&_u=oGBAAUABAAAAAC~&jid=&gjid=&cid=1069500113.1613746668&tid=UA-36371770-1&_gid=1188849909.1613746668&gtm=2ou2a1&cd2=&z=142185897

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 10:55:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 14567
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 6944 183 B
411 B 242ms
151ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e0d97bb3487d53fa2004e2211ef8a750646893c7

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fwww.winloot.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fwww.winloot.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-response-time: 107
date: Fri, 19 Feb 2021 14:57:48 GMT
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 14:57:48 GMT
server: tsa_f
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: ab5c0860bdce1a15c9667db31696b639
strict-transport-security: max-age=631138519
content-length: 152

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069804508/ 2 KB
1 KB 257ms
243ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069804508/?random=1613746668494&cv=9&fst=1613746668494&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&tiba=Winloot%20-%20Unavailable%20In%20Your%20Region&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65a097f9d58525ff2596b1d6eb2baec410e68a4feacd221610ecbe3464278f81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 14:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1047
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069804508/ 2 KB
2 KB 145ms
132ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069804508/?random=1613746668495&cv=9&fst=1613746668495&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&ig=1&data=event%3Duser_dimension%3Buhash%3D&frm=0&url=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&tiba=Winloot%20-%20Unavailable%20In%20Your%20Region&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b4e866602eb797cce66edfc9e482e5154d31e067af18e4fa6ca6a97ec27a3f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 14:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-36371770-1&cid=1069500113.1613746668&jid=563760551&gjid=1001020244&_gid=1188849909.1613746668&_u=oGBAAUAAAAAAAC~&z=1259313826

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Feb 2021 14:57:48 GMT
content-type: text/plain
access-control-allow-origin: https://www.winloot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 20ms
20ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-36371770-1&cid=1069500113.1613746668&jid=563760551&_u=oGBAAUAAAAAAAC~&z=874464137

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 14:57:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 59ms
45ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-36371770-1&cid=1069500113.1613746668&jid=563760551&_u=oGBAAUAAAAAAAC~&z=874464137

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 14:57:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?tna=v2.0.1&aid=a-03ba&wpn=lc-bundle&pu=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&duid=bca5bbfbc6c7--01eyxcr0wrgfa08hyrg5y50h0d&se=e30&dtstmp=1613746668557
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-03ba&wpn=lc-bundle&pu=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&duid=bca5bbfbc6c7--01eyxcr0wrgfa08hyrg5y50h0d&se=e30&dtstmp=1613746668557&i6=MmEwMTo0Zjg...

13 B
569 B

378ms
123ms

XHR
application/json

52.86.196.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?tna=v2.0.1&aid=a-03ba&wpn=lc-bundle&pu=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&duid=bca5bbfbc6c7--01eyxcr0wrgfa08hyrg5y50h0d&se=e30&dtstmp=1613746668557&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.86.196.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-196-188.compute-1.amazonaws.com

Software

nginx/1.16.1 /

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.winloot.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 14:57:49 GMT
x-pixel-event-id: 72300b9c-1871-465b-9911-fcfb23ba99bf
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
request-time: 1
vary: Origin
content-length: 13
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.16.1
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 8c813434c9b506ac

Redirect headers

date: Fri, 19 Feb 2021 14:57:48 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.16.1
vary: Origin
location: https://rp4.liadm.com/j?tna=v2.0.1&aid=a-03ba&wpn=lc-bundle&pu=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&duid=bca5bbfbc6c7--01eyxcr0wrgfa08hyrg5y50h0d&se=e30&dtstmp=1613746668557&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://www.winloot.com
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: fa8605f978f6e90a
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1069804508/ 42 B
530 B 54ms
41ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1069804508/?random=1613746668495&cv=9&fst=1613743200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&data=event%3Duser_dimension%3Buhash%3D&frm=0&url=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&tiba=Winloot%20-%20Unavailable%20In%20Your%20Region&async=1&fmt=3&is_vtc=1&random=3619508217&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 14:57:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1069804508/ 42 B
112 B 19ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1069804508/?random=1613746668495&cv=9&fst=1613743200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&data=event%3Duser_dimension%3Buhash%3D&frm=0&url=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&tiba=Winloot%20-%20Unavailable%20In%20Your%20Region&async=1&fmt=3&is_vtc=1&random=3619508217&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 14:57:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1069804508/ 42 B
66 B 63ms
63ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1069804508/?random=1613746668494&cv=9&fst=1613743200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&tiba=Winloot%20-%20Unavailable%20In%20Your%20Region&async=1&fmt=3&is_vtc=1&random=4125426403&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 14:57:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1069804508/ 42 B
66 B 18ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1069804508/?random=1613746668494&cv=9&fst=1613743200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.winloot.com%2FSite%2FDenied&tiba=Winloot%20-%20Unavailable%20In%20Your%20Region&async=1&fmt=3&is_vtc=1&random=4125426403&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.winloot.com
URL: https://www.winloot.com/Site/Denied

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.winloot.com/Site/Denied
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 14:57:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.winloot.com/	1970-01-19 16:17:13	Name: _gid Value: GA1.2.1188849909.1613746668
.winloot.com/	1970-01-20 09:46:58	Name: _lc2_fpi Value: bca5bbfbc6c7--01eyxcr0wrgfa08hyrg5y50h0d
.winloot.com/	1970-01-19 16:15:46	Name: _gat_gtag_UA_36371770_1 Value: 1
.winloot.com/	1970-01-20 09:46:58	Name: _ga Value: GA1.2.1069500113.1613746668
.winloot.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .winloot.com
www.winloot.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: rwn325yng5h2nxcuzvupmojm
.winloot.com/	1970-01-19 16:39:10	Name: _uetvid Value: d4c704e072c211eb8e2fa9cde0e6687a
.winloot.com/	1970-01-19 16:17:13	Name: _uetsid Value: d4c6db5072c211eb9cbde9c30c06b63f
.winloot.com/	1970-01-19 16:58:58	Name: CUID Value: N,1613746668280:ALHGLuQAAAAPTiwxNjEzNzQ2NjY4MjgwqeG3nQ+1Shtc0koVnb38juuYsPR0kGZCcl1wr6lmELx3SNcr07yJj+UoeVFblNzcCEVeZ4ZV0h57teadpYLVPXa/yED/bV8ZiuzZqEsP/4XxdEkCm8oNgZBGIKSSSpJZka0g1c29vAPwbLuhR/JWoHHFg06Og2SihXQVHUPXteLTomTz1Z9asIF/+rW1B2SHkfpnqOIa9YQuvRpvGHDKmplKlmqiGK1oAhONCLfH3BEShjFQnz28W/EaVXVXGeQ0UZP4psUv9RhaPOU+jyLIhQXRtpriXJaqPP76SwTq5N1VWLdfVuj8UiyNNRgSkhGkqmvwfkPObRshZJK6CmGbzA==
www.winloot.com/	1970-01-19 16:58:55	Name: WL_LAYOUT Value: ID=gf1fBTTAz7UPM1cbMOmGlQ==&CSS=D+9QbEXKomSAlb6JTvdVJx/WF4WqDjA6PE7cNIbkLTw=&SUF=Tjdmy0VSCVtRIpb7yvRClw==&ADC=hTrBGFJHfvWejme+Z80Bdw==&EXP=FALSE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b-code.liadm.com
bat.bing.com
contributor.google.com
email.mg.winloot.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
p.d.2enm.com
platform.twitter.com
rp.liadm.com
rp4.liadm.com
secure.adnxs.com
static.winloot.com
stats.g.doubleclick.net
syndication.twitter.com
tag.perfectaudience.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.winloot.com
104.244.42.72
142.250.185.226
151.101.14.217
185.33.221.87
2001:4de0:ac19::1:b:2a
2600:1f18:730:b140:28d8:9783:2a08:4b54
2600:9000:2182:d800:2:268:2600:93a1
2606:2800:234:59:254c:406:2366:268c
2620:1ec:c11::200
2a00:1450:4001:803::2008
2a00:1450:4001:803::200e
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2004
2a00:1450:4001:813::200e
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:400c:c00::9d
2a02:26f0:7100::687e:2471
52.21.228.160
52.39.51.203
52.86.196.188
03e3bf4f71ad94cdb180db4a58d470bf73a46efe6715c1173b0fd447d04cb3d1
0efc85e6eebfe6b9aa34601a041df17b4a2a9febec1a76a3b9605f48c244c426
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1136f84db7704df75126ab728df0925bed6918dce51271484f6a8bae29918ea2
11e4390972243444bef13a861d73eed252a6d4c9cc43e98a7e4e19bceb46bee8
11f2ff9a96e72bbf795dca5cecd18071fbdd860e816d1e936b9401dfdcd6824e
1295982ebdf7bd253fdefb02820b149e4ecb6fbf70106dae9c0cd9abe1d15ddb
1a6e059e6586d56c40e2904a0fbbf14a5c00cd396423c1663ceba6ad66c965b7
1ae378cc0e18efafcf095c3e9e563635537e7bd409133a2c08897fa1bc5e91c3
1c950e7e505a7fd2b94945025460ca25bfe4ee1504b77ff0ba8968b298434156
2675d2d890cf6e372afec413374a542617f9a79f5b1a084aa238bc2116ea2816
26f9d499c579b450814f2511d338fd1ee9bd20494b2f5b48ef6a1e10781c9336
28a71436ac0dc932da5f3bee332164e898ac890aba1e4ed9b6b7225e711fdd9d
2ea1836b9da6aa185e935fabb060935699829575363fdc593c97fbfe5ef7047f
33d4c7601998bd383738dcb9de16fe2a0d71ee0f7378ce936ab8955d543cb822
345741f4b4cf571a306feeb77dfad0098f7eaabfdfad65208aa47de3d443b721
36a326c783a12f72498d41fb32371da87fe0cbd1595248f3f154fd939f07f10c
38169b45e3fde173c9581e8318d64a0ec9b27f7ec516450bb4d2997069880054
385a17bdb62813232ec802a9e2568253ab336136d33e68fc4f9081dd3bdb6009
3be259dd375543fb6ed4bb74e079e568acb0ca6b7fcf5033afd310af380dbd3d
3d5c0f99d3a1f778f4ece14cb7d99587aafcf3ac1714372ca05048536e6520e3
40cb29c6823e44efb83a3f11ea4d5f63f6ba7d029afa2058205dbecfa7d9ca30
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
50f178316c34e1058d082379f13579d6343e09858ba9fea1c2b8c8e537198421
52e63816d8b679f42d993be492bb99c713067c028df87032d8fd54b4dde74e3f
55949df83494fbcb2fe71fabaaae0108dbeac98c8d8c0ff22f5b5f8247fdf389
55c6098fa90bd7ef1b43434546ff045a2f0ace1fa68dcdebca761975a14383b5
59b433cefe6bb1115502408961048b94168decd7fccc72d3d3a6d0009d93ddec
5ac68b973b51de63b2861b532d0819385850ec5833f50a4dcd3c13a315d0204b
5ada7a18d5286a65bcc65f8c5d7a674202b0079125e6141b1c9fb3bb271592c0
5e97275bb9aa10c30a2cd2b9978c3f3a85ecb8a3c17ace9fae33aa696e417843
5fb2937d4f136eba20499dea2ee71531d046da180f39d16cc2a1fb904f8aa898
62b756566e6915a3b88cbb124c14d63ce14afb3d477591008726be6a28a7b30f
65a097f9d58525ff2596b1d6eb2baec410e68a4feacd221610ecbe3464278f81
70c87485b03e03fbb994a540eb7eeacbb9f86b15a9adae171560e2733c5d4d59
7350a3e25156cef3c4fbc4b5f0686a6e524ed15ec63cba58c75612dc642068de
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d9c3aadac62869858af794adf28abf1720c88ec80ceb960152e973a2d936ed6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84ef3e9712d1db9defde9af98521c439379a103bbf9b78679b2ff93631480af6
887ad483dbb92ca26aa2a7030643c545fe34e525c152db9d8927a8d14c133a82
8b4e866602eb797cce66edfc9e482e5154d31e067af18e4fa6ca6a97ec27a3f6
900de576d7704280b05e677016d64d8061ee17055b4e240295d045ee23ba5485
93f4dd3c5b2cef3ccc537de7e7285c420622626f72387ea06e7feb26dff5ec70
9469cb5999139af08a3d999ef5765edc26bf38b6a038411b290d9280e63cd170
99adb384fd992660be76df488633e76fe86ed9bba2a7cdf143a97e03fc3ee94d
9c5ab1950026e5f71d3844b6d623acb56375ec4a48a464f630e8e676f4e153be
9cd5d3ff4872d20f07c8443a5d1dff15e79ecf3c367dfae064dea93ed5d10053
a6ce9a009f60fee30bd85144ffcb3fbbb5c9ed030aa5a73878d0195c1e7dcf7e
b0e0af57cc9e25cd25e89c3bb7f884cba9592fc6521616f4b13b467374632587
b27ec2595ea128259b968383c3f6e5e3b4d0a3e2c7e70399c68c01254d43bff4
b2b098b04f061d3ea78b03d3bb6bca3d9ad090b292f39918dccfb156b44dcdfd
bb020fbd63f7f52804c123600d2e995ea0bdebad66e932ca8db99329ba3f09da
bb64c81741e64df26169d95d60fec8d82aa21531563d3a2a51bb3dd77be3049b
c2e0787633e616a414524e6e4e00a8eb18640dd67c2f566cadd8c6b0e6f7bdb2
c34f5c51cea0ee9e05108c79c404086a24b73fbecb0999654fc9116b4c4b755e
c771655a26103a33c2ea0c36e4b79674f897d1a7847897acfd73925b3fd58344
cb09ab0572c6a6549a782e2843218c00285cb737ae50fe29a5061ca96aff0234
cc5563d2c3c62b29b76afffe70e878713f4eb3adeb2c322763cb681aed6d14b4
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
ddb5351359ad80f2910cf20c27063dd000212153400cf7c7db66396cd7a153e9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df5d32449347ffff2b72243a756d1565dbd38c0b0b5636fdfa91d2367b3b4275
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5620b6fdc194c2b1e77eb54fcfd53e1d1685987a5af1e9d85c647489b87d794
e5d0f614fe452ad780d549d8056b7143e3fdd4b98b4491988ad92ecd9458a0dd
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
fb17446a0ae8a6fd8cc85f7615a74be77ac6aad208050164c8cbe337dc3bfc9c

www.winloot.com Open in urlscan Pro 52.21.228.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

100 %HTTPS

75 %IPv6

16 Domains

23 Subdomains

26 IPs

4 Countries

947 kBTransfer

2338 kBSize

10 Cookies

3 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.winloot.com Open in urlscan Pro
52.21.228.160 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

100 %
HTTPS

75 %
IPv6

16
Domains

23
Subdomains

26
IPs

4
Countries

947 kB
Transfer

2338 kB
Size

10
Cookies

80 HTTP transactions
0 data transactions