wincountry.com Open in urlscan Pro
54.84.131.112 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.wnwn.com//
Effective URL:
https://wincountry.com/
Submission: On August 03 via api (August 3rd 2024, 4:57:48 am UTC) from US — Scanned from DE

Summary HTTP 259 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 46 IPs in 6 countries across 40 domains to perform 259 HTTP transactions. The main IP is 54.84.131.112, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is wincountry.com.
TLS certificate: Issued by R3 on June 5th 2024. Valid for: 3 months.

This is the only time wincountry.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 26	54.84.131.112 54.84.131.112	14618 (AMAZON-AES) (AMAZON-AES)
8	18.173.205.35 18.173.205.35	16509 (AMAZON-02) (AMAZON-02)
21	18.172.112.49 18.172.112.49	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	35.234.162.151 35.234.162.151	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	108.138.36.124 108.138.36.124	16509 (AMAZON-02) (AMAZON-02)
42	13.225.78.110 13.225.78.110	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:80e::201b	15169 (GOOGLE) (GOOGLE)
1	2400:52e0:1e0... 2400:52e0:1e00::865:1	60068 (CDN77 _) (CDN77 _)
1	2a02:26f0:350... 2a02:26f0:3500:e89::3282	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2606:4700::68... 2606:4700::6812:133e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
49	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	3.5.25.143 3.5.25.143	14618 (AMAZON-AES) (AMAZON-AES)
9	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
16	172.66.41.9 172.66.41.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
6	2a02:26f0:710... 2a02:26f0:7100:39d::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
17 22	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:211... 2600:9000:211e:b600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:9b91:958:919d:ea36	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	18.196.86.234 18.196.86.234	16509 (AMAZON-02) (AMAZON-02)
1 1	3.78.155.229 3.78.155.229	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	52.5.0.17 52.5.0.17	14618 (AMAZON-AES) (AMAZON-AES)
1	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.154.220.125 54.154.220.125	16509 (AMAZON-02) (AMAZON-02)
1	52.215.107.71 52.215.107.71	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 2	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	63.140.62.222 63.140.62.222	16509 (AMAZON-02) (AMAZON-02)
259	46

26 54.84.131.112 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-131-112.compute-1.amazonaws.com

www.wnwn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wincountry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.173.205.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-35.fra56.r.cloudfront.net

cdn-css.socastsrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 18.172.112.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-49.fra60.r.cloudfront.net

cdn-js.socastsrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.138.36.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-124.muc50.r.cloudfront.net

media.socastsrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 13.225.78.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-110.fra2.r.cloudfront.net

media-cdn.socastsrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::865:1 (Germany)

ASN60068 (CDN77 _, GB)

cdn.worldweatheronline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:e89::3282 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

widgets.media.weather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:133e (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1b6e2a52d6672af2fb90accb9d04d844.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.5.25.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

socast-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt3020.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:7100:39d::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

is1-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
is2-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
is3-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 35.204.74.118 (Groningen, Netherlands) 17 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:b600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:9b91:958:919d:ea36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.86.234 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-86-234.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.78.155.229 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-78-155-229.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.0.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-0-17.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.220.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-220-125.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.107.71 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-107-71.eu-west-1.compute.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.116 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-222.data.adobedc.net

adobedc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
76	socastsrm.com cdn-css.socastsrm.com — Cisco Umbrella Rank: 255875 cdn-js.socastsrm.com — Cisco Umbrella Rank: 293351 media.socastsrm.com — Cisco Umbrella Rank: 381742 media-cdn.socastsrm.com — Cisco Umbrella Rank: 238734	2 MB
59	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 1b6e2a52d6672af2fb90accb9d04d844.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 203	434 KB
24	simpli.fi 17 redirects tag.simpli.fi — Cisco Umbrella Rank: 8238 i.simpli.fi — Cisco Umbrella Rank: 6968 um.simpli.fi — Cisco Umbrella Rank: 1484	13 KB
24	wincountry.com wincountry.com	117 KB
16	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 9368 router.infolinks.com — Cisco Umbrella Rank: 4312 rt3020.infolinks.com — Cisco Umbrella Rank: 106886	130 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 storage.googleapis.com — Cisco Umbrella Rank: 492	342 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	656 KB
7	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 3618 ka-p.fontawesome.com — Cisco Umbrella Rank: 6252	214 KB
6	mzstatic.com is1-ssl.mzstatic.com — Cisco Umbrella Rank: 1024 is2-ssl.mzstatic.com — Cisco Umbrella Rank: 5934 is3-ssl.mzstatic.com — Cisco Umbrella Rank: 5567	33 KB
6	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 10 region1.analytics.google.com — Cisco Umbrella Rank: 3773	1012 B
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123	21 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	345 KB
5	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280 stats.g.doubleclick.net — Cisco Umbrella Rank: 252 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 363	179 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 383	2 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 3519	2 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 689	140 B
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 4127	856 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 910 d.agkn.com — Cisco Umbrella Rank: 1174	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 646	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6716	127 B
2	amazonaws.com socast-public.s3.amazonaws.com — Cisco Umbrella Rank: 176631	58 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	91 KB
2	wnwn.com 2 redirects www.wnwn.com	1017 B
1	demdex.net adobedc.demdex.net — Cisco Umbrella Rank: 9446	916 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 864	264 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 555	239 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 176	23 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 1396	223 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 1296	265 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 1556	445 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 2757	421 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 10885	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 632	140 B
1	1rx.io sync.1rx.io — Cisco Umbrella Rank: 741	99 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 1043	236 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 108
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 521	65 KB
1	weather.com widgets.media.weather.com — Cisco Umbrella Rank: 40273	139 KB
1	worldweatheronline.com cdn.worldweatheronline.com — Cisco Umbrella Rank: 325473	968 B
0	intentiq.com Failed sync.intentiq.com Failed
259	40

	Domain	Requested by
49	pagead2.googlesyndication.com	securepubads.g.doubleclick.net wincountry.com pagead2.googlesyndication.com
42	media-cdn.socastsrm.com	wincountry.com cdn-js.socastsrm.com
24	wincountry.com	wincountry.com cdn-js.socastsrm.com
22	um.simpli.fi	17 redirects
21	cdn-js.socastsrm.com	wincountry.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
8	www.googletagmanager.com	wincountry.com www.googletagmanager.com
8	cdn-css.socastsrm.com	wincountry.com
7	resources.infolinks.com	securepubads.g.doubleclick.net wincountry.com resources.infolinks.com
6	rt3020.infolinks.com	resources.infolinks.com
5	ka-p.fontawesome.com	kit.fontawesome.com wincountry.com
5	storage.googleapis.com	wincountry.com
5	media.socastsrm.com	wincountry.com
4	is1-ssl.mzstatic.com	wincountry.com
4	fonts.gstatic.com	fonts.googleapis.com
3	router.infolinks.com	resources.infolinks.com
3	region1.analytics.google.com	www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.googleapis.com	wincountry.com
3	www.google.com	1 redirects wincountry.com www.gstatic.com
2	ib.adnxs.com	1 redirects
2	loadm.exelator.com	1 redirects
2	idsync.rlcdn.com
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	www.google.de	wincountry.com
2	region1.google-analytics.com	www.googletagmanager.com
2	socast-public.s3.amazonaws.com	cdn-js.socastsrm.com
2	kit.fontawesome.com	wincountry.com kit.fontawesome.com
2	connect.facebook.net	wincountry.com connect.facebook.net
2	securepubads.g.doubleclick.net	wincountry.com securepubads.g.doubleclick.net
2	www.wnwn.com	2 redirects
1	is3-ssl.mzstatic.com
1	is2-ssl.mzstatic.com
1	adobedc.demdex.net	assets.adobedtm.com
1	cm.g.doubleclick.net
1	us-u.openx.net
1	pixel.rubiconproject.com
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	ce.lijit.com
1	bcp.crwdcntrl.net
1	stags.bluekai.com
1	sync.bfmio.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	sync.1rx.io
1	s.ad.smaato.net
1	www.facebook.com	connect.facebook.net
1	i.simpli.fi	tag.simpli.fi
1	assets.adobedtm.com	widgets.media.weather.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	1b6e2a52d6672af2fb90accb9d04d844.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.gstatic.com	www.google.com
1	widgets.media.weather.com	wincountry.com
1	cdn.worldweatheronline.com	wincountry.com
1	tag.simpli.fi	wincountry.com
0	sync.intentiq.com Failed
259	60

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
instagram.com
itunes.apple.com
play.google.com
d2432.cms.socastsrm.com
music.apple.com
publicfiles.fcc.gov
paytrace.com
mwcradio.com
policies.google.com
www.socastdigital.com
www.midwestcareers.com
paylink.paytrace.com

Subject Issuer	Validity	Valid
wnwn.com R3	`2024-06-05` - `2024-09-03`	3 months	crt.sh
*.socastsrm.com Amazon RSA 2048 M03	`2024-07-02` - `2025-07-30`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
media.socastsrm.com Amazon RSA 2048 M03	`2023-10-21` - `2024-11-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-12` - `2024-08-10`	3 months	crt.sh
storage.googleapis.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cdn.worldweatheronline.com R10	`2024-07-05` - `2024-10-03`	3 months	crt.sh
www.weather.com DigiCert TLS RSA SHA256 2020 CA1	`2024-04-18` - `2025-04-18`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
infolinks.com WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
*.google.de WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
itunes.apple.com Apple Public EV Server RSA CA 2 - G1	`2024-06-20` - `2024-09-18`	3 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
adobedc.demdex.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-22` - `2024-11-21`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://wincountry.com/
Frame ID: 4DB627CD9FBBA0D44C77E13F40478A03
Requests: 195 HTTP requests in this frame

Frame: https://1b6e2a52d6672af2fb90accb9d04d844.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2532FCF09247EC3E141D156C8475B5DC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvpFErUDFrRefGdrowyAvzBOK9hifDjyFj-vWZYizc9C2omuC_m8fckHzOu0USQzZLJXnakhYaDuvVR7Rqc0k59GOS2CG8s5sMzV94X3MOkizNP5j0tN6NEUm55z5gERcVyOnnd8LBZRL9yKJpX8K0PPwUcbIkq58FVE-kQwJ9C5xNBm4HvGiOCqHoU5YHDJyViD16yuHGBEyG49xtzUcLAJwza8AVhzvYx7vNhW5j5DlJXyOt2OdH3M61Fs1VTfL-Hek01RDPy8nk78T6SdPHTZEPc7hIW1rgFiiubwYv15Cf8KRFsP4ZwOGSgnKAXkBXTVMIiyhVmjcp00xMCfjCasI4027Zy&sig=Cg0ArKJSzEiPVfh9RN3FEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 79A0ED91A755251147FA603A41E3FE53
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssnKkzpbgzwrx64BTXNp3AaJyJWEeMndHNWg2Z7xVy92XrB8kzbDD8RtoxfHryAdS24oDzolYoNycaL0OKMJjh1kqnk6YUVA0C9fLijR6cQGB0ji11v0AxeGTV6MvTulstLHhHkXzhuSZp6aVLGS-IXPJj2rRFzb7mLpQxfcidj3LrRZOx96yI5RtJKoh8SfGLJ3e1p1VxWM0O6MoICtvcoHPeCk4ntV6awyGVb7TO8UyvvZmCHDxqY-XjCtRpVsStcK3sZDWTk72d8Ev91ag7WfzVWdLW-BK7piaVoGgVe67J6ErNglZHch11jAu6t7_5q62NDf8-0ixW-tlHdpflCyAiUiQdpQniYzA&sig=Cg0ArKJSzPPTaF1Nv2NDEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 663DD8CAD03EF6887A4B8E4CB442D4D9
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstK0I_Tevn0A5AfYQpfSPvWprtYu3_IgYNC5qWwJ-yNUjo6sRitQZpiWzZTUqb-ZOPWJQj7tX_UuwcGIqkKM9aqo4amxZluMnPKb8bD_hbQi2qhTPcqavSJZVX1sFHlnZ449xvPNZqq1eZLz_VrduSFvcSxKxR2k4yj9vK_SAMpqWSsAysH6UZMXNauH1KcXBnvgM0p-0K3Yp3wVWL5P2nfbUxCR7YvA6Yu3sPqDZ_1lwGrujKByMZdtWVhjRVCc8u3NeIZ5nsgDaixN7qjAK3qMCbkpvZ8FG2bX0k92-Tf8k2Kmy4JckRUDTFxxP24MtLMHV8aOpZTfDBxbviksE6LTcMbQu2nVi6qTGWwYwGZW9FJ8C29Tw&sig=Cg0ArKJSzC_L7yLle4wkEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 64D2E3A14619B8B8BA8FCDE9055927F3
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuc_2r6SAE8zX3rPMU4Ung6hzMnnQ62u9ji4kAojLsZP0HbwwU6gpTWUfDkvL4yEEPMhISh-mjk79lnkyXUpD_935lBuMqK14g07aWR80fPRzdZdB4ldm-vHluVSt7tjUk8aj7gagldlfQMn8XGNmjj6UzQA03Y9EpJmfV3XO87_iA3keZSnLNnjjN7GJ1-PQb68JMcrT4fQV1EMjQDkrUe1wdCAqUTW1NJUz99qEiDVGdDDcC_IQB07EvqTGJtzHAQ2E0KzkbyBfr2VHSO-rDJLgahdxkUFDSEyyo29f0YlOTsJ9ttGxKL50Y3jp7TBgr4c_RiZeGRJxtv4pAMIo0Q0tBC&sig=Cg0ArKJSzJOB6WxpZMkeEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: BF391884E29B5BA02D80A43465C7F0BA
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstLf83cNc-O1UsEtt-OKdE2LsM8vqBl9eYgq7O4OgAZtNTtZM2nLjDMWoPuIPelh1jP7y_vt_MWu8ygDOaO8GqJQo8zzSoBr2VRbqfsuzLASE4FdRRAxbnoAYK0Nd8m_d3aAGr11IwuTpDpKbgTkfGPcu-6pM7j3TjLOvvqdPpXHZxSsCT-w7k5iOghj0N0XGlG8jqSahsNhiVcAAtRZZ-K4MS99kBkyb4UMnkKjDo5XoSQNKUaEUedUcRJLxPLSvTAiJzR0mp576rOLb80D1CBglE6CWSgk5Tk2wGddUFfC6PVCuDSGcJTan2mH1I4Ve5zAVS25uPOGnXuLmBchdra9K_q&sig=Cg0ArKJSzCFZ8_CPWX2KEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 658035B002C78A464666253DC6AF46B5
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsslDWQjHICJ2NS1ZUbvEYB9A4a6qfd42G9QEbpZGMJ34ugsUx2aXn1Kf0jQXLbyys2FjFkt-gFKutSJdSKvWFX43UhdXGZsUPqSBLO7oLF8bCE_OtRu72ajpqP7bV_u32jrhERw00GEdN-4dLGPxmoapODrpV-Vgh91pNEOqsH_APn4F0Zy7gJ4VkuLKu4v9KaITSwEk_OJQ1BaWevJ7a56zhh_M3i32Z_gRHmPTDr2VJAPsTxfWrPHooNsz8lMX2akMKUJZHaaP7ZWl4qrUxeJLvtG2ZNAH5VuGGqHlrDnlHubE9tTImpeUCxoCR2Bjy0QACKeu7pi3HRupaz29PVjNwyDmYA&sig=Cg0ArKJSzK9rxDIJaqg1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: F086CAAEBB9B6C5E5F492E426E40B32F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssxytRIHngO5IloPnelcSC2Ys7am3Mf8IHXv9pSwVNYG6tApeGr92XUiXnFRlgzrqZNpSujp1SJktyA0e8HNKpxqtLLDnZDCNI-x52Y3w8P53oQDz4aZzxO3bRz2EieEKTmeWqyWg0zBJb8iwApL6P8AVhT9ZS8jCy_v1GySwkIp96ZbxTK35zAj1ixPowGP9HYtDMe9SMPS5tet_dYMm1rfwZVtwFOgvn7XqCTJoSACabA04aJJAe-2ehFD-KcgwVHUppxwnClaoDc7WNwng2EboE0ASz34hJl3Vt9nADmLDpPWRvOoxm-NcThsrKxTbTFMd1vxSPvcyT244Asmx5ZGTuZiVJ5&sig=Cg0ArKJSzEvH0CehyRThEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 6989719BBDA90D458CA49086AF039147
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst27BdgJoP5eD1qjDd-NhlZnXkPweW3xrtO2q7un01oF-IXk8Fr7wdWSaI8BhR-LSmPkNofo6rG-aU-6nuCOP7cQZkWFBjkceT02dSf97XvKbVxdSpKrTBnCII6yKGCX2r4-N2i4ifZ6dulPaatrw3Kx0TxD7I90Uidhdl-8DuiBXV_gd5ieRi98yJ0-Yl5puEPfm1TIl35C1mlqsIPRUmpToQmpLMaUcKNxnRXf8WYOAPqOXneiQzvuzLM9e6WfpLCzNqmAYTUJszRbpQazExc--bFMsRzLzuOq51s-3eUQGzkmdiGjkxu4Fsm-fKisOKBcWTYHZdTQRJVB-kcyC3VynVTcJWY&sig=Cg0ArKJSzJqxGOoSLJXIEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 63798F81E27A53D647058A62F3584F90
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchdXMgAAAAAP4dU47UWMAhU0Tc8Uf0ldZrstqZ&co=aHR0cHM6Ly93aW5jb3VudHJ5LmNvbTo0NDM.&hl=de&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=2fggojapmrxx
Frame ID: AE3216E6C923258D51425A793C4DB244
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3383084&wsid=0&pdom=wincountry.com&purl=https%3A%2F%2Fwincountry.com%2F
Frame ID: D7763689C5C1296E8CF2F51F2486EAE6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v17.0/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df07735d2dcf956ea4%26domain%3Dwincountry.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwincountry.com%252Ff2edf9bdc73ad3a0c%26relation%3Dparent.parent&container_width=327&height=775&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FWIN985&locale=en_US&sdk=joey&show_facepile=false&show_posts=true&small_header=false&width=
Frame ID: 1352D9AA15E0E04B009D09878AC077AE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BDA6CF437D8E160A52FF03274B582BF6
Requests: 1 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/brands/ulta_300x250.jpg
Frame ID: 715031CA562F07CA750EBD3FA712C265
Requests: 1 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/brands/bloomingdales_300x250.jpg
Frame ID: EE6F9F417D70727E636CDD09536A47B9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WIN 98.5 Your Country | WNWN-FM | Battle Creek, MI

Page URL History Show full URLs

http://www.wnwn.com// HTTP 307
https://www.wnwn.com// HTTP 301
https://www.wnwn.com/ HTTP 302
https://wincountry.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

259
Requests

92 %
HTTPS

48 %
IPv6

40
Domains

60
Subdomains

46
IPs

6
Countries

4912 kB
Transfer

12708 kB
Size

36
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/WIN985

Search URL Search Domain Scan URL

URL: https://twitter.com/wincountry

Search URL Search Domain Scan URL

URL: https://instagram.com/win985

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/win-98.5/id606971195?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.midwestcomms.wnwn

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.midwestcommunications.wnwnfm
Title: a:hover .socialMediaIconSVG.android .path {fill:#A6B1B8;} Android

Search URL Search Domain Scan URL

URL: https://d2432.cms.socastsrm.com/2024/06/18/663910/
Title: Rants by Mac: Congress Gets Busy. Really?? Jun 18, 2024

Search URL Search Domain Scan URL

URL: https://d2432.cms.socastsrm.com/2024/08/02/680710/
Title: Jackknifed semi slows traffic on eastbound I-94 Friday afternoon PORTAGE, MI (WKZO AM/FM) - Friday afternoon traffic on eastbound I-94 in Kalamazoo County was backed up for miles as a jackkn... 7h ago

Search URL Search Domain Scan URL

URL: https://d2432.cms.socastsrm.com/2024/08/02/680553/
Title: Pedestrian suffers non-life-threatening injuries after being struck by Amtrak train in Kalamazoo KALAMAZOO, MI (WKZO AM/FM) - An 18-year-old Kalamazoo man is hospitalized with non-life-threatening injuries after being stru... 13h ago Richard Eriksson / CC

Search URL Search Domain Scan URL

URL: https://d2432.cms.socastsrm.com/2024/08/02/680090/
Title: Lack of interest causes Metro Transit to shift shuttle service to help businesses affected by construction KALAMAZOO, MI (WKZO AM/FM) - A plan by Metro Transit officials to ease the pain of Kalamazoo business owners affected by stre... Aug 02, 2024

Search URL Search Domain Scan URL

URL: https://d2432.cms.socastsrm.com/2024/08/01/680215/
Title: Bond denied for suspect in Fox Ridge Apartments murder case KALAMAZOO, MI (WKZO AM/FM) - Police have made an arrest in the shooting death of a Kalamazoo man last month. Detectives from ... Aug 01, 2024 Best Law

Search URL Search Domain Scan URL

URL: https://d2432.cms.socastsrm.com/2024/08/01/680137/
Title: Portage Disaster Loan Outreach Center to assist tornado victims to remain open through August 9 PORTAGE, MI (WKZO AM/FM) - Almost three months after multiple tornadoes touched down in southwest Michigan, the U.S. Small Bu... Aug 01, 2024

Search URL Search Domain Scan URL

URL: https://d2432.cms.socastsrm.com/2024/08/02/olympics-athletics-flavor-flav-ohanian-step-in-to-pay-u-s-discus-throwers-rent/
Title: Olympics-Athletics-Flavor Flav, Ohanian step in to pay U.S. discus thrower's rent By Lori Ewing PARIS (Reuters) - American discus thrower Veronica Fraley can focus on competing at the Paris Olympics now that... 12h ago

Search URL Search Domain Scan URL

URL: https://d2432.cms.socastsrm.com/2024/08/01/group-of-distressed-kayakers-rescued-from-kalamazoo-river-near-otsego/
Title: Group of distressed kayakers rescued from Kalamazoo River near Otsego

Search URL Search Domain Scan URL

URL: https://d2432.cms.socastsrm.com/2024/07/31/679549/
Title: Supreme Court ruling means new Michigan minimum wage law will take effect February 2025

Search URL Search Domain Scan URL

URL: https://d2432.cms.socastsrm.com/2024/07/31/hit-and-run-in-mecosta-co-highlights-golf-cart-safety-on-roadways/
Title: Hit-and-run in Mecosta Co. highlights golf cart safety on roadways

Search URL Search Domain Scan URL

URL: https://d2432.cms.socastsrm.com/2024/07/30/sos-benson-proposes-panic-button-system-for-poll-workers-election-officials-safety/
Title: SOS Benson proposes "panic button" system for poll workers, election officials' safety

Search URL Search Domain Scan URL

URL: https://d2432.cms.socastsrm.com/2024/07/30/678749/
Title: AUDIO: Consumers Energy working to trim trees to minimize power outages

Search URL Search Domain Scan URL

URL: https://d2432.cms.socastsrm.com/2024/07/29/protracted-storm-related-refinery-repairs-in-joliet-affecting-gas-prices-regionally/
Title: Protracted storm-related refinery repairs in Joliet affecting gas prices regionally

Search URL Search Domain Scan URL

URL: https://music.apple.com/us/album/your-heart-or-mine/1634474625?i=1634475335&uo=4&app=itunes

Search URL Search Domain Scan URL

URL: https://music.apple.com/us/album/beat-of-the-music/676287673?i=676287775&uo=4&app=itunes

Search URL Search Domain Scan URL

URL: https://music.apple.com/us/album/messed-up-as-me/1731454876?i=1731454970&uo=4&app=itunes

Search URL Search Domain Scan URL

URL: https://music.apple.com/us/album/dirt-cheap/1707354911?i=1707355143&uo=4&app=itunes

Search URL Search Domain Scan URL

URL: https://music.apple.com/us/album/fancy-like/1565414763?i=1565415006&uo=4&app=itunes

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/fm-profile/wbow
Title: Public Inspection File

Search URL Search Domain Scan URL

URL: https://paytrace.com/cart/donate.pay?id=15390&mid=555634829900
Title: Submit Payment

Search URL Search Domain Scan URL

URL: https://mwcradio.com/
Title: Midwest Communications, Inc.

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.socastdigital.com/
Title: Powered By SoCast

Search URL Search Domain Scan URL

URL: http://www.midwestcareers.com/
Title: Job Opportunities

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/fm-profile/WNWN
Title: Public Inspection File

Search URL Search Domain Scan URL

URL: https://paylink.paytrace.com/?m=eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMTI4R0NNIn0.ZYZLT619zGb899ZoT-hvROoZU3_B7szK.3VoTyr3Ej5ic-GHW.fgHs1TWzXCDl-trwr2NpcM3apTudttwTpUD_TFUxtllAXi6WM0Xh9-HX7BCon8yNgc8EtEa6DHFG5_QTD_JODWP8Sbx4WR_UiW-MTTIZ73R2d8hC99ChpY0iUWX5YPoJ_NfFboMX_2UjITIZ1yLEfCo23NEG3D6uYcePfaQ1KjeKNMLu3HucHoYz5diEdGiDn158lFvhHKr8iHKJF6FTHovgFESt_kp_hPgWAhwtmR5gATgQ9trTH8CNdab0_AeIuYyRWVdsdMgvXqj9SQk3FEUAq5cwzdojN0ahDA.BOIDzkso0Dat5Yjeq1rnWg&amount=&invoice=%27
Title: Make A Payment

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.wnwn.com// HTTP 307
https://www.wnwn.com// HTTP 301
https://www.wnwn.com/ HTTP 302
https://wincountry.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 222

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=A81C2DB2ABBB4A938D337AC33A67E119

Request Chain 223

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/A81C2DB2ABBB4A938D337AC33A67E119

Request Chain 224

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=A81C2DB2ABBB4A938D337AC33A67E119&dongle=yf3

Request Chain 225

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=A81C2DB2ABBB4A938D337AC33A67E119

Request Chain 226

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=A81C2DB2ABBB4A938D337AC33A67E119 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=A81C2DB2ABBB4A938D337AC33A67E119

Request Chain 227

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=A81C2DB2ABBB4A938D337AC33A67E119 HTTP 302
https://d.agkn.com/pixel/10751/?che=1722661054064&ip=45.141.152.76&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217163104963000262155 HTTP 302
https://um.simpli.fi/aa_px?sk=217163104963000262155 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 228

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=A81C2DB2ABBB4A938D337AC33A67E119

Request Chain 231

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=A81C2DB2ABBB4A938D337AC33A67E119;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=A81C2DB2ABBB4A938D337AC33A67E119;mimetype=img;sr HTTP 302
https://idsync.rlcdn.com/400646.gif?partner_uid=3330726471776878987

Request Chain 232

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=A81C2DB2ABBB4A938D337AC33A67E119&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=A81C2DB2ABBB4A938D337AC33A67E119&j=0&xl8blockcheck=1

Request Chain 234

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=A81C2DB2ABBB4A938D337AC33A67E119

Request Chain 235

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=A81C2DB2ABBB4A938D337AC33A67E119

Request Chain 236

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=A81C2DB2ABBB4A938D337AC33A67E119

Request Chain 237

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=A81C2DB2ABBB4A938D337AC33A67E119

Request Chain 238

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=A81C2DB2ABBB4A938D337AC33A67E119

Request Chain 239

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1722661053928&cv=7&fst=1722661053928&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=738358504&cv=7&fst=1722661053928&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI_MzDwYTYhwMVH-8RCB2VCy4eMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL3dpbmNvdW50cnkuY29tLw HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=738358504&cv=7&fst=1722661053928&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI_MzDwYTYhwMVH-8RCB2VCy4eMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL3dpbmNvdW50cnkuY29tLw&is_vtc=1&cid=CAQSGwDaQooLWkNpAyS74C6LZD6gKr8c3A1r3qx5bA&random=1012186804 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=738358504&cv=7&fst=1722661053928&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI_MzDwYTYhwMVH-8RCB2VCy4eMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL3dpbmNvdW50cnkuY29tLw&is_vtc=1&cid=CAQSGwDaQooLWkNpAyS74C6LZD6gKr8c3A1r3qx5bA&random=1012186804&ipr=y

Request Chain 241

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=A81C2DB2ABBB4A938D337AC33A67E119 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DA81C2DB2ABBB4A938D337AC33A67E119

Request Chain 242

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=A81C2DB2ABBB4A938D337AC33A67E119&expires=365

Request Chain 243

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=A81C2DB2ABBB4A938D337AC33A67E119

259 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
wincountry.com/
Redirect Chain

http://www.wnwn.com//
https://www.wnwn.com//
https://www.wnwn.com/
https://wincountry.com/

147 KB
28 KB

742ms
276ms

Document
text/html

54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wincountry.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-131-112.compute-1.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) / PHP/7.4.20

Resource Hash

48f9e022a242447450f6f55b566c88d8ed10408523dcb4c775603d63b66a32a6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 230
Cache-Control: public, max-age=6, s-maxage=300
Cache-control: private
Content-Encoding: gzip
Content-Length: 27642
Content-Type: text/html; charset=UTF-8
Date: Sat, 03 Aug 2024 04:53:39 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Identity: Accept-Encoding, X-UA-Device, X-socast_header_type
Link: <https://wincountry.com/wp-json/>; rel="https://api.w.org/"
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding, User-Agent,
Via: 1.1 varnish-v4
X-Cache: HIT
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.4.20
X-Varnish: 927930219 926915818

Redirect headers

Access-Control-Allow-Origin: *
Age: 0
Cache-Control: public, max-age=6, s-maxage=300
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sat, 03 Aug 2024 04:57:30 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Identity: X-UA-Device, X-socast_header_type
Location: https://wincountry.com/
Server: Apache/2.4.29 (Ubuntu)
Vary: User-Agent,
Via: 1.1 varnish-v4
X-Cache: MISS
X-Powered-By: PHP/7.4.20
X-Varnish: 928352122

GET
H/1.1 200
OK js_composer.min.css
wincountry.com/wp-content/plugins/js_composer/assets/css/ 474 KB
45 KB 378ms
195ms Stylesheet
text/css 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wincountry.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.1
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a6f59fc654b5a739d372c1f6954a666d6518236ac67134523277a5548ec40ad0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:31 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Mon, 27 Jul 2020 23:59:38 GMT
Server: Apache/2.4.29 (Ubuntu)
Identity: Accept-Encoding
Age: 0
ETag: "76726-5ab751d877813-gzip"
Vary: Accept-Encoding
X-Cache: MISS
Content-Type: text/css
Access-Control-Allow-Origin: *
X-Varnish: 926886768
Accept-Ranges: bytes
Content-Length: 45759

GET
H2 200 bootstrap.css
cdn-css.socastsrm.com/cdn_v17.13.2/application/css/bootstrap/4.1.0/css/ 169 KB
23 KB 119ms
7ms Stylesheet
text/css 18.173.205.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-css.socastsrm.com/cdn_v17.13.2/application/css/bootstrap/4.1.0/css/bootstrap.css?ver=5.4.2
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-35.fra56.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 0ce7fbe215cdf921ed87d00a374404681d5d24898589a7fe60e068d09289b4ba

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:38:03 GMT
content-encoding: gzip
via: 1.1 1876576d09e30dc7b468e90ff448f1f8.cloudfront.net (CloudFront)
last-modified: Wed, 23 Aug 2023 18:04:14 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA56-P12
age: 37244
etag: "2a327-6039af072b264-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 22804
x-amz-cf-id: gmYvaQOLmL1GHFtOpY3dgBawRo5MlVIg9Jc7c2CEauRq1BbZH2IVKg==

GET
H2 200 custom.css
cdn-css.socastsrm.com/cdn_v17.13.2/application/css/ 25 KB
6 KB 168ms
56ms Stylesheet
text/css 18.173.205.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-css.socastsrm.com/cdn_v17.13.2/application/css/custom.css?v=2013-10-02&ver=5.4.2
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-35.fra56.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: bf46a23dfe3055265d98d504e78159a6d10af7c0afe5ecabf0d967c74553402a

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:36:47 GMT
content-encoding: gzip
via: 1.1 1876576d09e30dc7b468e90ff448f1f8.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 19:01:28 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA56-P12
age: 37244
etag: "624b-60a49a5aaf428-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 6188
x-amz-cf-id: r0qc45xwt5_rQ9JV1bW7oEvJ23oNoHHD4GmOAeoFkfMlOiOAC15SFw==

GET
H2 200 global-theme.css
cdn-css.socastsrm.com/cdn_v17.13.2/application/css/ 11 KB
3 KB 162ms
51ms Stylesheet
text/css 18.173.205.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-css.socastsrm.com/cdn_v17.13.2/application/css/global-theme.css?ver=5.4.2
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-35.fra56.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 9fd17622bb1bfa27b87268e4d7016eb15805493288070214c94d966609d88fe8

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:36:47 GMT
content-encoding: gzip
via: 1.1 1876576d09e30dc7b468e90ff448f1f8.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jul 2020 23:56:35 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA56-P12
age: 37244
etag: "2c18-5ab75129d8839-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2783
x-amz-cf-id: mim47ToTtJAy2pvy3jtxwQ4pd32DRkVFO8RJ3yQ72l1qyzTce4rl3g==

GET
H2 200 frontend.css
cdn-css.socastsrm.com/cdn_v17.13.2/application/stylesheets/frontend/ 135 KB
20 KB 238ms
126ms Stylesheet
text/css 18.173.205.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-css.socastsrm.com/cdn_v17.13.2/application/stylesheets/frontend/frontend.css?ver=5.4.2
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-35.fra56.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 0393f18543365f0fe2dd16abbe815614acf4050b8ba25433c688caa277179a25

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:36:47 GMT
content-encoding: gzip
via: 1.1 1876576d09e30dc7b468e90ff448f1f8.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jul 2024 18:35:21 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA56-P12
age: 37244
etag: "21d95-61e8f5b564071-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 20212
x-amz-cf-id: XsbdlH0SkQBO-0U7j64TWuGeAyallpxKxlTVRare2IbPS3d_X07HYQ==

GET
H/1.1 200
OK style.min.css
wincountry.com/wp-includes/css/dist/block-library/ 52 KB
8 KB 404ms
221ms Stylesheet
text/css 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wincountry.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:31 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Mon, 27 Jul 2020 23:59:44 GMT
Server: Apache/2.4.29 (Ubuntu)
Identity: Accept-Encoding
Age: 0
ETag: "d159-5ab751de6cf34-gzip"
Vary: Accept-Encoding
X-Cache: MISS
Content-Type: text/css
Access-Control-Allow-Origin: *
X-Varnish: 924832745
Accept-Ranges: bytes
Content-Length: 7642

GET
H/1.1 200
OK socast-media-library-public.css
wincountry.com/wp-content/plugins/socast-media-library/public/css/ 98 B
510 B 281ms
94ms Stylesheet
text/css 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wincountry.com/wp-content/plugins/socast-media-library/public/css/socast-media-library-public.css?ver=1.0.1
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:31 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Thu, 29 Oct 2020 02:30:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Identity: Accept-Encoding
Age: 0
ETag: "62-5b2c61068c120-gzip"
Vary: Accept-Encoding
X-Cache: MISS
Content-Type: text/css
Access-Control-Allow-Origin: *
X-Varnish: 926559728
Accept-Ranges: bytes
Content-Length: 106

GET
H2 200 jquery.js Show response
cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/ 95 KB
33 KB 260ms
146ms Script
application/javascript 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:36:52 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jul 2020 23:59:44 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37239
etag: "17a69-5ab751de826f4-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 33776
x-amz-cf-id: lf-Badc2dY_pkJg_69DXLZcuLqtgFHIlNZcZ6T9aqe2jDCOkzt9b6g==

GET
H2 200 jquery-ui.min.js Show response
cdn-js.socastsrm.com/cdn_v17.13.2/application/js/jquery/jquery-ui-1.12.1/ 248 KB
67 KB 298ms
185ms Script
application/javascript 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/application/js/jquery/jquery-ui-1.12.1/jquery-ui.min.js
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:36:47 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jul 2020 23:56:35 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37244
etag: "3dee5-5ab75129f8bd9-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: DiZBMSPyxUszC9ZRueuyWHABJOp0biL2406a1u_rvsz6IA1TIqpF_w==

GET
H2 200 popper-1.14.3.min.js Show response
cdn-js.socastsrm.com/cdn_v17.13.2/application/css/bootstrap/4.1.0/js/ 20 KB
7 KB 177ms
64ms Script
application/javascript 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/application/css/bootstrap/4.1.0/js/popper-1.14.3.min.js
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:36:47 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Wed, 23 Aug 2023 18:04:14 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37244
etag: "4f71-6039af072d1a4-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 7239
x-amz-cf-id: Jw_cuP-Jq1VsNjuINb0NX8h_rRpSN5fDOKXk0dqFCjIXBiXs1FZj5Q==

GET
H2 200 bootstrap.min.js Show response
cdn-js.socastsrm.com/cdn_v17.13.2/application/css/bootstrap/4.1.0/js/ 49 KB
14 KB 176ms
63ms Script
application/javascript 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/application/css/bootstrap/4.1.0/js/bootstrap.min.js
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:37:01 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Wed, 23 Aug 2023 18:04:00 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37230
etag: "c5f4-6039aef9acabc-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 14038
x-amz-cf-id: kxCDzmI6K-deoJODlcm2r-AMQH_SfICxdcvS3vV4RNT9HmpdWnK39g==

GET
H2 200 json2.js Show response
cdn-js.socastsrm.com/cdn_v17.13.2/application/js/json/ 17 KB
6 KB 164ms
52ms Script
application/javascript 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/application/js/json/json2.js
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4b05fd300b023998641714cb534c7c0d6b91bd4fb7ce461959ac28f9db0ec328

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:37:01 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jul 2020 23:59:36 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37230
etag: "4471-5ab751d65d6b3-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5413
x-amz-cf-id: wDskGbD_Dw898KJ1Dbgnmyx9PcBKkLdrF7EqhKOtUthaDtrrL9p_mw==

GET
H2 200 custom.js Show response
cdn-js.socastsrm.com/cdn_v17.13.2/application/js/ 43 KB
14 KB 225ms
112ms Script
application/javascript 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/application/js/custom.js?v=2017-05-29
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: caac035c0ecf1c03e6ea51cdc70730ad87ff6998fe0e6df7b50d5a6d87bd4116

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:37:01 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Tue, 03 Oct 2023 18:02:49 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37230
etag: "aa6c-606d3b2de4e79-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 13723
x-amz-cf-id: 29rk9ZmP4hQjnnL2_0wEnLktaQ8lDlDkcoZfe2wUTK0hhYl-lLeYsQ==

GET
H2 200 lightBox.js Show response
cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/js/ 14 KB
4 KB 165ms
52ms Script
application/javascript 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/js/lightBox.js?v=2014-08-21
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 06ab8804c22326649393b6b82923131952b97a8185b8ccec8893e356beaf670d

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:37:01 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Wed, 11 Aug 2021 18:02:01 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37230
etag: "397b-5c94c6a468a9f-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3392
x-amz-cf-id: TmPBG_WMRN8-AwzONyUWwLhXRVgHX-o1aM7Z_C09g3i57zs-RYv5Dw==

GET
H2 200 socast.jquery.frontend.js Show response
cdn-js.socastsrm.com/cdn_v17.13.2/application/js/jquery/ 54 KB
17 KB 241ms
129ms Script
application/javascript 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/application/js/jquery/socast.jquery.frontend.js
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 1e6d8362fe516844f04eb1868cff8f98facb24faf20cc02a208f3495e82f5136

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:38:03 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jul 2020 21:36:35 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37230
etag: "d7c9-5ab873bcc25cb-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 16587
x-amz-cf-id: 2pV_o_LcVwZ2HvvKqyRJjp3BxudgpS4djpkyP_6YSJqOFBpMMqIkHA==

GET
H2 200 frontend.js Show response
cdn-js.socastsrm.com/cdn_v17.13.2/application/js/ 19 KB
6 KB 361ms
248ms Script
application/javascript 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/application/js/frontend.js
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 84752bd808c9dc443c73279245cd16911b83152a0cb8e66ba5e60094a520a79f

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:37:01 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Tue, 24 Jan 2023 18:31:16 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37230
etag: "4d0f-5f306b89d042e-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 6025
x-amz-cf-id: HBLyAqy6lvla5ZAbh45DwJLXNCAyuKyhFyQA91OH9VwGuROdgwhw0w==

GET
H2 200 jquery.ui.kk-chronomasonry.js Show response
cdn-js.socastsrm.com/cdn_v17.13.2/application/js/jquery/ 3 KB
2 KB 355ms
242ms Script
application/javascript 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/application/js/jquery/jquery.ui.kk-chronomasonry.js
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 77626e92662a1cb3ba1c002bf50ad0676cc0be457009173d04b58b97de488dd3

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:37:01 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jul 2020 23:56:35 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37230
etag: "d4c-5ab75129f9b79-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1234
x-amz-cf-id: cZxCc360HILqtUzLuaFM5y6oAOrxe1RzjuRJ_xlhFqGE53Qp3ievMw==

GET
H2 200 jquery.ui.socastTouch.js Show response
cdn-js.socastsrm.com/cdn_v17.13.2/application/js/jquery/ 3 KB
1 KB 361ms
248ms Script
application/javascript 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/application/js/jquery/jquery.ui.socastTouch.js
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 762e70ff6b0c0e2c91f57d48071560fc6f0e2f2179fa04deb48d7ad2091d2d2d

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:37:01 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jul 2020 23:59:36 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37230
etag: "bb6-5ab751d65a7d3-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 831
x-amz-cf-id: oK-sm9MJJogjvU88BiIXrMSBZF7GFH4xXnp4EE3UpTwDL_I_iaGLxw==

GET
H2 200 poll.js Show response
cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/js/widgets/ 7 KB
2 KB 176ms
64ms Script
application/javascript 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/js/widgets/poll.js
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 6330d9d10ff63c82cbaa3f1f814b5639c2c7a47ded38d337d4e266c0d6d505e1

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:37:01 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Tue, 11 May 2021 18:02:40 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37230
etag: "1a27-5c211b339518e-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2047
x-amz-cf-id: dQjB7yfDpZmDVaLmdMkb7aHjwNrpItuJmnS2u74H4-QOzDUUL3gNHg==

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
988 B 38ms
19ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LchdXMgAAAAAP4dU47UWMAhU0Tc8Uf0ldZrstqZ

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5bf06f29631a1ad766f6655baf6f2232711d6f88d390a6c5d91752c60cf861d4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 03 Aug 2024 04:57:31 GMT

GET
H/1.1 200
OK socast-media-library-public.js Show response
wincountry.com/wp-content/plugins/socast-media-library/public/js/ 0
336 B 296ms
100ms Script
application/javascript 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wincountry.com/wp-content/plugins/socast-media-library/public/js/socast-media-library-public.js?ver=1.0.1
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:31 GMT
Via: 1.1 varnish-v4
Last-Modified: Wed, 09 Feb 2022 18:31:06 GMT
Server: Apache/2.4.29 (Ubuntu)
Age: 0
ETag: "0-5d79a096edf39"
X-Cache: MISS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-Varnish: 928158011
Accept-Ranges: bytes
Content-Length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 48ms
21ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-33491015-39

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b773d07aeddcb5e8e9ff02a8cc9eb11d13c7ec36ecf8b1436a9994daf3418175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76553
x-xss-protection: 0
last-modified: Sat, 03 Aug 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 03 Aug 2024 04:57:31 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
31 KB 69ms
52ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

770ffea58974587a34688c8f764d7e557685bfae950f4e8bafd5d9cd47f97080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31755
x-xss-protection: 0
server: cafe
etag: 196 / 19938 / 31085846 / config-hash: 7165670400735415214
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 03 Aug 2024 04:57:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1021 B 270ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,700,900,100

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08218760e8dc5b307dbca515a0addde87e6a0d7a6f61d464440a0a6d538dabdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Aug 2024 04:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Aug 2024 04:57:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Aug 2024 04:57:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 27 KB
2 KB 270ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,700,900,100

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96db5db7e13f4e196848e1bf69005d804f783c628fc14444f5a797620a30b326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Aug 2024 04:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Aug 2024 04:57:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Aug 2024 04:57:31 GMT

GET
H2 200 style.css
cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/themes/socast-3/assets/css/ 24 KB
6 KB 118ms
7ms Stylesheet
text/css 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/themes/socast-3/assets/css/style.css
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 0f932a39aeb4fb189d73296a7871166d4263873781d93bd0e2ea3658d90a72c3

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:37:01 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Tue, 07 May 2024 18:26:04 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37230
etag: "5e90-617e1519d355a-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5313
x-amz-cf-id: InS2680Smucv-AOOMNvNdQ69PeBCJSyKlyck4Tm0n4lsQjsWN4bK2g==

GET
H2 200 scripts.js Show response
cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/themes/socast-3/assets/js/ 3 KB
1 KB 240ms
129ms Script
application/javascript 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/themes/socast-3/assets/js/scripts.js
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 6c5f1544ccc1550ef537d7a9bc4b7ec531c0113e500406cc63ac53bac67f37b8

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:38:03 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Thu, 22 Oct 2020 17:30:18 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37230
etag: "cd3-5b245d155687a-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1025
x-amz-cf-id: _u2BNzQ87JdIq7ybW5ZwunNdBSyGu1eE2CcytBsV0nHZYpH4AXslIg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 30ms
19ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-4991594-2

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bcdd968b0f98a42a09dc36e5a4180c122897830f1ccf863c49f074c7c2490b9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76676
x-xss-protection: 0
last-modified: Sat, 03 Aug 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 03 Aug 2024 04:57:32 GMT

GET
H2 200 e1b7a900-ff4f-0138-8007-06b4c2516bae Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 58ms
16ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/e1b7a900-ff4f-0138-8007-06b4c2516bae
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 37221150011b4eda862110049502c536e32782d01159d1002944afa2a6fef821

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:32 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F-gfGZcu-se-1nKfotpB
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 win-logo-1.png
media.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2020/05/ 3 KB
4 KB 146ms
36ms Image
image/webp 108.138.36.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2020/05/win-logo-1.png
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-124.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b7b08ea696e37f399732d6c1e4b951c209353efe9b2c0676c8141261f03eca4

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:48:00 GMT
via: 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront)
x-amz-request-id: 78218CX8WA8Q3QY7
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
age: 12236972
x-cache: Hit from cloudfront
content-length: 3242
x-amz-id-2: SFb6rc0gQNR8fxQunbCj/JCtp38R9oBBMpfTNa/lxK+gwPWDmvUpiT/Lz+mo3129MlVhbAI6bCk=
last-modified: Wed, 18 Oct 2023 18:01:33 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "8496d3d2584bce3d4e74977e27e04408"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 7woSWrw-XZEVH4giZAgWStnzwA7wuAE-ONXy8XZAtz6aPGvaPwRU_Q==

GET
H2 200 win-logo.png
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2020/05/ 18 KB
19 KB 133ms
22ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2020/05/win-logo.png
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fcd84bdfc8438442d57c12a4bc512e82c532c68bfbd9115ceb2d3b177ebc969

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 16:10:45 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: RBT02379SNJ17DT8
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 823607
x-cache: Hit from cloudfront
content-length: 18536
x-amz-id-2: j5DlqscnHrA1t5+elSvSJOmA/ww+XXICODccDGZdqtygs5HtzaUy5B1GPJQIIyK2jUzAZl4ovXc=
last-modified: Wed, 18 Oct 2023 18:01:11 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "ad46f71289206f822168bba401327510"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 671Tksnw4CDlGXtsDsygtyXjlgO-KaJfB8h5aA--_YD1CUtbqFor_w==

GET
H2 200 listen_live_icon-572377a49ca3c.gif
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2020/05/ 8 KB
9 KB 25ms
24ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2020/05/listen_live_icon-572377a49ca3c.gif
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 924ddc3b4f4b93a87997ddd207fc8c8316db4264703361e2eefe91f80d8adff7

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 10:27:10 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: 5DNYYYQM22K9QZ9R
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 757822
x-cache: Hit from cloudfront
content-length: 8548
x-amz-id-2: q9WWYHtv3u1t/UNduQ4nLg/wLaseZlSC3doYrSzz1jM+UU0nFNQpqEDWfTBcoq31gKxEx+wF8fE=
last-modified: Wed, 18 Oct 2023 18:01:11 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "36c097577a219d324693315883435e64"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: iJxhtwmVSrclUiqaJQ-jf7LT_2y-S5NmKEAQGu8tvA5Rm4zlqzv9hQ==

GET
H2 200 facebook.png
media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/ 754 B
1 KB 26ms
26ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/facebook.png
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b64f7e2e52ae67458e04b7611e81a7c981a645c17d1c1749e066959c894abe9

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:57:26 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: N2V736T5TZYBT0N8
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 21463206
x-cache: Hit from cloudfront
content-length: 754
x-amz-id-2: cOxYc3tNbVQRgW6jgc/x0JmBLvUlCulVt2rixYaQoouEhlCYzyVxjfCNCgU+IjlgC0g3YHy9HAc=
last-modified: Wed, 18 Oct 2023 17:54:02 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "c98e9289d40ddb10c446acb23bdadb3b"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: NEKLI0F9NT3fGx8cpG4V2mvLfUIi5g2xR-N94nKJG0MFetYzj5_nJg==

GET
H2 200 twitter.png
media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/ 1000 B
1 KB 31ms
30ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/twitter.png
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df91f674ce3902ef0e9ac337f8aa0a15d67b5ee7ce4ad5efa22ad8172e4e91eb

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 28 May 2024 02:46:42 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: Z5C3H737YH8JWNEG
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 5796650
x-cache: Hit from cloudfront
content-length: 1000
x-amz-id-2: U6wPMF+2HWnHDlNCNt0zJSiMHLoNVOlEgM/ZeIVemJ23URjzEgjx7kq7IckSaoFrKFVQazb2kD8=
last-modified: Wed, 18 Oct 2023 17:54:05 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "7a48eb3e8ffb08f3e2825c9a5229fa69"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 4m3hLiD3BmLyBEJAp5nsfi5nbcj0EzBlDNQP2K4mUBFwnGktblyw_A==

GET
H2 200 instagram.png
media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/ 1 KB
2 KB 33ms
23ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/instagram.png
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca8d3614e2555d32bd259350e4690bc16b3c45721faccd80de561d044cfbdcf2

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 03:06:11 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: WK2GBE0VKFRCAHJF
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 17027482
x-cache: Hit from cloudfront
content-length: 1118
x-amz-id-2: jU8+R1QGIyfPdlKCJP8Rtwfe8zR3klIGqEzUZSvtMeKfu8FK/uWWMHig0YCwQBQFhZizmkQnRUo=
last-modified: Wed, 18 Oct 2023 17:54:03 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "0befdf58bda53ac21425710c70ead776"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: CtjXdQmSRBOnvkEqxDRh5cbaiy8XJKZLp7xkdv4k5iKPkTBM0cOjiQ==

GET
H2 200 ios.png
media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/ 712 B
1 KB 29ms
20ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/ios.png
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 391fd5670220eee47dfb98a1db121ee2f04ab166d3794d50eea9e4f1e05eeca4

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 00:58:20 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: FCB6TSCKQA9M4JS1
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 14353
x-cache: Hit from cloudfront
content-length: 712
x-amz-id-2: FBAMziro8BO33LvlGf3EdKsaF/IpvlTDorl23Pe6LdanYFvJqIS7cyO/dHzQ+3YwFYFT/goLSFc=
last-modified: Wed, 18 Oct 2023 17:54:05 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "86cf7b1d1a5e16a9813b77452c50ffb6"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: LRy9kk58qVRZ5WsSmshUpcr-oWpZzf867DhwKOWJjxU9Z041gD98Cg==

GET
H2 200 android.png
media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/ 1 KB
2 KB 33ms
23ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/android.png
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9981531720e3b5aef19b3d1793da3a226372cb95ae219b68dd2e4c3b3f185f5a

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:57:26 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: N2VC367D3Z1EVNK5
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 21463207
x-cache: Hit from cloudfront
content-length: 1162
x-amz-id-2: H/CbsEfEkKXvTEqsWoq23nbdEyyMJBJOKcEEgHPvZbMKMavyxMdh7ip2vEkzhc4+hijmW59dSYk=
last-modified: Wed, 18 Oct 2023 17:54:04 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "d0073de736328e1448f99cf39f1d225c"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: DV4xS5Ejp_iVFPEwm4WGHk0yE_iiHv0tY4Tyjd8IxYDqM-az3sh2-g==

GET
H2 200 alexa.png
media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/ 1 KB
2 KB 31ms
21ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/alexa.png
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 80a19c6081152a6060b590265119738a99570f4ff304163f7338b9e331a4db0a

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:27:22 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: 205M97EXPSY5HDB2
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 21457811
x-cache: Hit from cloudfront
content-length: 1376
x-amz-id-2: qFfk+bZ4stY0DS7cY5uOXnhGczhYhdSSrgNifZynMqaDqJcEliGxIrY28ouGMotNRVfTxj4Eq0A=
last-modified: Wed, 18 Oct 2023 17:54:04 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "974d8d1b4b986e56e36448575136cf86"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: SfDrFEKWRkNp-rVB9Tp08Y5--Qk5pG-vwnz2nx5DXqO4EqaoOfN_Zw==

GET
H2 200 wnwn-eventscalendar-primary.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2024/06/ 60 KB
61 KB 1355ms
1347ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2024/06/wnwn-eventscalendar-primary.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a13ff7469013111f5c2cf7e96535fe5825788b3573cec2aad2f924a8775b41a

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 06:09:50 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: GVJS0FKYD4NZDJPD
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 773263
x-cache: Hit from cloudfront
content-length: 61514
x-amz-id-2: MpmYbevlVsYCCDcHLi/FM0QpqiVrYBioweKZkfkP9FAEDqELCxQPdwngxYUEBoXKXFtVSjTbRKI=
last-modified: Fri, 28 Jun 2024 22:21:40 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "a9af712dac7fe2d024bc170310e1d456"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: y_ZMqaijL6hbDJogP21yHuyEeu_djhFV9M2e-o9SPZ5GqhSLSuWalQ==

GET
H2 200 stations-howtolisten-primary.gif
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/11/ 738 KB
739 KB 546ms
538ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/11/stations-howtolisten-primary.gif
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84fc551d4cf20edb6525246d38632f5c2a68f4e5aebc77402434a0e781118363

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:52:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: FN02EH1ED9JES258
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 282
x-cache: Hit from cloudfront
content-length: 755746
x-amz-id-2: lq0C0r37QdPnq0vm88P1wwdY9lN8LLcZ7LA1uM4v0L1mQgR9Wshc0gqHCqMkO9mGOl0ogEnrwhM=
last-modified: Fri, 08 Dec 2023 00:17:02 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "3f77e21062a70fbaa70a5ecbe9f5c958"
content-type: image/webp
accept-ranges: bytes
x-amz-cf-id: pDvya_ZH3P_G4gxKWRCH6dXX32aCfKqc1TVy4JoZp-z66oAC4SLjgw==

GET
H2 200 wvfm-veteranssalute-primary.jpg
media.socastsrm.com/wordpress/wp-content/blogs.dir/2297/files/2023/08/ 115 KB
116 KB 99ms
90ms Image
image/webp 108.138.36.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.socastsrm.com/wordpress/wp-content/blogs.dir/2297/files/2023/08/wvfm-veteranssalute-primary.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-124.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 14caade7152adb24edf1dec1437420acbf37b846f556f663c9c7856b8e91f54f

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 06:47:45 GMT
via: 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront)
x-amz-request-id: TN5DVNWE8X6JCWEY
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
age: 1894188
x-cache: Hit from cloudfront
content-length: 118236
x-amz-id-2: iCL4HCuLVZTMy8J26kPOxfTWIsmO8ItPu1FzXJZE2protiZRwq0U4Z9v6b1M9qCAep4rZP18Xj8=
last-modified: Wed, 18 Oct 2023 17:55:37 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "1552d031118dcd0b580e505f92bbddfa"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: inqzrKqzvB7l_WBHpdKSnpbuH9gKesffms8NXP2Dkm9cB2A_CvWHUQ==

GET
H2 200 michigan-agnow-primary.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2024/06/ 119 KB
120 KB 76ms
67ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2024/06/michigan-agnow-primary.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7e575d24ca37f7b2018f4d06ef676a5e570ae866357b52ba444b5bae8de2a52

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 10:29:53 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: RYWANBHJBZ010BNY
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 757659
x-cache: Hit from cloudfront
content-length: 122130
x-amz-id-2: 7YaHQxh4rgqCHIJXp+ugsMS5/fyNNb8S+lcEvCN0UxgnM83wmB2QkUdfPjsWXPY8vXhcAonZwNY=
last-modified: Mon, 03 Jun 2024 22:59:44 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "fcb1ce169e9dcafbfb030d73b3b231fa"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Vo3A9iO5nA63KWHZ_RjYUT79VcpeooSv9sNvU-QKKqNl5VSgHtFoRg==

GET
H2 200 indicator-big.gif
media-cdn.socastsrm.com/application/theme/images/loaders/ 4 KB
5 KB 33ms
25ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/application/theme/images/loaders/indicator-big.gif
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 916301287f61100a9242eeee5168c1f1ed8367729998837d4aaced456c5d98c5

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 22 May 2024 05:58:33 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: W8D0SC5FQVJA5H2F
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 6303540
x-cache: Hit from cloudfront
content-length: 4408
x-amz-id-2: nenp60t0aXDVTGYP7uW7gwdHbcAVPmDGRgepa9KhKlWALp5AwjJ8xQdGECefOwwHT8cjVDZ8N74OCvsmsuXA3w==
last-modified: Wed, 18 Oct 2023 17:54:03 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "c97282fe5d5ca8e5644c67562285888b"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: UL7lysOAmjYGJaDqFhwWeTu-MVtWvFpkempuIj2ndk3KdH4tXixrgw==

GET
H2 200 wtvb-rantsbymac-primary-300x200.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2484/files/2023/06/ 6 KB
6 KB 260ms
252ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2484/files/2023/06/wtvb-rantsbymac-primary-300x200.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9583322eb1c2b8e6866c4936460061fe807ac1140911dc3d09ba65950f5a2d95

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 10:27:11 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: 36FCMYEHJFFYPEPF
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 757822
x-cache: Hit from cloudfront
content-length: 5742
x-amz-id-2: MWeY90LMtlk55vscUyWOC+ZeeQsWK3nk41MF8xg1XEQthZBUSQ5ehu3L2KC/lqsQHMGQof4zUs83P4smgFATlq/Eczqek/RzdQ2ZebPMbhQ=
last-modified: Wed, 25 Oct 2023 10:15:17 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "88d4b093c68558ce0c736ec96dbe7977"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5MPsIZuhOZvYRcwlU2jO1_LW_l8zU4dBh93v0QW0tbvCKYpg0ZgmFw==

GET
H2 200 jd-justice-interviews-podcast-300.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/11/ 10 KB
11 KB 1356ms
1348ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/11/jd-justice-interviews-podcast-300.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db3ec5b517295e46a23e743579fbdd186ad1abe64c9c2b74a84572dbb5008782

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:33 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: HJTE91NBK6HP763P
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 10410
x-amz-id-2: r8SdKrfDn8JPx39aP9i0arYVxfK/70VlSLoyEHAOnVqN8SHmtoxQFjBWGJmvZUzXdlYniKeJplM=
last-modified: Fri, 10 Nov 2023 00:12:48 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "60191448d8d468b26e854168e34e2961"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: uGlMnqZPjAVOfn_8N8RE66D0upF9mOf61EDMDb50mWlQaoJie_uvOg==

GET
H2 200 center-ice-large.png
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/11/ 228 KB
229 KB 276ms
268ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/11/center-ice-large.png
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ee9a6a60e37ff74e9e84a55f05213992a0463020a012016262d5bd3a4a10131

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 10:27:11 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: 36FAPCBX2EMPSEMZ
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 757822
x-cache: Hit from cloudfront
content-length: 233320
x-amz-id-2: Kmn05CNVMQIV+n49ybW9ih24GnFUvTmqSaV62tereeWmskhl7nn2wXtfoTqX5gVe7dFq6WAr3GU=
last-modified: Fri, 10 Nov 2023 00:18:13 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "f226c68a84463e2d3f46081de880533e"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: XqxTGJqehq6-GbSmf8LW9mun3aM4WrE00vtqZ-D--09ulJWzqWI-kA==

GET
H2 200 wnwn-first-tekonsha-baptist-chuch-1600.jpg
media.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/08/ 67 KB
68 KB 98ms
90ms Image
image/webp 108.138.36.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/08/wnwn-first-tekonsha-baptist-chuch-1600.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-124.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 790e9e97a3027dee2861e6270457281acb00aaef8114697b7d9aac706320464a

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 10:27:11 GMT
via: 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront)
x-amz-request-id: 36F4FD2CZ0X29SD8
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
age: 757822
x-cache: Hit from cloudfront
content-length: 69056
x-amz-id-2: OgSjGolL4HK1k0ReB602cVc/JeAWwePYsKxKr1HqIhw+6FvblUEB8lukAkhFDyvmvWGuYkYY6xY=
last-modified: Fri, 20 Oct 2023 01:49:59 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "8e66813415853ffe84dbe3a688425da1"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: mNWSwfIEFeMRIr3VDhmeSydZvLVT_MhMw8_7rj7IqpWLPFP9vieSEw==

GET
H2 200 know-beer.jpg
media.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2022/02/ 83 KB
84 KB 365ms
358ms Image
image/webp 108.138.36.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2022/02/know-beer.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-124.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5d3258e2164afeb105c953fea0e5b42a690b4bfe2dea2f221a6d1bb07a09ae8

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 10:29:32 GMT
via: 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront)
x-amz-request-id: H6WZB8SJY518G0F9
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
age: 757680
x-cache: Hit from cloudfront
content-length: 85030
x-amz-id-2: UqzwZQEk1GoeGFNoPu7M9yaYHyRjT72Fgc8IKC55x6kEEs9fq1AkHYBuwleKFUPIsO4LZOm+O2A=
last-modified: Fri, 20 Oct 2023 01:49:59 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "ac2aad0f0ada4b102e824f57e410e441"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: c2W36JbBa6AM8Z5DtoEc6X8Ymb0tHbr7LnrbkZS89MMWpXLz3PRdPA==

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
wincountry.com/wp-includes/js/ 14 KB
5 KB 99ms
93ms Script
application/javascript 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wincountry.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:32 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Tue, 28 Jul 2020 00:17:46 GMT
Server: Apache/2.4.29 (Ubuntu)
Identity: Accept-Encoding
Age: 0
ETag: "364d-5ab755e62ba81-gzip"
Vary: Accept-Encoding
X-Cache: MISS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-Varnish: 926135386
Accept-Ranges: bytes
Content-Length: 4653

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 32ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c3e7756fe5cc02d6d023e062124f08d23f43f067f6aa1873a07f4b001f9e894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://wincountry.com/
Origin: https://wincountry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Aug 2024 04:57:32 GMT
content-md5: Dxl+FDcgAhWUrnKQIvsDcA==
document-policy: force-load-at-top
x-fb-server-load: 32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2791, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: PP/XOPeUSTHiK4EDnpERbx1oxYdTwZ9iTOIe3KN6IIbURLVnAPz4obMdLi8jc7glNb3pm3ZbE/NCvwUZiZh9dA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 181215f62b4e5c3f2bb9c65326bc4745
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "4891d84e535a280e1186d728dd092e90"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Sat, 03 Aug 2024 05:13:07 GMT

GET
H2 200 screenshot-2024-08-02-164949-300x199.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2024/08/ 6 KB
6 KB 1354ms
1347ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2024/08/screenshot-2024-08-02-164949-300x199.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c0dd038e1650023f8523f1c36b6a7ccae0ebbdd08d54e05dcfe193ec3419104

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:33 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: HJTCWTGCEBC1N5AC
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 5748
x-amz-id-2: zHJNl80JvWttwDhLq2PdSZ8fSGjOPxP1xsdrjOKdwiOQ32tMo1HX9LE089GIRI89wCY+XoNDjhw=
last-modified: Fri, 02 Aug 2024 20:53:25 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "d124877b6627678121160f685a0bee6e"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: MEHZAhMdYGnnVnKc_Y0tZkCyDhTzFilf5pzQKtE08EXLhv3MlzfHXA==

GET
H2 200 3317809272_e348367994_b-300x225.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2022/05/ 5 KB
5 KB 222ms
215ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2022/05/3317809272_e348367994_b-300x225.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3a710ebc776e96b7ef9084fcf7dc2c52031147c1747be8882e0299af16c17be

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 20:35:43 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: RS0AZ8ZN5CXDCK00
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 30110
x-cache: Hit from cloudfront
content-length: 4798
x-amz-id-2: bwfyHrtj9R9iK0nbfTf+kh/n5NWUNc36jMJiZ32UWXFDABhO0d1HxiRb4RBJ8052dOM5yA5nLmg=
last-modified: Mon, 23 Oct 2023 12:48:08 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "846b0fb9844dcb57e4771f2ea47a96a8"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: BwpmN3Y5lAPlV5siJW1AR5SFWG0Ncj2LxhF_SZebJ5jgwcb2bhTjQA==

GET
H2 200 road-closed-sign-300x176.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2022/06/ 9 KB
9 KB 526ms
519ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2022/06/road-closed-sign-300x176.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e384d1de1e01b21bde2f7fcf28f2d887ab85a3eb2eedf03abaef65525af5328

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 06:06:08 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: ZHND0MGNB39BH7BX
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 82285
x-cache: Hit from cloudfront
content-length: 8902
x-amz-id-2: vaxcKeB4xjXCUvqTROJ+6KVmMGLF1mzjmMQh1lhVHs2ybgE/g+/h2oSW7BuwxM5yzC5ahL4UXPs=
last-modified: Thu, 02 Nov 2023 11:51:44 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "2f712f9e0668352f72e224c219432d71"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: iHm9TbRK58-5Lm-X0AaizHdjjaU03R1FD8mR-_GWbyxAMxA59o67vA==

GET
H2 200 29219178410_5565b3b7c4_b-300x225.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2021/03/ 6 KB
7 KB 776ms
769ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2021/03/29219178410_5565b3b7c4_b-300x225.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e38d72db5bde88e0a39ae299f3d09ec62ce6e038830cb681442007e17f03879

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 06:06:08 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: ZHNBXNBSWESNAN1W
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 82285
x-cache: Hit from cloudfront
content-length: 6474
x-amz-id-2: xtVVxfWBHw6qJFg7hnt8xeaVLIHK40yuvwbMX8U0mA3lH4aVkYlG2Tn+m3vnlVfZaC+p/qLKYm0=
last-modified: Thu, 26 Oct 2023 13:35:49 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "22d3e0cd253afe9f430db88b4588b35d"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: KgUko4qZroOtK3fWFH2PBWIdq9EXVTAsfBK2Q58z8V69MG0HxU25KA==

GET
H2 200 screenshot-2024-05-14-171154-300x196.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2024/05/ 25 KB
25 KB 1352ms
1345ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2024/05/screenshot-2024-05-14-171154-300x196.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0dca8a0918746273fc3c731613af08e1034faa2d34ba68a540748a73b41a2517

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:56:15 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: K17BHTPEYDW4BY90
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 115278
x-cache: Hit from cloudfront
content-length: 25458
x-amz-id-2: CmTHKMTXRGlV3ImkLJOe4aXh3maQ8rDAIMIkt4mFBr95/KsLNt8rVirJmZH6EknaY33tl38sIKw=
last-modified: Tue, 14 May 2024 21:14:56 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "2b536ea5add03ec04c9c3ba9844d73c7"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: u5PdOhoItHLDMybuiAfLr6nb7q241m4OTxiH8B04aZtMEwnAWR66dw==

GET
H2 200 2024-08-02T191125Z_2_LYNXMPEK710TV_RTROPTP_3_PEOPLE-JUSTIN-TIMBERLAKE-ARREST.JPG
storage.googleapis.com/media.mwcradio.com/mimesis/2024-08/02/ 90 KB
90 KB 296ms
253ms Image
image/jpeg 2a00:1450:4001:80e::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/media.mwcradio.com/mimesis/2024-08/02/2024-08-02T191125Z_2_LYNXMPEK710TV_RTROPTP_3_PEOPLE-JUSTIN-TIMBERLAKE-ARREST.JPG
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 352e082aeb82c22cac9b6ac328592d6268fe525dc796eac12e4f83172b1396fe

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
age: 0
x-guploader-uploadid: AHxI1nMMVhlwjDIa8784KQrykbLRdbo-aG05MIUzD3R4q5_CytS3eBc05Ta0vuEeMk5ddYRnQf_EiTsjsA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92260
last-modified: Fri, 02 Aug 2024 19:20:26 GMT
server: UploadServer
etag: "67a8cf97a52c14be3891cfb34da3b378"
x-goog-generation: 1722626426330223
x-goog-hash: crc32c=kJdDCQ==, md5=Z6jPl6UsFL44kc+zTaOzeA==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 92260
accept-ranges: bytes
expires: Sat, 03 Aug 2024 05:57:32 GMT

GET
H2 200 2024-08-02T154953Z_1_LYNXMPEK710NP_RTROPTP_3_ATHLETICS-WORLD.JPG
storage.googleapis.com/media.mwcradio.com/mimesis/2024-08/02/ 70 KB
70 KB 156ms
114ms Image
image/jpeg 2a00:1450:4001:80e::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/media.mwcradio.com/mimesis/2024-08/02/2024-08-02T154953Z_1_LYNXMPEK710NP_RTROPTP_3_ATHLETICS-WORLD.JPG
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5ae5e570fb9150ecd055a7c9966d850fa9500d04b17b0867f84469c7441d02d2

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
age: 0
x-guploader-uploadid: AHxI1nNKLWPvXDuG_gqlAHDLsRoBpa_p6cfHabpk1qc0DCw21SdMwvc36WyuD0rvFPzsh-VBjQ8kCzbH6Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71364
last-modified: Fri, 02 Aug 2024 16:00:25 GMT
server: UploadServer
etag: "3141325f2b6d12da7a3efaf26ad8053c"
x-goog-generation: 1722614425515798
x-goog-hash: crc32c=gAb77g==, md5=MUEyXyttEtp6PvryatgFPA==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 71364
accept-ranges: bytes
expires: Sat, 03 Aug 2024 05:57:32 GMT

GET
H2 200 2024-08-01T163609Z_1_LYNXMPEK7020Y_RTROPTP_3_OLYMPICS-2024-NBC-RATINGS.JPG
storage.googleapis.com/media.mwcradio.com/mimesis/2024-08/01/ 76 KB
77 KB 421ms
378ms Image
image/jpeg 2a00:1450:4001:80e::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/media.mwcradio.com/mimesis/2024-08/01/2024-08-01T163609Z_1_LYNXMPEK7020Y_RTROPTP_3_OLYMPICS-2024-NBC-RATINGS.JPG
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0280d46803d535dcb44a1336d3f9a12b6f0d645c4af3b89c461dc42f30ca106b

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
age: 0
x-guploader-uploadid: AHxI1nOtY5-nZlnkja4tc0aeU4Nuv4DifXEWhdwjrNtjh9c2iimWE3536Ml6tQ_daNRnI2PoqbVV29b1yg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78074
last-modified: Thu, 01 Aug 2024 16:40:22 GMT
server: UploadServer
etag: "eb3c4c982193ab6fe5988b0fac008d60"
x-goog-generation: 1722530422932075
x-goog-hash: crc32c=0ktrfw==, md5=6zxMmCGTq2/lmIsPrACNYA==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 78074
accept-ranges: bytes
expires: Sat, 03 Aug 2024 05:57:32 GMT

GET
H2 200 2024-08-01T123605Z_1_LYNXMPEK701S8_RTROPTP_3_FOX-M-A-WALT-DISNEY.JPG
storage.googleapis.com/media.mwcradio.com/mimesis/2024-08/01/ 52 KB
52 KB 509ms
467ms Image
image/jpeg 2a00:1450:4001:80e::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/media.mwcradio.com/mimesis/2024-08/01/2024-08-01T123605Z_1_LYNXMPEK701S8_RTROPTP_3_FOX-M-A-WALT-DISNEY.JPG
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: db7a9b39abc6548063c9e8491c3f93e25460a4882b48606823f9706a00f962a0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
age: 0
x-guploader-uploadid: AHxI1nMvjVsWLGhwrSal5kp7fFx1KypIwraqvf4TrrSwUxcFpU4Lng053TVesyJskPXo8yEAVT0RGHSICg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52992
last-modified: Thu, 01 Aug 2024 12:40:20 GMT
server: UploadServer
etag: "dfcb9a5df89384fb5685ae86d4119e8e"
x-goog-generation: 1722516020412502
x-goog-hash: crc32c=jMlC4w==, md5=38uaXfiThPtWha6G1BGejg==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 52992
accept-ranges: bytes
expires: Sat, 03 Aug 2024 05:57:32 GMT

GET
H2 200 2024-07-31T135403Z_2_LYNXMPEK6U0P9_RTROPTP_3_PARAMOUNT-GLOBAL-SKYDANCE-LAWSUIT.JPG
storage.googleapis.com/media.mwcradio.com/mimesis/2024-07/31/ 49 KB
50 KB 546ms
504ms Image
image/jpeg 2a00:1450:4001:80e::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/media.mwcradio.com/mimesis/2024-07/31/2024-07-31T135403Z_2_LYNXMPEK6U0P9_RTROPTP_3_PARAMOUNT-GLOBAL-SKYDANCE-LAWSUIT.JPG
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c79244ba457428b6e906fe8545f55750d7d733c8b9d8c5b78592deffca11c7f9

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
age: 0
x-guploader-uploadid: AHxI1nOtolaF-sMzFQ1hk-X2khaL8u-Fbp36m5GnppWANJNfxXJ_NkEZdm5Ky5Mx5LLitzGCuYLSPbTkdA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50453
last-modified: Wed, 31 Jul 2024 14:00:26 GMT
server: UploadServer
etag: "2513ddb739e14c526b10a01db7e0907a"
x-goog-generation: 1722434426016759
x-goog-hash: crc32c=eBePqg==, md5=JRPdtznhTFJrEKAdt+CQeg==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 50453
accept-ranges: bytes
expires: Sat, 03 Aug 2024 05:57:32 GMT

GET
H2 200 wsymbol_0008_clear_sky_night.png
cdn.worldweatheronline.com/images/wsymbols01_png_64/ 250 B
968 B 41ms
7ms Image
image/webp 2400:52e0:1e00::865:1
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.worldweatheronline.com/images/wsymbols01_png_64/wsymbol_0008_clear_sky_night.png
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::865:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-865 /
Resource Hash: 8fca354f59752dce225bbeae9a11bc5c7c88fae899993bc4e4aa7c7ac615ad27

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
x-downloadsize: 216
cdn-edgestorageid: 752
x-bo-processingtime: 0
cdn-cachedat: 05/20/2024 19:41:52
cdn-pullzone: 57282
content-length: 250
x-bo-server: DE-229
last-modified: Mon, 20 May 2024 19:41:52 GMT
server: BunnyCDN-DE1-865
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 12
content-type: image/webp
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 8fa3a04a-75d9-4707-8056-b7b33c8ac7fe
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
x-bo-compressionratio: 0%
cdn-requestid: 01f13b1699cabe0c0ea9c4a43b43d97e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 PoweredBySoCastTagline-White.png
media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/ 1 KB
2 KB 428ms
423ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/PoweredBySoCastTagline-White.png
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f88279a4bfa31852b69934e6d6b32910258274a5182d909d6c970e63dd5395fd

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 22 May 2024 05:58:33 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: W8D7YG5RQHVXF8TM
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 6303540
x-cache: Hit from cloudfront
content-length: 1222
x-amz-id-2: GKxufNoUSqyTocVAcxO+94u29RMM3ySV9XuLM7GQj3FsXi12e/VTJEsNjAOdfzNehXnCJkF6o1g=
last-modified: Wed, 18 Oct 2023 17:54:04 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "ac5c3e1ebd9b63c37aa30a7c86806297"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: xXy8eVSvQPiu1CQt498Qiua78ReGhC0lI8wM7GaKKJVwydv9QMA9gA==

GET
H2 200 albumGallery.css
cdn-css.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/css/widgets/ 2 KB
1 KB 7ms
7ms Stylesheet
text/css 18.173.205.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-css.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/css/widgets/albumGallery.css?ver=5.4.2
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-35.fra56.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 521c38b16194e130c7c5bd73c40e84a59d9eb1e95c815e14eeb657873e722623

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:54:27 GMT
content-encoding: gzip
via: 1.1 1876576d09e30dc7b468e90ff448f1f8.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jul 2020 21:36:36 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA56-P12
age: 36183
etag: "938-5ab873bdb96eb-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 745
x-amz-cf-id: VVx5-gPxSYp7BBElYvQ1zQzYhGWiwAJBomvJoKoD_NOzSGrLCeoAYw==

GET
H2 200 twoColumnLayout.css
cdn-css.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/css/ 150 B
509 B 8ms
8ms Stylesheet
text/css 18.173.205.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-css.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/css/twoColumnLayout.css?ver=5.4.2
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-35.fra56.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 6106fba2c6f036bfd249c40d9df1fec6f9da3ee1ea754dccde3c0f9690fcc1b4

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:43:25 GMT
content-encoding: gzip
via: 1.1 1876576d09e30dc7b468e90ff448f1f8.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jul 2020 23:59:37 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA56-P12
age: 37055
etag: "96-5ab751d753833-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 133
x-amz-cf-id: U0vfaMtPSfsNAhy5B7pkDfefzLH4sl8FJLz0nE1zthTwmHXQlPp1hg==

GET
H2 200 eventDisplay.css
cdn-css.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/css/widgets/ 3 KB
1 KB 7ms
7ms Stylesheet
text/css 18.173.205.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-css.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/css/widgets/eventDisplay.css?v=2016-02-24&ver=5.4.2
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-35.fra56.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: ef82770a46ee476d8530cf09afd544198d12b23cc75a01e9e40015c11a8ab3cd

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:37:57 GMT
content-encoding: gzip
via: 1.1 1876576d09e30dc7b468e90ff448f1f8.cloudfront.net (CloudFront)
last-modified: Thu, 12 Nov 2020 19:29:13 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA56-P12
age: 37174
etag: "d56-5b3eded489130-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 924
x-amz-cf-id: FeZe3TB9QYvgjUusDhwZFL0BrUNfm4NtK4Rg8pZTdy7XNCC3ia_ArA==

GET
H2 200 weather.css
cdn-css.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/css/widgets/ 5 KB
1 KB 7ms
7ms Stylesheet
text/css 18.173.205.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-css.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/css/widgets/weather.css?ver=5.4.2
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-35.fra56.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: cac1df235adc210488f80cbb6f5aa4381d89e0767c104ffc85f9330ddc9cc66a

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:37:02 GMT
content-encoding: gzip
via: 1.1 1876576d09e30dc7b468e90ff448f1f8.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jul 2020 23:59:37 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA56-P12
age: 37229
etag: "1563-5ab751d753833-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1131
x-amz-cf-id: c-P69WyMfqJ7SKhd_4zPZXmTtl0u0ca6vBD-7PKDi7xzKfEE31Tiyg==

GET
H2 200 css-var-polyfill.js Show response
cdn-js.socastsrm.com/cdn_v17.13.2/js/ 6 KB
3 KB 8ms
7ms Script
application/javascript 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/js/css-var-polyfill.js
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 0c955fa8c779c4d8a38a36ec47e0eb653271d31844f356142ddf4688354e4afb

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:37:01 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jul 2020 23:59:42 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37230
etag: "18b3-5ab751dc90634-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2254
x-amz-cf-id: 3MzIzmhMF_kSMH25pb5NFpbYiaodrGJD_ndySmxCYn79S7FOdKqUgw==

GET
H/1.1 200
OK wp-embed.min.js Show response
wincountry.com/wp-includes/js/ 1 KB
1 KB 94ms
94ms Script
application/javascript 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wincountry.com/wp-includes/js/wp-embed.min.js?ver=5.4.2
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:31 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Mon, 27 Jul 2020 23:59:44 GMT
Server: Apache/2.4.29 (Ubuntu)
Identity: Accept-Encoding
Age: 0
ETag: "59a-5ab751de8a3f4-gzip"
Vary: Accept-Encoding
X-Cache: MISS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-Varnish: 925972587
Accept-Ranges: bytes
Content-Length: 769

GET
H/1.1 200
OK js_composer_front.min.js Show response
wincountry.com/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
6 KB 94ms
94ms Script
application/javascript 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wincountry.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.1
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 43cdf46f331fec5ba92e402e3d5cad473099892cbdafca02e607cd03705104bf

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:31 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Tue, 28 Jul 2020 21:36:37 GMT
Server: Apache/2.4.29 (Ubuntu)
Identity: Accept-Encoding
Age: 0
ETag: "5079-5ab873be56a8b-gzip"
Vary: Accept-Encoding
X-Cache: MISS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-Varnish: 924018706
Accept-Ranges: bytes
Content-Length: 5818

GET
H2 200 blogNews.js Show response
cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/js/widgets/ 1007 B
884 B 7ms
7ms Script
application/javascript 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/js/widgets/blogNews.js?ver=5.4.2
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: ab40d2fd397d7357eec52b0a54abbbe4065909ae6993c7f321bcd91b7afa82b6

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:37:02 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jul 2020 23:59:37 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37229
etag: "3ef-5ab751d755773-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 496
x-amz-cf-id: Dna_DSo3aOiVw3FG3sVq4cYxDE6M3eWvfUtHOtLiWgKE4q9NIKk16g==

GET
H2 200 featureRotator.js Show response
cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/js/widgets/ 6 KB
2 KB 7ms
7ms Script
application/javascript 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/js/widgets/featureRotator.js?ver=5.4.2
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 8ead246d96271c4e6ecbd16cb0cdfa5f292b9bd574ed8fcefb72ae3642bcdb67

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:37:02 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jul 2020 23:22:19 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37229
etag: "1956-5ab74980fde4c-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1841
x-amz-cf-id: Uo-6u470wjUEAuM0NQ2wCGQWBLtZo1hkbuAdbrFZRbMFP2Sk9SxRtg==

GET
H2 200 albumGallery.js Show response
cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/js/widgets/ 920 B
749 B 8ms
8ms Script
application/javascript 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/js/widgets/albumGallery.js?ver=5.4.2
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 0ac6fd5b7d5afe27d5bdcc1a32f0101949f80841860b7f0c9b58bf28f50b5728

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:40:35 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jul 2020 23:59:43 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37016
etag: "398-5ab751dd961b4-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 351
x-amz-cf-id: Febq13egRIq-uq-pukxUVfNwS3LGyK7A_dUkDC-ZEKL79P18pJTrPQ==

GET
H2 200 twoColumnLayout.js Show response
cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/js/ 2 KB
822 B 8ms
8ms Script
application/javascript 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/js/twoColumnLayout.js?ver=5.4.2
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: eeb2f09a9511bc3c70d6a90a24ea942db06737392c3159c4058ccecc6055c147

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:39:56 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jul 2020 23:59:37 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37055
etag: "70b-5ab751d7547d3-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 435
x-amz-cf-id: aqQ7pFLg7574H-atadiMtRiT0oUy5Kq0kdiKG9bcrBzA3YNQLWBrpg==

GET
H2 200 eventCalendarList.js Show response
cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/js/widgets/ 2 KB
1 KB 8ms
8ms Script
application/javascript 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/js/widgets/eventCalendarList.js?v=2013-06-25&ver=5.4.2
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 54ab0f51ec3cf63fc92dd3cb384defb55800fadc29b4798c4c13d4bce60bb4b8

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:37:57 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Wed, 13 Sep 2023 15:03:26 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37174
etag: "9a7-6053edc90dd7c-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 803
x-amz-cf-id: hrMgrQE1cGMfu-fhMXzHGi2zDlyKiMSSvlJtU8qaTgKop6hyvHpMkg==

GET
H2 200 lastPlayed.js Show response
cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/js/widgets/ 4 KB
2 KB 8ms
7ms Script
application/javascript 18.172.112.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-content/plugins/socast-widgets/js/widgets/lastPlayed.js?ver=5.4.2
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-49.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: c72dfe69c8fbdb44833c6dba3b69582e1c3ab3d07ae30a5d25ef0321677687e8

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:37:14 GMT
content-encoding: gzip
via: 1.1 8c697b4cc5726ac95109fd0b5c794d72.cloudfront.net (CloudFront)
last-modified: Wed, 30 Nov 2022 19:01:54 GMT
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P8
age: 37217
etag: "1035-5eeb4bce9ee4d-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1397
x-amz-cf-id: z0pkSdNA2yTAUIHJAyr45vrqBNIAWnaUe_UQe0ktAB_CCjqaQvqttQ==

GET
H2 200 wxwidget.loader.js Show response
widgets.media.weather.com/ 574 KB
139 KB 82ms
13ms Script
text/javascript 2a02:26f0:3500:e89::3282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.weather.com/wxwidget.loader.js?cid=158765827

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:e89::3282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx / Express

Resource Hash

5a4de709bb4c9faf4b2d86588d14b415744d2e85f2b0620f4336937a7dedb7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 03 Aug 2024 04:57:31 GMT
server: nginx
x-powered-by: Express
etag: W/"8f669-s0PjZZvT/R+3cHnaDqkv7c179lM"
x-cache-status: MISS
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=9844
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 141519
expires: Sat, 03 Aug 2024 07:41:35 GMT

GET
H2 200 9c51dd92b4.js Show response
kit.fontawesome.com/ 13 KB
5 KB 496ms
467ms Script
text/javascript 2606:4700::6812:133e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/9c51dd92b4.js
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:133e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e92d8d8f6562099f17fd68abd8393678c000e17a981fde6a4bdc8c8f8827cd94

Request headers

Referer: https://wincountry.com/
Origin: https://wincountry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8ad3ba355efd9143-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F-WDA1kITwST4sgOgbBD

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/ 533 KB
212 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LchdXMgAAAAAP4dU47UWMAhU0Tc8Uf0ldZrstqZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab42d7c37f7928197cf2fb60407d97ebf6b8316f5bd3007d33b49d4ca0559e03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
Origin: https://wincountry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 02:49:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216180
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 04:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Aug 2025 02:49:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 212 KB
73 KB 240ms
235ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TQ2K7TM

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2a44c652d9ca2a22bd526049501ef4be7eebe886bd91c4efc33757846234e343

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74449
x-xss-protection: 0
last-modified: Sat, 03 Aug 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 03 Aug 2024 04:57:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 199 KB
70 KB 152ms
147ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KRSW9PG

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

deae9bcabff2f31561c0da44d4d893cf69a461ac6af51f501d31cd0c1ca09367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71777
x-xss-protection: 0
last-modified: Sat, 03 Aug 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 03 Aug 2024 04:57:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
0 0ms
0ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,700,900,100

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08218760e8dc5b307dbca515a0addde87e6a0d7a6f61d464440a0a6d538dabdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Aug 2024 04:57:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Aug 2024 04:57:31 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/ 473 KB
148 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16c97b6c26473d70b044e56a04aaa08a40cbf07d644e8bea637f41d3e4acbc7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 18:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39371
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151011
x-xss-protection: 0
server: cafe
etag: 11172422436733227893
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 02 Aug 2025 18:01:21 GMT

GET js
www.googletagmanager.com/gtag/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 62ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33491015-39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Aug 2024 04:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1705
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 03 Aug 2024 06:29:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 101ms
97ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-4991594-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33491015-39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4613762f6ff2994abcd86057abc57deed8cdca007515a91aef629a594a7e6416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76570
x-xss-protection: 0
last-modified: Sat, 03 Aug 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 03 Aug 2024 04:57:32 GMT

GET
H2 200 wtvb-rantsbymac-primary-300x200.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2484/files/2023/06/ 6 KB
0 255ms
255ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2484/files/2023/06/wtvb-rantsbymac-primary-300x200.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9583322eb1c2b8e6866c4936460061fe807ac1140911dc3d09ba65950f5a2d95

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 10:27:11 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: 36FCMYEHJFFYPEPF
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 757822
x-cache: Hit from cloudfront
content-length: 5742
x-amz-id-2: MWeY90LMtlk55vscUyWOC+ZeeQsWK3nk41MF8xg1XEQthZBUSQ5ehu3L2KC/lqsQHMGQof4zUs83P4smgFATlq/Eczqek/RzdQ2ZebPMbhQ=
last-modified: Wed, 25 Oct 2023 10:15:17 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "88d4b093c68558ce0c736ec96dbe7977"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5MPsIZuhOZvYRcwlU2jO1_LW_l8zU4dBh93v0QW0tbvCKYpg0ZgmFw==

GET
H2 200 indicator-big.gif
media-cdn.socastsrm.com/application/theme/images/loaders/ 4 KB
0 28ms
28ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/application/theme/images/loaders/indicator-big.gif
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 916301287f61100a9242eeee5168c1f1ed8367729998837d4aaced456c5d98c5

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 22 May 2024 05:58:33 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: W8D0SC5FQVJA5H2F
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 6303540
x-cache: Hit from cloudfront
content-length: 4408
x-amz-id-2: nenp60t0aXDVTGYP7uW7gwdHbcAVPmDGRgepa9KhKlWALp5AwjJ8xQdGECefOwwHT8cjVDZ8N74OCvsmsuXA3w==
last-modified: Wed, 18 Oct 2023 17:54:03 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "c97282fe5d5ca8e5644c67562285888b"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: UL7lysOAmjYGJaDqFhwWeTu-MVtWvFpkempuIj2ndk3KdH4tXixrgw==

GET
H2 200 facebook.png
media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/ 754 B
0 2ms
2ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/facebook.png
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b64f7e2e52ae67458e04b7611e81a7c981a645c17d1c1749e066959c894abe9

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:57:26 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: N2V736T5TZYBT0N8
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 21463206
x-cache: Hit from cloudfront
content-length: 754
x-amz-id-2: cOxYc3tNbVQRgW6jgc/x0JmBLvUlCulVt2rixYaQoouEhlCYzyVxjfCNCgU+IjlgC0g3YHy9HAc=
last-modified: Wed, 18 Oct 2023 17:54:02 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "c98e9289d40ddb10c446acb23bdadb3b"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: NEKLI0F9NT3fGx8cpG4V2mvLfUIi5g2xR-N94nKJG0MFetYzj5_nJg==

GET
H2 200 twitter.png
media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/ 1000 B
0 2ms
2ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/twitter.png
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df91f674ce3902ef0e9ac337f8aa0a15d67b5ee7ce4ad5efa22ad8172e4e91eb

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 28 May 2024 02:46:42 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: Z5C3H737YH8JWNEG
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 5796650
x-cache: Hit from cloudfront
content-length: 1000
x-amz-id-2: U6wPMF+2HWnHDlNCNt0zJSiMHLoNVOlEgM/ZeIVemJ23URjzEgjx7kq7IckSaoFrKFVQazb2kD8=
last-modified: Wed, 18 Oct 2023 17:54:05 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "7a48eb3e8ffb08f3e2825c9a5229fa69"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 4m3hLiD3BmLyBEJAp5nsfi5nbcj0EzBlDNQP2K4mUBFwnGktblyw_A==

GET
H2 200 instagram.png
media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/ 1 KB
0 25ms
25ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/instagram.png
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca8d3614e2555d32bd259350e4690bc16b3c45721faccd80de561d044cfbdcf2

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 03:06:11 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: WK2GBE0VKFRCAHJF
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 17027482
x-cache: Hit from cloudfront
content-length: 1118
x-amz-id-2: jU8+R1QGIyfPdlKCJP8Rtwfe8zR3klIGqEzUZSvtMeKfu8FK/uWWMHig0YCwQBQFhZizmkQnRUo=
last-modified: Wed, 18 Oct 2023 17:54:03 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "0befdf58bda53ac21425710c70ead776"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: CtjXdQmSRBOnvkEqxDRh5cbaiy8XJKZLp7xkdv4k5iKPkTBM0cOjiQ==

GET
H2 200 wnwn-heroimage-default2.jpg
media.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2020/05/ 197 KB
198 KB 841ms
840ms Image
image/webp 108.138.36.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2020/05/wnwn-heroimage-default2.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-124.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e22094228566ad4a7e84db5aa4d36c53ab016259c2e3ebd653f25c16534bd0d1

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 10:27:11 GMT
via: 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront)
x-amz-request-id: 36FDVHMH52C9CNNM
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
age: 757822
x-cache: Hit from cloudfront
content-length: 201894
x-amz-id-2: vzg380A+n8Am4AZXTHQjqQNIp4oT7ZTfQ/82UWCLnL8+IY3Xv2MmHOy2LXDn2gct4NzmTE+JUNk=
last-modified: Fri, 20 Oct 2023 01:49:58 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "ed02da22703348f2bd563e60dcf130aa"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: TQh9k3k2KeMz-2JEB-tQRXOAeZ5k_jImsosg0HB7_vadYxcdLelkUQ==

GET
H2 200 fh-300x251.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/07/ 12 KB
12 KB 1333ms
1329ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/07/fh-300x251.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 58c651a26071f79972de05cb4be8ea1bd2cc4833ff94654f34c4ab0085d3355b

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 10:27:11 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: 36F80SZAGVGC572C
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 757822
x-cache: Hit from cloudfront
content-length: 11932
x-amz-id-2: /CWKtLEQWU/v/ZYuUizZgh09AuiCRvWFjuidj4shXdoEodO+N4wa/kjaxuZ0yTodZcyMcweS7rg=
last-modified: Wed, 18 Oct 2023 18:01:11 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "554cedeb06713967c24902f61d860ec2"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: bKpehBzZMvU1kzon-lQU2RTqvHa8WV0yNG7u1MU0tVfncIf-n3SjdQ==

GET
H2 200 roofsit7-300x251.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/06/ 12 KB
13 KB 1332ms
1329ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/06/roofsit7-300x251.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 82ac1e85cfa0edc767331ac49c45efe8eb3e1ca20109ca3162b43c9db85b7dbc

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 10:27:11 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: 36F5EFP5JVSKDRJA
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 757822
x-cache: Hit from cloudfront
content-length: 12346
x-amz-id-2: ZJ1p5vVtGsHQEX8R+5P2bDqhioNPGi4Q0urtU/oQKhTL/rqCVUJrV8TQaog2ZHpMHEmVObHy6Lo=
last-modified: Wed, 18 Oct 2023 18:01:11 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "17ca403880d847408f50a53d09b9d42a"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: VgCsazL0DGD7fcZ7sGOn2_aLw03-GG5GjINelGE4qC5BvFB1HayHkw==

GET
H2 200 kaylee-williams-300x251.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2022/06/ 5 KB
5 KB 1331ms
1328ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2022/06/kaylee-williams-300x251.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5823bba5d7ae356e30e6aba54cd1a353ba781f436c111547c05f244b6cf92d8f

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 10:27:11 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: 36F23NGYBH4MX5Y6
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 757822
x-cache: Hit from cloudfront
content-length: 5052
x-amz-id-2: 6fFiw6Vx4U0D7uzEc68LW/Munwz8wBRSptwC7S9WT+icB5BGKN5F88zYyTgsW9NdTMPZWnR6uGw=
last-modified: Wed, 18 Oct 2023 18:01:11 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "468f72b5d510dee3099650775c7f9944"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: FLajcdl_GhWEkIYXWZGnf7Qq9_CVbzz_Sh75h-qNFHf1SSjT6rbKMw==

GET
H2 200 img-0439-1-300x251.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2021/07/ 14 KB
15 KB 1685ms
1682ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2021/07/img-0439-1-300x251.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25173403d20076c00cc25a857f5162b0ef03f75d2ccf1d9501ce0ea27f4302ae

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:33 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: HJT330NS2GB2SW56
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 14664
x-amz-id-2: XzWrz3rUnXiJ4ih1cSE1iwthcAqpEI4lDoOTSeKUOLW+VZaUEAbj1wrs4Kg74U2lAmLNLSLl0rA=
last-modified: Wed, 18 Oct 2023 18:01:11 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "36036ac43005ca82b07f9fa0853d22ed"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: QpiXYpASXy79EYhmKNNBCLsRLVcXLNjdSxGARX8k3O-KT7n4qVblzQ==

GET
H2 200 kendyl-ashley-221x251.png
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2021/06/ 16 KB
16 KB 1332ms
1329ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2021/06/kendyl-ashley-221x251.png
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09912cb2d2c867208249706041eda1ec8d6fac4234841ffbf7c9ed6734fb8b5f

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 10:27:11 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: 36FEQCF0RTTD84EW
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 757822
x-cache: Hit from cloudfront
content-length: 16266
x-amz-id-2: Qif7fKJiGX6o0f/RaWZux+noMAhBoxC8xPhKgRNxgostRyMg0o2ebx7/bd344hpLa2UtPhd1p5U=
last-modified: Wed, 18 Oct 2023 18:01:11 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "8ced06d26c2d302fe39e7b598d6fa230"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 1KG7q-VTr8Pnh4uWC1Fcf-IQ8NSAsinAj-F7MXp0YF2oK8NmwfpDxA==

GET
H2 200 unnamed-4-300x251.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2021/03/ 17 KB
18 KB 1332ms
1330ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2021/03/unnamed-4-300x251.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f11bbd2091480997ca88487fcf008ee64ecfcdbd72d3a218f16eb3d4a562e1c

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 10:27:11 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: 36F9Z09E7AAF88CS
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 757822
x-cache: Hit from cloudfront
content-length: 17428
x-amz-id-2: QNwL7hVMC+v91L1+gyqUNsMcPr9DydSGIb8U1G5ugglsxXDTidR3yUcGidZdcsiFaPdxeWrmNWM=
last-modified: Wed, 18 Oct 2023 18:01:11 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "5064aff23f2e8ab71d753fec6411c911"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: yhHyCDH7r5X1qO5Kazyi99Q4pO763AoC6uh8vYZvw42mF1ZcWz2oIQ==

GET
H2 200 83595934_178011173554402_120238781977591808_n-300x213.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2020/05/ 12 KB
13 KB 1332ms
1330ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2020/05/83595934_178011173554402_120238781977591808_n-300x213.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d31ccaf4d1d5a13148c3b3f8042110685395b9e09c6dc5540a4965a4fdbe480f

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 10:27:11 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: 36F0E0DB5JQXX17J
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 757822
x-cache: Hit from cloudfront
content-length: 12358
x-amz-id-2: ay9+C6Um8Q0Ntfu2HKfc1J0UKE9u8Tj+yViHvN8gvYRZtIwW9v1bqVj/AK19NgL3TPJNL63p5Tg=
last-modified: Wed, 18 Oct 2023 18:01:11 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "5846003c1cde42b2e8362aa7b2820a4f"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Bebb5dZSp-zkmgQgoNgFYE-7vI9qj_z3OdY654AoQJo9S7ioH-F9ng==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 70ms
39ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,700,900,100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wincountry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:56:39 GMT
x-content-type-options: nosniff
age: 309653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 14:56:39 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 270ms
239ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,700,900,100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wincountry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:49:57 GMT
x-content-type-options: nosniff
age: 115655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18436
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:49:57 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 49 KB
49 KB 200ms
169ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,700,900,100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wincountry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 15:05:30 GMT
x-content-type-options: nosniff
age: 309122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50296
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:10:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 15:05:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 37ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,700,900,100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wincountry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:49:34 GMT
x-content-type-options: nosniff
age: 115678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:49:34 GMT

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 1 MB
179 KB 56ms
46ms Fetch
text/css 2606:4700::6812:133e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro.min.css?token=9c51dd92b4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9c51dd92b4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:133e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
server: cloudflare
age: 1504852
etag: "6695a0b7-2cce4"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8ad3ba3919579143-FRA
content-length: 183524

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 27 KB
4 KB 30ms
19ms Fetch
text/css 2606:4700::6812:133e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v4-shims.min.css?token=9c51dd92b4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9c51dd92b4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:133e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0fdba09e5424857290d8e5aa6beb9953d22465dd8cd82e760e549a3f0663320

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
server: cloudflare
age: 1504853
etag: "6695a0b7-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8ad3ba39195b9143-FRA
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 50 KB
7 KB 33ms
23ms Fetch
text/css 2606:4700::6812:133e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v5-font-face.min.css?token=9c51dd92b4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9c51dd92b4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:133e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2024 22:20:40 GMT
server: cloudflare
age: 935432
etag: "6695a0b8-1c1c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8ad3ba39195c9143-FRA
content-length: 7196

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.6.0/css/ 7 KB
2 KB 30ms
20ms Fetch
text/css 2606:4700::6812:133e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/css/pro-v4-font-face.min.css?token=9c51dd92b4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9c51dd92b4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:133e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42ffeae687ee562cc3d669407321ce1754cc922ed793e3371efac196b33cbf47

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
server: cloudflare
age: 935432
etag: "6695a0b7-6ca"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8ad3ba3919599143-FRA
content-length: 1738

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/9c51dd92b4/48274609/ 0
142 B 20ms
20ms Fetch
text/css 2606:4700::6812:133e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/9c51dd92b4/48274609/kit-upload.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9c51dd92b4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:133e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
cf-cache-status: HIT
age: 731787
content-length: 0
x-request-id: F-WFiyulOvXGZp1FEQSh
server: cloudflare
etag: 54af53b207eef226d6511e0a88e3038e
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges: bytes
cf-ray: 8ad3ba3909509143-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 304 KB
87 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=0ed1367c392b4a6679afa72d0c70c1eb

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

30fed39db69dea4c8e7a55e8446dee586d4cb4eebe905f3c7c449cd182efc35a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://wincountry.com/
Origin: https://wincountry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Aug 2024 04:57:32 GMT
content-md5: Gcpz4K8ZvIFxw08Gb3OP8Q==
document-policy: force-load-at-top
x-fb-server-load: 47
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89155
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=1, c=21, mss=1328, tbw=6637, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: jHsjUFmJGM2OT2PJp7QZIKod8NtCctTC03W3kGET8zouLE1itFNHKFniuvEztOnBr3hf2PItMajcjxwiux0aZQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: a7383ae8ec7b0ea2d5ff6970f62c257f
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "8ce65914115aded533d43f98f6d1d923"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Sun, 03 Aug 2025 04:27:13 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 509 KB
44 KB 127ms
80ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=3108203069739205&correlator=2724230818819598&eid=31079957%2C31085846%2C31084180%2C31079527%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407310101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=21615947095%2Cleaderboard%2Cmobile-banner%2Csidebar-300x600%2Cprimary-sponsorship-300x250%2Cheader-leaderboard%2Cheader-leaderboard-300x100%2C300x250%2CInfolinks%2Cdiscovery&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=728x90%2C728x90%2C728x90%2C320x50%2C300x600%2C300x250%2C728x90%2C300x100%2C300x250%2C300x250%2C300x250%2C300x250%7C320x50&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1722661052401&lmt=1722661052&adxs=436%2C470%2C470%2C-9%2C100%2C-12245933%2C436%2C-12245933%2C116%2C116%2C100%2C-9&adys=1194%2C2426%2C7000%2C-9%2C2459%2C-12245933%2C0%2C-12245933%2C1310%2C2195%2C1643%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C-1%7C3%7C-1%7C0%7C-1%7C4%7C5%7C6%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwincountry.com%2F&vis=1&psz=1600x100%7C1030x0%7C1030x0%7C0x-1%7C330x865%7C300x260%7C1600x0%7C1600x0%7C330x250%7C330x865%7C330x250%7C0x-1&msz=728x-1%7C1030x0%7C1030x0%7C0x-1%7C300x-1%7C0x-1%7C1600x0%7C0x0%7C300x-1%7C300x-1%7C330x250%7C0x-1&fws=4%2C4%2C4%2C2%2C4%2C132%2C4%2C132%2C4%2C4%2C4%2C2&ohw=1600%2C1600%2C1600%2C0%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C0&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722661050982&idt=1344&prev_scp=Position%3D1%7CPosition%3D2%7CPosition%3D3%7C%7C%7CPosition%3DPrimary%2520Sponsor%7C%7C%7CPosition%3D1%7CPosition%3D2%7C%7C&cust_params=call-letters%3DWNWN%26Slug%3D%252F%26Market%3DBattle%2520Creek%26blog-category%3Dnull%26platform%3Dweb&adks=1228188547%2C257837110%2C620219139%2C3201704947%2C2303480705%2C2180027617%2C1613825503%2C1162163396%2C4046684217%2C1645017044%2C1178224342%2C1457485857&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f55e723e7a513fa50259381fd975bfa5ddbc7ec72cb6b89151b48f1320755e30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45221
x-xss-protection: 0
google-lineitem-id: 6747792138,6747792141,6747792135,-2,6747792375,6747792135,-2,-2,6747792378,6747788595,6713445967,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138482064928,138482064928,138482064928,-2,138482065114,138482064925,-2,-2,138482064925,138482064925,138458568425,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://wincountry.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1b6e2a52d6672af2fb90accb9d04d844.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2532 0
0 293ms
13ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1b6e2a52d6672af2fb90accb9d04d844.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Aug 2024 04:57:32 GMT
expires: Sat, 03 Aug 2024 04:57:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK facebook.svg Show response
wincountry.com/wordpress/wp-content/themes/common_images/social/ 534 B
846 B 93ms
93ms XHR
image/svg+xml 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wincountry.com/wordpress/wp-content/themes/common_images/social/facebook.svg
Requested by: Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 8df8f305434997f9512cf9863088cccefa4006084fc4feb069f452edb31dad99

Request headers

Accept: text/html, */*; q=0.01
Referer: https://wincountry.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:32 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Mon, 27 Jul 2020 23:59:43 GMT
Server: Apache/2.4.29 (Ubuntu)
Identity: X-UA-Device, X-socast_header_type, Accept-Encoding
Age: 0
ETag: W/"216-5ab751dda8a94"
Vary: User-Agent, , Accept-Encoding
X-Cache: MISS
X-Varnish: 921434009
Access-Control-Allow-Origin: *
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK twitter.svg Show response
wincountry.com/wordpress/wp-content/themes/common_images/social/ 686 B
857 B 93ms
93ms XHR
image/svg+xml 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wincountry.com/wordpress/wp-content/themes/common_images/social/twitter.svg
Requested by: Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 467d16b159d4ccb43d7a3aab76d63d223d9dfae82dd03a3299da423513ddccd0

Request headers

Accept: text/html, */*; q=0.01
Referer: https://wincountry.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:32 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Tue, 28 Jul 2020 00:17:45 GMT
Server: Apache/2.4.29 (Ubuntu)
Identity: X-UA-Device, X-socast_header_type, Accept-Encoding
Age: 0
ETag: W/"2ae-5ab755e4ee461"
Vary: User-Agent, , Accept-Encoding
X-Cache: MISS
X-Varnish: 928449030
Access-Control-Allow-Origin: *
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 401

GET
H/1.1 200
OK instagram.svg Show response
wincountry.com/wordpress/wp-content/themes/common_images/social/ 1 KB
1 KB 94ms
94ms XHR
image/svg+xml 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wincountry.com/wordpress/wp-content/themes/common_images/social/instagram.svg
Requested by: Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 9a5ca76b8b860c6bec08a8592197e4c69fc26b67ad048e53aad4e5f7789d3d8a

Request headers

Accept: text/html, */*; q=0.01
Referer: https://wincountry.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:32 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Wed, 31 May 2023 16:53:50 GMT
Server: Apache/2.4.29 (Ubuntu)
Identity: X-UA-Device, X-socast_header_type, Accept-Encoding
Age: 0
ETag: W/"5ce-5fd002a03e402"
Vary: User-Agent, , Accept-Encoding
X-Cache: MISS
X-Varnish: 926135393
Access-Control-Allow-Origin: *
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 813

GET
H/1.1 200
OK ios.svg Show response
wincountry.com/wordpress/wp-content/themes/common_images/social/ 633 B
878 B 100ms
99ms XHR
image/svg+xml 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wincountry.com/wordpress/wp-content/themes/common_images/social/ios.svg
Requested by: Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e2374a9d3759552a6170ed61e9ca572ac0951dc1d6099589366e1d4b30a7f2df

Request headers

Accept: text/html, */*; q=0.01
Referer: https://wincountry.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:32 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Mon, 27 Jul 2020 23:22:19 GMT
Server: Apache/2.4.29 (Ubuntu)
Identity: X-UA-Device, X-socast_header_type, Accept-Encoding
Age: 0
ETag: W/"279-5ab749811072c"
Vary: User-Agent, , Accept-Encoding
X-Cache: MISS
X-Varnish: 921102168
Access-Control-Allow-Origin: *
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK android.svg Show response
wincountry.com/wordpress/wp-content/themes/common_images/social/ 998 B
1 KB 94ms
94ms XHR
image/svg+xml 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wincountry.com/wordpress/wp-content/themes/common_images/social/android.svg
Requested by: Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: c3d990019fac3b63ac16593e0661d71074091f96bfcefc99bc5466b4e33d964b

Request headers

Accept: text/html, */*; q=0.01
Referer: https://wincountry.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:32 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Wed, 31 May 2023 16:54:15 GMT
Server: Apache/2.4.29 (Ubuntu)
Identity: X-UA-Device, X-socast_header_type, Accept-Encoding
Age: 0
ETag: W/"3e6-5fd002b7ec79d"
Vary: User-Agent, , Accept-Encoding
X-Cache: MISS
X-Varnish: 925580213
Access-Control-Allow-Origin: *
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 599

GET
H/1.1 200
OK alexa.svg Show response
wincountry.com/wordpress/wp-content/themes/common_images/social/ 489 B
801 B 186ms
93ms XHR
image/svg+xml 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wincountry.com/wordpress/wp-content/themes/common_images/social/alexa.svg
Requested by: Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b502ef69aba71449772f6e3d042e5ec7447f61d4bee52ce8cba3adfc6ceeb0c0

Request headers

Accept: text/html, */*; q=0.01
Referer: https://wincountry.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:32 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Tue, 28 Jul 2020 21:36:36 GMT
Server: Apache/2.4.29 (Ubuntu)
Identity: X-UA-Device, X-socast_header_type, Accept-Encoding
Age: 0
ETag: W/"1e9-5ab873bdcdf0b"
Vary: User-Agent, , Accept-Encoding
X-Cache: MISS
X-Varnish: 925972596
Access-Control-Allow-Origin: *
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK facebook.svg Show response
wincountry.com/wordpress/wp-content/themes/common_images/social/ 534 B
0 92ms
92ms XHR
image/svg+xml 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wincountry.com/wordpress/wp-content/themes/common_images/social/facebook.svg
Requested by: Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 8df8f305434997f9512cf9863088cccefa4006084fc4feb069f452edb31dad99

Request headers

Accept: text/html, */*; q=0.01
Referer: https://wincountry.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:32 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Mon, 27 Jul 2020 23:59:43 GMT
Server: Apache/2.4.29 (Ubuntu)
Identity: X-UA-Device, X-socast_header_type, Accept-Encoding
Age: 0
ETag: W/"216-5ab751dda8a94"
Vary: User-Agent, , Accept-Encoding
X-Cache: MISS
X-Varnish: 921434009
Access-Control-Allow-Origin: *
Content-Type: image/svg+xml
Accept-Ranges: bytes

GET
H/1.1 200
OK twitter.svg Show response
wincountry.com/wordpress/wp-content/themes/common_images/social/ 686 B
0 92ms
92ms XHR
image/svg+xml 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wincountry.com/wordpress/wp-content/themes/common_images/social/twitter.svg
Requested by: Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 467d16b159d4ccb43d7a3aab76d63d223d9dfae82dd03a3299da423513ddccd0

Request headers

Accept: text/html, */*; q=0.01
Referer: https://wincountry.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:32 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Tue, 28 Jul 2020 00:17:45 GMT
Server: Apache/2.4.29 (Ubuntu)
Identity: X-UA-Device, X-socast_header_type, Accept-Encoding
Age: 0
ETag: W/"2ae-5ab755e4ee461"
Vary: User-Agent, , Accept-Encoding
X-Cache: MISS
X-Varnish: 928449030
Access-Control-Allow-Origin: *
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 401

GET
H/1.1 200
OK instagram.svg Show response
wincountry.com/wordpress/wp-content/themes/common_images/social/ 1 KB
0 93ms
93ms XHR
image/svg+xml 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wincountry.com/wordpress/wp-content/themes/common_images/social/instagram.svg
Requested by: Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 9a5ca76b8b860c6bec08a8592197e4c69fc26b67ad048e53aad4e5f7789d3d8a

Request headers

Accept: text/html, */*; q=0.01
Referer: https://wincountry.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:32 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Wed, 31 May 2023 16:53:50 GMT
Server: Apache/2.4.29 (Ubuntu)
Identity: X-UA-Device, X-socast_header_type, Accept-Encoding
Age: 0
ETag: W/"5ce-5fd002a03e402"
Vary: User-Agent, , Accept-Encoding
X-Cache: MISS
X-Varnish: 926135393
Access-Control-Allow-Origin: *
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 813

GET
H/1.1 200
OK PoweredBySoCastTagline.svg Show response
wincountry.com/wordpress/wp-content/themes/common_images/ 14 KB
4 KB 187ms
94ms XHR
image/svg+xml 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wincountry.com/wordpress/wp-content/themes/common_images/PoweredBySoCastTagline.svg
Requested by: Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: c574bb878909238729bd58bbe8aacf92a35f79b36723b4fac61c14651526f650

Request headers

Accept: text/html, */*; q=0.01
Referer: https://wincountry.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:32 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Mon, 27 Jul 2020 23:56:36 GMT
Server: Apache/2.4.29 (Ubuntu)
Identity: X-UA-Device, X-socast_header_type, Accept-Encoding
Age: 0
ETag: W/"371e-5ab7512b0a2d9"
Vary: User-Agent, , Accept-Encoding
X-Cache: MISS
X-Varnish: 924050885
Access-Control-Allow-Origin: *
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK lp_2432_2824.js Show response
socast-public.s3.amazonaws.com/player/ 57 KB
57 KB 337ms
113ms XHR
text/plain 3.5.25.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://socast-public.s3.amazonaws.com/player/lp_2432_2824.js?_=1722661052136
Requested by: Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.25.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ba95f54858ec374270e8d1fe3da81985fda7685d3443fc7a151a5ba40a17167a

Request headers

Accept: text/html, */*; q=0.01
Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:33 GMT
Last-Modified: Sat, 03 Aug 2024 04:55:01 GMT
Server: AmazonS3
x-amz-request-id: HJTC2MM46B8719P3
ETag: "0d0e1bb24f0e37df35af3eb41a7608a8"
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: text/plain
x-amz-meta-content-type: text/plain
Accept-Ranges: bytes
Content-Length: 57889
x-amz-id-2: AwGGM7hDcO1g77NKMgFySp43Ambcld3tm5Iijl6b00rpj0h7flrNKN757cz8gdN1wO8id5aTdiUFPNbtpUwNc16HIySRRC0ygEqpbmT9YNs=

GET
H2 200 svg Show response
media-cdn.socastsrm.com/image/ 390 B
758 B 37ms
16ms XHR
image/svg+xml 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media-cdn.socastsrm.com/image/svg?icon=facebook&fill=currentColor
Requested by: Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) / PHP/7.4.20
Resource Hash: 338f0a6b45397cbcb5eded5fb1c6910a71bd082d81ca5021eafa419572d280d9

Request headers

Accept: */*
Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 02:19:32 GMT
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 9480
x-powered-by: PHP/7.4.20
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
content-length: 390
x-amz-cf-id: syCJYP4NcH7tW1pBnl-f1f7064xOzAglTfRSMW2HV72-gDdAHHK6tQ==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 svg Show response
media-cdn.socastsrm.com/image/ 938 B
1 KB 38ms
17ms XHR
image/svg+xml 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media-cdn.socastsrm.com/image/svg?icon=twitter&fill=currentColor
Requested by: Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) / PHP/7.4.20
Resource Hash: 639545d99c924ff87fc97799f2dc94659aec811229272f3e8e5fe1b0a9da6af3

Request headers

Accept: */*
Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 05:28:50 GMT
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 84522
x-powered-by: PHP/7.4.20
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
content-length: 938
x-amz-cf-id: UOw0ERMrM31hugDVu5liW4Puv1sqeEY98TSjG5PwTsn32RDZxC9E1A==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 svg Show response
media-cdn.socastsrm.com/image/ 761 B
1 KB 34ms
13ms XHR
image/svg+xml 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media-cdn.socastsrm.com/image/svg?icon=instagram&fill=currentColor
Requested by: Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) / PHP/7.4.20
Resource Hash: ec14db41d8f5543c333c87b248783bac25cdab56936f67b80b2a06add6b4e4dd

Request headers

Accept: */*
Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:30:36 GMT
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 1616
x-powered-by: PHP/7.4.20
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
content-length: 761
x-amz-cf-id: h6-blP2apG6nP_nRGQTriq77LV3bfOSc2D0F_2T_ENElReJsc44TWQ==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 svg Show response
media-cdn.socastsrm.com/image/ 825 B
1 KB 34ms
14ms XHR
image/svg+xml 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media-cdn.socastsrm.com/image/svg?icon=apple&fill=currentColor
Requested by: Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) / PHP/7.4.20
Resource Hash: 607aa273610a68a9d86314467885ff5502b12f8990530241eb51dd8c38a23a70

Request headers

Accept: */*
Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 07:47:28 GMT
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 76204
x-powered-by: PHP/7.4.20
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
content-length: 825
x-amz-cf-id: dWSVciAMMMWDUuyHAKxep7_0cyGreuSjrZmJSnlfqOiVB2yFLNvC5w==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 svg Show response
media-cdn.socastsrm.com/image/ 518 B
888 B 30ms
10ms XHR
image/svg+xml 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media-cdn.socastsrm.com/image/svg?icon=google-play&fill=currentColor
Requested by: Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) / PHP/7.4.20
Resource Hash: 5fc5ca6b03fb379940b73627d0dc7c3e26c78a719738be26aee764e7576f2de6

Request headers

Accept: */*
Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 07:47:28 GMT
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 76204
x-powered-by: PHP/7.4.20
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
content-length: 518
x-amz-cf-id: f_b6ZopQkQyy6cFO1xv9Mz96saxwIiOOXRA3-RQuh_HrQLPG2P-Yqg==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 svg Show response
media-cdn.socastsrm.com/image/ 547 B
919 B 29ms
9ms XHR
image/svg+xml 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media-cdn.socastsrm.com/image/svg?icon=amazon-alexa&fill=currentColor
Requested by: Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) / PHP/7.4.20
Resource Hash: ec681a96a9411dee18ee60810d58daa40b8a0e62778b96c41106594058d71db4

Request headers

Accept: */*
Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 07:47:28 GMT
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA2-C2
age: 76204
x-powered-by: PHP/7.4.20
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
content-length: 547
x-amz-cf-id: yPBQFbxN1pEgTfqpZlYGFkJ_t8XfekLk9mBZXFJfScNr0pNzGP8hsg==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK cache_check Show response
wincountry.com/wp-json/socast-elasticsearch/v1/ 49 B
821 B 206ms
129ms XHR
application/json 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wincountry.com/wp-json/socast-elasticsearch/v1/cache_check?page_url=https%3A%2F%2Fwincountry.com%2F&cache_namespace=2608507

Requested by

Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-131-112.compute-1.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) / PHP/7.4.20

Resource Hash

7a4ca13e9e1f0907c946f9184095e84c90fc1f300dcbcb7b83f7a5e543a0550d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://wincountry.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.4.20
Transfer-Encoding: chunked
Pragma: no-cache
Server: Apache/2.4.29 (Ubuntu)
Allow: GET
Vary: Origin
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages
Cache-Control: no-store, no-cache, must-revalidate
X-Robots-Tag: noindex
Link: <https://wincountry.com/wp-json/>; rel="https://api.w.org/"
Access-Control-Allow-Headers: Authorization, Content-Type
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK eventCalendar Show response
wincountry.com/ajax/ 1 KB
924 B 157ms
126ms XHR
text/html 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wincountry.com/ajax/eventCalendar?id=33122&range=current&offset=0&limit=5&timezone=America%2FDetroit&cacheKill=0.7416576793514238&accountID=2432&artistID=0
Requested by: Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) / PHP/7.4.20
Resource Hash: 4a83c19b0712286d57c2226462f03c69897e95dda097e4c26220c6444f5cb635

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://wincountry.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:32 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Server: Apache/2.4.29 (Ubuntu)
Identity: Accept-Encoding, X-UA-Device, X-socast_header_type
Age: 0
X-Powered-By: PHP/7.4.20
Vary: Accept-Encoding, User-Agent,
X-Cache: MISS
X-Varnish: 921434011
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=UTF-8
Accept-Ranges: bytes
Content-Length: 506

GET
H/1.1 200
OK lightbox_FullscreenBtn.png
wincountry.com/images/common_theme/ 2 KB
2 KB 105ms
100ms Image
image/png 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wincountry.com/images/common_theme/lightbox_FullscreenBtn.png
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 2cd0f6bf27dd5392aee38f34ebd531cf947e52c5af687751f60bc6d0d28ee982

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:32 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Tue, 28 Jul 2020 00:17:44 GMT
Server: Apache/2.4.29 (Ubuntu)
Identity: Accept-Encoding
Age: 0
ETag: W/"719-5ab755e3be901"
Vary: Accept-Encoding
X-Cache: MISS
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Varnish: 924183778
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK lightbox_close_20x20.png
wincountry.com/images/common_theme/ 1 KB
2 KB 180ms
94ms Image
image/png 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wincountry.com/images/common_theme/lightbox_close_20x20.png
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 99b16b95e55ebbca52470456ed9da21d817c5f8b25a2ed7e3cdd217a0b5cd94d

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:32 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Mon, 27 Jul 2020 23:59:36 GMT
Server: Apache/2.4.29 (Ubuntu)
Identity: Accept-Encoding
Age: 0
ETag: W/"5d8-5ab751d63d313"
Vary: Accept-Encoding
X-Cache: MISS
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Varnish: 921434013
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK lightbox_controls_prev.png
wincountry.com/images/common_theme/ 4 KB
4 KB 97ms
93ms Image
image/png 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wincountry.com/images/common_theme/lightbox_controls_prev.png
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 255c827d21a38302512295e9b6cea4bb875d8efe0da36ccf95b9e8c328093712

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:32 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Mon, 27 Jul 2020 23:59:42 GMT
Server: Apache/2.4.29 (Ubuntu)
Identity: Accept-Encoding
Age: 0
ETag: W/"f91-5ab751dc7be14"
Vary: Accept-Encoding
X-Cache: MISS
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Varnish: 927797845
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK lightbox_controls_next.png
wincountry.com/images/common_theme/ 4 KB
4 KB 108ms
101ms Image
image/png 54.84.131.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wincountry.com/images/common_theme/lightbox_controls_next.png
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-131-112.compute-1.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: c70ff0c5e412f8332279f3466b11e9592884e93348f495f4f84298a9581c63a2

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:32 GMT
Content-Encoding: gzip
Via: 1.1 varnish-v4
Last-Modified: Tue, 28 Jul 2020 21:36:35 GMT
Server: Apache/2.4.29 (Ubuntu)
Identity: Accept-Encoding
Age: 0
ETag: W/"f70-5ab873bca222b"
Vary: Accept-Encoding
X-Cache: MISS
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Varnish: 926004626
Transfer-Encoding: chunked
Accept-Ranges: bytes

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=963364926&t=pageview&_s=1&dl=https%3A%2F%2Fwincountry.com%2F&ul=de-de&de=UTF-8&dt=WIN%2098.5%20Your%20Country%20%7C%20WNWN-FM%20%7C%20Battle%20Creek%2C%20MI&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=268297515&gjid=631221309&cid=263640359.1722661053&tid=UA-33491015-39&_gid=702639850.1722661053&_r=1&gtm=457e47v0za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250752&jsscut=1&npa=1&z=375978424

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wincountry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.6.0/webfonts/ 15 KB
15 KB 21ms
20ms Font
font/woff2 2606:4700::6812:133e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/webfonts/pro-fa-solid-900-12.woff2
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:133e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dafa841033726d67b9ca3e8ca8f6535f2ef4ad62ce45e1aab08286c862c6e7c

Request headers

Referer: https://wincountry.com/
Origin: https://wincountry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2024 22:44:15 GMT
server: cloudflare
age: 1504852
etag: "6695a63f-3d88"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8ad3ba3c0bbc9143-FRA
content-length: 15752

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 79A0 0
0 56ms
41ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvpFErUDFrRefGdrowyAvzBOK9hifDjyFj-vWZYizc9C2omuC_m8fckHzOu0USQzZLJXnakhYaDuvVR7Rqc0k59GOS2CG8s5sMzV94X3MOkizNP5j0tN6NEUm55z5gERcVyOnnd8LBZRL9yKJpX8K0PPwUcbIkq58FVE-kQwJ9C5xNBm4HvGiOCqHoU5YHDJyViD16yuHGBEyG49xtzUcLAJwza8AVhzvYx7vNhW5j5DlJXyOt2OdH3M61Fs1VTfL-Hek01RDPy8nk78T6SdPHTZEPc7hIW1rgFiiubwYv15Cf8KRFsP4ZwOGSgnKAXkBXTVMIiyhVmjcp00xMCfjCasI4027Zy&sig=Cg0ArKJSzEiPVfh9RN3FEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/ Frame 79A0 23 KB
9 KB 24ms
10ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3afc6e6ea738015fcbae182b646af4f9422061fb8ba9a12c81cf2c21cbeecfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 13:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9154
x-xss-protection: 0
server: cafe
etag: 8073649742855810715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Aug 2024 13:37:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/client/ Frame 79A0 3 KB
1 KB 23ms
9ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 13:37:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Aug 2024 13:37:35 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 79A0 203 KB
63 KB 23ms
9ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84b2a8c2c5bde5b690dc44c9d525edc8113d18cd7bf516ad8fa93c782c02a443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64460
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 03 Aug 2024 05:52:39 GMT

GET
H2 200 1614011327074089162
tpc.googlesyndication.com/simgad/ Frame 79A0 65 KB
65 KB 201ms
164ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1614011327074089162

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a43a7c77f04cd38b1d71075d0e1963cfcd02265ea365a91025c01a639834e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Sun, 03 Aug 2025 04:57:32 GMT
date: Sat, 03 Aug 2024 04:57:32 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66120
x-xss-protection: 0
last-modified: Wed, 03 Jul 2024 16:20:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 663D 0
0 47ms
41ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssnKkzpbgzwrx64BTXNp3AaJyJWEeMndHNWg2Z7xVy92XrB8kzbDD8RtoxfHryAdS24oDzolYoNycaL0OKMJjh1kqnk6YUVA0C9fLijR6cQGB0ji11v0AxeGTV6MvTulstLHhHkXzhuSZp6aVLGS-IXPJj2rRFzb7mLpQxfcidj3LrRZOx96yI5RtJKoh8SfGLJ3e1p1VxWM0O6MoICtvcoHPeCk4ntV6awyGVb7TO8UyvvZmCHDxqY-XjCtRpVsStcK3sZDWTk72d8Ev91ag7WfzVWdLW-BK7piaVoGgVe67J6ErNglZHch11jAu6t7_5q62NDf8-0ixW-tlHdpflCyAiUiQdpQniYzA&sig=Cg0ArKJSzPPTaF1Nv2NDEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/ Frame 663D 23 KB
0 17ms
17ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3afc6e6ea738015fcbae182b646af4f9422061fb8ba9a12c81cf2c21cbeecfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 13:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9154
x-xss-protection: 0
server: cafe
etag: 8073649742855810715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Aug 2024 13:37:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/client/ Frame 663D 3 KB
0 16ms
16ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 13:37:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Aug 2024 13:37:35 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 663D 203 KB
0 17ms
17ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84b2a8c2c5bde5b690dc44c9d525edc8113d18cd7bf516ad8fa93c782c02a443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64460
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 03 Aug 2024 05:52:39 GMT

GET
H2 200 985318343153240681
tpc.googlesyndication.com/simgad/ Frame 663D 154 KB
154 KB 299ms
272ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/985318343153240681

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09e28e0b3d69c2108e371036f2b241908f4abc936d981c4afcd85503823b208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Sun, 03 Aug 2025 04:57:32 GMT
date: Sat, 03 Aug 2024 04:57:32 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157790
x-xss-protection: 0
last-modified: Wed, 03 Jul 2024 16:20:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 64D2 0
0 40ms
40ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstK0I_Tevn0A5AfYQpfSPvWprtYu3_IgYNC5qWwJ-yNUjo6sRitQZpiWzZTUqb-ZOPWJQj7tX_UuwcGIqkKM9aqo4amxZluMnPKb8bD_hbQi2qhTPcqavSJZVX1sFHlnZ449xvPNZqq1eZLz_VrduSFvcSxKxR2k4yj9vK_SAMpqWSsAysH6UZMXNauH1KcXBnvgM0p-0K3Yp3wVWL5P2nfbUxCR7YvA6Yu3sPqDZ_1lwGrujKByMZdtWVhjRVCc8u3NeIZ5nsgDaixN7qjAK3qMCbkpvZ8FG2bX0k92-Tf8k2Kmy4JckRUDTFxxP24MtLMHV8aOpZTfDBxbviksE6LTcMbQu2nVi6qTGWwYwGZW9FJ8C29Tw&sig=Cg0ArKJSzC_L7yLle4wkEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/ Frame 64D2 23 KB
0 9ms
9ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3afc6e6ea738015fcbae182b646af4f9422061fb8ba9a12c81cf2c21cbeecfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 13:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9154
x-xss-protection: 0
server: cafe
etag: 8073649742855810715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Aug 2024 13:37:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/client/ Frame 64D2 3 KB
0 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 13:37:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Aug 2024 13:37:35 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 64D2 203 KB
0 10ms
10ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84b2a8c2c5bde5b690dc44c9d525edc8113d18cd7bf516ad8fa93c782c02a443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64460
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 03 Aug 2024 05:52:39 GMT

GET
H2 200 14886909502907281702
tpc.googlesyndication.com/simgad/ Frame 64D2 78 KB
78 KB 29ms
11ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14886909502907281702

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b03e2baac11c1617d03c2c5cb68d5561a219c02b10ea46987e3cfe1d730226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Mon, 29 Jul 2024 09:53:08 GMT
x-content-type-options: nosniff
age: 414264
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79550
x-xss-protection: 0
last-modified: Wed, 03 Jul 2024 16:20:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 29 Jul 2025 09:53:08 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame BF39 0
0 45ms
42ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuc_2r6SAE8zX3rPMU4Ung6hzMnnQ62u9ji4kAojLsZP0HbwwU6gpTWUfDkvL4yEEPMhISh-mjk79lnkyXUpD_935lBuMqK14g07aWR80fPRzdZdB4ldm-vHluVSt7tjUk8aj7gagldlfQMn8XGNmjj6UzQA03Y9EpJmfV3XO87_iA3keZSnLNnjjN7GJ1-PQb68JMcrT4fQV1EMjQDkrUe1wdCAqUTW1NJUz99qEiDVGdDDcC_IQB07EvqTGJtzHAQ2E0KzkbyBfr2VHSO-rDJLgahdxkUFDSEyyo29f0YlOTsJ9ttGxKL50Y3jp7TBgr4c_RiZeGRJxtv4pAMIo0Q0tBC&sig=Cg0ArKJSzJOB6WxpZMkeEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 14886909502907281702
tpc.googlesyndication.com/simgad/ Frame BF39 78 KB
0 22ms
22ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14886909502907281702

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b03e2baac11c1617d03c2c5cb68d5561a219c02b10ea46987e3cfe1d730226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Mon, 29 Jul 2024 09:53:08 GMT
x-content-type-options: nosniff
age: 414264
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79550
x-xss-protection: 0
last-modified: Wed, 03 Jul 2024 16:20:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 29 Jul 2025 09:53:08 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/ Frame BF39 23 KB
0 3ms
3ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3afc6e6ea738015fcbae182b646af4f9422061fb8ba9a12c81cf2c21cbeecfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 13:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9154
x-xss-protection: 0
server: cafe
etag: 8073649742855810715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Aug 2024 13:37:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/client/ Frame BF39 3 KB
0 3ms
2ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 13:37:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Aug 2024 13:37:35 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BF39 203 KB
0 2ms
2ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84b2a8c2c5bde5b690dc44c9d525edc8113d18cd7bf516ad8fa93c782c02a443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64460
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 03 Aug 2024 05:52:39 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 6580 0
0 41ms
41ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstLf83cNc-O1UsEtt-OKdE2LsM8vqBl9eYgq7O4OgAZtNTtZM2nLjDMWoPuIPelh1jP7y_vt_MWu8ygDOaO8GqJQo8zzSoBr2VRbqfsuzLASE4FdRRAxbnoAYK0Nd8m_d3aAGr11IwuTpDpKbgTkfGPcu-6pM7j3TjLOvvqdPpXHZxSsCT-w7k5iOghj0N0XGlG8jqSahsNhiVcAAtRZZ-K4MS99kBkyb4UMnkKjDo5XoSQNKUaEUedUcRJLxPLSvTAiJzR0mp576rOLb80D1CBglE6CWSgk5Tk2wGddUFfC6PVCuDSGcJTan2mH1I4Ve5zAVS25uPOGnXuLmBchdra9K_q&sig=Cg0ArKJSzCFZ8_CPWX2KEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 14886909502907281702
tpc.googlesyndication.com/simgad/ Frame 6580 78 KB
0 13ms
13ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14886909502907281702

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b03e2baac11c1617d03c2c5cb68d5561a219c02b10ea46987e3cfe1d730226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Mon, 29 Jul 2024 09:53:08 GMT
x-content-type-options: nosniff
age: 414264
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79550
x-xss-protection: 0
last-modified: Wed, 03 Jul 2024 16:20:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 29 Jul 2025 09:53:08 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/ Frame 6580 23 KB
0 1ms
1ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3afc6e6ea738015fcbae182b646af4f9422061fb8ba9a12c81cf2c21cbeecfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 13:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9154
x-xss-protection: 0
server: cafe
etag: 8073649742855810715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Aug 2024 13:37:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/client/ Frame 6580 3 KB
0 1ms
1ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 13:37:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Aug 2024 13:37:35 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6580 203 KB
0 1ms
1ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84b2a8c2c5bde5b690dc44c9d525edc8113d18cd7bf516ad8fa93c782c02a443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64460
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 03 Aug 2024 05:52:39 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F086 0
0 42ms
40ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsslDWQjHICJ2NS1ZUbvEYB9A4a6qfd42G9QEbpZGMJ34ugsUx2aXn1Kf0jQXLbyys2FjFkt-gFKutSJdSKvWFX43UhdXGZsUPqSBLO7oLF8bCE_OtRu72ajpqP7bV_u32jrhERw00GEdN-4dLGPxmoapODrpV-Vgh91pNEOqsH_APn4F0Zy7gJ4VkuLKu4v9KaITSwEk_OJQ1BaWevJ7a56zhh_M3i32Z_gRHmPTDr2VJAPsTxfWrPHooNsz8lMX2akMKUJZHaaP7ZWl4qrUxeJLvtG2ZNAH5VuGGqHlrDnlHubE9tTImpeUCxoCR2Bjy0QACKeu7pi3HRupaz29PVjNwyDmYA&sig=Cg0ArKJSzK9rxDIJaqg1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/ Frame F086 23 KB
0 2ms
2ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3afc6e6ea738015fcbae182b646af4f9422061fb8ba9a12c81cf2c21cbeecfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 13:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9154
x-xss-protection: 0
server: cafe
etag: 8073649742855810715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Aug 2024 13:37:34 GMT

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ Frame F086 4 KB
3 KB 51ms
21ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0dd05c41cc99b7c1d6bfd0782560a710875295bfc112c42b11d3e17c4b0b208

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Jul 2024 10:55:38 GMT
server: cloudflare
age: 7262
etag: W/"10b2-61e88ef42e227"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 8ad3ba3c2d235b44-FRA
expires: Sat, 03 Aug 2024 03:56:30 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F086 203 KB
0 1ms
1ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84b2a8c2c5bde5b690dc44c9d525edc8113d18cd7bf516ad8fa93c782c02a443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64460
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 03 Aug 2024 05:52:39 GMT

GET
DATA 200
OK truncated
/ Frame 79A0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45c03eb27416a1ad0a9658e8ef46346eb71f47f1d362fd175d52b5ae6c0154fb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 663D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0f86d47551776461943bfdf1de04be9582f45239bdc37f725c75d589466e278

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BF39 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95352cbb5f228db94e6d50f11c4faf4b644a7f0c5093f7174f767ae33d67bd50

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6580 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91ac07f1ce011d0b93605fb449a12a2ec18714a3f170319a80c7a61854569593

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 6989 0
0 40ms
40ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssxytRIHngO5IloPnelcSC2Ys7am3Mf8IHXv9pSwVNYG6tApeGr92XUiXnFRlgzrqZNpSujp1SJktyA0e8HNKpxqtLLDnZDCNI-x52Y3w8P53oQDz4aZzxO3bRz2EieEKTmeWqyWg0zBJb8iwApL6P8AVhT9ZS8jCy_v1GySwkIp96ZbxTK35zAj1ixPowGP9HYtDMe9SMPS5tet_dYMm1rfwZVtwFOgvn7XqCTJoSACabA04aJJAe-2ehFD-KcgwVHUppxwnClaoDc7WNwng2EboE0ASz34hJl3Vt9nADmLDpPWRvOoxm-NcThsrKxTbTFMd1vxSPvcyT244Asmx5ZGTuZiVJ5&sig=Cg0ArKJSzEvH0CehyRThEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 1614011327074089162
tpc.googlesyndication.com/simgad/ Frame 6989 65 KB
0 134ms
134ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1614011327074089162

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a43a7c77f04cd38b1d71075d0e1963cfcd02265ea365a91025c01a639834e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Sun, 03 Aug 2025 04:57:32 GMT
date: Sat, 03 Aug 2024 04:57:32 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66120
x-xss-protection: 0
last-modified: Wed, 03 Jul 2024 16:20:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/ Frame 6989 23 KB
0 1ms
1ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3afc6e6ea738015fcbae182b646af4f9422061fb8ba9a12c81cf2c21cbeecfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 13:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9154
x-xss-protection: 0
server: cafe
etag: 8073649742855810715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Aug 2024 13:37:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/client/ Frame 6989 3 KB
0 1ms
1ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 13:37:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Aug 2024 13:37:35 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6989 203 KB
0 2ms
2ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84b2a8c2c5bde5b690dc44c9d525edc8113d18cd7bf516ad8fa93c782c02a443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64460
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 03 Aug 2024 05:52:39 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 6379 0
0 41ms
40ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst27BdgJoP5eD1qjDd-NhlZnXkPweW3xrtO2q7un01oF-IXk8Fr7wdWSaI8BhR-LSmPkNofo6rG-aU-6nuCOP7cQZkWFBjkceT02dSf97XvKbVxdSpKrTBnCII6yKGCX2r4-N2i4ifZ6dulPaatrw3Kx0TxD7I90Uidhdl-8DuiBXV_gd5ieRi98yJ0-Yl5puEPfm1TIl35C1mlqsIPRUmpToQmpLMaUcKNxnRXf8WYOAPqOXneiQzvuzLM9e6WfpLCzNqmAYTUJszRbpQazExc--bFMsRzLzuOq51s-3eUQGzkmdiGjkxu4Fsm-fKisOKBcWTYHZdTQRJVB-kcyC3VynVTcJWY&sig=Cg0ArKJSzJqxGOoSLJXIEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 1614011327074089162
tpc.googlesyndication.com/simgad/ Frame 6379 65 KB
0 123ms
123ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1614011327074089162

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a43a7c77f04cd38b1d71075d0e1963cfcd02265ea365a91025c01a639834e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Sun, 03 Aug 2025 04:57:32 GMT
date: Sat, 03 Aug 2024 04:57:32 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66120
x-xss-protection: 0
last-modified: Wed, 03 Jul 2024 16:20:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/ Frame 6379 23 KB
0 1ms
1ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3afc6e6ea738015fcbae182b646af4f9422061fb8ba9a12c81cf2c21cbeecfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 13:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9154
x-xss-protection: 0
server: cafe
etag: 8073649742855810715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Aug 2024 13:37:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/client/ Frame 6379 3 KB
0 1ms
1ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240731/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 13:37:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Aug 2024 13:37:35 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6379 203 KB
0 1ms
1ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84b2a8c2c5bde5b690dc44c9d525edc8113d18cd7bf516ad8fa93c782c02a443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64460
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 03 Aug 2024 05:52:39 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame AE32 0
0 41ms
28ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchdXMgAAAAAP4dU47UWMAhU0Tc8Uf0ldZrstqZ&co=aHR0cHM6Ly93aW5jb3VudHJ5LmNvbTo0NDM.&hl=de&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=2fggojapmrxx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZQd6Uwr5X5g7dfN7I9beew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wincountry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ZQd6Uwr5X5g7dfN7I9beew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 03 Aug 2024 04:57:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 6989 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e64ea57308fda16f6b4150ff4151a66f3e69f536a2149e5edd4f2ba487cb8a11

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6379 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ec0308eea33094e070d3569b9a54d298eed07abe1da190c77452c20869c0f5b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
93 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BFCN2RTHR1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4991594-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eac6863f41c1b4974f735035e671d44291e218c0cdb12b2f5039bde2edbe6f38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95433
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 03 Aug 2024 04:57:32 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=963364926&t=pageview&_s=1&dl=https%3A%2F%2Fwincountry.com%2F&ul=de-de&de=UTF-8&dt=WIN%2098.5%20Your%20Country%20%7C%20WNWN-FM%20%7C%20Battle%20Creek%2C%20MI&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=995430051&gjid=952678258&cid=263640359.1722661053&tid=UA-4991594-2&_gid=702639850.1722661053&_r=1&gtm=457e47v0za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250752&jsscut=1&npa=1&z=1104357256

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wincountry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK np_2432_2824.js Show response
socast-public.s3.amazonaws.com/player/ 651 B
1 KB 305ms
114ms Script
text/plain 3.5.25.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://socast-public.s3.amazonaws.com/player/np_2432_2824.js?callback=jsonpcallback&_=1722661052137
Requested by: Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.13.2/wordpress/wp-includes/js/jquery/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.25.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7f17a3c0e2e4fdb689c36cfffffd786411280fb2afcdd8ace282be32acacc474

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 03 Aug 2024 04:57:34 GMT
Last-Modified: Sat, 03 Aug 2024 04:55:00 GMT
Server: AmazonS3
x-amz-request-id: 9XM5A19D9DYYZNH9
ETag: "17de8a56be4db1bd1f292f58b4d120bc"
x-amz-server-side-encryption: AES256
Content-Type: text/plain
x-amz-meta-content-type: text/plain
Accept-Ranges: bytes
Content-Length: 651
x-amz-id-2: 9A7sf5hQkUEiVUyuDUw8WvVd1nKlSD8UVb8/lnq+yzTMoCWZeVyq3UpaSUJF04arA41Ac08OgRXLNAuoP9NVDlxgL0jMkFhNrxOIklr+SzQ=

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
94 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z48DQSG8XB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRSW9PG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d00b5cff6b15fd94038489329566b50cce1c946d1bfe69f46c74a0f37209ad39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95714
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 03 Aug 2024 04:57:33 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
101 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QLTWJ7V56Q&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ2K7TM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62c6b6158112fd8b071e149787e237eed5f5ec70b7c120eaaa8585f0865bfc01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103704
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 03 Aug 2024 04:57:33 GMT

GET
H2 200 frame_content.js Show response
resources.infolinks.com/js/1943.011-3.034/ Frame F086 2 KB
661 B 25ms
25ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1943.011-3.034/frame_content.js
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc3a41863d92b22799ff23c52e2173e80b13ebc75b9144151ea105cd52b59de5

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:33 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Jul 2024 13:24:13 GMT
server: cloudflare
age: 4505
etag: W/"96d-61dfe31b559b4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8ad3ba3d9d9b5b44-FRA
expires: Mon, 02 Sep 2024 03:42:28 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 79A0 0
0 40ms
40ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsusflk5lsl8ZhivpKRzbHmw8MEFQexyszCnjVVPeLTDv6Of4HQPFu4EErCrVyk4U8GrHN1BKFwq4w8rHBxRBAyBKlztfHlJq0fgVk3g7lX5VHgvKLsy3ijXaa-r-Dx80FHf4JDDOXN6DSMpq8Duiaz0RXPxs-8FgwjrhkcgOmmR4jTlGz30-mKBQ2g9HN0jMz_uiA57s6R6npK2aOKB2ttHCyY17APRff9ytl1C2J1vWQpfJdMzmHyGvX5cMPvsFIPFjQklI-5Q1HJ7qGqPnXWLrX5xT4JcSJb8cmbsvIwBYPfjaCn7c1IoAzd8Z37CYXomJ7nCyNxQyqfjo3ggb8s03knp11IJZrs&sig=Cg0ArKJSzIuPXyuNL7f-EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 79A0 0
0 39ms
39ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F086 0
0 51ms
40ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 64D2 0
0 43ms
42ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsucJXYDoumc7Fe0jON28U6j7hMFSUVUwvkZnXigQxwBoEt6KcfXx43rWeuwMB6yfL_ztacFmeo2QidkJuFHJXxk1YF4VJJzg7bseH5d-trcyxst2xF6r7eCltlWmk6OKbHcRKYKX6IkOhvsu0cMYmEI7wzljlntemt99WXZzw-MF40p00xkglVyYMan-WY9IdyUrgb5ZBBPTQ0Znaf9UmTzDnMEVEoKTO0NIuAG9EMh8bOhuCnkGhKn_-GI1XxfiU87qyND8-UE0V30qWIBA86w7hX00akIvwKGxldUKYkgqvREadhfVH3JGe70p_up_xrae3-qzZw7H_AqYDz08vz8WAjb-J4K648uF7rE92e7GoVWi3eVF7uE&sig=Cg0ArKJSzHC1NsAD7CutEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 64D2 0
0 65ms
38ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 6580 0
0 40ms
39ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstJ2KhfS6GLhj7ue3Qkowtmhpioj0o_NaXaFueYCLiFStxx1Rtwb6AxDivk9gaR3-JGhvuUNkmv1AXt8rgJupxdqJBIvPoXOdiCSvpjFBNQzZj4HvImFkiHY1_FLL-1byRzEm5YiTcKKK05caDh8v79qLY2MIkWKVqUIEw-kjRYzx09xRWiKqO-Ven0VMmHnDkJl_1qtEpyyhLfBwiTBx5ys_hhIKkZ-_J8js3S2emCTpMyDoxQQP2icuuOwq5E0mLg9nNd0kf6f9g52acr0YHWL4pGbMcBER4_DpoeFB20RS3qX72g3yqgnIAWOuR1cTTBxxJbwMB9QwzgcOixMhimBGt-uJ0&sig=Cg0ArKJSzMUUhoAr95ZzEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6580 0
0 82ms
39ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame BF39 0
0 41ms
41ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstkr9EQZI5wlKY9BbEwSdQSEeAp1OE9MJAiUtj_qFBThTes2Dr4MCuMrCtQlH6rIWy40D1FsoeJh9_ljm7yWj6vJfJ-k4PaH9TAXWo_0Y_Rm-_GXTcGL6C7Pxfs3mS-VM3j2UmgkzohjJWHRlSUDHhxo42sugdpl4SQ-fBSLJXWOCkwSGCH8ZKq7X6J984Wj6ifYK55SvCX7hciUY0ihljIhKEvUOEyYEZvDa7oMGGzx55eaZc6HbEJflZaK9ZlfkE2BGp8_m1wm2PtaaIcK3v1XivzdyFc-kX8xT-EEo3mTVWyrYvKjebCWBO3PGARqYSkoR_DIo4WrgykciaukFs6pkxmR1o&sig=Cg0ArKJSzIYqy-U6ktwDEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF39 0
0 94ms
39ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F086 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b970cfb8a9436228d3746671736ea0c815a5d68ae721d108c35a9fa440ac611e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 663D 0
0 41ms
40ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuTWW2WQf60Pl-FOtsUuI1P3-DaY0uxqGb9yIPPTSTknGgzzuXgyi-yloqSAzXjb6PUnmzQj_qjYLczq-jQN0GcPBrrsPXvemx5pWheoUWrTlI-DAeMQogXI9vBsVKVAagw2BJwDgg0RbiqjxeWKOHz4hz-CuUPlMzTLutwLIqol3k_mwcHwbtXCvBsTBDPxCk_ZctKtRZeQZLSme1RaZVOG3W-9W2_d1o4L_SLUEy4jXUuTOL3EL1t7s7Gvn7Nuhtq8K6ByYrDqJzPltXevymThefMKVJDkc2cAKwB8qKOroD5-w40htJjbIrxO2P-B5h2JGmXst1JKQB8YpCgtBSiRLXEkLfRbJI8-iz1&sig=Cg0ArKJSzNSmNs8nCQ8vEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 663D 0
0 112ms
38ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 6989 0
0 42ms
42ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuSKJzNTqNSPQPL7bBhmN-qhDiARQCoMxi1vQWxXvhtna-fl8D341vC2FyQD3TZtT0TBWPa8r9yDWsD-bzgdqCTNfJHH85J0Nu-kNgCMM0ux__N5Pr5e-Y9EXhoRwaBPUGreQiNpKTObWhhXkLct7ch4gMRoS2j_dwIzKu4BQ_wSveZrJGyN3J8HXHFIa6SN8F5iEhi1HHeuEkoxaMKyJ0bUzunFXaCrSYNxJ750rVWBZkZkH7QW4SbEjZbl993Apg_m4AK2mLXtwOlNH37SAmDmc9uFUjD1S7UMAUtMl780f4RNzWL-M4QaXk2joj-RyWMSWC-VGOZ8GjceFUrbjBGjG8VyhqIvpU&sig=Cg0ArKJSzPJmF_PmWLFcEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6989 0
0 126ms
39ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 6379 0
0 41ms
40ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstnGYM_-h9UER4KTYZg6fKcO0EzHzG7ZO3c4m75eLT50Bpdv-zQK7eSjmVog-gcFEh8384a7T9JzTktVjdglF5bQjuWZDkBY8FHKGwNAYzCjJXp0cnaqanjbKJyr58oe9-kfB1CH-DBu6qfBAa8BFwJcob1EpANdI4h-buf9IFyoRdPxg1VarnO4v0v8Nq9bsbO9iHWdJp_Qj3WJ4SqfstwaX04lhWAqf4NaIgIn82amHJCqh_O8FxDH04ef93u5pLo_9SW4qW9ARmDmEjBn-1dGD75dccA0rxawZOSTm3JQoYqj9oSBbEbp5ohdc7uyrbDS1_vM9aHEQgBE3BpqFUGlRKfWq45rdk&sig=Cg0ArKJSzJlcZkL7KFcXEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6379 0
0 145ms
39ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 44ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BFCN2RTHR1&gtm=45je47v0v9125806978za200&_p=1722661052154&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=263640359.1722661053&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1722661053&sct=1&seg=0&dl=https%3A%2F%2Fwincountry.com%2F&dt=WIN%2098.5%20Your%20Country%20%7C%20WNWN-FM%20%7C%20Battle%20Creek%2C%20MI&en=page_view&_fv=1&_ss=1&tfd=4256
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BFCN2RTHR1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wincountry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1943.011-3.034/ 190 KB
58 KB 66ms
65ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1943.011-3.034/ice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/frame_content.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34e2d9f8df5271137f3cd95ace8ff8e0afd3fbadb43a2f98858f840fcf8249ee

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:33 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Jul 2024 13:24:13 GMT
server: cloudflare
age: 389
etag: W/"2f957-61dfe31b54a13"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8ad3ba3f8e625b44-FRA
expires: Mon, 02 Sep 2024 04:51:04 GMT

GET
H2 200 frame_incube.js Show response
resources.infolinks.com/js/1943.011-3.034/ Frame F086 66 KB
26 KB 24ms
24ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1943.011-3.034/frame_incube.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/frame_content.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39404f14d7cdfe5585c860ecd69a8dfc8d857cd03feda8e8a0582b6e6a403baf

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:33 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Jul 2024 13:24:13 GMT
server: cloudflare
age: 974
etag: W/"106c7-61dfe31b555cc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8ad3ba3f8e635b44-FRA
expires: Mon, 02 Sep 2024 04:41:19 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 16ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z48DQSG8XB&gtm=45je47v0v876296498z8839180022za200zb839180022&_p=1722661052154&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=263640359.1722661053&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722661053&sct=1&seg=0&dl=https%3A%2F%2Fwincountry.com%2F&dt=WIN%2098.5%20Your%20Country%20%7C%20WNWN-FM%20%7C%20Battle%20Creek%2C%20MI&en=page_view&_fv=1&_ss=1&ep.is_mobile_app=false&tfd=4316
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z48DQSG8XB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wincountry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 22ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QLTWJ7V56Q&gtm=45je47v0v884781301z8835650520za200zb835650520&_p=1722661052154&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=263640359.1722661053&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722661053&sct=1&seg=0&dl=https%3A%2F%2Fwincountry.com%2F&dt=WIN%2098.5%20Your%20Country%20%7C%20WNWN-FM%20%7C%20Battle%20Creek%2C%20MI&en=page_view&_fv=1&_ss=1&ep.CompanyID=459&epn.AccountID=2432&ep.Platform=web&epn.PostID=35&ep.PostType=page&tfd=4353
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QLTWJ7V56Q&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wincountry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
244 B 360ms
21ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QLTWJ7V56Q&cid=263640359.1722661053&gtm=45je47v0v884781301z8835650520za200zb835650520&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1&npa=1&frm=0&tag_exp=95250752
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QLTWJ7V56Q&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wincountry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 14ms
14ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QLTWJ7V56Q&gtm=45je47v0v884781301z8835650520za200zb835650520&_p=1722661052154&gcd=13l3lPl2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=263640359.1722661053&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=Ag&_s=2&sid=1722661053&sct=1&seg=0&dl=https%3A%2F%2Fwincountry.com%2F&dt=WIN%2098.5%20Your%20Country%20%7C%20WNWN-FM%20%7C%20Battle%20Creek%2C%20MI&en=web_impression&ep.CompanyID=459&epn.AccountID=2432&ep.Platform=web&epn.PostID=35&ep.PostType=page&_et=3&tfd=4364
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QLTWJ7V56Q&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wincountry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 39ms
22ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QLTWJ7V56Q&cid=263640359.1722661053&gtm=45je47v0v884781301z8835650520za200zb835650520&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1&npa=1&frm=0&tag_exp=95250752&tag_exp=95250752&z=459205247

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 100x100bb.jpg
is1-ssl.mzstatic.com/image/thumb/Music122/v4/b8/8a/4b/b88a4b44-bd3a-10b9-e739-c59a8338797a/22UMGIM68976.rgb.jpg/ 6 KB
7 KB 67ms
20ms Image
image/jpeg 2a02:26f0:7100:39d::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is1-ssl.mzstatic.com/image/thumb/Music122/v4/b8/8a/4b/b88a4b44-bd3a-10b9-e739-c59a8338797a/22UMGIM68976.rgb.jpg/100x100bb.jpg

Requested by

Host: wincountry.com
URL: https://wincountry.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:39d::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

b50d8808a7006ea35769e8783c16b514c8d40eac1c791bf349980f8456225705

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-apple-jingle-correlation-key: Q4NRUDMFYUR7K6UAGDHCSNHHHA
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 03 Aug 2024 04:57:33 GMT
x-b3-traceid: 871b1a0d85c523f57a8030ce2934e738
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:22RELEASE133:daiquiri-amp-processing-shared-int-001-mr
cdnuuid: bfac75dd-9fd9-4eef-b2da-080a4ed6e67d-3755383376
x-cache: TCP_MISS from a2-17-100-134.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
b3: 871b1a0d85c523f57a8030ce2934e738-cd26061fae1d2eec
content-length: 6177
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
last-modified: Thu, 06 Oct 2022 02:10:49 GMT
x-cache-remote: TCP_HIT from a2-17-100-126.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjY1MDIyMjQ5MDY1LGlzQnVpbGRWZXJzaW9uTm90U2V0LDUwMDY3LG5vRWZmZWN0"
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 871b1a0d-85c5-23f5-7a80-30ce2934e738
x-b3-spanid: cd26061fae1d2eec
cache-control: no-transform, max-age=16080603
timing-allow-origin: *

GET
H2 200 itunes_badge_small.png
media-cdn.socastsrm.com/images/ 626 B
1 KB 437ms
437ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/images/itunes_badge_small.png
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f028b3cbfdc7a92f7c1ad5eba9eccb98605823a174c2a0a500713ea414348381

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 08:18:45 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: ZF8FAM0PWGWAHGD8
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 160729
x-cache: Hit from cloudfront
content-length: 626
x-amz-id-2: iDGerqnAXgjt2G7S/l9o8s3qKOaOjex0/NVyX9gXzIpD+aYHtbm0TkBBaDlXM98kBXh9BDXF8ys=
last-modified: Wed, 18 Oct 2023 17:54:10 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "4d4b20bda91b6e89da835b9c5db9e679"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ANZ4JMnbdzPdNJRdkAhpRS0O-G9-Wu3tkBXi2HAZfo4d8QapegtiXA==

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F086 0
0 41ms
41ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssdT6aqljbeqVs9kCBvIk5Ys8V0eiftqdIwcYGdqIcbkPhjRsFS3U_ZHcITCKVJ7iQI4Y8Pu0rsZuuMGjoVw4svRuXygMstowm93y-C8hrkkrdgrwL2EvL_B9gJ5aCaONtq9qfdhFgCYIdYgSM7WUbufRGNUrRUOme1Zn2G6fby6IyPr65R0XyNTBC3fbeu5bBhE8pq0n5AQE3JzLdQGppCgCcvVx5Q8HIU4xpkm9D2XNMPEo4OZ7RsaU8QhKuMUFJp5f-GGg_vILW6n59GIs3JRbnC0bqIhRXWr6MaL4QspqDQk8h2Z0bHsMFe0UOtaUmxIlgA-9LfsYbG-wr0APVgL76IrMDgxQ&sig=Cg0ArKJSzOsZAlrxhnlCEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 manage
router.infolinks.com/usync/ Frame D776 0
0 212ms
188ms Document
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3383084&wsid=0&pdom=wincountry.com&purl=https%3A%2F%2Fwincountry.com%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://wincountry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8ad3ba415a461cc3-FRA
content-length: 0
date: Sat, 03 Aug 2024 04:57:33 GMT
server: cloudflare
via: 1.1 google

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
35 B 135ms
125ms Script
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3383084&wsid=0&pdom=wincountry.com&purl=https%3A%2F%2Fwincountry.com%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8ad3ba413f015b44-FRA
content-length: 0

GET
H2 200 gsd Show response
router.infolinks.com/ 317 B
498 B 132ms
123ms Script
text/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3383084&pdom=wincountry.com&purl=https%3A%2F%2Fwincountry.com%2F&jsv=1943.011-3.034&_cb=17226610536190
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe9a18c99ee064d767f0d1d14e9d4646f8b485a2ffa806ef2cd8c5ada025900

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:33 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/javascript;charset=UTF-8
p3p: CP="NON DSP NID OUR COR"
cache-control: max-age=0
cf-ray: 8ad3ba413f005b44-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 doq.htm Show response
rt3020.infolinks.com/action/ 796 B
863 B 215ms
186ms XHR
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3020.infolinks.com/action/doq.htm?pcode=utf-8&r=17226610537591
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c59f302db436115b99f4fcb38357c5c20c9ee7852b67d61b51f5f719e989b5ef

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://wincountry.com
p3p: CP="NON DSP NID OUR COR"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-language: de-DE
cf-ray: 8ad3ba4238c868fb-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 launch-7d75747d0373.min.js Show response
assets.adobedtm.com/ddcf247e4bf5/82484060cd13/ 206 KB
65 KB 148ms
14ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ddcf247e4bf5/82484060cd13/launch-7d75747d0373.min.js
Requested by: Host: widgets.media.weather.com
URL: https://widgets.media.weather.com/wxwidget.loader.js?cid=158765827
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 88ef2c29409ce5218170e5e45ea0725bc97575e40b73c8399127fe78c2452357

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:34 GMT
content-encoding: gzip
last-modified: Tue, 21 May 2024 20:41:10 GMT
server: AkamaiNetStorage
etag: "4fa22c87e240730379599f4b173fe945:1716324070.889419"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://wincountry.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 66416
expires: Sat, 03 Aug 2024 05:57:34 GMT

GET
H2 200 p Show response
i.simpli.fi/ 809 B
770 B 25ms
16ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=289345&cb=sifi_att_3302528591574142._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/e1b7a900-ff4f-0138-8007-06b4c2516bae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: b003821be1eeab780064c4d9c7ee1634916b2b2be9cf52ec454d78f7ced5af92

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:33 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 53ms
52ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d70ad9b29dc055727e81d562b55f55acb41a0f2ddc9d1e9a6529287edb1a93de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12895
x-xss-protection: 0

GET
H2 200 page.php
www.facebook.com/v17.0/plugins/ Frame 1352 0
0 413ms
393ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v17.0/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df07735d2dcf956ea4%26domain%3Dwincountry.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwincountry.com%252Ff2edf9bdc73ad3a0c%26relation%3Dparent.parent&container_width=327&height=775&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FWIN985&locale=en_US&sdk=joey&show_facepile=false&show_posts=true&small_header=false&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0ed1367c392b4a6679afa72d0c70c1eb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Aug 2024 04:57:34 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v17.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7398772885942506173"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7398772885942506173", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2761, tp=-1, tpl=-1, uplat=386, ullat=0
x-fb-debug: ys3jbdyLWrm/IAbKdBm7tr1bzl/agvA3t/va+KqLf9JI/9UcP2E13QvXTMVS5DJeiEaRkirWatPJJ9eZbQVPXA==
x-fb-server-load: 34
x-xss-protection: 0

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=A81C2DB2ABBB4A938D337AC33A67E119

0
236 B

52ms
20ms

Image
text/plain

2600:9000:211e:b600:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=A81C2DB2ABBB4A938D337AC33A67E119
Protocol: H2
Server: 2600:9000:211e:b600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:34 GMT
cache-control: no-cache, must-revalidate
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: sHhucmB_KFmM5F8jJ2EPtsUCrgBvRgHipBcIIocBVCsknI22HNPtjQ==
x-cache: Miss from cloudfront

Redirect headers

date: Sat, 03 Aug 2024 04:57:33 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=A81C2DB2ABBB4A938D337AC33A67E119
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 02 Aug 2024 04:57:33 GMT

GET
H2

204

A81C2DB2ABBB4A938D337AC33A67E119
sync.1rx.io/usersync/simplifi/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/A81C2DB2ABBB4A938D337AC33A67E119

0
99 B

302ms
13ms

Image
text/plain

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/simplifi/A81C2DB2ABBB4A938D337AC33A67E119
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:34 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0

Redirect headers

date: Sat, 03 Aug 2024 04:57:33 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.1rx.io/usersync/simplifi/A81C2DB2ABBB4A938D337AC33A67E119
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 02 Aug 2024 04:57:33 GMT

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=A81C2DB2ABBB4A938D337AC33A67E119&dongle=yf3

37 B
140 B

46ms
7ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=A81C2DB2ABBB4A938D337AC33A67E119&dongle=yf3
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Sat, 03 Aug 2024 04:57:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=A81C2DB2ABBB4A938D337AC33A67E119&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 02 Aug 2024 04:57:34 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=A81C2DB2ABBB4A938D337AC33A67E119

43 B
175 B

346ms
102ms

Image
image/gif

2600:1f18:612b:4232:9b91:958:919d:ea36
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=A81C2DB2ABBB4A938D337AC33A67E119
Protocol: H2
Server: 2600:1f18:612b:4232:9b91:958:919d:ea36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 03 Aug 2024 04:57:34 GMT
server: nginx
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

Redirect headers

date: Sat, 03 Aug 2024 04:57:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=A81C2DB2ABBB4A938D337AC33A67E119
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 02 Aug 2024 04:57:34 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=A81C2DB2ABBB4A938D337AC33A67E119
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=A81C2DB2ABBB4A938D337AC33A67E119

95 B
427 B

22ms
22ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=A81C2DB2ABBB4A938D337AC33A67E119

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:34 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Sat, 03 Aug 2024 04:57:34 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=A81C2DB2ABBB4A938D337AC33A67E119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=A81C2DB2ABBB4A938D337AC33A67E119
https://d.agkn.com/pixel/10751/?che=1722661054064&ip=45.141.152.76&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217163104963000262155
https://um.simpli.fi/aa_px?sk=217163104963000262155
https://um.simpli.fi/empty.gif

43 B
361 B

14ms
13ms

Image
image/gif

35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Sat, 03 Aug 2024 04:57:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=A81C2DB2ABBB4A938D337AC33A67E119

0
0

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 16ms
12ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 02 Aug 2024 04:57:34 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 30ms
26ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 02 Aug 2024 04:57:34 GMT

GET
H2

451

400646.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=A81C2DB2ABBB4A938D337AC33A67E119;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=A81C2DB2ABBB4A938D337AC33A67E119;mimetype=img;sr
https://idsync.rlcdn.com/400646.gif?partner_uid=3330726471776878987

0
42 B

16ms
15ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/400646.gif?partner_uid=3330726471776878987
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:34 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:33 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
location: https://idsync.rlcdn.com/400646.gif?partner_uid=3330726471776878987
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=A81C2DB2ABBB4A938D337AC33A67E119&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=A81C2DB2ABBB4A938D337AC33A67E119&j=0&xl8blockcheck=1

0
771 B

32ms
32ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=A81C2DB2ABBB4A938D337AC33A67E119&j=0&xl8blockcheck=1
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Sat, 03 Aug 2024 04:57:34 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=A81C2DB2ABBB4A938D337AC33A67E119&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 29ms
27ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 02 Aug 2024 04:57:34 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=A81C2DB2ABBB4A938D337AC33A67E119

0
421 B

451ms
100ms

Image
text/plain

52.5.0.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=A81C2DB2ABBB4A938D337AC33A67E119
Protocol: HTTP/1.1
Server: 52.5.0.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-0-17.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Date: Sat, 03 Aug 2024 04:57:34 GMT

Redirect headers

date: Sat, 03 Aug 2024 04:57:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=A81C2DB2ABBB4A938D337AC33A67E119
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 02 Aug 2024 04:57:34 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=A81C2DB2ABBB4A938D337AC33A67E119

62 B
445 B

230ms
167ms

Image
image/gif

2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=A81C2DB2ABBB4A938D337AC33A67E119
Protocol: H2
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 03 Aug 2024 04:57:34 GMT
content-length: 62
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

date: Sat, 03 Aug 2024 04:57:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=A81C2DB2ABBB4A938D337AC33A67E119
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 02 Aug 2024 04:57:34 GMT

GET
H2

404

tpid=A81C2DB2ABBB4A938D337AC33A67E119
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=A81C2DB2ABBB4A938D337AC33A67E119

49 B
265 B

107ms
32ms

Image
image/gif

54.154.220.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=A81C2DB2ABBB4A938D337AC33A67E119
Protocol: H2
Server: 54.154.220.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-220-125.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:34 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.19.78
content-length: 49
expires: 0

Redirect headers

date: Sat, 03 Aug 2024 04:57:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=A81C2DB2ABBB4A938D337AC33A67E119
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 02 Aug 2024 04:57:34 GMT

GET
H2

204

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=A81C2DB2ABBB4A938D337AC33A67E119

0
223 B

119ms
31ms

Image
text/plain

52.215.107.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=A81C2DB2ABBB4A938D337AC33A67E119
Protocol: H2
Server: 52.215.107.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-107-71.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Sat, 03 Aug 2024 04:57:34 GMT
x-merge: GDPR Optout true
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
vary: Accept-Encoding
expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sat, 03 Aug 2024 04:57:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=A81C2DB2ABBB4A938D337AC33A67E119
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 02 Aug 2024 04:57:34 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=A81C2DB2ABBB4A938D337AC33A67E119

0
98 B

52ms
17ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=A81C2DB2ABBB4A938D337AC33A67E119
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:34 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Sat, 03 Aug 2024 04:57:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=A81C2DB2ABBB4A938D337AC33A67E119
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 02 Aug 2024 04:57:34 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1722661053928&cv=7&fst=1722661053928&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=738358504&cv=7&fst=1722661053928&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CKG4...
https://www.google.com/pagead/1p-conversion/1026675585/?random=738358504&cv=7&fst=1722661053928&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBs...
https://www.google.de/pagead/1p-conversion/1026675585/?random=738358504&cv=7&fst=1722661053928&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQ...

42 B
64 B

20ms
19ms

Image
image/gif

2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=738358504&cv=7&fst=1722661053928&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI_MzDwYTYhwMVH-8RCB2VCy4eMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL3dpbmNvdW50cnkuY29tLw&is_vtc=1&cid=CAQSGwDaQooLWkNpAyS74C6LZD6gKr8c3A1r3qx5bA&random=1012186804&ipr=y

Protocol

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=738358504&cv=7&fst=1722661053928&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CKG4sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI_MzDwYTYhwMVH-8RCB2VCy4eMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL3dpbmNvdW50cnkuY29tLw&is_vtc=1&cid=CAQSGwDaQooLWkNpAyS74C6LZD6gKr8c3A1r3qx5bA&random=1012186804&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 28ms
26ms Image
text/plain 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 03 Aug 2024 04:57:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=A81C2DB2ABBB4A938D337AC33A67E119
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DA81C2DB2ABBB4A938D337AC33A67E119

43 B
1 KB

20ms
19ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DA81C2DB2ABBB4A938D337AC33A67E119

Protocol

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:34 GMT
an-x-request-uuid: 44e4aff0-cc63-4220-816e-810bdad5faf5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.76; 45.141.152.76; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:34 GMT
an-x-request-uuid: d18603f0-0f89-48d2-b5f5-5a661d653dee
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DA81C2DB2ABBB4A938D337AC33A67E119
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.76; 45.141.152.76; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=A81C2DB2ABBB4A938D337AC33A67E119&expires=365

0
239 B

52ms
8ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=A81C2DB2ABBB4A938D337AC33A67E119&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 14d90060180bca4b3b64f131b647e645
Expires: 0

Redirect headers

date: Sat, 03 Aug 2024 04:57:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=A81C2DB2ABBB4A938D337AC33A67E119&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 02 Aug 2024 04:57:34 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=A81C2DB2ABBB4A938D337AC33A67E119

43 B
264 B

40ms
16ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=A81C2DB2ABBB4A938D337AC33A67E119
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:34 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sat, 03 Aug 2024 04:57:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=A81C2DB2ABBB4A938D337AC33A67E119
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 02 Aug 2024 04:57:34 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 57ms
16ms Image
image/png 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js?cb=31085846

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 04:57:33 GMT

GET
H2 200 in_cube.js Show response
resources.infolinks.com/js/1943.011-3.034/ 13 KB
4 KB 26ms
26ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1943.011-3.034/in_cube.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a37559016c240c9e9c4571721e79f7a1cf1e170ce67ebceaecc83bf116b94dcc

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:34 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 Jul 2024 13:24:13 GMT
server: cloudflare
age: 975
etag: W/"348a-61dfe31b54dfc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8ad3ba436fc25b44-FRA
expires: Mon, 02 Sep 2024 04:41:19 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BDA6 0
0 28ms
4ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincountry.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 66888
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Aug 2024 10:22:46 GMT
expires: Sat, 02 Aug 2025 10:22:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 getads.htm Show response
rt3020.infolinks.com/action/ 2 KB
705 B 361ms
360ms Script
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3020.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22k_IL_INCUBE_div-gpt-ad-1676914055834-0_300x250%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22k%22%2C%22garc%22%3A0%2C%22as%22%3A%22300*250%22%2C%22nom%22%3A4%2C%22sdata%22%3A%22air%22%2C%22scs%22%3A%22_fW-_Ym8M9%22%7D%5D&rid=04c01d7b-5823-4c52-88ed-ac415dc67e1a&jsv=1943.011-3.034&sr=1600X1200&rts=1722661054021&cfv=-1&cb=getAdsResponse&os=Linux&ov=x86_64&br=Chrome&bv=127.0.0.0&dv=p&ce=t&purl=https%3A%2F%2Fwincountry.com%2F&tzo=%2B0200&c=c&strg=true&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=ECU2Qkq7TFlqDpogeGM6SiJQNPvnOwiQU8F59W-pgF3NLgRRkqKbUmOK3k5dnVyXZNKg0C2AoAThgEEYYi2t3x7nfpTlmqulfZ-TwGWFeBzmwXUyFov2y53OyBipRkgDPtvKC8Irt7LtyFEvsuYueNJFJRaDXhKplDSimCS7ECc&rsk=12&rcs=orj7pM08udeRWkimoPuzRA&cuid=00eecc04-94e9-4cbe-b05c-9bb040e272a4&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac4b7590132bf024c89b670390e4eb75a3256a9011b2fb76927403e69db14b5e

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
content-language: de-DE
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 8ad3ba43afcf5b44-FRA
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 interact Show response
adobedc.demdex.net/ee/v1/ 731 B
916 B 148ms
105ms Fetch
application/json 63.140.62.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://adobedc.demdex.net/ee/v1/interact?configId=656100c2-2477-4105-bbeb-16724c3fefe1&requestId=bbb736f7-c99a-471a-b709-99a8b14a1c3d

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ddcf247e4bf5/82484060cd13/launch-7d75747d0373.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.222 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-222.data.adobedc.net

Software

jag /

Resource Hash

2f5a0d6fc769a82806db9f8695388ee222ea785ca60457aa2087053907dcb574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sat, 03 Aug 2024 04:57:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wincountry.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: bbb736f7-c99a-471a-b709-99a8b14a1c3d

GET
H2 200 ulta_300x250.jpg
resources.infolinks.com/static/brands/ Frame 7150 19 KB
19 KB 21ms
20ms Image
image/webp 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.infolinks.com/static/brands/ulta_300x250.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e8fbd4f69085f45bdf78d2a7c66cfdeb9366d6179d3adf66903a210dbc2ea3c

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:34 GMT
via: 1.1 google
cf-cache-status: HIT
age: 6444
cf-polished: qual=85, origFmt=jpeg, origSize=28812
content-disposition: inline; filename="ulta_300x250.webp"
content-length: 19112
cf-bgj: imgq:85,h2pri
last-modified: Mon, 20 Mar 2023 11:30:07 GMT
server: cloudflare
etag: "708c-5f7533fc20707"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8ad3ba4638ae5b44-FRA
expires: Mon, 02 Sep 2024 03:10:10 GMT

GET
H2 200 adview.htm Show response
rt3020.infolinks.com/action/ 0
159 B 176ms
176ms XHR
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3020.infolinks.com/action/adview.htm?rid=04c01d7b-5823-4c52-88ed-ac415dc67e1a&bdc=1&midx=0&emd=NTd-bnVsbF91bHRhXzMwMHgyNTA&rts=1722661054436&prod_t=k&jsv=1943.011-3.034&sdata=air&scs=_fW-_Ym8M9&rsd=ECU2Qkq7TFlqDpogeGM6SiJQNPvnOwiQU8F59W-pgF3NLgRRkqKbUmOK3k5dnVyXZNKg0C2AoAThgEEYYi2t3x7nfpTlmqulfZ-TwGWFeBzmwXUyFov2y53OyBipRkgDPtvKC8Irt7LtyFEvsuYueNJFJRaDXhKplDSimCS7ECc&rsk=12&rcs=orj7pM08udeRWkimoPuzRA
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://wincountry.com
p3p: CP="NON DSP NID OUR COR"
cache-control: no-cache,no-store
access-control-allow-credentials: true
cf-ray: 8ad3ba464ae768fb-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dcl.htm Show response
rt3020.infolinks.com/action/ 0
37 B 169ms
169ms Script
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3020.infolinks.com/action/dcl.htm?rid=04c01d7b-5823-4c52-88ed-ac415dc67e1a&prod_t=k&sdata=air&bdc=1&midx=0&capara=%7B%22cubeSide%22%3A0%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 8ad3ba4648b25b44-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 100x100bb.jpg
is1-ssl.mzstatic.com/image/thumb/Music122/v4/b8/8a/4b/b88a4b44-bd3a-10b9-e739-c59a8338797a/22UMGIM68976.rgb.jpg/ 6 KB
0 1ms
1ms Image
image/jpeg 2a02:26f0:7100:39d::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is1-ssl.mzstatic.com/image/thumb/Music122/v4/b8/8a/4b/b88a4b44-bd3a-10b9-e739-c59a8338797a/22UMGIM68976.rgb.jpg/100x100bb.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:39d::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: daiquiri/3.0.0 /
Resource Hash: b50d8808a7006ea35769e8783c16b514c8d40eac1c791bf349980f8456225705

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-apple-jingle-correlation-key: Q4NRUDMFYUR7K6UAGDHCSNHHHA
date: Sat, 03 Aug 2024 04:57:33 GMT
x-b3-traceid: 871b1a0d85c523f57a8030ce2934e738
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:22RELEASE133:daiquiri-amp-processing-shared-int-001-mr
cdnuuid: bfac75dd-9fd9-4eef-b2da-080a4ed6e67d-3755383376
x-cache: TCP_MISS from a2-17-100-134.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
b3: 871b1a0d85c523f57a8030ce2934e738-cd26061fae1d2eec
content-length: 6177
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
last-modified: Thu, 06 Oct 2022 02:10:49 GMT
x-cache-remote: TCP_HIT from a2-17-100-126.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjY1MDIyMjQ5MDY1LGlzQnVpbGRWZXJzaW9uTm90U2V0LDUwMDY3LG5vRWZmZWN0"
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 871b1a0d-85c5-23f5-7a80-30ce2934e738
x-b3-spanid: cd26061fae1d2eec
cache-control: no-transform, max-age=16080603
timing-allow-origin: *

GET
H2 200 itunes_badge_small.png
media-cdn.socastsrm.com/images/ 626 B
0 2ms
2ms Image
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.socastsrm.com/images/itunes_badge_small.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f028b3cbfdc7a92f7c1ad5eba9eccb98605823a174c2a0a500713ea414348381

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 08:18:45 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: ZF8FAM0PWGWAHGD8
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 160729
x-cache: Hit from cloudfront
content-length: 626
x-amz-id-2: iDGerqnAXgjt2G7S/l9o8s3qKOaOjex0/NVyX9gXzIpD+aYHtbm0TkBBaDlXM98kBXh9BDXF8ys=
last-modified: Wed, 18 Oct 2023 17:54:10 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "4d4b20bda91b6e89da835b9c5db9e679"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ANZ4JMnbdzPdNJRdkAhpRS0O-G9-Wu3tkBXi2HAZfo4d8QapegtiXA==

GET
H2 200 100x100bb.jpg
is2-ssl.mzstatic.com/image/thumb/Music115/v4/25/3b/4a/253b4a47-62f7-58ed-4880-0adad14fe82a/source/ 6 KB
7 KB 249ms
230ms Image
image/jpeg 2a02:26f0:7100:39d::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is2-ssl.mzstatic.com/image/thumb/Music115/v4/25/3b/4a/253b4a47-62f7-58ed-4880-0adad14fe82a/source/100x100bb.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:39d::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/5 /

Resource Hash

a63eb57ae9661e37516b07a9821e354c2bdfdfa055897430cb5d73ff09b99e3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-apple-jingle-correlation-key: 77XRY7VQ4KJGIGXNSWRJVYWAW4
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 03 Aug 2024 04:57:34 GMT
x-b3-traceid: 3435e2ea88298c7e
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:24RELEASE93:daiquiri-amp-processing-shared-int-001-st, daiquiri:41338002:st47p00it-qujn13041702:7987:24RELEASE93:daiquiri-amp-all-l7shared-int-001-st
cdnuuid: 59a3a34b-cd65-4d35-9d88-3ad827439191-1638392318
x-cache: TCP_MISS from a2-17-100-134.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-b3-parentspanid: f1623af995641623
b3: ffef1c7eb0e292641aed95a29ae2c0b7-534cff7ae703dc79
content-length: 5740
apple-tk: false
server: daiquiri/5
apple-seq: 0.0
last-modified: Mon, 29 Apr 2024 13:59:00 GMT
x-cache-remote: TCP_HIT from a2-17-100-151.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
etag: "MSwxLjgzLjAsVmVyc2lvbiAxMy41LjIgKEJ1aWxkIDIyRzkxKSwxNzE0Mzk5MTQwNTA4LDI0RTM1LDQ2ODU4MjRjLG5vRWZmZWN0"
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: ffef1c7e-b0e2-9264-1aed-95a29ae2c0b7
x-b3-spanid: 534cff7ae703dc79
cache-control: no-transform, max-age=15866766
timing-allow-origin: *

GET
H2 200 100x100bb.jpg
is1-ssl.mzstatic.com/image/thumb/Music112/v4/bf/b3/6b/bfb36b0e-6525-2a34-145c-7db80d883e78/24UMGIM12509.rgb.jpg/ 4 KB
5 KB 248ms
246ms Image
image/jpeg 2a02:26f0:7100:39d::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is1-ssl.mzstatic.com/image/thumb/Music112/v4/bf/b3/6b/bfb36b0e-6525-2a34-145c-7db80d883e78/24UMGIM12509.rgb.jpg/100x100bb.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:39d::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

4.0.0 /

Resource Hash

951ed55606221c0bb25c62147b1b3f2d1f2e23b7f64f0e61a96c3d5317d93be4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-apple-jingle-correlation-key: SUICOR5HXB2VSBJVMGHBB7BVJM
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 03 Aug 2024 04:57:34 GMT
x-b3-traceid: d96932dce945332c
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:24RELEASE37:daiquiri-amp-processing-shared-int-001-st, daiquiri:41338001:st47p00it-qujn13151502:7987:24RELEASE37:daiquiri-amp-all-l7shared-int-001-st
cdnuuid: c44c4aba-f2ec-4a87-a79a-b3395087642d-1472093292
x-cache: TCP_HIT from a2-17-100-134.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-b3-parentspanid: e1b20e831e84199b
b3: 95102747a7b875590535618e10fc354b-323963dc4af635a9
content-length: 3877
apple-tk: false
server: 4.0.0
apple-seq: 0.0
last-modified: Thu, 29 Feb 2024 21:25:49 GMT
etag: "MSwxLjgzLjAsVmVyc2lvbiAxMy41LjIgKEJ1aWxkIDIyRzkxKSwxNzA5MjQxOTQ5NzMyLDI0QjI1LDAxNDk0NzFjLG5vRWZmZWN0"
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 95102747-a7b8-7559-0535-618e10fc354b
x-b3-spanid: 323963dc4af635a9
cache-control: no-transform, max-age=14277559
timing-allow-origin: *

GET
H2 200 100x100bb.jpg
is1-ssl.mzstatic.com/image/thumb/Music116/v4/87/c9/5b/87c95bea-9d9a-81a7-b3be-003d59b966cb/093624850243.jpg/ 6 KB
7 KB 13ms
12ms Image
image/jpeg 2a02:26f0:7100:39d::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is1-ssl.mzstatic.com/image/thumb/Music116/v4/87/c9/5b/87c95bea-9d9a-81a7-b3be-003d59b966cb/093624850243.jpg/100x100bb.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:39d::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

ac817b99abfb34129b93d6733d15e053a03643b2dcaf146a8de691b6bc8a47bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-apple-jingle-correlation-key: EAUCBSWHJ7HUGYRYNYJTGOKO7Q
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 03 Aug 2024 04:57:34 GMT
x-b3-traceid: 78bef27894927c59
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:23RELEASE143:daiquiri-amp-processing-shared-int-001-st
cdnuuid: 44438f10-87b0-46fa-8847-1ab4e8ac5fbf-1022525412
x-cache: TCP_MISS from a2-17-100-134.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-b3-parentspanid: 140e86cdd1e3fea8
b3: 202820cac74fcf4362386e1333394efc-417bf0023efd764a
content-length: 6204
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
last-modified: Thu, 21 Sep 2023 22:26:58 GMT
x-cache-remote: TCP_HIT from a2-17-100-229.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
etag: "MSwxLjcyLjYtMjNMLFZlcnNpb24gMTMuNS4yIChCdWlsZCAyMkc5MSksMTY5NTMzNTIxODcwNCxpc0J1aWxkVmVyc2lvbk5vdFNldCxkODEwMzhhMyxub0VmZmVjdA=="
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 202820ca-c74f-cf43-6238-6e1333394efc
x-b3-spanid: 417bf0023efd764a
cache-control: no-transform, max-age=14461780
timing-allow-origin: *

GET
H2 200 100x100bb.jpg
is3-ssl.mzstatic.com/image/thumb/Music125/v4/59/7f/b4/597fb45e-7dc1-dd12-3e03-444f85a0f214/source/ 7 KB
8 KB 253ms
235ms Image
image/jpeg 2a02:26f0:7100:39d::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is3-ssl.mzstatic.com/image/thumb/Music125/v4/59/7f/b4/597fb45e-7dc1-dd12-3e03-444f85a0f214/source/100x100bb.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:39d::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

4.0.0 /

Resource Hash

b3e6d7016a5f78602b12f4605dd0a0f29a79a7cb9be047d4734d665affc9d6fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-apple-jingle-correlation-key: U6JHGQHN4MGWFD54G4X5F3K5N4
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 03 Aug 2024 04:57:34 GMT
x-b3-traceid: f9a19a5238e3bc57
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:24RELEASE37:daiquiri-amp-processing-shared-int-001-pv, daiquiri:31338001:pv52p00it-qujn08063302:7987:24RELEASE37:daiquiri-amp-all-l7shared-int-001-pv
cdnuuid: e4a29fcb-d684-4858-b5f4-e4b17b67a95b-1025315277
x-cache: TCP_MISS from a2-17-100-134.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-b3-parentspanid: f617c4df2ff2eb09
b3: a7927340ede30d628fbc372fd2ed5d6f-6f9a94ba2bf532f7
content-length: 7306
apple-tk: false
server: 4.0.0
apple-seq: 0.0
last-modified: Mon, 26 Feb 2024 05:04:45 GMT
x-cache-remote: TCP_HIT from a2-17-100-142.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
etag: "MSwxLjgzLjAsVmVyc2lvbiAxMy41LjIgKEJ1aWxkIDIyRzkxKSwxNzA4OTIzODg1NzY0LDI0QjI1LGVlZGI5ODIxLG5vRWZmZWN0"
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: a7927340-ede3-0d62-8fbc-372fd2ed5d6f
x-b3-spanid: 6f9a94ba2bf532f7
cache-control: no-transform, max-age=15040867
timing-allow-origin: *

GET
H2 200 home_screen_logo-5f45423427098.jpg
media-cdn.socastsrm.com/uploads/station/2206/ 178 B
682 B 33ms
33ms Other
image/webp 13.225.78.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media-cdn.socastsrm.com/uploads/station/2206/home_screen_logo-5f45423427098.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-110.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 449432e909c4c1f4308e387f8090918b4e905fab81363c20809f25aec0ded61a

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 07:35:36 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-request-id: SH6F8X01FSDRJF6C
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
age: 12259321
x-cache: Hit from cloudfront
content-length: 178
x-amz-id-2: WmoiqVzEUTadw4VFrJH9up2jNoj0S1Z2jgZ0x/RpZOqMvH//ccjB5zvt30spU0JxqI8hu5ixVL4=
last-modified: Wed, 18 Oct 2023 18:01:18 GMT
server: AmazonS3
x-lambda-region: eu-central-1
etag: "bd79cfc37dea78ccdfb8423765413368"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Imt9dLAf8q3qZWjueCknLugo1QcKPrRPOA-8G3SBZfjrr6yfv4qunQ==

POST
H3 204 collect
region1.analytics.google.com/g/ 0
0 14ms
14ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QLTWJ7V56Q&gtm=45je47v0v884781301za200zb835650520&_p=1722661052154&gcd=13l3lPl2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=263640359.1722661053&ul=de-de&sr=1600x1200&are=1&frm=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=3&sid=1722661053&sct=1&seg=0&dl=https%3A%2F%2Fwincountry.com%2F&dt=WIN%2098.5%20Your%20Country%20%7C%20WNWN-FM%20%7C%20Battle%20Creek%2C%20MI&en=web_impression&ep.CompanyID=459&epn.AccountID=2432&ep.Platform=web&epn.PostID=35&ep.PostType=page&_et=3&tfd=9364
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QLTWJ7V56Q&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wincountry.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bloomingdales_300x250.jpg
resources.infolinks.com/static/brands/ Frame EE6F 16 KB
16 KB 19ms
18ms Image
image/webp 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.infolinks.com/static/brands/bloomingdales_300x250.jpg
Requested by: Host: wincountry.com
URL: https://wincountry.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfb5be0b0ed00c21f6cc36a602d18f3d95f0a341706599607149a201434d27c8

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 04:57:44 GMT
via: 1.1 google
cf-cache-status: HIT
age: 7083
cf-polished: qual=85, origFmt=jpeg, origSize=24997
content-disposition: inline; filename="bloomingdales_300x250.webp"
content-length: 16488
cf-bgj: imgq:85,h2pri
last-modified: Mon, 20 Mar 2023 11:30:07 GMT
server: cloudflare
etag: "61a5-5f7533fc24589"
vary: Accept
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8ad3ba84bd7f5b44-FRA
expires: Mon, 02 Sep 2024 02:59:40 GMT

GET
H2 200 adview.htm Show response
rt3020.infolinks.com/action/ 0
167 B 179ms
178ms XHR
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3020.infolinks.com/action/adview.htm?rid=04c01d7b-5823-4c52-88ed-ac415dc67e1a&bdc=1&midx=3&emd=NTd-bnVsbF9ibG9vbWluZ2RhbGVzXzMwMHgyNTA&rts=1722661064433&prod_t=k&jsv=1943.011-3.034&sdata=air&scs=_fW-_Ym8M9&rsd=ECU2Qkq7TFlqDpogeGM6SiJQNPvnOwiQU8F59W-pgF3NLgRRkqKbUmOK3k5dnVyXZNKg0C2AoAThgEEYYi2t3x7nfpTlmqulfZ-TwGWFeBzmwXUyFov2y53OyBipRkgDPtvKC8Irt7LtyFEvsuYueNJFJRaDXhKplDSimCS7ECc&rsk=12&rcs=orj7pM08udeRWkimoPuzRA
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://wincountry.com
p3p: CP="NON DSP NID OUR COR"
cache-control: no-cache,no-store
access-control-allow-credentials: true
cf-ray: 8ad3ba84cb6168fb-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dcl.htm Show response
rt3020.infolinks.com/action/ 0
37 B 176ms
176ms Script
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3020.infolinks.com/action/dcl.htm?rid=04c01d7b-5823-4c52-88ed-ac415dc67e1a&prod_t=k&sdata=air&bdc=1&midx=3&capara=%7B%22cubeSide%22%3A3%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1943.011-3.034/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wincountry.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 03 Aug 2024 04:57:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 8ad3ba84cd845b44-FRA
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BGC9VZD51N&l=dataLayer&cx=c

Domain: sync.intentiq.com
URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=A81C2DB2ABBB4A938D337AC33A67E119

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202407310101&jk=3108203069739205&bg=!IiGlIW7NAAZjy5caQ8s7ADQBe5WfOJqR_fGb5lVNljbzfrAs3QWen7LzLeLT0n_dPjVgQmjU8lPJFPuIpwnBSQZm-I2fAgAAADxSAAAABGgBB34ANqiWUFHyb-l61CvKLKhOicwRkLgjetg3LqioddY7R4GOFJmsP5xvGKIFm7fmJdO625f8l8N68pkCtopynRG8s2-2-cS9WlGd4mVSVHiTDmTa1X4I58ynrqI7ZctFqP-dn2X-KJ3oOIRkCUG3KSkdby29s-c6c5xSzbGKp8ACK7He1zVUhavANtmyTxlgPyNwCaJ1aIn3oeSLSjeZTx8gH0frwk_QGsZ-Tqwq6eyYRJcDgJiygcEp5UdgKs_M6jMarpMz8ZkLZ7VoB76K8iiAIu-OIreLbecHlFkMmGsASA66oc8Z6r3jFfNoUA7gvaK-j859ILjiq8erN1yyyDTZW0UYSzRjeqD18PpWjcQWbA7u2CT1Baq6pLIwYjqiAOua92zExzTalzvXdPIwkh4KgthVaqslbsZbTgBkStvOzOFj3GPtixbuSdolKhmA321-4zUg_COsA1T91gY5q4cczeElsccncG5MzZeEu_NBnUbuVhAYXGDHnzpei8zFw1pkvxwVU_8Bn06W11tJbQLiDkmKs5EPqEXJjhXhhWbhpeXoPpCTvEj40ef70ovx-_hl7H1ofKOuXc7mzEa9Ri8dfV-Q2fctc9X1AQyUBZdIovMcNNiSM0QhwoIrnp4M2UlzfoPUNfP1l2-laCMw3TT4zE64HfXOer_WcXiH3sPb2eMI1icVHwlbfzqB_I1OptOKia30abnaMfNaR2aQquVJJD_KWnS-8So5qGdFuqitcGA0v6R3_kkUglpMASnuDqbiP5DsjGGI2XupXTxnMesM2BGAalIB0ZZOON3DTjsz69-PNH8T9RIv5iJNzXFVDKv3SIVM92TATv-M35ynds9rUr_0awoG8Fp6U64_M6C0dIVz_zU9ubWQZyLnsnJ1BmjdXDSFnQf0JlyJTaWK94bhtm0OIYghw8ep36ZRQtEJIutOwkUckrgc0r3ZyHQ3mU36P-i23KMawLUfNtZ1AtCj7A1t8IHXt8gh9l8cG-mdffE

Verdicts & Comments Add Verdict or Comment

180 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 02:50:13	Name: _GRECAPTCHA Value: 09AE23sa7WfNhqAwWABEftRfXor0sfiKEvMmcSnYUOL36atRg-tfGQcW2D5kaKllNDuMf5gB0BXcvz8d6QD4jYOrk
www.wnwn.com/	1969-12-31 23:59:59	Name: SERVERID Value: v1
wincountry.com/	1969-12-31 23:59:59	Name: SERVERID Value: v1
.simpli.fi/	1970-01-21 07:18:03	Name: suid Value: A81C2DB2ABBB4A938D337AC33A67E119
.wincountry.com/	1970-01-20 22:32:27	Name: _gid Value: GA1.2.702639850.1722661053
.wincountry.com/	1970-01-20 22:31:01	Name: _gat_gtag_UA_33491015_39 Value: 1
wincountry.com/	1970-01-20 22:32:27	Name: PHPSESSID Value: 7a20df2b1ba339d36d5768d698423c57
.wincountry.com/	1970-01-20 22:31:01	Name: _gat_gtag_UA_4991594_2 Value: 1
.wincountry.com/	1970-01-21 08:07:01	Name: _ga_BFCN2RTHR1 Value: GS1.1.1722661053.1.0.1722661053.0.0.0
.wincountry.com/	1970-01-21 08:07:01	Name: _ga Value: GA1.1.263640359.1722661053
.wincountry.com/	1970-01-21 08:07:01	Name: _ga_Z48DQSG8XB Value: GS1.1.1722661053.1.0.1722661053.0.0.0
.wincountry.com/	1970-01-21 08:07:01	Name: _ga_QLTWJ7V56Q Value: GS1.1.1722661053.1.0.1722661053.60.0.0
wincountry.com/	1969-12-31 23:59:59	Name: logglytrackingsession Value: 6c7e2027-4b8f-4da6-baf8-6a134a6a2bb1
.infolinks.com/	1970-01-21 08:07:01	Name: cuid Value: 00eecc04-94e9-4cbe-b05c-9bb040e272a4
.simpli.fi/	1970-01-20 22:41:05	Name: uid_syncd_secure Value: true
.doubleclick.net/	1970-01-20 22:31:01	Name: test_cookie Value: CheckForPermission
.agkn.com/	1970-01-21 07:16:37	Name: ab Value: 0001%3A4HQI6oJZtTijoHBfJYLctx9Jt0yd%2BkzF
.tapad.com/	1970-01-20 23:57:25	Name: TapAd_TS Value: 1722661054067
.tapad.com/	1970-01-20 23:57:25	Name: TapAd_DID Value: 370ff17a-c00d-48d5-a52b-0980af8ec934
.pro-market.net/	1970-01-21 02:50:13	Name: anProfile Value: "paznztnqvr7v+1+1f=1+1g=1+1j=41+rs=s+rt=20010AC800203A001011074BF9008995+s2=(shmlry)+vm=24-A81C2DB2ABBB4A938D337AC33A67E119"
.pro-market.net/	1970-01-20 23:14:13	Name: anHistory Value: "paznztnqvr7v+2+!#7%/$I#K@R"
.tapad.com/	1970-01-20 23:57:25	Name: TapAd_3WAY_SYNCS Value:
.adnxs.com/	1970-01-21 00:40:37	Name: XANDR_PANID Value: UEy4nae1ESViJWu8AzZecJU0XvkZaeSzYsJqg9wsLSPp0Jlqhjms-TGfOzma4ew8R5GonRZl32Rrc20l7lSPuTGkPcfbi4Pf9inJtAjPHSc.
.adnxs.com/	1970-01-21 08:07:01	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 00:40:37	Name: uuid2 Value: 8949887172127024109
.adnxs.com/	1970-01-21 00:40:37	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2In8iK'dg!]tbPl1N!7On*M$=BX$ri.UP_fnQqSfnZOOig+JYka$!/l#Ax+gmYfvhw.=2f+/(9/X%W#.wL4W1Qw2r08Ovl
.agkn.com/	1970-01-21 07:16:37	Name: u Value: C\|0AAAAAAAALkB1PgAAAAAA
.exelator.com/	1970-01-21 01:23:49	Name: EE Value: "11faf7587fdc22995a84007eaa0f4e9f"
.exelator.com/	1970-01-21 01:23:49	Name: ud Value: "eJxrXxzq6XKLQcHQMC0xzdzUwjwtJdnIyNLSNNHCxMDAPDUx0SDNJNUybXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIfEl%252BUWb6IhfXxUUpaQyLSopPBZ%252Fo9gUAs5Yqcg%253D%253D"
.bluekai.com/	1970-01-21 02:55:58	Name: bku Value: blx99nbTgVR/HqXz
.bluekai.com/	1970-01-21 02:55:58	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwDWT1D10HW/0xDJYxMHOmE1THe1pB6ae1pBOBM5a1EW89y9ggyrN
.bfmio.com/	1970-01-21 07:16:37	Name: __141_cid Value: A81C2DB2ABBB4A938D337AC33A67E119
.bfmio.com/	1970-01-21 07:16:37	Name: __io_cid Value: cf4d4877d835197c33bafa0bd103746f51555191
.demdex.net/	1970-01-21 02:50:13	Name: demdex Value: 77463003892812193573094933136256757591
.wincountry.com/	1970-01-21 07:59:49	Name: kndctr_C7884A3A64E46D6E0A495EEB_AdobeOrg_identity Value: CiY3NzQ2NDM5MDYzMDEwNDkyNzk3MzA5NTA3NTkzNzQ0NTQ3MzU5MVITCMHQ5rSRMhABGAEqBElSTDEwAPABwdDmtJEy
.wincountry.com/	1970-01-20 22:31:02	Name: kndctr_C7884A3A64E46D6E0A495EEB_AdobeOrg_cluster Value: irl1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=A81C2DB2ABBB4A938D337AC33A67E119 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/400646.gif?partner_uid=3330726471776878987 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=A81C2DB2ABBB4A938D337AC33A67E119 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1b6e2a52d6672af2fb90accb9d04d844.safeframe.googlesyndication.com
aa.agkn.com
adobedc.demdex.net
assets.adobedtm.com
bcp.crwdcntrl.net
cdn-css.socastsrm.com
cdn-js.socastsrm.com
cdn.worldweatheronline.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
d.agkn.com
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
is1-ssl.mzstatic.com
is2-ssl.mzstatic.com
is3-ssl.mzstatic.com
ka-p.fontawesome.com
kit.fontawesome.com
loadm.exelator.com
media-cdn.socastsrm.com
media.socastsrm.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.tapad.com
region1.analytics.google.com
region1.google-analytics.com
resources.infolinks.com
router.infolinks.com
rt3020.infolinks.com
s.ad.smaato.net
securepubads.g.doubleclick.net
simplifi.partners.tremorhub.com
socast-public.s3.amazonaws.com
stags.bluekai.com
stats.g.doubleclick.net
storage.googleapis.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
tag.simpli.fi
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
widgets.media.weather.com
wincountry.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.wnwn.com
pagead2.googlesyndication.com
sync.intentiq.com
www.googletagmanager.com
108.138.36.124
13.225.78.110
142.250.185.66
142.250.186.34
172.66.41.9
18.172.112.49
18.173.205.35
18.196.86.234
185.89.211.116
2.23.197.190
2001:4860:4802:34::36
2400:52e0:1e00::865:1
2600:1901:0:8eee::
2600:1f18:612b:4232:9b91:958:919d:ea36
2600:9000:211e:b600:1b:5138:8a40:93a1
2606:4700::6812:133e
2a00:1450:4001:808::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::201b
2a00:1450:4001:811::2008
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9a
2a02:26f0:3500:591::1e80
2a02:26f0:3500:e89::3282
2a02:26f0:7100:39d::2a1
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.5.25.143
3.78.155.229
34.111.113.62
34.98.64.218
35.204.74.118
35.234.162.151
35.244.174.68
46.228.174.117
52.215.107.71
52.5.0.17
54.154.220.125
54.78.254.47
54.84.131.112
63.140.62.222
69.173.144.138
76.223.111.18
0280d46803d535dcb44a1336d3f9a12b6f0d645c4af3b89c461dc42f30ca106b
0393f18543365f0fe2dd16abbe815614acf4050b8ba25433c688caa277179a25
06ab8804c22326649393b6b82923131952b97a8185b8ccec8893e356beaf670d
08218760e8dc5b307dbca515a0addde87e6a0d7a6f61d464440a0a6d538dabdb
09912cb2d2c867208249706041eda1ec8d6fac4234841ffbf7c9ed6734fb8b5f
0ac6fd5b7d5afe27d5bdcc1a32f0101949f80841860b7f0c9b58bf28f50b5728
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0c0dd038e1650023f8523f1c36b6a7ccae0ebbdd08d54e05dcfe193ec3419104
0c3e7756fe5cc02d6d023e062124f08d23f43f067f6aa1873a07f4b001f9e894
0c955fa8c779c4d8a38a36ec47e0eb653271d31844f356142ddf4688354e4afb
0ce7fbe215cdf921ed87d00a374404681d5d24898589a7fe60e068d09289b4ba
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
0dca8a0918746273fc3c731613af08e1034faa2d34ba68a540748a73b41a2517
0f932a39aeb4fb189d73296a7871166d4263873781d93bd0e2ea3658d90a72c3
14caade7152adb24edf1dec1437420acbf37b846f556f663c9c7856b8e91f54f
16c97b6c26473d70b044e56a04aaa08a40cbf07d644e8bea637f41d3e4acbc7e
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e6d8362fe516844f04eb1868cff8f98facb24faf20cc02a208f3495e82f5136
25173403d20076c00cc25a857f5162b0ef03f75d2ccf1d9501ce0ea27f4302ae
255c827d21a38302512295e9b6cea4bb875d8efe0da36ccf95b9e8c328093712
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2a13ff7469013111f5c2cf7e96535fe5825788b3573cec2aad2f924a8775b41a
2a43a7c77f04cd38b1d71075d0e1963cfcd02265ea365a91025c01a639834e54
2a44c652d9ca2a22bd526049501ef4be7eebe886bd91c4efc33757846234e343
2b03e2baac11c1617d03c2c5cb68d5561a219c02b10ea46987e3cfe1d730226f
2cd0f6bf27dd5392aee38f34ebd531cf947e52c5af687751f60bc6d0d28ee982
2dafa841033726d67b9ca3e8ca8f6535f2ef4ad62ce45e1aab08286c862c6e7c
2ee9a6a60e37ff74e9e84a55f05213992a0463020a012016262d5bd3a4a10131
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f5a0d6fc769a82806db9f8695388ee222ea785ca60457aa2087053907dcb574
30fed39db69dea4c8e7a55e8446dee586d4cb4eebe905f3c7c449cd182efc35a
338f0a6b45397cbcb5eded5fb1c6910a71bd082d81ca5021eafa419572d280d9
34e2d9f8df5271137f3cd95ace8ff8e0afd3fbadb43a2f98858f840fcf8249ee
352e082aeb82c22cac9b6ac328592d6268fe525dc796eac12e4f83172b1396fe
37221150011b4eda862110049502c536e32782d01159d1002944afa2a6fef821
391fd5670220eee47dfb98a1db121ee2f04ab166d3794d50eea9e4f1e05eeca4
39404f14d7cdfe5585c860ecd69a8dfc8d857cd03feda8e8a0582b6e6a403baf
3afc6e6ea738015fcbae182b646af4f9422061fb8ba9a12c81cf2c21cbeecfb3
3b7b08ea696e37f399732d6c1e4b951c209353efe9b2c0676c8141261f03eca4
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e384d1de1e01b21bde2f7fcf28f2d887ab85a3eb2eedf03abaef65525af5328
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ec0308eea33094e070d3569b9a54d298eed07abe1da190c77452c20869c0f5b
42ffeae687ee562cc3d669407321ce1754cc922ed793e3371efac196b33cbf47
43cdf46f331fec5ba92e402e3d5cad473099892cbdafca02e607cd03705104bf
449432e909c4c1f4308e387f8090918b4e905fab81363c20809f25aec0ded61a
45c03eb27416a1ad0a9658e8ef46346eb71f47f1d362fd175d52b5ae6c0154fb
4613762f6ff2994abcd86057abc57deed8cdca007515a91aef629a594a7e6416
467d16b159d4ccb43d7a3aab76d63d223d9dfae82dd03a3299da423513ddccd0
48f9e022a242447450f6f55b566c88d8ed10408523dcb4c775603d63b66a32a6
4a83c19b0712286d57c2226462f03c69897e95dda097e4c26220c6444f5cb635
4b05fd300b023998641714cb534c7c0d6b91bd4fb7ce461959ac28f9db0ec328
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fcd84bdfc8438442d57c12a4bc512e82c532c68bfbd9115ceb2d3b177ebc969
521c38b16194e130c7c5bd73c40e84a59d9eb1e95c815e14eeb657873e722623
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
54ab0f51ec3cf63fc92dd3cb384defb55800fadc29b4798c4c13d4bce60bb4b8
5823bba5d7ae356e30e6aba54cd1a353ba781f436c111547c05f244b6cf92d8f
58c651a26071f79972de05cb4be8ea1bd2cc4833ff94654f34c4ab0085d3355b
5a4de709bb4c9faf4b2d86588d14b415744d2e85f2b0620f4336937a7dedb7b2
5ae5e570fb9150ecd055a7c9966d850fa9500d04b17b0867f84469c7441d02d2
5bf06f29631a1ad766f6655baf6f2232711d6f88d390a6c5d91752c60cf861d4
5dba1570e2c1f739e153f9c8d38e73de101eb05a1c3b158b3a267e55c4b545a8
5fc5ca6b03fb379940b73627d0dc7c3e26c78a719738be26aee764e7576f2de6
607aa273610a68a9d86314467885ff5502b12f8990530241eb51dd8c38a23a70
6106fba2c6f036bfd249c40d9df1fec6f9da3ee1ea754dccde3c0f9690fcc1b4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c6b6158112fd8b071e149787e237eed5f5ec70b7c120eaaa8585f0865bfc01
6330d9d10ff63c82cbaa3f1f814b5639c2c7a47ded38d337d4e266c0d6d505e1
639545d99c924ff87fc97799f2dc94659aec811229272f3e8e5fe1b0a9da6af3
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c5f1544ccc1550ef537d7a9bc4b7ec531c0113e500406cc63ac53bac67f37b8
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
762e70ff6b0c0e2c91f57d48071560fc6f0e2f2179fa04deb48d7ad2091d2d2d
770ffea58974587a34688c8f764d7e557685bfae950f4e8bafd5d9cd47f97080
77626e92662a1cb3ba1c002bf50ad0676cc0be457009173d04b58b97de488dd3
790e9e97a3027dee2861e6270457281acb00aaef8114697b7d9aac706320464a
7a4ca13e9e1f0907c946f9184095e84c90fc1f300dcbcb7b83f7a5e543a0550d
7e8fbd4f69085f45bdf78d2a7c66cfdeb9366d6179d3adf66903a210dbc2ea3c
7f11bbd2091480997ca88487fcf008ee64ecfcdbd72d3a218f16eb3d4a562e1c
7f17a3c0e2e4fdb689c36cfffffd786411280fb2afcdd8ace282be32acacc474
80a19c6081152a6060b590265119738a99570f4ff304163f7338b9e331a4db0a
82ac1e85cfa0edc767331ac49c45efe8eb3e1ca20109ca3162b43c9db85b7dbc
84752bd808c9dc443c73279245cd16911b83152a0cb8e66ba5e60094a520a79f
84b2a8c2c5bde5b690dc44c9d525edc8113d18cd7bf516ad8fa93c782c02a443
84fc551d4cf20edb6525246d38632f5c2a68f4e5aebc77402434a0e781118363
88ef2c29409ce5218170e5e45ea0725bc97575e40b73c8399127fe78c2452357
8df8f305434997f9512cf9863088cccefa4006084fc4feb069f452edb31dad99
8e38d72db5bde88e0a39ae299f3d09ec62ce6e038830cb681442007e17f03879
8ead246d96271c4e6ecbd16cb0cdfa5f292b9bd574ed8fcefb72ae3642bcdb67
8fca354f59752dce225bbeae9a11bc5c7c88fae899993bc4e4aa7c7ac615ad27
8fe9a18c99ee064d767f0d1d14e9d4646f8b485a2ffa806ef2cd8c5ada025900
916301287f61100a9242eeee5168c1f1ed8367729998837d4aaced456c5d98c5
91ac07f1ce011d0b93605fb449a12a2ec18714a3f170319a80c7a61854569593
924ddc3b4f4b93a87997ddd207fc8c8316db4264703361e2eefe91f80d8adff7
951ed55606221c0bb25c62147b1b3f2d1f2e23b7f64f0e61a96c3d5317d93be4
95352cbb5f228db94e6d50f11c4faf4b644a7f0c5093f7174f767ae33d67bd50
9583322eb1c2b8e6866c4936460061fe807ac1140911dc3d09ba65950f5a2d95
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
96db5db7e13f4e196848e1bf69005d804f783c628fc14444f5a797620a30b326
9981531720e3b5aef19b3d1793da3a226372cb95ae219b68dd2e4c3b3f185f5a
99b16b95e55ebbca52470456ed9da21d817c5f8b25a2ed7e3cdd217a0b5cd94d
9a5ca76b8b860c6bec08a8592197e4c69fc26b67ad048e53aad4e5f7789d3d8a
9b64f7e2e52ae67458e04b7611e81a7c981a645c17d1c1749e066959c894abe9
9fd17622bb1bfa27b87268e4d7016eb15805493288070214c94d966609d88fe8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a37559016c240c9e9c4571721e79f7a1cf1e170ce67ebceaecc83bf116b94dcc
a5d3258e2164afeb105c953fea0e5b42a690b4bfe2dea2f221a6d1bb07a09ae8
a63eb57ae9661e37516b07a9821e354c2bdfdfa055897430cb5d73ff09b99e3e
a6f59fc654b5a739d372c1f6954a666d6518236ac67134523277a5548ec40ad0
ab40d2fd397d7357eec52b0a54abbbe4065909ae6993c7f321bcd91b7afa82b6
ab42d7c37f7928197cf2fb60407d97ebf6b8316f5bd3007d33b49d4ca0559e03
ac4b7590132bf024c89b670390e4eb75a3256a9011b2fb76927403e69db14b5e
ac817b99abfb34129b93d6733d15e053a03643b2dcaf146a8de691b6bc8a47bc
ae7c0230749b8a1ac31acdabea1094f958afa5775035ae537cda4a07bf973582
b003821be1eeab780064c4d9c7ee1634916b2b2be9cf52ec454d78f7ced5af92
b0dd05c41cc99b7c1d6bfd0782560a710875295bfc112c42b11d3e17c4b0b208
b3e6d7016a5f78602b12f4605dd0a0f29a79a7cb9be047d4734d665affc9d6fd
b502ef69aba71449772f6e3d042e5ec7447f61d4bee52ce8cba3adfc6ceeb0c0
b50d8808a7006ea35769e8783c16b514c8d40eac1c791bf349980f8456225705
b773d07aeddcb5e8e9ff02a8cc9eb11d13c7ec36ecf8b1436a9994daf3418175
b7e575d24ca37f7b2018f4d06ef676a5e570ae866357b52ba444b5bae8de2a52
b970cfb8a9436228d3746671736ea0c815a5d68ae721d108c35a9fa440ac611e
ba95f54858ec374270e8d1fe3da81985fda7685d3443fc7a151a5ba40a17167a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
bcdd968b0f98a42a09dc36e5a4180c122897830f1ccf863c49f074c7c2490b9a
bf46a23dfe3055265d98d504e78159a6d10af7c0afe5ecabf0d967c74553402a
c3d990019fac3b63ac16593e0661d71074091f96bfcefc99bc5466b4e33d964b
c574bb878909238729bd58bbe8aacf92a35f79b36723b4fac61c14651526f650
c59f302db436115b99f4fcb38357c5c20c9ee7852b67d61b51f5f719e989b5ef
c70ff0c5e412f8332279f3466b11e9592884e93348f495f4f84298a9581c63a2
c72dfe69c8fbdb44833c6dba3b69582e1c3ab3d07ae30a5d25ef0321677687e8
c79244ba457428b6e906fe8545f55750d7d733c8b9d8c5b78592deffca11c7f9
ca8d3614e2555d32bd259350e4690bc16b3c45721faccd80de561d044cfbdcf2
caac035c0ecf1c03e6ea51cdc70730ad87ff6998fe0e6df7b50d5a6d87bd4116
cac1df235adc210488f80cbb6f5aa4381d89e0767c104ffc85f9330ddc9cc66a
cc3a41863d92b22799ff23c52e2173e80b13ebc75b9144151ea105cd52b59de5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00b5cff6b15fd94038489329566b50cce1c946d1bfe69f46c74a0f37209ad39
d0f86d47551776461943bfdf1de04be9582f45239bdc37f725c75d589466e278
d31ccaf4d1d5a13148c3b3f8042110685395b9e09c6dc5540a4965a4fdbe480f
d70ad9b29dc055727e81d562b55f55acb41a0f2ddc9d1e9a6529287edb1a93de
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
db3ec5b517295e46a23e743579fbdd186ad1abe64c9c2b74a84572dbb5008782
db7a9b39abc6548063c9e8491c3f93e25460a4882b48606823f9706a00f962a0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deae9bcabff2f31561c0da44d4d893cf69a461ac6af51f501d31cd0c1ca09367
df91f674ce3902ef0e9ac337f8aa0a15d67b5ee7ce4ad5efa22ad8172e4e91eb
dfb5be0b0ed00c21f6cc36a602d18f3d95f0a341706599607149a201434d27c8
e09e28e0b3d69c2108e371036f2b241908f4abc936d981c4afcd85503823b208
e22094228566ad4a7e84db5aa4d36c53ab016259c2e3ebd653f25c16534bd0d1
e2374a9d3759552a6170ed61e9ca572ac0951dc1d6099589366e1d4b30a7f2df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64ea57308fda16f6b4150ff4151a66f3e69f536a2149e5edd4f2ba487cb8a11
e92d8d8f6562099f17fd68abd8393678c000e17a981fde6a4bdc8c8f8827cd94
eac6863f41c1b4974f735035e671d44291e218c0cdb12b2f5039bde2edbe6f38
ec14db41d8f5543c333c87b248783bac25cdab56936f67b80b2a06add6b4e4dd
ec681a96a9411dee18ee60810d58daa40b8a0e62778b96c41106594058d71db4
eeb2f09a9511bc3c70d6a90a24ea942db06737392c3159c4058ccecc6055c147
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef82770a46ee476d8530cf09afd544198d12b23cc75a01e9e40015c11a8ab3cd
f028b3cbfdc7a92f7c1ad5eba9eccb98605823a174c2a0a500713ea414348381
f0fdba09e5424857290d8e5aa6beb9953d22465dd8cd82e760e549a3f0663320
f3a710ebc776e96b7ef9084fcf7dc2c52031147c1747be8882e0299af16c17be
f55e723e7a513fa50259381fd975bfa5ddbc7ec72cb6b89151b48f1320755e30
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f88279a4bfa31852b69934e6d6b32910258274a5182d909d6c970e63dd5395fd

wincountry.com Open in urlscan Pro 54.84.131.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

259 Requests

92 %HTTPS

48 %IPv6

40 Domains

60 Subdomains

46 IPs

6 Countries

4912 kBTransfer

12708 kBSize

36 Cookies

33 Outgoing links

Page URL History

Redirected requests

259 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wincountry.com Open in urlscan Pro
54.84.131.112 Public Scan

Screenshot
Live screenshot

Full Image

259
Requests

92 %
HTTPS

48 %
IPv6

40
Domains

60
Subdomains

46
IPs

6
Countries

4912 kB
Transfer

12708 kB
Size

36
Cookies

259 HTTP transactions
7 data transactions