get-wins.com Open in urlscan Pro
2606:4700:3030::ac43:a683 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://get-wins.com/take-drop
Submission Tags: https://phish.report @phish_report Search All
Submission: On May 01 via api (May 1st 2023, 2:46:11 pm UTC) from FI — Scanned from FI

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 46 HTTP transactions. The main IP is 2606:4700:3030::ac43:a683, located in United States and belongs to CLOUDFLARENET, US. The main domain is get-wins.com.
TLS certificate: Issued by GTS CA 1P5 on March 17th 2023. Valid for: 3 months.

This is the only time get-wins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3030::ac43:a683	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10 20	2a03:6f00:1::... 2a03:6f00:1::b039:d290	9123 (TIMEWEB-AS) (TIMEWEB-AS)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
13	146.75.120.193 146.75.120.193	54113 (FASTLY) (FASTLY)
9	193.108.153.5 193.108.153.5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
46	9

9 2606:4700:3030::ac43:a683 (United States)

ASN13335 (CLOUDFLARENET, US)

get-wins.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a03:6f00:1::b039:d290 (Russian Federation) 10 redirects

ASN9123 (TIMEWEB-AS, RU)

cp03467.tw1.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vh314.timeweb.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 193.108.153.5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-5.deploy.static.akamaitechnologies.com

community.akamai.steamstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	imgur.com i.imgur.com — Cisco Umbrella Rank: 5166	2 MB
10	timeweb.ru vh314.timeweb.ru
10	tw1.ru 10 redirects cp03467.tw1.ru	1 KB
9	steamstatic.com community.akamai.steamstatic.com — Cisco Umbrella Rank: 11517	522 KB
9	get-wins.com get-wins.com	120 KB
1	gstatic.com fonts.gstatic.com	38 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 997	111 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	28 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	1 KB
46	9

	Domain	Requested by
13	i.imgur.com	get-wins.com
10	vh314.timeweb.ru	get-wins.com
10	cp03467.tw1.ru	10 redirects get-wins.com
9	community.akamai.steamstatic.com	get-wins.com
9	get-wins.com	get-wins.com
1	fonts.gstatic.com	fonts.googleapis.com
1	code.jquery.com	get-wins.com
1	cdnjs.cloudflare.com	get-wins.com
1	fonts.googleapis.com	get-wins.com
46	9

This site contains no links.

Subject Issuer	Validity	Valid
*.get-wins.com GTS CA 1P5	`2023-03-17` - `2023-06-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
cdn.akamai.steamstatic.com R3	`2023-04-20` - `2023-07-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://get-wins.com/take-drop
Frame ID: 6238C72AA429E06CCEE8B3383FA447E3
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GIFTS | FREE Case

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

46
Requests

76 %
HTTPS

75 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

3287 kB
Transfer

3881 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://cp03467.tw1.ru/styles/css/be514d3d381f34a6a7277fc1affef3bf24b5a54c227d/6615f270a01650110ccc3b9f91fa8616fb96a587f53f.css HTTP 301
https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru

Request Chain 6

https://cp03467.tw1.ru/styles/css/be514d3d381f34a6a7277fc1affef3bf24b5a54c227d/124d64e39000a4cec801af9fda5bede4daf62ba62573.css HTTP 301
https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru

Request Chain 7

https://cp03467.tw1.ru/styles/css/be514d3d381f34a6a7277fc1affef3bf24b5a54c227d/d5243abd6bd3bad3991e866c0dc80ac84a414014e31d.css HTTP 301
https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru

Request Chain 8

https://cp03467.tw1.ru/styles/css/be514d3d381f34a6a7277fc1affef3bf24b5a54c227d/41b94eda6cb5f53f0487b607dd412d8ccb83884aae48.css HTTP 301
https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru

Request Chain 9

https://cp03467.tw1.ru/styles/css/be514d3d381f34a6a7277fc1affef3bf24b5a54c227d/72e54e4aa8831c809237ce551278e317028722c43f89.css HTTP 301
https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru

Request Chain 10

https://cp03467.tw1.ru/styles/css/fs/css/style.css HTTP 301
https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru

Request Chain 12

https://cp03467.tw1.ru/styles/css/ajax/libs/jquery/3.4.1/jquery.min.js HTTP 301
https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru

Request Chain 13

https://cp03467.tw1.ru/styles/css/ui/1.11.3/jquery-ui.js HTTP 301
https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru

Request Chain 32

https://cp03467.tw1.ru/styles/css/ajax/libs/jquery/3.1.1/jquery.min.js HTTP 301
https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru

Request Chain 35

https://cp03467.tw1.ru/styles/css/imgs/frame.svg HTTP 301
https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request take-drop Show response
get-wins.com/ 42 KB
10 KB 231ms
136ms Document
text/html 2606:4700:3030::ac43:a683
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get-wins.com/take-drop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a683 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8910d840f7a111a44c47c7b02cfae6341b01396864dbe7a8d718142e6c98284d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c08cfdb9a98992a-ARN
content-encoding: br
content-type: text/html
date: Mon, 01 May 2023 14:46:05 GMT
last-modified: Wed, 26 Apr 2023 15:52:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I51CeHeAr4wLuwqKkAkPdfXLU9Y5Ac7N0BhHXVieZt6CujumrCAoeX1%2F%2FY%2BBK0cjXfGAX2otzpRDt%2BFghbLBMVC%2FdOY2k1KDUWmwFEsAMhNHO%2BSq27HBdUN%2BYlUkjY4p5gLdeQFwFDyYvyM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 d15bc48bc5cb88b361f544ca47e09c3c0beb2e9d50ab.css
get-wins.com/a0f82a0c9017edcb028c0272d832187d04f0bec70317/ 20 KB
6 KB 143ms
139ms Stylesheet
text/css 2606:4700:3030::ac43:a683
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get-wins.com/a0f82a0c9017edcb028c0272d832187d04f0bec70317/d15bc48bc5cb88b361f544ca47e09c3c0beb2e9d50ab.css
Requested by: Host: get-wins.com
URL: https://get-wins.com/take-drop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a683 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e72bfd5b2451298de330b65ffbf950c8f830c5d373435f26fce733e1264bef5d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/take-drop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 04 Jun 2022 16:46:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"629b8c4a-510d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atK%2Fwq4Rhy3fAijkFjWJUHPgfqKbqNPxqZZJfptnUc9R1JWKzSkUyTJH5XqvufNkD%2BPZAAUt8uZF%2F2GUZXPAchl8PiRyzDDesRn3ScmYqB4zVMqFfxJ2CFCZh73GlxuFbcWFlbtTQtJWW5I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7c08cfdc8c4c992a-ARN
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 a00845169e2e99e77980c47c787e2d01b1ceea9dd0b7.css
get-wins.com/a0f82a0c9017edcb028c0272d832187d04f0bec70317/ 75 KB
18 KB 149ms
146ms Stylesheet
text/css 2606:4700:3030::ac43:a683
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get-wins.com/a0f82a0c9017edcb028c0272d832187d04f0bec70317/a00845169e2e99e77980c47c787e2d01b1ceea9dd0b7.css
Requested by: Host: get-wins.com
URL: https://get-wins.com/take-drop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a683 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2815908a70bff8204d9c9dc034dd649f3f560a90112b11ddd5e0e53583bd39c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/take-drop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Feb 2022 14:17:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"620a6494-12d95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NLfu0GikQ%2FPMe8O3qFdluvPyQqsHBIO52CjvfIzrM2d4csq1bmUqJRV2rkMkV6YIFbDlRbjiznNrjnNvCy%2BZvaopsmcS%2FQiCA7chbXn%2FdVZWitWZkWUPBvN6gLa5b4oUSO2mGj3iklISQc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7c08cfdc7c46992a-ARN
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 77861b0e883bb07bc3bd56b1265976844ef2aaca257b.css
get-wins.com/a0f82a0c9017edcb028c0272d832187d04f0bec70317/ 20 KB
4 KB 138ms
135ms Stylesheet
text/css 2606:4700:3030::ac43:a683
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get-wins.com/a0f82a0c9017edcb028c0272d832187d04f0bec70317/77861b0e883bb07bc3bd56b1265976844ef2aaca257b.css
Requested by: Host: get-wins.com
URL: https://get-wins.com/take-drop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a683 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbdcded3c4261a3c9d79cb3cf9e641744ad1f2db504690f3a1a06f6b3893dda4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/take-drop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Feb 2022 14:17:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"620a6495-4e0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BaN481mA7NzsZ9s9zSf1fIPxiuUTzYN%2Ba0Z37eR%2BtPP1AbYztV991dZKGy7FIpGZO3BJoeMjQNGmxE%2BeH0xBSEDlkCKpP7mFpOpoHo3wovXzRyjBCqQ57nrqT6dbezwfVqS0L%2FxAJ7rV44%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7c08cfdc7c47992a-ARN
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 a4cc0c988ed2f7d3134c033f92b2c61289c2dbb6e82c.css
get-wins.com/a0f82a0c9017edcb028c0272d832187d04f0bec70317/ 10 KB
3 KB 136ms
133ms Stylesheet
text/css 2606:4700:3030::ac43:a683
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get-wins.com/a0f82a0c9017edcb028c0272d832187d04f0bec70317/a4cc0c988ed2f7d3134c033f92b2c61289c2dbb6e82c.css
Requested by: Host: get-wins.com
URL: https://get-wins.com/take-drop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a683 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02ed5fedd4d231fd7599d828707a1af9728f3dd33876047b5b045c1cec3f5d02

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/take-drop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Feb 2022 14:17:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"620a6490-2965"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGluVa11dxvfeMnGMmaw4%2FrIVnMgzmu2BDUiP7IGBGf3dRO14svI7YE5BB4fgbMtCCcgegEpcBZmHqQGK3iUO5iqj10l2OI4jNB3xRybyYlB6aTyKgaUunpm%2FlSIDstvhgWF4NRlKr0%2BJGE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7c08cfdc8c4b992a-ARN
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 28c5af3d071d402712118acba73898afac4ece5f686b.css
get-wins.com/a0f82a0c9017edcb028c0272d832187d04f0bec70317/ 6 KB
2 KB 144ms
141ms Stylesheet
text/css 2606:4700:3030::ac43:a683
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get-wins.com/a0f82a0c9017edcb028c0272d832187d04f0bec70317/28c5af3d071d402712118acba73898afac4ece5f686b.css
Requested by: Host: get-wins.com
URL: https://get-wins.com/take-drop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a683 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f653dbf761adb689f70bdfbc792ae65192e95b544d7e66dce483a4931b4c58e3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/take-drop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 15 Apr 2022 15:36:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"625990e3-1722"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWqZ00nR%2BfbP%2FWzycjXEnfMNDolBsIZvyuS67c8UW%2Faam3Ka6CQCek%2BbJ2lZzu2hPWCfw5On7KYqCmy8OqCFPXUZSI4U1PXe%2BlL2iDZo4lj6%2FdMYOcpRJrJ%2F3s5tDS1qnGAte4ypJm2FzA0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7c08cfdc8c4e992a-ARN
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

/
vh314.timeweb.ru/parking/
Redirect Chain

https://cp03467.tw1.ru/styles/css/be514d3d381f34a6a7277fc1affef3bf24b5a54c227d/6615f270a01650110ccc3b9f91fa8616fb96a587f53f.css
https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru

0
0

191ms
115ms

Stylesheet
text/html

2a03:6f00:1::b039:d290
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru
Requested by: Host: get-wins.com
URL: https://get-wins.com/take-drop
Protocol: H2
Server: 2a03:6f00:1::b039:d290 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

location: https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru
date: Mon, 01 May 2023 14:46:05 GMT
server: nginx/1.22.1
content-length: 169
content-type: text/html

GET
H2

200

/
vh314.timeweb.ru/parking/
Redirect Chain

https://cp03467.tw1.ru/styles/css/be514d3d381f34a6a7277fc1affef3bf24b5a54c227d/124d64e39000a4cec801af9fda5bede4daf62ba62573.css
https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru

0
0

183ms
108ms

Stylesheet
text/html

2a03:6f00:1::b039:d290
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru
Requested by: Host: get-wins.com
URL: https://get-wins.com/take-drop
Protocol: H2
Server: 2a03:6f00:1::b039:d290 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

location: https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru
date: Mon, 01 May 2023 14:46:05 GMT
server: nginx/1.22.1
content-length: 169
content-type: text/html

GET
H2

200

/
vh314.timeweb.ru/parking/
Redirect Chain

https://cp03467.tw1.ru/styles/css/be514d3d381f34a6a7277fc1affef3bf24b5a54c227d/d5243abd6bd3bad3991e866c0dc80ac84a414014e31d.css
https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru

0
0

190ms
115ms

Stylesheet
text/html

2a03:6f00:1::b039:d290
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru
Requested by: Host: get-wins.com
URL: https://get-wins.com/take-drop
Protocol: H2
Server: 2a03:6f00:1::b039:d290 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

location: https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru
date: Mon, 01 May 2023 14:46:05 GMT
server: nginx/1.22.1
content-length: 169
content-type: text/html

GET
H2

200

/
vh314.timeweb.ru/parking/
Redirect Chain

https://cp03467.tw1.ru/styles/css/be514d3d381f34a6a7277fc1affef3bf24b5a54c227d/41b94eda6cb5f53f0487b607dd412d8ccb83884aae48.css
https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru

0
0

181ms
106ms

Stylesheet
text/html

2a03:6f00:1::b039:d290
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru
Requested by: Host: get-wins.com
URL: https://get-wins.com/take-drop
Protocol: H2
Server: 2a03:6f00:1::b039:d290 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

location: https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru
date: Mon, 01 May 2023 14:46:05 GMT
server: nginx/1.22.1
content-length: 169
content-type: text/html

GET
H2

200

/
vh314.timeweb.ru/parking/
Redirect Chain

https://cp03467.tw1.ru/styles/css/be514d3d381f34a6a7277fc1affef3bf24b5a54c227d/72e54e4aa8831c809237ce551278e317028722c43f89.css
https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru

0
0

146ms
71ms

Stylesheet
text/html

2a03:6f00:1::b039:d290
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru
Requested by: Host: get-wins.com
URL: https://get-wins.com/take-drop
Protocol: H2
Server: 2a03:6f00:1::b039:d290 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

location: https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru
date: Mon, 01 May 2023 14:46:05 GMT
server: nginx/1.22.1
content-length: 169
content-type: text/html

GET
H2

200

/
vh314.timeweb.ru/parking/
Redirect Chain

https://cp03467.tw1.ru/styles/css/fs/css/style.css
https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru

0
0

191ms
115ms

Stylesheet
text/html

2a03:6f00:1::b039:d290
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru
Requested by: Host: get-wins.com
URL: https://get-wins.com/take-drop
Protocol: H2
Server: 2a03:6f00:1::b039:d290 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

location: https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru
date: Mon, 01 May 2023 14:46:05 GMT
server: nginx/1.22.1
content-length: 169
content-type: text/html

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
1 KB 201ms
70ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

560abbd7d0555a1eaf630c3487f47ffdc097772b00227e5bfcb85aafcdcb3491

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 01 May 2023 14:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:23:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 May 2023 14:46:05 GMT

GET
H2

200

/ Show response
vh314.timeweb.ru/parking/
Redirect Chain

https://cp03467.tw1.ru/styles/css/ajax/libs/jquery/3.4.1/jquery.min.js
https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru

0
0

145ms
70ms

Script
text/html

2a03:6f00:1::b039:d290
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru
Requested by: Host: get-wins.com
URL: https://get-wins.com/take-drop
Protocol: H2
Server: 2a03:6f00:1::b039:d290 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

location: https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru
date: Mon, 01 May 2023 14:46:05 GMT
server: nginx/1.22.1
content-length: 169
content-type: text/html

GET
H2

200

/ Show response
vh314.timeweb.ru/parking/
Redirect Chain

https://cp03467.tw1.ru/styles/css/ui/1.11.3/jquery-ui.js
https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru

0
0

190ms
116ms

Script
text/html

2a03:6f00:1::b039:d290
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru
Requested by: Host: get-wins.com
URL: https://get-wins.com/take-drop
Protocol: H2
Server: 2a03:6f00:1::b039:d290 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

location: https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru
date: Mon, 01 May 2023 14:46:05 GMT
server: nginx/1.22.1
content-length: 169
content-type: text/html

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
28 KB 103ms
38ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1197607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27748
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bLUE9uDYMRPofQ7B4aWcz1yUAf%2FntCE87Aqe840B3LvsV6T7BrAmCDNPtfLxSLcCOh7N%2BBu%2BjJQ%2FYI35ffT9Y5clMBQ%2BlqLLAmOXJX2%2B6EMiFS%2FIbKrcA7pGrfOID25TuMLlJwODfxHjdNy5Io2YQUz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c08cfdcecdbd943-HEL
expires: Sat, 20 Apr 2024 14:46:05 GMT

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.11.3/ 459 KB
111 KB 128ms
40ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.3/jquery-ui.js
Requested by: Host: get-wins.com
URL: https://get-wins.com/take-drop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:05 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-72b1e"
vary: Accept-Encoding
x-hw: 1682952365.dop069.sk1.t,1682952365.cds205.sk1.hn,1682952365.cds239.sk1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 113814

GET
H2 200 KZMWaqH.png
i.imgur.com/ 12 KB
12 KB 185ms
63ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/KZMWaqH.png

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

01afe7feed968087f92af915879090d4ee0b4b49ca37daf120d9d83ad9c66207

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:06 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 1962944
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 11807
x-served-by: cache-iad-kcgs7200030-IAD, cache-fra-etou8220079-FRA
last-modified: Tue, 31 Jan 2023 10:17:54 GMT
server: cat factory 1.0
x-timer: S1682952366.012328,VS0,VE1
etag: "7381d764907acde7aa04a93ceef91ad5"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 24, 4

GET
H2 200 8lytB91.png
i.imgur.com/ 249 B
392 B 185ms
63ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/8lytB91.png

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

71c8d54b5dd9b6b4541a83c907d353b8035a5a4afe0d4cca2af0f659a95b0631

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:06 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 1793422
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 249
x-served-by: cache-iad-kjyo7100031-IAD, cache-fra-etou8220079-FRA
last-modified: Tue, 31 Jan 2023 10:17:54 GMT
server: cat factory 1.0
x-timer: S1682952366.012326,VS0,VE0
etag: "b693af5d49a89353aa38ae2492115365"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 28, 4

GET
H2 200 mKAbRPO.png
i.imgur.com/ 378 B
519 B 234ms
112ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/mKAbRPO.png

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

7af90f4e9f2add152782700fbb98e332e94f3cb0af028f78fda6fddb6ee70bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:06 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 2063050
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 378
x-served-by: cache-iad-kcgs7200021-IAD, cache-fra-etou8220079-FRA
last-modified: Tue, 31 Jan 2023 10:17:54 GMT
server: cat factory 1.0
x-timer: S1682952366.014114,VS0,VE0
etag: "e9dabdfb276fe5a40d062c925d9fe631"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 23, 4

GET
H2 200 DxyHkI3.png
i.imgur.com/ 264 B
628 B 184ms
62ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/DxyHkI3.png

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

eaf65fdd4bad8fde27c676a3d74faacef3bc370024860444d6b9495da667d7a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:06 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 3885251
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 264
x-served-by: cache-iad-kcgs7200159-IAD, cache-fra-etou8220079-FRA
last-modified: Tue, 31 Jan 2023 10:17:54 GMT
server: cat factory 1.0
x-timer: S1682952366.012288,VS0,VE0
etag: "9e4f98d0a34adf69d07cfac793c25e87"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 122, 4

GET
H2 200 oTPHLC9.png
i.imgur.com/ 481 KB
482 KB 185ms
63ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/oTPHLC9.png

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

d429bd862d1f459ca98b184da2b16a272535ad730362e03a0cae67d31a224886

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:06 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 3455896
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 492889
x-served-by: cache-iad-kcgs7200163-IAD, cache-fra-etou8220079-FRA
last-modified: Tue, 31 Jan 2023 10:17:54 GMT
server: cat factory 1.0
x-timer: S1682952366.012654,VS0,VE0
etag: "c241ffaa448965b2155ab5451133f7cd"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 76, 4

GET
H2 200 KAC8vnS.png
i.imgur.com/ 112 KB
112 KB 186ms
64ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/KAC8vnS.png

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

4b8501cd7a1000a99eb1c6b88c1355e023a8c4b826e6698087432f0185149187

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:06 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 836531
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 114198
x-served-by: cache-iad-kjyo7100117-IAD, cache-fra-etou8220079-FRA
last-modified: Tue, 31 Jan 2023 10:17:54 GMT
server: cat factory 1.0
x-timer: S1682952366.012864,VS0,VE0
etag: "f6585c32c996bb9ab2448f69f4719a32"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 12, 4

GET
H2 200 8TbL60Y.png
i.imgur.com/ 128 KB
128 KB 91ms
91ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/8TbL60Y.png

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

a801d6e2dba119f7f07d88355c20cd54168ce0310586952f1af2b6d61645a2fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:06 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 766403
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 130652
x-served-by: cache-iad-kiad7000121-IAD, cache-fra-etou8220079-FRA
last-modified: Tue, 31 Jan 2023 10:17:54 GMT
server: cat factory 1.0
x-timer: S1682952366.062335,VS0,VE1
etag: "aa114f6fb2b6f08a1dacecffec3f6c37"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 18, 4

GET
H/1.1 200
OK 360fx360f
community.akamai.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgpovbSsLQJf1ObcTjxT09i3mYGYlOLnDLfYkWNF18lwmO7Eu9XwiV... 52 KB
53 KB 238ms
61ms Image
image/png 193.108.153.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://community.akamai.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgpovbSsLQJf1ObcTjxT09i3mYGYlOLnDLfYkWNF18lwmO7Eu9XwiVLtqENpYzrwcoPBJFM7Ml7U_QW9x-_qhp7tvciYznJju3Yq5nrD30vgL77o414/360fx360f

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-5.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e493739062fa06584caac1906d87e03a9e13c82259cb1acb4b9954b99f7ead8c

Security Headers

Name

Value

Content-Security-Policy

default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ *.google-analytics.com https://www.google.com https://www.gstatic.com https://apis.google.com https://recaptcha.net https://www.gstatic.cn/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ *.google-analytics.com https://*.valvesoftware.com https://*.steambeta.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ *.google-analytics.com https://www.google.com https://www.gstatic.com https://apis.google.com https://recaptcha.net https://www.gstatic.cn/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ *.google-analytics.com https://*.valvesoftware.com https://*.steambeta.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Date: Mon, 01 May 2023 14:46:06 GMT
Last-Modified: Fri, 09 Jan 2015 03:40:50 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=451772
Connection: keep-alive
Content-Length: 53041
Expires: Sat, 06 May 2023 20:15:38 GMT

GET
H/1.1 200
OK 360fx360f
community.akamai.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgpot7HxfDhoyszJemkV4N27q4yCkP_gDLfQhGxUppQo07-TpYmt2A... 52 KB
54 KB 241ms
64ms Image
image/png 193.108.153.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://community.akamai.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgpot7HxfDhoyszJemkV4N27q4yCkP_gDLfQhGxUppQo07-TpYmt2Azh_EpqYGDxIoLGJAE7YgzQ_FS-xuzu15Lu75yfynV9-n512WUCzeM/360fx360f

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-5.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

c422a2bd77d267dcd2abe35a94bcf0f92450bb2c725af05491ee5d1b4bf31521

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ *.google-analytics.com https://www.google.com https://www.gstatic.com https://apis.google.com https://recaptcha.net https://www.gstatic.cn/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ *.google-analytics.com https://*.valvesoftware.com https://*.steambeta.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Date: Mon, 01 May 2023 14:46:06 GMT
Last-Modified: Mon, 10 Mar 2014 01:18:33 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=344444
Connection: keep-alive
Content-Length: 53531
Expires: Fri, 05 May 2023 14:26:50 GMT

GET
H/1.1 200
OK 360fx360f
community.akamai.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgposr-kLAtl7PvRTipH7s-JkIGZnPLmDLfYkWNF18lwmO7Eu9v30V... 46 KB
47 KB 244ms
65ms Image
image/png 193.108.153.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://community.akamai.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgposr-kLAtl7PvRTipH7s-JkIGZnPLmDLfYkWNF18lwmO7Eu9v30Ve2-ko-Mjr2JtPHJwFtZVGF-QDslbi9hcW4vJ2cmHBmuHZ3s3fD30vg7NYdUho/360fx360f

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-5.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

66b6c8e4ab809e93fbabb455859260b054522713fe4689964c6395ae9afe4834

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ *.google-analytics.com https://www.google.com https://www.gstatic.com https://apis.google.com https://recaptcha.net https://www.gstatic.cn/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ *.google-analytics.com https://*.valvesoftware.com https://*.steambeta.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Date: Mon, 01 May 2023 14:46:06 GMT
Last-Modified: Fri, 11 Jul 2014 00:32:55 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=342402
Connection: keep-alive
Content-Length: 46826
Expires: Fri, 05 May 2023 13:52:48 GMT

GET
H/1.1 200
OK 360fx360f
community.akamai.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgpovbSsLQJfwOfBfThW-NOJlZG0mP74Nr_ummJW4NFOhujT8om7jl... 37 KB
38 KB 243ms
63ms Image
image/png 193.108.153.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://community.akamai.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgpovbSsLQJfwOfBfThW-NOJlZG0mP74Nr_ummJW4NFOhujT8om7jlHiqkJoNjygctPBJlVoZFjS_la8lOnvgpft7ZqcnHFg6yN0sXjfmAv330-Eb6KwCg/360fx360f

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-5.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

13dab1704dcf462f6209c9c12aec67acec96c4141b17d15b04bfa06653f3337c

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ *.google-analytics.com https://www.google.com https://www.gstatic.com https://apis.google.com https://recaptcha.net https://www.gstatic.cn/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ *.google-analytics.com https://*.valvesoftware.com https://*.steambeta.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Date: Mon, 01 May 2023 14:46:06 GMT
Last-Modified: Fri, 03 Aug 2018 00:14:38 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=347832
Connection: keep-alive
Content-Length: 37407
Expires: Fri, 05 May 2023 15:23:18 GMT

GET
H/1.1 200
OK 360fx360f
community.akamai.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgpou-6kejhjxszFJTwW09C5goW0m_7zO6_ummpD78A_3--W89r02w... 68 KB
69 KB 127ms
62ms Image
image/png 193.108.153.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://community.akamai.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgpou-6kejhjxszFJTwW09C5goW0m_7zO6_ummpD78A_3--W89r02wTs_hI5NzrydY6SelJqYFjY8lC_xeq6gp61tMzLnSBg7j5iuyjjy9o9kg/360fx360f

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-5.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

0de01e6ce4e52d76f1c56a9296955cfa91bee43fd82f408db16e02c35bb72a85

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ *.google-analytics.com https://www.google.com https://www.gstatic.com https://apis.google.com https://recaptcha.net https://www.gstatic.cn/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ *.google-analytics.com https://*.valvesoftware.com https://*.steambeta.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Date: Mon, 01 May 2023 14:46:06 GMT
Last-Modified: Mon, 03 May 2021 22:19:37 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=342490
Connection: keep-alive
Content-Length: 69198
Expires: Fri, 05 May 2023 13:54:16 GMT

GET
H/1.1 200
OK 360fx360f
community.akamai.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgposLOzLhRlxfbGTj5X09q_goWYkuHxPYTZj3tU-sd0i_rVyoD8j1... 67 KB
69 KB 65ms
64ms Image
image/png 193.108.153.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://community.akamai.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgposLOzLhRlxfbGTj5X09q_goWYkuHxPYTZj3tU-sd0i_rVyoD8j1yglB89IT6mOtKXJ1A_aQrV_QO-k-bthJC-uMjNy3pgunV34SzZmEC1hRkZOuFrgvOACQLJPmu_S9c/360fx360f

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-5.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

90281178319bc5fa586b31884829d597ab7c84df1fc59833a6d8afe88fb75067

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ *.google-analytics.com https://www.google.com https://www.gstatic.com https://apis.google.com https://recaptcha.net https://www.gstatic.cn/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ *.google-analytics.com https://*.valvesoftware.com https://*.steambeta.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Date: Mon, 01 May 2023 14:46:06 GMT
Last-Modified: Wed, 24 May 2017 01:15:01 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=341116
Connection: keep-alive
Content-Length: 68503
Expires: Fri, 05 May 2023 13:31:22 GMT

GET
H/1.1 200
OK 360fx360f
community.akamai.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgpoo6m1FBRp3_bGcjhQ09-jq5WYh8j_OrfdqWhe5sN4mOTE8bP5gV... 55 KB
57 KB 70ms
67ms Image
image/png 193.108.153.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://community.akamai.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgpoo6m1FBRp3_bGcjhQ09-jq5WYh8j_OrfdqWhe5sN4mOTE8bP5gVO8vywwMiukcZjEcVc5M1CG-1jtyLi9jJW97pzBmnM27nQlsSvfnkGzhU1OPeY8h6CeVxzAUEsa6pHf/360fx360f

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-5.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5eddec372f6dbe98a0cd68f602b5bb68a031881a3f45dd928c09793846d05652

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ *.google-analytics.com https://www.google.com https://www.gstatic.com https://apis.google.com https://recaptcha.net https://www.gstatic.cn/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ *.google-analytics.com https://*.valvesoftware.com https://*.steambeta.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Date: Mon, 01 May 2023 14:46:06 GMT
Last-Modified: Fri, 18 Sep 2015 05:42:17 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=342543
Connection: keep-alive
Content-Length: 56508
Expires: Fri, 05 May 2023 13:55:09 GMT

GET
H/1.1 200
OK 360fx360f
community.akamai.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgposLuoKhRf1OD3dzxP7c-JhoGHm-7LP7LWnn9u5MRjjeyPoN-til... 73 KB
75 KB 67ms
66ms Image
image/png 193.108.153.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://community.akamai.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgposLuoKhRf1OD3dzxP7c-JhoGHm-7LP7LWnn9u5MRjjeyPoN-tilWxrkdoNjv0I4TBJw87YVrZr1W8x-m61J_vuJzIyXMx6HMr4WGdwUIVx7r5Nw/360fx360f

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-5.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

72dfb4005aea8dd5b1a86d001a4658c58380f1b52c7e4fa479c5f3911de37a2d

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ *.google-analytics.com https://www.google.com https://www.gstatic.com https://apis.google.com https://recaptcha.net https://www.gstatic.cn/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ *.google-analytics.com https://*.valvesoftware.com https://*.steambeta.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Date: Mon, 01 May 2023 14:46:06 GMT
Last-Modified: Fri, 19 Aug 2016 01:20:18 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=346132
Connection: keep-alive
Content-Length: 74924
Expires: Fri, 05 May 2023 14:54:58 GMT

GET
H/1.1 200
OK 360fx360f
community.akamai.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgposr-kLAtl7PLJTitH_si_k4-0m_7zO6_ummpD78A_0rzApNrw3F... 58 KB
60 KB 109ms
63ms Image
image/png 193.108.153.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://community.akamai.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgposr-kLAtl7PLJTitH_si_k4-0m_7zO6_ummpD78A_0rzApNrw3FayqUs-YjqgIoWccVVvZAzQqVfqwr_u0JDpup3LynFhuT5iuyj9I0M0JQ/360fx360f

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-5.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

fe3737bea5ab5c6edc6234de8de2ee5b649807ed1b32c951f74c41e26a1626f8

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ *.google-analytics.com https://www.google.com https://www.gstatic.com https://apis.google.com https://recaptcha.net https://www.gstatic.cn/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ *.google-analytics.com https://*.valvesoftware.com https://*.steambeta.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Date: Mon, 01 May 2023 14:46:06 GMT
Last-Modified: Mon, 10 Mar 2014 01:16:31 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=332340
Connection: keep-alive
Content-Length: 59566
Expires: Fri, 05 May 2023 11:05:06 GMT

GET
H2

200

/ Show response
vh314.timeweb.ru/parking/
Redirect Chain

https://cp03467.tw1.ru/styles/css/ajax/libs/jquery/3.1.1/jquery.min.js
https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru

0
0

43ms
43ms

Script
text/html

2a03:6f00:1::b039:d290
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru
Requested by: Host: get-wins.com
URL: https://get-wins.com/take-drop
Protocol: H2
Server: 2a03:6f00:1::b039:d290 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

location: https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru
date: Mon, 01 May 2023 14:46:05 GMT
server: nginx/1.22.1
content-length: 169
content-type: text/html

GET
H3 200 759508d399f6355d15f147a23bcffd9d02790f2eb8c4.js Show response
get-wins.com/64ed62a690977835c38e2c91cd038cab15e8b9fc1425/ 92 KB
34 KB 136ms
135ms Script
application/javascript 2606:4700:3030::ac43:a683
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get-wins.com/64ed62a690977835c38e2c91cd038cab15e8b9fc1425/759508d399f6355d15f147a23bcffd9d02790f2eb8c4.js
Requested by: Host: get-wins.com
URL: https://get-wins.com/take-drop
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a683 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fd24b9a80f33af80b07c10b2e93de653d2463d2cf2aea593036fff34cfd2b76

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/take-drop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 26 Apr 2023 09:59:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6448f606-16f26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vaCZXdLaXGqpLiPSEvJvfzbPARZcWtcgXzcbPbYW6F9rGHTkTIRJ7sriLLUBNu5V9Eo4nkoOmtCr5BmtJDO6EJHc8H2mRYolbhheyiq90hbLv9HYIgk3b%2BmLtw%2Bpyo%2FZWGK4cxImHnUicg8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7c08cfde9e161691-ARN
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET Inter-Regular.ttf
cp03467.tw1.ru/styles/css/imgs/asd/fonts/ 0
0

GET
H2

200

/
vh314.timeweb.ru/parking/
Redirect Chain

https://cp03467.tw1.ru/styles/css/imgs/frame.svg
https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru

0
0

43ms
43ms

Image
text/html

2a03:6f00:1::b039:d290
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru
Requested by: Host: get-wins.com
URL: https://get-wins.com/take-drop
Protocol: H2
Server: 2a03:6f00:1::b039:d290 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

location: https://vh314.timeweb.ru/parking/?ref=cp03467.tw1.ru
date: Mon, 01 May 2023 14:46:05 GMT
server: nginx/1.22.1
content-length: 169
content-type: text/html

GET
H2 200 cEBiDPR.png
i.imgur.com/ 1023 KB
1024 KB 168ms
64ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/cEBiDPR.png

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9df7c8fa2dcfe4403c0f1dcdcf3f3a3a65d812c4a8470be917aacf21efa4b571

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:06 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 2119050
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 1047181
x-served-by: cache-iad-kcgs7200094-IAD, cache-fra-etou8220079-FRA
last-modified: Tue, 31 Jan 2023 10:17:54 GMT
server: cat factory 1.0
x-timer: S1682952366.012755,VS0,VE0
etag: "27618d8da754c71190de0b2f44eac53b"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 37, 2

GET
H2 200 ivFSNiz.png
i.imgur.com/ 319 KB
319 KB 216ms
112ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/ivFSNiz.png

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

291871542360dcaf35afa6c5d656567bc69a2d5b33f1cf51f1a678e4ac5924b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:06 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 1738202
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 326540
x-served-by: cache-iad-kjyo7100121-IAD, cache-fra-etou8220079-FRA
last-modified: Tue, 31 Jan 2023 10:17:55 GMT
server: cat factory 1.0
x-timer: S1682952366.013630,VS0,VE0
etag: "758a9659e217c8ac96073b94ec784156"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 7, 3

GET
H2 200 vghNMHa.png
i.imgur.com/ 238 KB
239 KB 114ms
113ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/vghNMHa.png

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

5f8f161a7d1482abf47e10a821726f5ab7f3f96039828db6b15ddea039425a9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:06 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 1652990
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 244143
x-served-by: cache-iad-kiad7000141-IAD, cache-fra-etou8220079-FRA
last-modified: Tue, 31 Jan 2023 10:17:54 GMT
server: cat factory 1.0
x-timer: S1682952366.141396,VS0,VE0
etag: "9ea1d78515ca849f8b8c741a0c5fdb82"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 9, 3

GET
H2 200 LYhUsXk.png
i.imgur.com/ 34 KB
34 KB 114ms
114ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/LYhUsXk.png

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

f1effafa572f67b3252140d567d69670ae731c5104b10ce7a56fd4664cb09f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:06 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 2243600
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 35019
x-served-by: cache-iad-kiad7000096-IAD, cache-fra-etou8220079-FRA
last-modified: Tue, 31 Jan 2023 10:17:54 GMT
server: cat factory 1.0
x-timer: S1682952366.140810,VS0,VE1
etag: "c3fa8383ac9814acabc1486e02e47210"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 21, 3

GET
H2 200 jnveULW.png
i.imgur.com/ 113 KB
113 KB 113ms
113ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/jnveULW.png

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

68343f49b6406183598eadbae1b4346b8432793883fd3d8b5c4824173f883586

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:06 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 530863
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 115640
x-served-by: cache-iad-kcgs7200126-IAD, cache-fra-etou8220079-FRA
last-modified: Tue, 31 Jan 2023 10:17:55 GMT
server: cat factory 1.0
x-timer: S1682952366.140808,VS0,VE0
etag: "caf75560aec3bef9283f1118812afb32"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 3

GET
H2 200 eXnFYmz.png
i.imgur.com/ 3 KB
3 KB 114ms
113ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/eXnFYmz.png

Requested by

Host: get-wins.com
URL: https://get-wins.com/take-drop

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

cc4c46d210cd017d2ed80984dd65f71da86377cb7aef37f0d098bc58dc0c611d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:06 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 1652989
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 3198
x-served-by: cache-iad-kcgs7200025-IAD, cache-fra-etou8220079-FRA
last-modified: Tue, 31 Jan 2023 10:17:54 GMT
server: cat factory 1.0
x-timer: S1682952366.140832,VS0,VE0
etag: "21080272b26ec7ec089ba78c359cc2e3"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 31, 3

GET
H3 200 take-drop
get-wins.com/ 42 KB
42 KB 179ms
178ms Image
text/html 2606:4700:3030::ac43:a683
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get-wins.com/take-drop
Requested by: Host: get-wins.com
URL: https://get-wins.com/take-drop
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a683 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/take-drop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 26 Apr 2023 15:52:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOJe7EGDCCdahJUr0oToB8whykgLhNJEeXpbF1wI14mMtFbm9Eq8EfxU%2FVooS3Mosc2T%2BAH6xyQBzUvi7%2BiG3X9pligfr44laMMT4FYstI7y%2FZDorKYrSDexF78%2BUH980R%2BOtQqclYnoKiw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 7c08cfdece621691-ARN
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 191ms
62ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://get-wins.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:42:11 GMT
x-content-type-options: nosniff
age: 162235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 17:42:11 GMT

GET
H3 200 metrica.php Show response
get-wins.com/ 0
462 B 390ms
389ms XHR
text/html 2606:4700:3030::ac43:a683
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get-wins.com/metrica.php?method=LoadedCount&url=https%3A%2F%2Fget-wins.com%2Ftake-drop
Requested by: Host: get-wins.com
URL: https://get-wins.com/64ed62a690977835c38e2c91cd038cab15e8b9fc1425/759508d399f6355d15f147a23bcffd9d02790f2eb8c4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a683 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://get-wins.com/take-drop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:46:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4hT5UmCqoYdehZhWiNIAYfn%2FEpoy2n7E5sYYjMCS%2FD7UTZQdiHRYttZyvy8wWvhIcF3eT6JYSGtVe5XKNlzmAe%2BAzcwBA8Rfofh9DJcUrtVFBzy%2BsnNPX3xIoGctUrCMbmcYw4mD7IF5eA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cf-ray: 7c08cfe00fb61691-ARN
access-control-allow-headers: X-Requested-With, *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cp03467.tw1.ru
URL: http://cp03467.tw1.ru/styles/css/imgs/asd/fonts/Inter-Regular.ttf

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://get-wins.com/take-drop(Line 1302) Message: Mixed Content: The page at 'https://get-wins.com/take-drop' was loaded over HTTPS, but requested an insecure font 'http://cp03467.tw1.ru/styles/css/imgs/asd/fonts/Inter-Regular.ttf'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://get-wins.com/take-drop Message: Mixed Content: The page at 'https://get-wins.com/take-drop' was loaded over HTTPS, but requested an insecure element 'http://cp03467.tw1.ru/styles/css/imgs/frame.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
community.akamai.steamstatic.com
cp03467.tw1.ru
fonts.googleapis.com
fonts.gstatic.com
get-wins.com
i.imgur.com
vh314.timeweb.ru
cp03467.tw1.ru
146.75.120.193
193.108.153.5
2001:4de0:ac18::1:a:3b
2606:4700:3030::ac43:a683
2606:4700::6811:190e
2a00:1450:4001:806::2003
2a00:1450:4001:808::200a
2a03:6f00:1::b039:d290
01afe7feed968087f92af915879090d4ee0b4b49ca37daf120d9d83ad9c66207
02ed5fedd4d231fd7599d828707a1af9728f3dd33876047b5b045c1cec3f5d02
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0de01e6ce4e52d76f1c56a9296955cfa91bee43fd82f408db16e02c35bb72a85
13dab1704dcf462f6209c9c12aec67acec96c4141b17d15b04bfa06653f3337c
291871542360dcaf35afa6c5d656567bc69a2d5b33f1cf51f1a678e4ac5924b1
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
4b8501cd7a1000a99eb1c6b88c1355e023a8c4b826e6698087432f0185149187
560abbd7d0555a1eaf630c3487f47ffdc097772b00227e5bfcb85aafcdcb3491
5eddec372f6dbe98a0cd68f602b5bb68a031881a3f45dd928c09793846d05652
5f8f161a7d1482abf47e10a821726f5ab7f3f96039828db6b15ddea039425a9a
66b6c8e4ab809e93fbabb455859260b054522713fe4689964c6395ae9afe4834
68343f49b6406183598eadbae1b4346b8432793883fd3d8b5c4824173f883586
6fd24b9a80f33af80b07c10b2e93de653d2463d2cf2aea593036fff34cfd2b76
71c8d54b5dd9b6b4541a83c907d353b8035a5a4afe0d4cca2af0f659a95b0631
72dfb4005aea8dd5b1a86d001a4658c58380f1b52c7e4fa479c5f3911de37a2d
7af90f4e9f2add152782700fbb98e332e94f3cb0af028f78fda6fddb6ee70bef
8910d840f7a111a44c47c7b02cfae6341b01396864dbe7a8d718142e6c98284d
90281178319bc5fa586b31884829d597ab7c84df1fc59833a6d8afe88fb75067
9df7c8fa2dcfe4403c0f1dcdcf3f3a3a65d812c4a8470be917aacf21efa4b571
a801d6e2dba119f7f07d88355c20cd54168ce0310586952f1af2b6d61645a2fe
c2815908a70bff8204d9c9dc034dd649f3f560a90112b11ddd5e0e53583bd39c
c422a2bd77d267dcd2abe35a94bcf0f92450bb2c725af05491ee5d1b4bf31521
cc4c46d210cd017d2ed80984dd65f71da86377cb7aef37f0d098bc58dc0c611d
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e
d429bd862d1f459ca98b184da2b16a272535ad730362e03a0cae67d31a224886
dbdcded3c4261a3c9d79cb3cf9e641744ad1f2db504690f3a1a06f6b3893dda4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e493739062fa06584caac1906d87e03a9e13c82259cb1acb4b9954b99f7ead8c
e72bfd5b2451298de330b65ffbf950c8f830c5d373435f26fce733e1264bef5d
eaf65fdd4bad8fde27c676a3d74faacef3bc370024860444d6b9495da667d7a7
f1effafa572f67b3252140d567d69670ae731c5104b10ce7a56fd4664cb09f20
f653dbf761adb689f70bdfbc792ae65192e95b544d7e66dce483a4931b4c58e3
fe3737bea5ab5c6edc6234de8de2ee5b649807ed1b32c951f74c41e26a1626f8

get-wins.com Open in urlscan Pro 2606:4700:3030::ac43:a683 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

46 Requests

76 %HTTPS

75 %IPv6

9 Domains

9 Subdomains

9 IPs

4 Countries

3287 kBTransfer

3881 kBSize

0 Cookies

0 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

get-wins.com Open in urlscan Pro
2606:4700:3030::ac43:a683 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

76 %
HTTPS

75 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

3287 kB
Transfer

3881 kB
Size

0
Cookies

46 HTTP transactions
0 data transactions