winningtrades.com Open in urlscan Pro
104.16.42.105 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.mail.beehiiv.com/ss/c/u001.hrL4oeozo6K_jWii9TYEkilYGSgTvihTUR2biRs7NA9iG2rVXQmUXxorbn2-s6GcQojhkam5F02PH0rtLZmxX9...
Effective URL:
https://winningtrades.com/therma_bright
Submission: On October 22 via api (October 22nd 2024, 1:14:41 pm UTC) from BE — Scanned from DE

Summary HTTP 94 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 22 domains to perform 94 HTTP transactions. The main IP is 104.16.42.105, located in and belongs to CLOUDFLARENET, US. The main domain is winningtrades.com.
TLS certificate: Issued by WE1 on September 7th 2024. Valid for: 3 months.

This is the only time winningtrades.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:4428	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:20:... 2606:4700:20::ac43:4657	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	104.16.42.105 104.16.42.105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
2	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
2 5	2606:4700::68... 2606:4700::6811:f7cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:310... 2606:4700:3108::ac42:2b5d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	104.17.123.183 104.17.123.183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:dcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
3	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:29:1... 2620:1ec:29:1::64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	3.226.182.14 3.226.182.14	14618 (AMAZON-AES) (AMAZON-AES)
1	23.22.5.68 23.22.5.68	14618 (AMAZON-AES) (AMAZON-AES)
7	2600:9000:211... 2600:9000:211e:e600:1c:37e5:3f40:21	16509 (AMAZON-02) (AMAZON-02)
2	5.161.104.165 5.161.104.165	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	20.57.85.160 20.57.85.160	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
94	22

1 2606:4700::6812:4428 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

link.mail.beehiiv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4657 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.vpdae.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.16.42.105 (None, )

ASN13335 (CLOUDFLARENET, US)

winningtrades.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:f7cb (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3108::ac42:2b5d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quilljs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.17.123.183 (None, )

ASN13335 (CLOUDFLARENET, US)

3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:dcc (United States)

ASN13335 (CLOUDFLARENET, US)

code.iconify.design	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.iconify.design	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:29:1::64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
psb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

widget.darqube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.226.182.14 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-182-14.compute-1.amazonaws.com

jika.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.22.5.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-5-68.compute-1.amazonaws.com

www.jika.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:211e:e600:1c:37e5:3f40:21 (United States)

ASN16509 (AMAZON-02, US)

d1muf25xaso8hp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.161.104.165 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: ash01.mooash.systems

ipv4.geojs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.57.85.160 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	winningtrades.com winningtrades.com	1 MB
14	bubble.io 3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io	2 MB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	15 KB
7	cloudfront.net d1muf25xaso8hp.cloudfront.net	203 KB
7	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 862 psb.taboola.com — Cisco Umbrella Rank: 5951 trc.taboola.com — Cisco Umbrella Rank: 686 trc-events.taboola.com — Cisco Umbrella Rank: 2720	24 KB
7	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	79 KB
5	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 634 e.clarity.ms — Cisco Umbrella Rank: 14751	29 KB
5	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 797	241 KB
3	gstatic.com fonts.gstatic.com	90 KB
3	quilljs.com cdn.quilljs.com — Cisco Umbrella Rank: 22252	54 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	geojs.io ipv4.geojs.io — Cisco Umbrella Rank: 91416	1 KB
2	jika.io 1 redirects jika.io — Cisco Umbrella Rank: 937044 www.jika.io	925 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	73 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 77	12 KB
2	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 5947	170 KB
2	iconify.design code.iconify.design — Cisco Umbrella Rank: 34282 api.iconify.design — Cisco Umbrella Rank: 12736	9 KB
2	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1472	27 KB
1	darqube.com widget.darqube.com
1	vpdae.com 1 redirects www.vpdae.com — Cisco Umbrella Rank: 425059	856 B
1	beehiiv.com 1 redirects link.mail.beehiiv.com — Cisco Umbrella Rank: 51550	742 B
0	viblast.com Failed cdn.viblast.com Failed
94	22

	Domain	Requested by
18	winningtrades.com	winningtrades.com
14	3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io	winningtrades.com unpkg.com
9	fonts.googleapis.com	winningtrades.com
7	d1muf25xaso8hp.cloudfront.net	winningtrades.com
7	cdn.jsdelivr.net	winningtrades.com
5	unpkg.com	2 redirects winningtrades.com
4	trc-events.taboola.com	cdn.taboola.com
3	e.clarity.ms	www.clarity.ms
3	fonts.gstatic.com	fonts.googleapis.com
3	cdn.quilljs.com	winningtrades.com
2	www.facebook.com	winningtrades.com
2	ipv4.geojs.io	winningtrades.com
2	connect.facebook.net	winningtrades.com connect.facebook.net
2	www.clarity.ms	winningtrades.com www.clarity.ms
2	www.youtube.com	cdn.jsdelivr.net www.youtube.com
2	vjs.zencdn.net	winningtrades.com
2	platform.twitter.com	winningtrades.com platform.twitter.com
1	trc.taboola.com	cdn.taboola.com
1	psb.taboola.com	cdn.taboola.com
1	api.iconify.design	code.iconify.design
1	www.jika.io	winningtrades.com
1	jika.io	1 redirects
1	widget.darqube.com	winningtrades.com
1	cdn.taboola.com	winningtrades.com
1	code.iconify.design	winningtrades.com
1	www.vpdae.com	1 redirects
1	link.mail.beehiiv.com	1 redirects
0	cdn.viblast.com Failed	winningtrades.com
94	28

This site contains links to these domains. Also see Links.

Domain
x.com

Subject Issuer	Validity	Valid
winningtrades.com WE1	`2024-09-07` - `2024-12-06`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-24` - `2025-07-25`	a year	crt.sh
unpkg.com WE1	`2024-09-25` - `2024-12-24`	3 months	crt.sh
cdn.quilljs.com WE1	`2024-10-16` - `2025-01-14`	3 months	crt.sh
bubble.io WE1	`2024-10-15` - `2025-01-14`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
iconify.design WE1	`2024-10-10` - `2025-01-09`	3 months	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-06` - `2025-04-07`	a year	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-31` - `2024-10-29`	3 months	crt.sh
darqube.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
jika.io Sectigo RSA Domain Validation Secure Server CA	`2024-04-14` - `2025-04-15`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
get.geojs.io E6	`2024-09-28` - `2024-12-27`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://winningtrades.com/therma_bright
Frame ID: A49FB76D1AB06578BAB81349F05E03B7
Requests: 90 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwinningtrades.com
Frame ID: 83551A697C41507B25BDDA4E693DE157
Requests: 1 HTTP requests in this frame

Frame: https://widget.darqube.com/ticker-tape?token=66e39226a986d939290d3bdc
Frame ID: 5E767C56649CBFFF34401B31BABD8C58
Requests: 1 HTTP requests in this frame

Frame: https://www.jika.io/embed/area-chart?symbol=THRM.V&selection=one_year&closeKey=close&boxShadow=true&graphColor=26334c&textColor=161c2d&backgroundColor=FFFFFF&fontFamily=Nunito
Frame ID: DA022AD96437D7FC625365C4BFE4D6AC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Winning Trades - Featured

Page URL History Show full URLs

https://link.mail.beehiiv.com/ss/c/u001.hrL4oeozo6K_jWii9TYEkilYGSgTvihTUR2biRs7NA9iG2rVXQmUXxorbn2-s6GcQo... HTTP 302
https://www.vpdae.com/redirect/7gdhjayet5cfqc8syc3hfxr56sx?utm_source=elitetrade.club&utm_medium=n... HTTP 302
https://winningtrades.com/therma_bright Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

94
Requests

96 %
HTTPS

50 %
IPv6

22
Domains

28
Subdomains

22
IPs

4
Countries

4267 kB
Transfer

9788 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://x.com/bright_therma/status/1826654602923528555

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.mail.beehiiv.com/ss/c/u001.hrL4oeozo6K_jWii9TYEkilYGSgTvihTUR2biRs7NA9iG2rVXQmUXxorbn2-s6GcQojhkam5F02PH0rtLZmxX97-uUI-bVof4aLCd9JDEjcGuvDKU8h0yJpffN06uwqm6puTJruQpUu-QOWBd432wY1CgPgbbLTT3UM1lFpXNokTVtAr1Fv0mlO_DB0zZ3Wjk-IOIVYdgGb4rkqL-mpe7R39IMwhPlirMiFd-I4I2mHOFTohwSkUJr3fYDIng-ID_pXpry7TcHSwpVXvMn1jS1-uXTiIZDGoLTk-eP8B8V0/4at/OxF60YX_RluMIh7ICvEaxA/h9/h001.SN3rbub-uMwWuqV8nBr-EdVtyHYUnJ_IPu0BoY9lr6c HTTP 302
https://www.vpdae.com/redirect/7gdhjayet5cfqc8syc3hfxr56sx?utm_source=elitetrade.club&utm_medium=newsletter&utm_campaign=mixed-q3-results-for-verizon-and-gm&_bhlid=cf5e53c3c8cd531d9e46ac17c15bfceffb3546af HTTP 302
https://winningtrades.com/therma_bright Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

Request Chain 11

https://unpkg.com/@lottiefiles/lottie-interactivity@latest/dist/lottie-interactivity.min.js HTTP 302
https://unpkg.com/@lottiefiles/lottie-interactivity@1.6.2/dist/lottie-interactivity.min.js

Request Chain 47

https://jika.io/embed/area-chart?symbol=THRM.V&selection=one_year&closeKey=close&boxShadow=true&graphColor=26334c&textColor=161c2d&backgroundColor=FFFFFF&fontFamily=Nunito HTTP 301
https://www.jika.io/embed/area-chart?symbol=THRM.V&selection=one_year&closeKey=close&boxShadow=true&graphColor=26334c&textColor=161c2d&backgroundColor=FFFFFF&fontFamily=Nunito

94 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request therma_bright Show response
winningtrades.com/
Redirect Chain

https://link.mail.beehiiv.com/ss/c/u001.hrL4oeozo6K_jWii9TYEkilYGSgTvihTUR2biRs7NA9iG2rVXQmUXxorbn2-s6GcQojhkam5F02PH0rtLZmxX97-uUI-bVof4aLCd9JDEjcGuvDKU8h0yJpffN06uwqm6puTJruQpUu-QOWBd432wY1CgPgbb...
https://www.vpdae.com/redirect/7gdhjayet5cfqc8syc3hfxr56sx?utm_source=elitetrade.club&utm_medium=newsletter&utm_campaign=mixed-q3-results-for-verizon-and-gm&_bhlid=cf5e53c3c8cd531d9e46ac17c15bfceff...
https://winningtrades.com/therma_bright

26 KB
10 KB

760ms
682ms

Document
text/html

104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1df901c8c3974f6c0b88466dd310f156a9c65c3ae5e45a2b78bcdd8399aad50c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 8d69c03d0ee79bbe-FRA
content-encoding: br
content-security-policy: frame-ancestors 'none';
content-type: text/html
date: Tue, 22 Oct 2024 13:14:32 GMT
referrer-policy: origin
server: cloudflare
vary: Accept-Encoding
x-bubble-capacity-limit: 0 ms slower
x-bubble-capacity-used: 0.103 unit-seconds used
x-bubble-perf: {"total":272.7,"percents":{"top":{"bubble_cpu":16.4,"block":83.5,"capacity_rl":0,"other_pause":0,"pre_fiber":0.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":51.1,"appserver_cache_misses_time":0,"redis":117.6,"fiber_queue":4.2,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":8,"derived_cache_memory_misses":8,"serverjson":45,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":89,"fiber_queue":69,"blocks":68},"misc":{"userdb_results":1,"userdb_data":228,"spent_time":6725399}}
x-frame-options: DENY
x-powered-by: Express

Redirect headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8d69c03ac8fc993f-FRA
content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 13:14:31 GMT
location: https://winningtrades.com/therma_bright
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729602871&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=2btMNIMbgOoQsuE1e6BMBz7n%2FCVhiC3UgDuTuRhkiV0%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1729602871&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=2btMNIMbgOoQsuE1e6BMBz7n%2FCVhiC3UgDuTuRhkiV0%3D
server: cloudflare
via: 1.1 vegur
x-request-id: df69f098-ed3e-43a9-8345-79747a6cc6d2
x-runtime: 0.033056

GET
H2 200 early.js Show response
winningtrades.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/ 24 KB
9 KB 52ms
50ms Script
application/javascript 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winningtrades.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://winningtrades.com
Referer: https://winningtrades.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 19258896
x-bubble-capacity-limit: 0 ms slower
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-bubble-capacity-used: 0.016 unit-seconds used
cf-ray: 8d69c0417c219bbe-FRA
access-control-allow-origin: *
x-bubble-perf: {"total":59.8,"percents":{"top":{"bubble_cpu":11.6,"block":86.9,"capacity_rl":0,"other_pause":0,"pre_fiber":0.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":9.2,"appserver_cache_misses_time":0,"redis":9.6,"fiber_queue":1.1,"capacity_wait":10.1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1041703}}
x-powered-by: Express
server: cloudflare

GET
H2 200 run.css
winningtrades.com/package/run_css/4de1337f7dadfa72a25e99daeb43916adf9b89b4e0742eb013b552b1daa3dbc0/winningtrades/live/therma_bright/xfalse/xfalse/ 73 KB
14 KB 49ms
49ms Stylesheet
text/css 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winningtrades.com/package/run_css/4de1337f7dadfa72a25e99daeb43916adf9b89b4e0742eb013b552b1daa3dbc0/winningtrades/live/therma_bright/xfalse/xfalse/run.css
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 963ecfb4bf98969ac8bfec15f0ede5941ce3414b8f1ad3590ffe38fa8053453a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: br
cf-bgj: minify
cf-cache-status: HIT
age: 4159
x-bubble-capacity-limit: 0 ms slower
cf-polished: origSize=95472
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-bubble-capacity-used: 0.067 unit-seconds used
cf-ray: 8d69c0417c239bbe-FRA
access-control-allow-origin: *
x-bubble-perf: {"total":125.8,"percents":{"top":{"bubble_cpu":23.2,"block":74.2,"capacity_rl":0,"other_pause":0,"pre_fiber":0.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":12.1,"appserver_cache_misses_time":0,"redis":40.6,"fiber_queue":2.1,"capacity_wait":1.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":15,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":46,"fiber_queue":51,"blocks":50},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":4374885}}
x-powered-by: Express
server: cloudflare

GET
H2 200 pre_run_jquery.js Show response
winningtrades.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/ 88 KB
32 KB 58ms
51ms Script
application/javascript 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winningtrades.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://winningtrades.com
Referer: https://winningtrades.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 488183
x-bubble-capacity-limit: 38.3 ms slower
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-bubble-capacity-used: 0.115 unit-seconds used
cf-ray: 8d69c0418c3c9bbe-FRA
access-control-allow-origin: *
x-bubble-perf: {"total":168.5,"percents":{"top":{"bubble_cpu":5.9,"block":93.9,"capacity_rl":0,"other_pause":0,"pre_fiber":0.3},"sub":{"pp_userdb":3,"pp_wait_userdb":0,"http_request":0,"serverjson":4.7,"appserver_cache_misses_time":0,"redis":17.6,"fiber_queue":0.9,"capacity_wait":22.8}},"counts":{"pp_userdb":2,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":21,"fiber_queue":25,"blocks":24},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":7497779}}
x-powered-by: Express
server: cloudflare

GET
H2 200 run.js Show response
winningtrades.com/package/run_js/05e8a391fff0cbd251ade53b69c0eb45c53dac2f50895816f3ffa567b317d085/xfalse/x29/ 3 MB
765 KB 105ms
98ms Script
application/javascript 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winningtrades.com/package/run_js/05e8a391fff0cbd251ade53b69c0eb45c53dac2f50895816f3ffa567b317d085/xfalse/x29/run.js
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 683b90a5402ea01dca0d3b650012b1aae28fe15060eee9cebae216c659aa611d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://winningtrades.com
Referer: https://winningtrades.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 55436
x-bubble-capacity-limit: 0 ms slower
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-bubble-capacity-used: 0.251 unit-seconds used
cf-ray: 8d69c0418c419bbe-FRA
access-control-allow-origin: *
x-bubble-perf: {"total":149.9,"percents":{"top":{"bubble_cpu":36.9,"block":58.8,"capacity_rl":0,"other_pause":0,"pre_fiber":1.8},"sub":{"pp_userdb":12,"pp_wait_userdb":0,"http_request":0,"serverjson":5.9,"appserver_cache_misses_time":0,"redis":13.9,"fiber_queue":1.6,"capacity_wait":2.3}},"counts":{"pp_userdb":2,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":20,"fiber_queue":26,"blocks":25},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":16296776}}
x-powered-by: Express
server: cloudflare

GET
H2 200 static.js Show response
winningtrades.com/package/static_js/c176cea99d9a9f46fcadc697a4f5dbdc49b6c7c167386c8801213a58b290d917/winningtrades/live/therma_bright/xnull/xfalse/xfalse/xfalse/ 810 KB
189 KB 101ms
97ms Script
application/javascript 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winningtrades.com/package/static_js/c176cea99d9a9f46fcadc697a4f5dbdc49b6c7c167386c8801213a58b290d917/winningtrades/live/therma_bright/xnull/xfalse/xfalse/xfalse/static.js
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 37ec782f260baf91854194750d45ef07531f26bd82d4bb600fa0d48e9971ae21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://winningtrades.com
Referer: https://winningtrades.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 4159
x-bubble-capacity-limit: 0 ms slower
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-bubble-capacity-used: 0.093 unit-seconds used
cf-ray: 8d69c0418c459bbe-FRA
access-control-allow-origin: *
x-bubble-perf: {"total":139.4,"percents":{"top":{"bubble_cpu":29,"block":69.6,"capacity_rl":0,"other_pause":0,"pre_fiber":0.4},"sub":{"pp_userdb":1.4,"pp_wait_userdb":0,"http_request":0,"serverjson":21.4,"appserver_cache_misses_time":0,"redis":46.9,"fiber_queue":5.1,"capacity_wait":1}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":7,"derived_cache_memory_misses":7,"serverjson":32,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":84,"fiber_queue":69,"blocks":68},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":6054459}}
x-powered-by: Express
server: cloudflare

GET
H2 200 dynamic.js Show response
winningtrades.com/package/dynamic_js/4b3958153aef082dfdac4b929ec5377a701d525dbe1901a55d9c76220de6e010/winningtrades/live/therma_bright/xnull/xfalse/xfalse/en_us/xfalse/xfalse/ 165 KB
34 KB 55ms
51ms Script
application/javascript 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winningtrades.com/package/dynamic_js/4b3958153aef082dfdac4b929ec5377a701d525dbe1901a55d9c76220de6e010/winningtrades/live/therma_bright/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ead3d0ce072955194e4e6062c01e9fd7aa9e0503291e6e9cb15454e1a6bc23ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://winningtrades.com
Referer: https://winningtrades.com/

Response headers

content-encoding: br
cf-cache-status: HIT
age: 4158
x-bubble-capacity-limit: 0 ms slower
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
x-bubble-capacity-used: 0.078 unit-seconds used
cf-ray: 8d69c0418c469bbe-FRA
access-control-allow-origin: *
x-bubble-perf: {"total":152.7,"percents":{"top":{"bubble_cpu":17.6,"block":82.1,"capacity_rl":0,"other_pause":0,"pre_fiber":0.5},"sub":{"pp_userdb":2,"pp_wait_userdb":0,"http_request":0,"serverjson":5.7,"appserver_cache_misses_time":0,"redis":29.9,"fiber_queue":1.5,"capacity_wait":1.6}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":4,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":35,"fiber_queue":41,"blocks":40},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":5037909}}
x-powered-by: Express
server: cloudflare

GET
H2 200 swiper-bundle.min.css
cdn.jsdelivr.net/npm/swiper@11.1.4/ 18 KB
4 KB 265ms
132ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@11.1.4/swiper-bundle.min.css

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e6792bc2356c88d7cacf7351d64da1e7eaade694b9485daef7f4c84f5844968c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"47ff-d3a3yEz+9uIdA7uPkGvhHx1zZd4"
age: 479285
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220064-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4464
x-jsd-version: 11.1.4

GET
H2 200 swiper-bundle.min.js Show response
cdn.jsdelivr.net/npm/swiper@11.1.4/ 147 KB
43 KB 224ms
91ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@11.1.4/swiper-bundle.min.js

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ac20020d60a9fd5cc8874aec07e8a940233d5c1bcef0735ed1f35239ae2ccacd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"24baf-SvYRfRJkVC7ONCBpuA5fO4KwFAk"
age: 1749281
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220064-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43885
x-jsd-version: 11.1.4

GET
H2 200 widgets.js Show response
platform.twitter.com/ 91 KB
27 KB 96ms
28ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: gzip
etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
access-control-allow-methods: GET
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date: Tue, 22 Oct 2024 13:14:33 GMT
last-modified: Mon, 11 Dec 2023 17:20:28 GMT
vary: Accept-Encoding
x-served-by: cache-iad-kcgs7200137-IAD, cache-muc13978-MUC
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1800
tw-cdn: FT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27597
x-amz-server-side-encryption: AES256

GET
H2

200

lottie-player.js Show response
unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/
Redirect Chain

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

371 KB
120 KB

46ms
20ms

Script
application/javascript

2606:4700::6811:f7cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Server

2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68b594d79a955d4237d365555d137be2842068c263d444f583556ee1f9a8cbc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "5cd35-FL4z5R7jgfyHeGPFiEURHtF1scw"
age: 486634
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JABNQW56JZG9R0M3206NX341-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8d69c042e9fe37f7-FRA
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
content-encoding: br
cf-cache-status: HIT
age: 409
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8d69c042494337f7-FRA
access-control-allow-origin: *
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JAT5DZJNXB88TAFE6BXTYFFF-fra
server: cloudflare

GET
H2 200 dotlottie-player.js Show response
unpkg.com/@dotlottie/player-component@1.0.0/dist/ 332 KB
114 KB 188ms
59ms Script
application/javascript 2606:4700::6811:f7cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@dotlottie/player-component@1.0.0/dist/dotlottie-player.js

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19aa295521f5fe3828d378798ce690ff429956271afab0ac12883f188bcf95be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "52f95-a5ortVpVcaDVdN2fO+5oFj6JbNE"
age: 1841265
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J939VNW24Q4B2XJ5C0C09SC9-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8d69c042494b37f7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2

200

lottie-interactivity.min.js Show response
unpkg.com/@lottiefiles/lottie-interactivity@1.6.2/dist/
Redirect Chain

https://unpkg.com/@lottiefiles/lottie-interactivity@latest/dist/lottie-interactivity.min.js
https://unpkg.com/@lottiefiles/lottie-interactivity@1.6.2/dist/lottie-interactivity.min.js

20 KB
6 KB

40ms
40ms

Script
application/javascript

2606:4700::6811:f7cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@lottiefiles/lottie-interactivity@1.6.2/dist/lottie-interactivity.min.js

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Server

2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d4cb67a77ccaac1eb6226ad28e5c991a57a03a8aea99e85523b7e0df6694770

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "4f2c-jEDFlsTFN2OEDC3P02SAdZDlWAQ"
age: 1841700
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J939EHPVKMJJFZ558XMQEVKD-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8d69c0437aad37f7-FRA
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /@lottiefiles/lottie-interactivity@1.6.2/dist/lottie-interactivity.min.js
content-encoding: br
cf-cache-status: HIT
age: 60
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8d69c042494837f7-FRA
access-control-allow-origin: *
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JAT5RYJX7Z025038DWPWXXVS-fra
server: cloudflare

GET
H2 200 index.js Show response
cdn.jsdelivr.net/npm/citizendev-bubble-utils@latest/dist/ 3 KB
2 KB 495ms
363ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/citizendev-bubble-utils@latest/dist/index.js

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1bd9724e3096fd34d6240a2aff5a6d7a46cf99ad3e5e529e0fe0bd95e26395a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://winningtrades.com
Referer: https://winningtrades.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"a7c-dTABh+FPDWWm/9oyORG1jwCeWFE"
age: 21382
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220104-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1228
x-jsd-version: 0.0.10

GET
H2 200 quill.min.js Show response
cdn.quilljs.com/1.3.6/ 210 KB
46 KB 229ms
96ms Script
application/javascript 2606:4700:3108::ac42:2b5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quilljs.com/1.3.6/quill.min.js

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de86018869b5e845bdc101fc1b55611a1e375e08af6cee4a681d7446103da611

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"c2734fd6895bdfba13245fc2cda12202"
age: 170
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=buSFTDpCrN8hyITbD5eIOZvyxpELcsYqqj2m4hCsQqTXtK3IqNByV%2Fj5w2uXRQyOTDMhRqXvZYs%2FKSZPk5np%2F3BSjwBdwgyuGCAO0bxuK58eEIaUr8tgZY6uWXz5O00FZVOJE%2BoD2icoTIn4pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8d69c0426e70d2a6-FRA
access-control-allow-origin: *
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: application/javascript
last-modified: Mon, 22 Apr 2024 16:07:39 UTC
vary: Accept-Encoding, Accept-Encoding
server: cloudflare

GET
H2 200 quill.snow.css
cdn.quilljs.com/1.3.6/ 24 KB
4 KB 225ms
93ms Stylesheet
text/css 2606:4700:3108::ac42:2b5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quilljs.com/1.3.6/quill.snow.css

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

892e299431955e9ae388ae257f72024ee76af2d52a7a97a868f70fbe50f16144

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"9b536bda67650c506df72197baec4c01"
age: 17461
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BhWrcA0o4bza5Vn6EFIs4r4dE%2FqT8lpNawrktOUWAfz4YAns%2FvJPagrFViUIWQaBlwWgxFceq4QlFHGIIBPXsnw%2Fvj1Bfhg7FFT72aXC9l3RAGJGeVKiX6k5Se9E21iBIS3AQlo3pDkMmhPmzA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8d69c0426e6ed2a6-FRA
access-control-allow-origin: *
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 22 Apr 2024 16:07:39 UTC
vary: Accept-Encoding, Accept-Encoding
server: cloudflare

GET
H2 200 quill.bubble.css
cdn.quilljs.com/1.3.6/ 25 KB
4 KB 226ms
94ms Stylesheet
text/css 2606:4700:3108::ac42:2b5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quilljs.com/1.3.6/quill.bubble.css

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48b1b42379c43ddbbf6ca013334f983068a10a62f6d223432a166872ec0ec0e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1481f6f60c160d773a7533c2db8c95fd"
age: 575404
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZfYuXAN9lt%2BVzWaXO5HW8U3NRsFLONjulPvfvauRxrpYHtFmN22HOdQM8I%2FX6Xx7VUdHxFFFkbsUWadVe5xmhQvd61VDMYO%2FARFRm0g1YaJbUPekvsQwqcXWiuNlWxbMb2ncCN9y2We4D33pww%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8d69c0426e6bd2a6-FRA
access-control-allow-origin: *
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
server: cloudflare
last-modified: Mon, 22 Apr 2024 16:07:39 UTC

GET
H3 200 image-resize.min.js Show response
3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1636107911716x342265603042299900/ 27 KB
8 KB 148ms
46ms Script
text/javascript 104.17.123.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1636107911716x342265603042299900/image-resize.min.js
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.123.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1c53b3339955bc59c534428474ecf96bc825f9b824754b84652d484adf67209

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

x-amz-meta-app-version: aless-fix-credits
content-encoding: br
cf-cache-status: HIT
etag: W/"c6329b8b4f764d9983d291c02ac2389d"
x-amz-version-id: I3KCV2PdUCTGK0pzaG4ro7k1XsZ1ftAb
age: 82868
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: text/javascript
last-modified: Fri, 05 Nov 2021 10:25:13 GMT
vary: Accept-Encoding
x-amz-id-2: 17YGaO8U1a5F4pzBSOqnTAn0CQFSGZBx6iii3kKl1LgiyPfJh6ennmUB8OwXFyNDaE30faoaizU=
cache-control: public,max-age=86400
x-amz-meta-appname: meta
x-amz-request-id: YSX32NPSHE306V0D
cf-ray: 8d69c0422f59d2c6-FRA
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 css
fonts.googleapis.com/ 13 KB
2 KB 194ms
66ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f649962625d75ad320e6e08c7408167861ebc287ba3d6069ca01b7ce086d310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 22 Oct 2024 13:14:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 22 Oct 2024 13:14:32 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 187ms
60ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0faa25ae64edb714ae1148409c1e2ac4c0c84c6babcdd261b6b65cae42108fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 22 Oct 2024 13:14:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 22 Oct 2024 12:59:07 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 196ms
69ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08ae2d94daffc1537d98d92554c8e95937064fd9b827d3910b1aafdccd6fb7f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 22 Oct 2024 13:14:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 22 Oct 2024 13:11:40 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 4 KB
865 B 171ms
43ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Frank+Ruhl+Libre|Playfair+Display|Archivo

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c96830aca4e709794d74b7b6d93d6e4e0f6c762ff21d8c96147b2eca86d8df2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 22 Oct 2024 13:14:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 22 Oct 2024 13:11:36 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 12 KB
2 KB 170ms
43ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f1e36121cffdeced7b6bec3c6d0cd056004fe7ecbb51aba7991cc19d5ae78e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 22 Oct 2024 13:14:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 22 Oct 2024 13:07:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 13 KB
2 KB 171ms
44ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8ccf814e7037888a21acd3e59fd28b265ddf7d04bbd38c5b41c99ec53311b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 22 Oct 2024 13:14:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 22 Oct 2024 13:14:32 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 239ms
112ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

492c84a35f8efbb0a618bcf452deb28247326510c9fa896f443db0ad22a31027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 22 Oct 2024 13:14:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 22 Oct 2024 13:07:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 233ms
113ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=BioRhyme|Karla|Lora|Mizra

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3929faed6f620d4993ccb7f980dcf8301046ede0ebbe1995a4ceb9e312aa07ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 22 Oct 2024 13:14:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 22 Oct 2024 13:10:25 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 rte-fonts.css
3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1585640996566x197128756908218080/ 6 KB
1 KB 221ms
127ms Stylesheet
text/css 104.17.123.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1585640996566x197128756908218080/rte-fonts.css
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.123.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83ce3e812921923e726be63f1dffb087ff1fcd0c3e39250c1286ebbb908f0acb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

x-amz-meta-app-version: live
content-encoding: br
cf-bgj: minify
etag: W/"7f0c2df1402262d9b3107b768c8acfbb"
x-amz-version-id: WGq5S1nZq.zanKJ6uzkiaqadV8QDj6WW
age: 82868
cf-cache-status: HIT
cf-polished: origSize=7312
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: text/css
last-modified: Tue, 31 Mar 2020 07:49:57 GMT
vary: Accept-Encoding
x-amz-id-2: Yry/AE6iOfnk953U3C0ljfhdklHQsQj2t2qLfxkAcjLqajwxCBsu+FaD/RrqdzzNTD8Z0t8L0kA=
cache-control: public,max-age=86400
x-amz-meta-appname: meta
x-amz-request-id: RG6XFZTR9R225QYY
cf-ray: 8d69c0422f63d2c6-FRA
server: cloudflare

GET
H3 200 platform_compressed.js Show response
3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1593946126189x197544584808178940/ 14 KB
7 KB 189ms
95ms Script
text/javascript 104.17.123.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1593946126189x197544584808178940/platform_compressed.js
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.123.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c039b6e245af3041933a2e283eb929be6c05618616e34ef2b8e3ca2bb368007

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

x-amz-meta-app-version: live
content-encoding: br
cf-cache-status: HIT
etag: W/"b21b9f252fb6c5c25ac24ab2fd546a32"
x-amz-version-id: mTTPnxjqytAN.Rq0oNpMhFc64KfN0fUA
age: 4159
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: text/javascript
last-modified: Sun, 05 Jul 2020 10:48:47 GMT
vary: Accept-Encoding
x-amz-id-2: tHW1l7Z0l1Lm2+4rEaKJ1PCcEg36lLrhlNJvkpz9zB1JDaNTrk+Yeb9DlXddFx5zk2NNudSVbJ/9bSrVLV/TWo4d85PNgliw9gu2L77t1Cg=
cache-control: public,max-age=86400
x-amz-meta-appname: meta
x-amz-request-id: 9W0C41DMG0CZY19E
cf-ray: 8d69c0422f5cd2c6-FRA
server: cloudflare

GET
H2 200 iconify.min.js Show response
code.iconify.design/1/1.0.7/ 22 KB
8 KB 217ms
93ms Script
application/javascript 2606:4700:20::681a:dcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.iconify.design/1/1.0.7/iconify.min.js
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a80c2efe80248a6ddbbf8f13b2632501da332c5a487efccacee6a9f33074f18e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

x-fastly-request-id: fa51558cf4c50c3a41b93b4dc035700c31f98dfd
content-encoding: gzip
cf-cache-status: HIT
etag: W/"67055124-596e"
age: 457
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4t0JM7Tx0XVX1Yu3KTELZ7kmRGlFIitGjf%2FsPgn9TCeTkJEf48q0Q0iC2RsgaCO%2F4WeA4ixHcCaKdGcd39Xpg4S10xp%2Fy2lMOvF%2FibAt2L22pElc7a5vuIRcFxZC2bYo9rFnsmb01seoZ3CD4FpXFF8%3D"}],"group":"cf-nel","max_age":604800}
x-github-request-id: D6FD:2B8B2D:33E9214:35766DD:670551DC
expires: Tue, 08 Oct 2024 15:48:05 GMT
x-proxy-cache: MISS
x-cache: HIT
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230084-FRA
x-cache-hits: 1
last-modified: Tue, 08 Oct 2024 15:35:00 GMT
vary: Accept-Encoding
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729533243.567778,VS0,VE3
via: 1.1 varnish
cf-ray: 8d69c0426a31d9d7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7857
x-origin-cache: HIT
server: cloudflare

GET
H2 200 production.min.js Show response
cdn.jsdelivr.net/gh/joeymalvinni/webrtc-ip/dist/ 4 KB
1 KB 235ms
112ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/joeymalvinni/webrtc-ip/dist/production.min.js

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3a6733e85a8e7daed51893fb8c1ec84fcb06627dc8b78dc614ad85ca967a6501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"10b2-wWyor/Ey3d2s5Lzum+lBNIcSW5A"
age: 27591
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220064-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1185
x-jsd-version: 3.5.4

GET
H2 200 video-js.css
vjs.zencdn.net/7.20.3/ 46 KB
11 KB 215ms
92ms Stylesheet
text/css 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.20.3/video-js.css
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a600e503fc0dcb171bd2ce6b639bbb5cf35b91ccc3c045324a7a4e2603683a0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

timing-allow-origin: *
content-encoding: gzip
etag: "92c4f5bba6e24134f07a508819300d2e"
access-control-allow-origin: *
x-cache: HIT
content-length: 10964
date: Tue, 22 Oct 2024 13:14:32 GMT
last-modified: Fri, 09 Sep 2022 18:11:04 GMT
content-type: text/css
x-served-by: cache-fra-etou8220143-FRA
x-cache-hits: 16
vary: Accept-Encoding

GET
H2 200 video.min.js Show response
vjs.zencdn.net/7.20.3/ 570 KB
159 KB 200ms
93ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.20.3/video.min.js
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 46763816babdcf547c1cbedf9a54a7295648cbc1ae648f5620c8e11264b01fcc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

timing-allow-origin: *
content-encoding: gzip
etag: "e8501cee3dd39de15e41eeb3298c9576"
access-control-allow-origin: *
x-cache: HIT
content-length: 163091
date: Tue, 22 Oct 2024 13:14:32 GMT
last-modified: Fri, 09 Sep 2022 18:11:04 GMT
content-type: application/javascript
x-served-by: cache-fra-etou8220143-FRA
x-cache-hits: 1
vary: Accept-Encoding

GET
H2 200 Youtube.min.js Show response
cdn.jsdelivr.net/npm/videojs-youtube@2.6.1/dist/ 14 KB
4 KB 219ms
112ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs-youtube@2.6.1/dist/Youtube.min.js

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7d39b75f8d8895c21e8f271d6b110535f413f39d348da21dc0e669d2769ed41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"3678-YVZMRnLb6HnSGpkW8sui0W2NjYk"
age: 1761701
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220064-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4093
x-jsd-version: 2.6.1

GET
H2 200 videojs-vimeo.js Show response
cdn.jsdelivr.net/npm/videojs7-vimeo@2.0.3/dist/ 77 KB
19 KB 235ms
129ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/videojs7-vimeo@2.0.3/dist/videojs-vimeo.js

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

864a0ef9790846a1508ce85f71d18c0d87fed5181f9bebe6684e0254db88b909

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"1328a-aCmXgzSBqV26sFQJldzSomP4mjc"
age: 556231
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220064-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19395
x-jsd-version: 2.0.3

GET
H3 200 wistia.js Show response
3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1600517538377x582687689465610100/ 12 KB
3 KB 203ms
126ms Script
text/javascript 104.17.123.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1600517538377x582687689465610100/wistia.js
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.123.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1726ef5b0ce20ebb8f89227c1b206d1c354304c9fd0ca7c4beb44c92faa3ab6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

x-amz-meta-app-version: live
content-encoding: br
cf-cache-status: HIT
etag: W/"ad7ae326caa856784dcfdd60c3d30bda"
x-amz-version-id: fSCI.9xIvhAzue63lMCwZdwAeK506gqs
age: 4159
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: text/javascript
last-modified: Sat, 19 Sep 2020 12:12:19 GMT
vary: Accept-Encoding
x-amz-id-2: uNcQRThZa5xzltlDyZwR4PW8F3gKFfo+5uqCfCD3DFGffZzHeJ24v5gRmpZZ4Azz9iB8OsmCHyA=
cache-control: public,max-age=86400
x-amz-meta-appname: meta
x-amz-request-id: RWXFRVHHR47291SX
cf-ray: 8d69c0422f60d2c6-FRA
server: cloudflare

GET
H2 200 jsVideoUrlParser.min.js Show response
cdn.jsdelivr.net/npm/js-video-url-parser@0.4.1/dist/ 17 KB
5 KB 220ms
114ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-video-url-parser@0.4.1/dist/jsVideoUrlParser.min.js

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e8a987fd3ead2a48ab99ae5fd18c4fb1e320ab61930218eaf1757e83732ff5b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"4499-5iKfgqSa18I3qCzlvy61JyOTfs4"
age: 568565
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220064-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4732
x-jsd-version: 0.4.1

GET viblast.js
cdn.viblast.com/vb/stable/ 0
0

GET
H2 200 css
fonts.googleapis.com/ 23 KB
2 KB 150ms
114ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:regular%7COpen+Sans:500%7COpen+Sans:600%7COpen+Sans:700

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba2587470e7ef35b0b0b9a489d5935c4775dd29d0f1f322bb3ffd078ce161c0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 22 Oct 2024 13:14:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:14:32 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 22 Oct 2024 13:14:32 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 data Show response
winningtrades.com/api/1.1/init/ 305 B
1 KB 313ms
308ms XHR
text/plain 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winningtrades.com/api/1.1/init/data?location=https%3A%2F%2Fwinningtrades.com%2Ftherma_bright
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f2e205898bbc3c3aac2b398e90b669dbbdf7e91e4c6d808df8783b0781d77d5d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

x-bubble-capacity-used: 0.095 unit-seconds used
cf-cache-status: DYNAMIC
cf-ray: 8d69c04228b918ef-FRA
x-bubble-capacity-limit: 0 ms slower
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:32 GMT
x-bubble-perf: {"total":74.6,"percents":{"top":{"bubble_cpu":10.3,"block":85.5,"capacity_rl":0,"other_pause":0,"pre_fiber":3.6},"sub":{"pp_userdb":2.7,"pp_wait_userdb":0,"http_request":0,"serverjson":25.8,"appserver_cache_misses_time":0,"redis":59.8,"fiber_queue":11.8,"capacity_wait":0}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":16,"blocks":15},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":6157025}}
x-powered-by: Express
server: cloudflare

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 53ms
21ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular%7COpen+Sans:500%7COpen+Sans:600%7COpen+Sans:700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://winningtrades.com
Referer: https://fonts.googleapis.com/

Response headers

age: 552906
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 03:39:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 03:39:26 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 212ms
43ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/videojs-youtube@2.6.1/dist/Youtube.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3d3036fdbd771d327ee2e9262a86eef41f96c3bffcc7adad2a91a651968923b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: br
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
x-content-type-options: nosniff
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
expires: Tue, 22 Oct 2024 13:14:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date: Tue, 22 Oct 2024 13:14:33 GMT
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport
cache-control: private, max-age=0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
x-xss-protection: 0
server: ESF

GET
H2 200 o3s3yx3sn1 Show response
www.clarity.ms/tag/ 553 B
808 B 1535ms
1109ms Script
application/x-javascript 2620:1ec:29:1::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/o3s3yx3sn1
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ed7084b01ffa9cbf32623d742e043b891326b91c72609605392a08d9d3f09735

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 553
date: Tue, 22 Oct 2024 13:14:34 GMT
content-type: application/x-javascript
x-azure-ref: 20241022T131433Z-er1787bdbf4v4zczbyue3maxdc00000007vg00000001t0gn

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1095034/ 71 KB
22 KB 326ms
156ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1095034/tfa.js
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbff4c49f47d67ae9ef56bc7115e503e17f45fef6f23b10bc8b9b0441056a790

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: gzip
etag: "75ded614c38c084052ef96ce150d3727"
x-amz-version-id: xqUHGUdBw.CSJUolSkr2cp7CXKi8Shea
age: 0
x-cache: HIT
date: Tue, 22 Oct 2024 13:14:33 GMT
last-modified: Sun, 20 Oct 2024 11:07:21 GMT
x-served-by: cache-fra-etou8220030-FRA
x-cache-hits: 0
content-type: application/javascript; charset=utf-8
x-amz-id-2: rQ3ArzNc6mdINd1MTG50kpfTFIQU73wT+HgLIQjzPMRIunGfDie7Mx+HbZDBUgGawh2xYDzDPRM=
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private,max-age=14401
x-timer: S1729602874.578391,VS0,VE110
via: 1.1 varnish
x-amz-request-id: 9QC1D98VJ38G7FCE
accept-ranges: bytes
access-control-allow-origin: *
abp: 82
content-length: 22039
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 227 KB
58 KB 97ms
32ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:33 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=23, mss=1232, tbw=4435, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: RKvGQ6CZY5AlxQgi3d8z4dvngP3LLyAdm5qyW+7gdsLL1vE/esxSWFKaUg3/8AZhdr6Mv8KQ04NTGxdu2TenMA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59352
x-xss-protection: 0
origin-agent-cluster: ?1

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

Content-Type: image/gif

GET
H2 200 widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 8355 0
0 115ms
43ms Document
text/html 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwinningtrades.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://winningtrades.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 105429
content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 13:14:33 GMT
etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified: Mon, 11 Dec 2023 17:19:49 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kiad7000164-IAD, cache-muc13981-MUC

GET
H3 200 ticker-tape
widget.darqube.com/ Frame 5E76 0
0 708ms
140ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.darqube.com/ticker-tape?token=66e39226a986d939290d3bdc

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winningtrades.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8d69c04d1c372282-CDG
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 13:14:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bl9gAyrtm19Xnlxu8iIkoZ7YHfHD94Oi7FNS7wAT7PhtsSOXKbCswon9NvMfPHUjYdY5Y6uOM06MEJg1D6KaIKMVatfyJuN4g9Ee9K7eG%2BsbK%2BxmVYBPJfH3MMniwggWFDcOeVU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=133215&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4157&recv_bytes=4438&delivery_rate=24989&cwnd=12000&unsent_bytes=0&cid=2f45b97039a17adb&ts=664&x=1" cfExtPri cfHdrFlush;dur=0
vary: accept-encoding
x-content-type-options: nosniff

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
18 KB 31ms
27ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://winningtrades.com
Referer: https://fonts.googleapis.com/

Response headers

age: 60942
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 20:18:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 20:18:52 GMT
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18668
x-xss-protection: 0
server: sffe

GET
H/1.1

200
OK

area-chart
www.jika.io/embed/ Frame DA02
Redirect Chain

https://jika.io/embed/area-chart?symbol=THRM.V&selection=one_year&closeKey=close&boxShadow=true&graphColor=26334c&textColor=161c2d&backgroundColor=FFFFFF&fontFamily=Nunito
https://www.jika.io/embed/area-chart?symbol=THRM.V&selection=one_year&closeKey=close&boxShadow=true&graphColor=26334c&textColor=161c2d&backgroundColor=FFFFFF&fontFamily=Nunito

0
0

474ms
141ms

Document
text/html

23.22.5.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jika.io/embed/area-chart?symbol=THRM.V&selection=one_year&closeKey=close&boxShadow=true&graphColor=26334c&textColor=161c2d&backgroundColor=FFFFFF&fontFamily=Nunito
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.22.5.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-5-68.compute-1.amazonaws.com
Software: gunicorn/20.0.4 /
Resource Hash

Request headers

Referer: https://winningtrades.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: br
Content-Length: 2477
Content-Type: text/html; charset=utf-8
Date: Tue, 22 Oct 2024 13:14:35 GMT
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729602875&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=rBZ3%2Fu9LnduWU5B8L44ngKHRw9ZCIvyeORpT7y1dOsg%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1729602875&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=rBZ3%2Fu9LnduWU5B8L44ngKHRw9ZCIvyeORpT7y1dOsg%3D
Server: gunicorn/20.0.4
Vary: Accept-Encoding
Via: 1.1 vegur

Redirect headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 612
Content-Type: text/html; charset=utf-8
Date: Tue, 22 Oct 2024 13:14:35 GMT
Location: https://www.jika.io/embed/area-chart?symbol=THRM.V&selection=one_year&closeKey=close&boxShadow=true&graphColor=26334c&textColor=161c2d&backgroundColor=FFFFFF&fontFamily=Nunito
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729602875&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=FMrZVIlmfc3UD4M2lctC%2BH2VMef%2Bzf2DcmG3KHKWihM%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1729602875&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=FMrZVIlmfc3UD4M2lctC%2BH2VMef%2Bzf2DcmG3KHKWihM%3D
Server: gunicorn/20.0.4
Via: 1.1 vegur

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 24 KB
24 KB 26ms
26ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular%7COpen+Sans:500%7COpen+Sans:600%7COpen+Sans:700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://winningtrades.com
Referer: https://fonts.googleapis.com/

Response headers

age: 552002
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 03:54:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 03:54:32 GMT
last-modified: Thu, 14 Dec 2023 02:04:54 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24984
x-xss-protection: 0
server: sffe

GET
H2 200 https%3A%2F%2F3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io%2Ff1725933930149x787261256930810100%2Fwhite%2520square.png
d1muf25xaso8hp.cloudfront.net/ 1 KB
2 KB 778ms
159ms Image
image/jpeg 2600:9000:211e:e600:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io%2Ff1725933930149x787261256930810100%2Fwhite%2520square.png?w=&h=&auto=compress&dpr=1&fit=max

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:e600:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

c5c1c02cdacc7820c13d87b9450d6b72bc5a669a816ca69585f6e84e187c84ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

age: 131022
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: v_EhU8XElUxlqMByfxT3PqZ9YDshEor2FLcThzFQhSax3YnRqC006g==
date: Mon, 21 Oct 2024 12:14:08 GMT
content-type: image/jpeg
x-served-by: cache-chi-klot8100028-CHI, cache-fra-etou8220069-FRA
last-modified: Mon, 21 Oct 2024 00:50:52 GMT
cache-control: public, max-age=2592000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1201
x-amz-cf-pop: FRA56-C2
server: imgix
x-imgix-id: 9a012681db569e746f7b8dcb25ca4de688710ede

GET
H2 200 geo.json Show response
ipv4.geojs.io/v1/ip/ 323 B
597 B 706ms
115ms XHR
application/json 5.161.104.165
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ipv4.geojs.io/v1/ip/geo.json

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.161.104.165 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),

Reverse DNS

ash01.mooash.systems

Software

openresty /

Resource Hash

31e8f16dc406390f16837b79aae426f5010fe9139819fc2920d77d4833824b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*
Referer: https://winningtrades.com/

Response headers

strict-transport-security: max-age=63072000
x-request-id: 325f961631964588afc580b562a46818-ASH
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
access-control-allow-methods: GET
access-control-allow-origin: *
date: Tue, 22 Oct 2024 13:14:34 GMT
geojs-backend: ash-01
content-type: application/json
server: openresty

GET
H2 200 geo.json Show response
ipv4.geojs.io/v1/ip/ 323 B
595 B 698ms
111ms XHR
application/json 5.161.104.165
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ipv4.geojs.io/v1/ip/geo.json

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.161.104.165 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),

Reverse DNS

ash01.mooash.systems

Software

openresty /

Resource Hash

31e8f16dc406390f16837b79aae426f5010fe9139819fc2920d77d4833824b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*
Referer: https://winningtrades.com/

Response headers

strict-transport-security: max-age=63072000
x-request-id: 1c2281f24b2e2d469abad32764483e88-ASH
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
access-control-allow-methods: GET
access-control-allow-origin: *
date: Tue, 22 Oct 2024 13:14:34 GMT
geojs-backend: ash-01
content-type: application/json
server: openresty

POST
H3 200 hi Show response
winningtrades.com/user/ 57 B
851 B 443ms
442ms XHR
application/json 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winningtrades.com/user/hi
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7645e6318cef4edf687294610b2397e1a4be70567dbadfa49d99d24b4a6281b4

Request headers

X-Bubble-Client-Version: 112bfb704162f8791037f9fd1bf5bccfd5c333d4
cache-control: no-cache
X-Bubble-Fiber-ID: 1729602874172x980527075817988200
X-Bubble-PL: 1729602872186x2473
X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
Referer: https://winningtrades.com/
X-Bubble-Client-Commit-Timestamp: 1729545762000
X-Bubble-R: https://winningtrades.com/therma_bright
X-Bubble-Epoch-ID: 1729602873518x680553607122224000
X-Bubble-Breaking-Revision: 5
X-Requested-With: XMLHttpRequest
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

server: cloudflare
cache-control: no-cache
x-bubble-capacity-used: 0.012 unit-seconds used
content-encoding: br
cf-cache-status: DYNAMIC
x-bubble-request-took: 24
cf-ray: 8d69c04bda6918ef-FRA
x-bubble-appname: winningtrades
x-bubble-capacity-limit: 0 ms slower
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:34 GMT
content-type: application/json
x-powered-by: Express
vary: Accept-Encoding
x-bubble-perf: {"total":24.3,"percents":{"top":{"bubble_cpu":21.9,"block":75.9,"capacity_rl":0,"other_pause":0,"pre_fiber":2.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":36.2,"appserver_cache_misses_time":0,"redis":54.6,"fiber_queue":9.5,"capacity_wait":9.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":13,"fiber_queue":15,"blocks":14},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":799332}}

GET
H2 200 https%3A%2F%2F3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io%2Ff1725903311815x886371738370333000%2Fschool%2520of%2520rock.png
d1muf25xaso8hp.cloudfront.net/ 46 KB
47 KB 624ms
181ms Image
image/png 2600:9000:211e:e600:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io%2Ff1725903311815x886371738370333000%2Fschool%2520of%2520rock.png?w=384&h=384&auto=compress&dpr=1&fit=max

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:e600:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

eb5c5e827f3da6dd046acc090a3090e6ae6f9a6f9c445cfe250eac63f4375386

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

age: 726529
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Vx7KPv9De9XcsNEVM_BlQFP7qVITUmRJHHdnvLxAl6hZULDg3HhX0g==
date: Mon, 21 Oct 2024 12:14:09 GMT
content-type: image/png
x-served-by: cache-chi-klot8100105-CHI, cache-fra-etou8220070-FRA
last-modified: Mon, 14 Oct 2024 03:25:45 GMT
cache-control: public, max-age=2592000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 47137
x-amz-cf-pop: FRA56-C2
server: imgix
x-imgix-id: 273e55a36ab997c0eb25899ad4d16edc13a8ba06

GET
H3 200 Live%20data.json Show response
3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1726366467180x120356558199265390/ 18 KB
2 KB 773ms
697ms XHR
application/json 104.17.123.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1726366467180x120356558199265390/Live%20data.json
Requested by: Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.123.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4101223ab5ef3ea08d5c0369a98a256d557417934ac6bb29a20343113e35a29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

x-amz-meta-app-version: test
access-control-max-age: 3000
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"36a64c9102e34b20d5ac737c4fd2f1a3"
x-amz-version-id: UIduj7EHpCb32nuuwWjMjaHNM0IPGLPw
access-control-allow-methods: GET, POST
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:34 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Sun, 15 Sep 2024 02:14:28 GMT
x-amz-id-2: GT3yRCro42VDytPSuu44ucRCPXSTsEb6ezQDMmvRSc2YDf1cSvUxVtgHrOrlD1ji77vP1hWiH5E=
cache-control: public,max-age=86400
x-amz-meta-appname: winningtrades
x-amz-request-id: V4D755ET6QXEP9A7
cf-ray: 8d69c04c5bdd903a-FRA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 Live%20data.json Show response
3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1726366467180x120356558199265390/ 18 KB
0 774ms
774ms Fetch
application/json 104.17.123.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1726366467180x120356558199265390/Live%20data.json
Requested by: Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.123.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4101223ab5ef3ea08d5c0369a98a256d557417934ac6bb29a20343113e35a29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

x-amz-meta-app-version: test
access-control-max-age: 3000
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"36a64c9102e34b20d5ac737c4fd2f1a3"
x-amz-version-id: UIduj7EHpCb32nuuwWjMjaHNM0IPGLPw
access-control-allow-methods: GET, POST
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:34 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Sun, 15 Sep 2024 02:14:28 GMT
x-amz-id-2: GT3yRCro42VDytPSuu44ucRCPXSTsEb6ezQDMmvRSc2YDf1cSvUxVtgHrOrlD1ji77vP1hWiH5E=
cache-control: public,max-age=86400
x-amz-meta-appname: winningtrades
x-amz-request-id: V4D755ET6QXEP9A7
cf-ray: 8d69c04c5bdd903a-FRA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H3 200 search Show response
winningtrades.com/elasticsearch/ 77 B
810 B 290ms
289ms XHR
application/json 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winningtrades.com/elasticsearch/search
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f12b7bbf897cf3d52ff0e487c6a8f5682024782eada19775819d4c3785bfbe84

Request headers

X-Bubble-Client-Version: 112bfb704162f8791037f9fd1bf5bccfd5c333d4
cache-control: no-cache
X-Bubble-Fiber-ID: 1729602874217x282147488569018050
X-Bubble-PL: 1729602872186x2473
X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
Referer: https://winningtrades.com/
X-Bubble-Client-Commit-Timestamp: 1729545762000
X-Bubble-R: https://winningtrades.com/therma_bright
X-Bubble-Epoch-ID: 1729602873518x680553607122224000
X-Bubble-Breaking-Revision: 5
X-Requested-With: XMLHttpRequest
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

server: cloudflare
cache-control: no-cache
x-bubble-capacity-used: 0.053 unit-seconds used
content-encoding: gzip
cf-cache-status: DYNAMIC
x-bubble-request-took: 39
cf-ray: 8d69c04c1aa018ef-FRA
x-bubble-appname: winningtrades
x-bubble-capacity-limit: 0 ms slower
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:34 GMT
content-type: application/json
x-powered-by: Express
vary: Accept-Encoding
x-bubble-perf: {"total":39.1,"percents":{"top":{"bubble_cpu":24.2,"block":73.5,"capacity_rl":0,"other_pause":0,"pre_fiber":2.4},"sub":{"pp_userdb":10.2,"pp_wait_userdb":0,"http_request":0,"serverjson":43.7,"appserver_cache_misses_time":0,"redis":59.4,"fiber_queue":3.6,"capacity_wait":6.5}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":6,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":17,"fiber_queue":19,"blocks":18},"misc":{"userdb_results":0,"userdb_data":4,"spent_time":3419549}}

GET
H3 200 Live%20data.json Show response
3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1726366467180x120356558199265390/ 18 KB
0 736ms
736ms XHR
application/json 104.17.123.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1726366467180x120356558199265390/Live%20data.json
Requested by: Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.123.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4101223ab5ef3ea08d5c0369a98a256d557417934ac6bb29a20343113e35a29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

x-amz-meta-app-version: test
access-control-max-age: 3000
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"36a64c9102e34b20d5ac737c4fd2f1a3"
x-amz-version-id: UIduj7EHpCb32nuuwWjMjaHNM0IPGLPw
access-control-allow-methods: GET, POST
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:34 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Sun, 15 Sep 2024 02:14:28 GMT
x-amz-id-2: GT3yRCro42VDytPSuu44ucRCPXSTsEb6ezQDMmvRSc2YDf1cSvUxVtgHrOrlD1ji77vP1hWiH5E=
cache-control: public,max-age=86400
x-amz-meta-appname: winningtrades
x-amz-request-id: V4D755ET6QXEP9A7
cf-ray: 8d69c04c5bdd903a-FRA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 Live%20data.json Show response
3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1726366467180x120356558199265390/ 18 KB
0 737ms
737ms Fetch
application/json 104.17.123.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1726366467180x120356558199265390/Live%20data.json
Requested by: Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.123.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4101223ab5ef3ea08d5c0369a98a256d557417934ac6bb29a20343113e35a29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

x-amz-meta-app-version: test
access-control-max-age: 3000
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"36a64c9102e34b20d5ac737c4fd2f1a3"
x-amz-version-id: UIduj7EHpCb32nuuwWjMjaHNM0IPGLPw
access-control-allow-methods: GET, POST
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:34 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Sun, 15 Sep 2024 02:14:28 GMT
x-amz-id-2: GT3yRCro42VDytPSuu44ucRCPXSTsEb6ezQDMmvRSc2YDf1cSvUxVtgHrOrlD1ji77vP1hWiH5E=
cache-control: public,max-age=86400
x-amz-meta-appname: winningtrades
x-amz-request-id: V4D755ET6QXEP9A7
cf-ray: 8d69c04c5bdd903a-FRA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 https%3A%2F%2F3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io%2Ff1687396497428x715254780432164100%2FWinning%2520Trades%2520Logo.png
d1muf25xaso8hp.cloudfront.net/ 5 KB
6 KB 449ms
161ms Image
image/png 2600:9000:211e:e600:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io%2Ff1687396497428x715254780432164100%2FWinning%2520Trades%2520Logo.png?w=256&h=90&auto=compress&fit=crop&dpr=1

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:e600:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

6456da72cd2d8b357eb7af8860bdaca22fb80766c907843ec5b525c3809d73cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

age: 1728611
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: So2tkVcqC8_MVm-o63c0Y3s70IkXbbQk0GXAYzOuGAnOnnAb7-WAgg==
date: Mon, 21 Oct 2024 12:14:09 GMT
content-type: image/png
x-served-by: cache-chi-klot8100082-CHI, cache-fra-etou8220157-FRA
last-modified: Wed, 02 Oct 2024 13:04:22 GMT
cache-control: public, max-age=2592000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5554
x-amz-cf-pop: FRA56-C2
server: imgix
x-imgix-id: 9478a674071e744c3a59c7fd80d2650b9848ee2b

POST
H3 200 maggregate Show response
winningtrades.com/elasticsearch/ 70 B
807 B 389ms
386ms XHR
application/json 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winningtrades.com/elasticsearch/maggregate
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8d9052391bab9d7824e5397a287d8fb00bb5132567f596c17cdf3b4c8d681ce6

Request headers

X-Bubble-Client-Version: 112bfb704162f8791037f9fd1bf5bccfd5c333d4
cache-control: no-cache
X-Bubble-Fiber-ID: 1729602874525x303732966811881340
X-Bubble-PL: 1729602872186x2473
X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
Referer: https://winningtrades.com/
X-Bubble-Client-Commit-Timestamp: 1729545762000
X-Bubble-R: https://winningtrades.com/therma_bright
X-Bubble-Epoch-ID: 1729602873518x680553607122224000
X-Bubble-Breaking-Revision: 5
X-Requested-With: XMLHttpRequest
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

server: cloudflare
cache-control: no-cache
x-bubble-capacity-used: 0.036 unit-seconds used
content-encoding: gzip
cf-cache-status: DYNAMIC
x-bubble-request-took: 24
cf-ray: 8d69c04dec5b18ef-FRA
x-bubble-appname: winningtrades
x-bubble-capacity-limit: 0 ms slower
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:34 GMT
content-type: application/json
x-powered-by: Express
vary: Accept-Encoding
x-bubble-perf: {"total":24.7,"percents":{"top":{"bubble_cpu":36.8,"block":59.4,"capacity_rl":0,"other_pause":0,"pre_fiber":3.5},"sub":{"pp_userdb":12.1,"pp_wait_userdb":0,"http_request":0,"serverjson":20.8,"appserver_cache_misses_time":0,"redis":34.8,"fiber_queue":4,"capacity_wait":8.3}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":5,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":16,"fiber_queue":18,"blocks":17},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":2365984}}

POST
H3 200 msearch Show response
winningtrades.com/elasticsearch/ 181 B
839 B 275ms
274ms XHR
application/json 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winningtrades.com/elasticsearch/msearch
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 06a835df6582c7d3ca08154adae28fe5b1c22ac4c51ddea43de691ab3e324b0d

Request headers

X-Bubble-Client-Version: 112bfb704162f8791037f9fd1bf5bccfd5c333d4
cache-control: no-cache
X-Bubble-Fiber-ID: 1729602874536x265414801680174720
X-Bubble-PL: 1729602872186x2473
X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
Referer: https://winningtrades.com/
X-Bubble-Client-Commit-Timestamp: 1729545762000
X-Bubble-R: https://winningtrades.com/therma_bright
X-Bubble-Epoch-ID: 1729602873518x680553607122224000
X-Bubble-Breaking-Revision: 5
X-Requested-With: XMLHttpRequest
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

server: cloudflare
cache-control: no-cache
x-bubble-capacity-used: 0.084 unit-seconds used
content-encoding: gzip
cf-cache-status: DYNAMIC
x-bubble-request-took: 52
cf-ray: 8d69c04e0c7e18ef-FRA
x-bubble-appname: winningtrades
x-bubble-capacity-limit: 0 ms slower
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:34 GMT
content-type: application/json
x-powered-by: Express
vary: Accept-Encoding
x-bubble-perf: {"total":52.9,"percents":{"top":{"bubble_cpu":18.5,"block":79.2,"capacity_rl":0,"other_pause":0,"pre_fiber":1.6},"sub":{"pp_userdb":7.6,"pp_wait_userdb":0,"http_request":0,"serverjson":79.2,"appserver_cache_misses_time":0,"redis":97.5,"fiber_queue":1.7,"capacity_wait":0}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":6,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":14,"blocks":13},"misc":{"userdb_results":0,"userdb_data":8,"spent_time":5465110}}

GET
H2 200 material-symbols.js Show response
api.iconify.design/ 303 B
775 B 414ms
313ms Script
application/javascript 2606:4700:20::681a:dcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iconify.design/material-symbols.js?icons=chat
Requested by: Host: code.iconify.design
URL: https://code.iconify.design/1/1.0.7/iconify.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c34bdb70c09a7c62cba99484f277e07cae4284dfc42a3185d4af27f3d078d0b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
age: 4159
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x6mNc1dQ0irzaXOuDAmDG0RKCCM9EhIrHVthDU%2BHwSQ2Pfy%2Fz4D7TxiwLaRSVNBhsUbUFbCPujOrtOa0YE%2BguGScuKxSO9M9gkhf7fZwn7UpTxZcHMI3waaZeSLR3CZv5FXNCAmj4XfMwtgZG93DRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS
date: Tue, 22 Oct 2024 13:14:34 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 22 Oct 2024 12:05:15 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding
cache-control: public, max-age=604800, min-refresh=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d69c04e9ba0d9d7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 311992547166963 Show response
connect.facebook.net/signals/config/ 73 KB
15 KB 311ms
262ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/311992547166963?v=2.9.172&r=stable&domain=winningtrades.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

d0d8f03b52c1b20b11128472a5306f63d6cd9b0d98eeb2f85194375b4cc1cc04

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:34 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=1, c=4, mss=1232, tbw=67809, tp=67, tpl=1, uplat=218, ullat=0
pragma: public
x-fb-debug: BwlIf3qhBNBlIAOmx8H03zC/+sFrmDKb+6LaUww9Xnp+/UrjvZ9wiJ/R9+X0p+y50yvZg0Mmksnx8+MLbs/+qw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/606a66b3/www-widgetapi.vflset/ 31 KB
10 KB 157ms
105ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/606a66b3/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36cb859be5a639c678f317d76c5c589da1b5e08820fcce41d67c38b517efa959

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: br
age: 570
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 13:05:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:05:04 GMT
last-modified: Thu, 17 Oct 2024 04:19:32 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10417
x-xss-protection: 0
server: sffe

GET
H2 200 topics_api Show response
psb.taboola.com/ 65 B
284 B 216ms
34ms Fetch
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://psb.taboola.com/topics_api
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1095034/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

cache-control: private, max-age=2592000
retry-after: 0
x-timer: S1729602875.878191,VS0,VE0
observe-browsing-topics: ?1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 65
date: Tue, 22 Oct 2024 13:14:34 GMT
content-type: text/html; charset=utf-8
x-served-by: cache-fra-etou8220088-FRA
server: Varnish
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/1095034/trc/3/ 2 KB
2 KB 136ms
76ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1095034/trc/3/json?tim=1729602874622&data=%7B%22id%22%3A309%2C%22ii%22%3A%22%2Ftherma_bright%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1729602874582%2C%22cv%22%3A%2220241020-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwinningtrades.com%2Ftherma_bright%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-pjkolaczgmailcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1729602874620%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwinningtrades.com%2Ftherma_bright%22%2C%22tos%22%3A14%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1095034/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9548e58bb2919baea2b1fdaf0a0a4881a3e280d422375f37bdd2af2c24a80d32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding: gzip
date: Tue, 22 Oct 2024 13:14:34 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220030-FRA
x-cache-hits: 0
vary: Accept-Encoding
x-fastly-to-nlb-rtt: 7575
x-timer: S1729602875.712304,VS0,VE52
x-vcl-time-ms: 52
access-control-allow-credentials: true
via: 1.1 varnish
cpu: 0.2885
accept-ranges: bytes
access-control-allow-origin: *
x-service-version: v1
server: nginx

GET
H2 200 https%3A%2F%2F3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io%2Ff1725903311815x886371738370333000%2Fschool%2520of%2520rock.png
d1muf25xaso8hp.cloudfront.net/ 148 KB
149 KB 230ms
229ms Image
image/png 2600:9000:211e:e600:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io%2Ff1725903311815x886371738370333000%2Fschool%2520of%2520rock.png?w=&h=&auto=compress&dpr=1&fit=max

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:e600:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

7edca385d14ed1f1f578f5288eeab5f8d25cabc5fa45c25f21bf6991920430eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

age: 127818
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 3AaDOj4UOuiDq1itAwSCAPpBH99fDTJCGhyHUCnDDxLRofagyDqD1g==
date: Mon, 21 Oct 2024 12:14:09 GMT
content-type: image/png
x-served-by: cache-chi-klot8100127-CHI, cache-fra-etou8220071-FRA
last-modified: Mon, 21 Oct 2024 01:44:16 GMT
cache-control: public, max-age=2592000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 151452
x-amz-cf-pop: FRA56-C2
server: imgix
x-imgix-id: 8fce55603732c1dae8c2af5eabd55aebebb4b396

GET
H2 200 https%3A%2F%2F3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io%2Ff1725933930149x787261256930810100%2Fwhite%2520square.png
d1muf25xaso8hp.cloudfront.net/ 1 KB
0 0ms
0ms Image
image/jpeg 2600:9000:211e:e600:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io%2Ff1725933930149x787261256930810100%2Fwhite%2520square.png?w=&h=&auto=compress&dpr=1&fit=max

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:e600:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

c5c1c02cdacc7820c13d87b9450d6b72bc5a669a816ca69585f6e84e187c84ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

age: 131022
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: v_EhU8XElUxlqMByfxT3PqZ9YDshEor2FLcThzFQhSax3YnRqC006g==
date: Mon, 21 Oct 2024 12:14:08 GMT
content-type: image/jpeg
x-served-by: cache-chi-klot8100028-CHI, cache-fra-etou8220069-FRA
last-modified: Mon, 21 Oct 2024 00:50:52 GMT
cache-control: public, max-age=2592000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1201
x-amz-cf-pop: FRA56-C2
server: imgix
x-imgix-id: 9a012681db569e746f7b8dcb25ca4de688710ede

GET
H2 200 https%3A%2F%2F3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io%2Ff1687396497428x715254780432164100%2FWinning%2520Trades%2520Logo.png
d1muf25xaso8hp.cloudfront.net/ 5 KB
0 2ms
2ms Image
image/png 2600:9000:211e:e600:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:e600:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

6456da72cd2d8b357eb7af8860bdaca22fb80766c907843ec5b525c3809d73cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

age: 1728611
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: So2tkVcqC8_MVm-o63c0Y3s70IkXbbQk0GXAYzOuGAnOnnAb7-WAgg==
date: Mon, 21 Oct 2024 12:14:09 GMT
content-type: image/png
x-served-by: cache-chi-klot8100082-CHI, cache-fra-etou8220157-FRA
last-modified: Wed, 02 Oct 2024 13:04:22 GMT
cache-control: public, max-age=2592000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5554
x-amz-cf-pop: FRA56-C2
server: imgix
x-imgix-id: 9478a674071e744c3a59c7fd80d2650b9848ee2b

GET
H3 200 Live%20data.json Show response
3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1726366467180x120356558199265390/ 18 KB
0 112ms
112ms XHR
application/json 104.17.123.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1726366467180x120356558199265390/Live%20data.json
Requested by: Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.123.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4101223ab5ef3ea08d5c0369a98a256d557417934ac6bb29a20343113e35a29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

x-amz-meta-app-version: test
access-control-max-age: 3000
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"36a64c9102e34b20d5ac737c4fd2f1a3"
x-amz-version-id: UIduj7EHpCb32nuuwWjMjaHNM0IPGLPw
access-control-allow-methods: GET, POST
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:34 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Sun, 15 Sep 2024 02:14:28 GMT
x-amz-id-2: GT3yRCro42VDytPSuu44ucRCPXSTsEb6ezQDMmvRSc2YDf1cSvUxVtgHrOrlD1ji77vP1hWiH5E=
cache-control: public,max-age=86400
x-amz-meta-appname: winningtrades
x-amz-request-id: V4D755ET6QXEP9A7
cf-ray: 8d69c04c5bdd903a-FRA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 Live%20data.json Show response
3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1726366467180x120356558199265390/ 18 KB
0 112ms
112ms Fetch
application/json 104.17.123.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1726366467180x120356558199265390/Live%20data.json
Requested by: Host: unpkg.com
URL: https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.123.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4101223ab5ef3ea08d5c0369a98a256d557417934ac6bb29a20343113e35a29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

x-amz-meta-app-version: test
access-control-max-age: 3000
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"36a64c9102e34b20d5ac737c4fd2f1a3"
x-amz-version-id: UIduj7EHpCb32nuuwWjMjaHNM0IPGLPw
access-control-allow-methods: GET, POST
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:34 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Sun, 15 Sep 2024 02:14:28 GMT
x-amz-id-2: GT3yRCro42VDytPSuu44ucRCPXSTsEb6ezQDMmvRSc2YDf1cSvUxVtgHrOrlD1ji77vP1hWiH5E=
cache-control: public,max-age=86400
x-amz-meta-appname: winningtrades
x-amz-request-id: V4D755ET6QXEP9A7
cf-ray: 8d69c04c5bdd903a-FRA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 https%3A%2F%2F3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io%2Ff1725903311815x886371738370333000%2Fschool%2520of%2520rock.png
d1muf25xaso8hp.cloudfront.net/ 148 KB
0 2ms
2ms Image
image/png 2600:9000:211e:e600:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io%2Ff1725903311815x886371738370333000%2Fschool%2520of%2520rock.png?w=&h=&auto=compress&dpr=1&fit=max

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:e600:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

7edca385d14ed1f1f578f5288eeab5f8d25cabc5fa45c25f21bf6991920430eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

age: 127818
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 3AaDOj4UOuiDq1itAwSCAPpBH99fDTJCGhyHUCnDDxLRofagyDqD1g==
date: Mon, 21 Oct 2024 12:14:09 GMT
content-type: image/png
x-served-by: cache-chi-klot8100127-CHI, cache-fra-etou8220071-FRA
last-modified: Mon, 21 Oct 2024 01:44:16 GMT
cache-control: public, max-age=2592000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 151452
x-amz-cf-pop: FRA56-C2
server: imgix
x-imgix-id: 8fce55603732c1dae8c2af5eabd55aebebb4b396

POST
H3 200 m Show response
winningtrades.com/user/ 4 B
657 B 253ms
252ms XHR
text/plain 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winningtrades.com/user/m
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-Client-Version: 112bfb704162f8791037f9fd1bf5bccfd5c333d4
cache-control: no-cache
X-Bubble-Fiber-ID: 1729602874963x829504879279732600
X-Bubble-PL: 1729602872186x2473
Referer: https://winningtrades.com/
X-Bubble-Client-Commit-Timestamp: 1729545762000
X-Bubble-R: https://winningtrades.com/therma_bright
X-Bubble-Breaking-Revision: 5
X-Requested-With: XMLHttpRequest
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

x-bubble-capacity-used: 0.014 unit-seconds used
cf-cache-status: DYNAMIC
cf-ray: 8d69c050cf4718ef-FRA
x-bubble-capacity-limit: 0 ms slower
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:35 GMT
x-bubble-perf: {"total":40.2,"percents":{"top":{"bubble_cpu":15,"block":82.1,"capacity_rl":0,"other_pause":0,"pre_fiber":2.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":12.2,"appserver_cache_misses_time":0,"redis":60.5,"fiber_queue":4.1,"capacity_wait":7.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":15,"blocks":14},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":906987}}
x-powered-by: Express
server: cloudflare

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 454ms
23ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=311992547166963&ev=PageView&dl=https%3A%2F%2Fwinningtrades.com&rl=&if=false&ts=1729602875027&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12316&fbp=fb.1.1729602875025.213411478243972046&cs_est=true&pm=1&hrl=e9d45f&ler=empty&cdl=API_unavailable&it=1729602874578&coo=false&cs_cc=1&cas=8034216676692846%2C7901436499887381&rqm=GET

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1297, tbw=2943, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 22 Oct 2024 13:14:35 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 669ms
238ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=311992547166963&ev=PageView&dl=https%3A%2F%2Fwinningtrades.com&rl=&if=false&ts=1729602875027&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12316&fbp=fb.1.1729602875025.213411478243972046&cs_est=true&pm=1&hrl=e9d45f&ler=empty&cdl=API_unavailable&it=1729602874578&coo=false&cs_cc=1&cas=8034216676692846%2C7901436499887381&rqm=FGET

Requested by

Host: winningtrades.com
URL: https://winningtrades.com/therma_bright

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428587783908137581"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:35 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: NHnVrZTkB5q1jagu8MZwVuMAYL2WkYVe4vaf7Y9LdR+a0S+NxLwztQWJ0o17FdazjBmKf/geKyFUmaviZfOklg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428587783908137581", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=12, mss=1297, tbw=3261, tp=-1, tpl=-1, uplat=213, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H3 200 msearch Show response
winningtrades.com/elasticsearch/ 11 KB
6 KB 251ms
250ms XHR
application/json 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winningtrades.com/elasticsearch/msearch
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: bbc4d9775bf7239d74962405a77935e4498d70c61941a7239f5d41c8cf54f0b0

Request headers

X-Bubble-Client-Version: 112bfb704162f8791037f9fd1bf5bccfd5c333d4
cache-control: no-cache
X-Bubble-Fiber-ID: 1729602875030x266408523197049000
X-Bubble-PL: 1729602872186x2473
Referer: https://winningtrades.com/
X-Bubble-Client-Commit-Timestamp: 1729545762000
X-Bubble-R: https://winningtrades.com/therma_bright
X-Bubble-Breaking-Revision: 5
X-Requested-With: XMLHttpRequest
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

server: cloudflare
cache-control: no-cache
x-bubble-capacity-used: 0.053 unit-seconds used
content-encoding: gzip
cf-cache-status: DYNAMIC
x-bubble-request-took: 28
cf-ray: 8d69c0510f7a18ef-FRA
x-bubble-appname: winningtrades
x-bubble-capacity-limit: 0 ms slower
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:35 GMT
content-type: application/json
x-powered-by: Express
vary: Accept-Encoding
x-bubble-perf: {"total":29,"percents":{"top":{"bubble_cpu":33.9,"block":62.8,"capacity_rl":0,"other_pause":0,"pre_fiber":3.2},"sub":{"pp_userdb":17.3,"pp_wait_userdb":0,"http_request":0,"serverjson":21.2,"appserver_cache_misses_time":0,"redis":35.5,"fiber_queue":3.4,"capacity_wait":7.6}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":6,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":17,"fiber_queue":19,"blocks":18},"misc":{"userdb_results":2,"userdb_data":22740,"spent_time":3473446}}

POST
H3 200 bulk_watch Show response
winningtrades.com/elasticsearch/ 153 B
841 B 236ms
235ms XHR
application/json 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winningtrades.com/elasticsearch/bulk_watch
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3a8cb49810c86c834c2b0ddc77a6c2f2e8ba11cf7617174537c58268de728cd6

Request headers

X-Bubble-Client-Version: 112bfb704162f8791037f9fd1bf5bccfd5c333d4
cache-control: no-cache
X-Bubble-Fiber-ID: 1729602875035x310582899293176960
X-Bubble-PL: 1729602872186x2473
Referer: https://winningtrades.com/
X-Bubble-Client-Commit-Timestamp: 1729545762000
X-Bubble-R: https://winningtrades.com/therma_bright
X-Bubble-Breaking-Revision: 5
X-Requested-With: XMLHttpRequest
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

server: cloudflare
cache-control: no-cache
x-bubble-capacity-used: 0.018 unit-seconds used
content-encoding: gzip
cf-cache-status: DYNAMIC
x-bubble-request-took: 16
cf-ray: 8d69c0511f8618ef-FRA
x-bubble-appname: winningtrades
x-bubble-capacity-limit: 0 ms slower
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:35 GMT
content-type: application/json
x-powered-by: Express
vary: Accept-Encoding
x-bubble-perf: {"total":16.3,"percents":{"top":{"bubble_cpu":47.7,"block":46.3,"capacity_rl":0,"other_pause":0,"pre_fiber":5.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":18.6,"appserver_cache_misses_time":0,"redis":43.7,"fiber_queue":3.9,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":3,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1168921}}

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.49/ 64 KB
27 KB 54ms
54ms Script
application/javascript 2620:1ec:29:1::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.49/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/o3s3yx3sn1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

x-azure-ref: 20241022T131434Z-er1787bdbf4v4zczbyue3maxdc00000007vg00000001t0ng
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DCF0FBF8E94E61"
x-fd-int-roxy-purgeid: 51562430
x-ms-request-id: 490d94a4-501e-0029-41e8-2210af000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Tue, 22 Oct 2024 13:14:34 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Sun, 20 Oct 2024 11:40:18 GMT

POST
H3 200 apm Show response
winningtrades.com/user/ 4 B
724 B 658ms
651ms XHR
application/json 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winningtrades.com/user/apm
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-Client-Version: 112bfb704162f8791037f9fd1bf5bccfd5c333d4
cache-control: no-cache
X-Bubble-Fiber-ID: 1729602875202x515296469491769000
X-Bubble-PL: 1729602872186x2473
Referer: https://winningtrades.com/
X-Bubble-Client-Commit-Timestamp: 1729545762000
X-Bubble-R: https://winningtrades.com/therma_bright
X-Bubble-Breaking-Revision: 5
X-Requested-With: XMLHttpRequest
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

server: cloudflare
cache-control: no-cache
x-bubble-capacity-used: 0.016 unit-seconds used
content-encoding: br
cf-cache-status: DYNAMIC
x-bubble-request-took: 14
cf-ray: 8d69c05218b418ef-FRA
x-bubble-appname: winningtrades
x-bubble-capacity-limit: 0 ms slower
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:35 GMT
content-type: application/json
x-powered-by: Express
vary: Accept-Encoding
x-bubble-perf: {"total":14.2,"percents":{"top":{"bubble_cpu":48,"block":38.2,"capacity_rl":0,"other_pause":0,"pre_fiber":13.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":23.2,"appserver_cache_misses_time":0,"redis":29.2,"fiber_queue":5.3,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1021322}}

GET
H3 200 richtext_content.jpeg
3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1725937729265x377676980261114640/ 95 KB
96 KB 71ms
70ms Image
image/jpeg 104.17.123.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1725937729265x377676980261114640/richtext_content.jpeg
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.123.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5e85921104888d83b3e7f5e976a2f8e5f64a7bdde320e4eece613a9a503129b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

x-amz-meta-app-version: test
cf-bgj: imgq:100,h2pri
etag: "39c76c89ebfd24a41c7cdbb866d243a0"
x-amz-version-id: K0nYdIHoMwB2C3FXHMCPBFACLJ71cHzO
age: 78065
cf-cache-status: HIT
cf-polished: origSize=104274
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:35 GMT
content-type: image/jpeg
last-modified: Tue, 10 Sep 2024 03:08:50 GMT
vary: Accept-Encoding
x-amz-id-2: sieDbpSfX6GZmXsIw1tG71v2Kam0ox5LArTiuH7J0qe215qKEeYF/YrWGXmbqTjxlfQs3D814/4=
cache-control: public,max-age=86400
x-amz-meta-appname: winningtrades
x-amz-request-id: S29WV916Y8C3TXXB
cf-ray: 8d69c05399a5d2c6-FRA
accept-ranges: bytes
content-length: 97747
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 richtext_content.png
3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1725938605436x442841504657081700/ 992 KB
993 KB 77ms
77ms Image
image/png 104.17.123.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1725938605436x442841504657081700/richtext_content.png
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.123.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56f49928c069de03c5ccf1c3d0da1a3263e56feeb738bd4ca4742503332a2924

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

x-amz-meta-app-version: test
cf-bgj: imgq:100,h2pri
etag: "1038c7fe9d160ca0bd2f59cff65e64f7"
x-amz-version-id: 6VRkRwwHCmZjKZrjsu.qUoqHUl..JtZy
age: 82867
cf-cache-status: HIT
cf-polished: origSize=1421242
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:35 GMT
content-type: image/png
last-modified: Tue, 10 Sep 2024 03:23:26 GMT
vary: Accept-Encoding
x-amz-id-2: JW+oV/XODGbu5VaPGMsZuSIvAD890NLf1qa3AYVsnyS6hPSC+AskDcFpBGS0SlUok6gxkPYDqQM=
cache-control: public,max-age=86400
x-amz-meta-appname: winningtrades
x-amz-request-id: C16MKYEFXE4EAMFT
cf-ray: 8d69c05399a9d2c6-FRA
accept-ranges: bytes
content-length: 1016108
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 richtext_content.png
3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1725943977918x141478948818348540/ 638 KB
639 KB 81ms
80ms Image
image/png 104.17.123.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1725943977918x141478948818348540/richtext_content.png
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.123.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba8af6bb9df1ac6f799b603ebc06f4f3529084ee8548ed00ef4d33cca157941b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

x-amz-meta-app-version: test
cf-bgj: imgq:100,h2pri
etag: "1e3c5c4e3d00c1d2f57d0d3bde17f50f"
x-amz-version-id: 1s5VXFYDFntm2SwP22JbFTZpExKwyVAw
age: 78065
cf-cache-status: HIT
cf-polished: origSize=730621
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:35 GMT
content-type: image/png
last-modified: Tue, 10 Sep 2024 04:52:59 GMT
vary: Accept-Encoding
x-amz-id-2: 9MOkaOwosy/KoBXE1H/wWYGEDp5WSUT4dmd9OIAPOaroaJD3fvp+oveMcMWXa5UfECULiVEsCQM=
cache-control: public,max-age=86400
x-amz-meta-appname: winningtrades
x-amz-request-id: YWF5V4D0ZV7V3E2A
cf-ray: 8d69c05399abd2c6-FRA
accept-ranges: bytes
content-length: 653527
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 richtext_content.png
3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1725943555486x277019845761479420/ 422 KB
423 KB 44ms
44ms Image
image/png 104.17.123.183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1725943555486x277019845761479420/richtext_content.png
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.123.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 389951d474acb58180084a4e8c1cd61e8c3d16f5ddb73193079d1aeb6cc8e1b7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

x-amz-meta-app-version: test
cf-bgj: imgq:100,h2pri
etag: "cafcfff006b99b1c9249e163f409b884"
x-amz-version-id: BsNfr1QX9w5YUM0OIdFN3etIDAxPKM1u
age: 82867
cf-cache-status: HIT
cf-polished: origSize=697979
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:35 GMT
content-type: image/png
last-modified: Tue, 10 Sep 2024 04:45:56 GMT
vary: Accept-Encoding
x-amz-id-2: gitQkMdANjiHI8wXVdH+wKe27dgclMGjIvhIHH3QAhNhMKEqyi3K8tclqdRedUivTsZLpys+j/8=
cache-control: public,max-age=86400
x-amz-meta-appname: winningtrades
x-amz-request-id: WAZHC52DGV64QG9R
cf-ray: 8d69c05399acd2c6-FRA
accept-ranges: bytes
content-length: 432107
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
281 B 488ms
131ms XHR
text/plain 20.57.85.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://winningtrades.com/

Response headers

Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin: https://winningtrades.com
Date: Tue, 22 Oct 2024 13:14:36 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
281 B 470ms
225ms XHR
text/plain 20.57.85.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://winningtrades.com/

Response headers

Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin: https://winningtrades.com
Date: Tue, 22 Oct 2024 13:14:36 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 204 unip Show response
trc-events.taboola.com/1095034/log/3/ 0
248 B 114ms
29ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1095034/log/3/unip?en=pre_d_eng_tb&tos=1577&scd=0&ssd=1&est=1729602874605&ver=36&isls=true&src=i&invt=1500&msa=3515&rv=1&tim=1729602876184&vi=1729602874582&ri=84142618c20bd79e4063cb7976f3b702&ref=null&cv=20241020-4-RELEASE&item-url=https%3A%2F%2Fwinningtrades.com%2Ftherma_bright&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1095034/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Attribution-Reporting-Eligible: trigger
Referer: https://winningtrades.com/

Response headers

access-control-allow-origin: https://winningtrades.com
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Tue, 22 Oct 2024 13:14:36 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

OPTIONS
H2 200 unip
trc-events.taboola.com/1095034/log/3/ Frame 0
0 183ms
26ms Preflight 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1095034/log/3/unip?en=pre_d_eng_tb&tos=1577&scd=0&ssd=1&est=1729602874605&ver=36&isls=true&src=i&invt=1500&msa=3515&rv=1&tim=1729602876184&vi=1729602874582&ri=84142618c20bd79e4063cb7976f3b702&ref=null&cv=20241020-4-RELEASE&item-url=https%3A%2F%2Fwinningtrades.com%2Ftherma_bright&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://winningtrades.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://winningtrades.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Tue, 22 Oct 2024 13:14:36 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

GET
H3 404 favicon.ico
winningtrades.com/ 21 B
701 B 303ms
303ms Other
text/plain 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winningtrades.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fe68d6c3967b21b4625752b57fb5c7111dc35dc4ac988307d3b7f2e90051a27c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://winningtrades.com/

Response headers

server: cloudflare
cache-control: max-age=1
x-bubble-capacity-used: 0.01 unit-seconds used
content-encoding: br
cf-cache-status: EXPIRED
cf-ray: 8d69c060284718ef-FRA
x-bubble-capacity-limit: 0 ms slower
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:37 GMT
content-type: text/plain
x-powered-by: Express
vary: Accept-Encoding
x-bubble-perf: {"total":28.5,"percents":{"top":{"bubble_cpu":15,"block":64,"capacity_rl":0,"other_pause":0,"pre_fiber":18.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":9.7,"appserver_cache_misses_time":0,"redis":41,"fiber_queue":26.1,"capacity_wait":10.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":14,"blocks":13},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":638719}}

POST
H3 200 frg Show response
winningtrades.com/ 5 B
725 B 252ms
244ms XHR
application/json 104.16.42.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winningtrades.com/frg
Requested by: Host: winningtrades.com
URL: https://winningtrades.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.42.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

X-Bubble-Client-Version: 112bfb704162f8791037f9fd1bf5bccfd5c333d4
cache-control: no-cache
X-Bubble-Fiber-ID: 1729602877994x671033292052062500
X-Bubble-PL: 1729602872186x2473
Referer: https://winningtrades.com/
X-Bubble-Client-Commit-Timestamp: 1729545762000
X-Bubble-R: https://winningtrades.com/therma_bright
X-Bubble-Breaking-Revision: 5
X-Requested-With: XMLHttpRequest
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

server: cloudflare
cache-control: no-cache
x-bubble-capacity-used: 0.011 unit-seconds used
content-encoding: br
cf-cache-status: DYNAMIC
x-bubble-request-took: 18
cf-ray: 8d69c0638c5c18ef-FRA
x-bubble-appname: winningtrades
x-bubble-capacity-limit: 0 ms slower
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 13:14:38 GMT
content-type: application/json
x-powered-by: Express
vary: Accept-Encoding
x-bubble-perf: {"total":18.2,"percents":{"top":{"bubble_cpu":27.2,"block":69.2,"capacity_rl":0,"other_pause":0,"pre_fiber":4.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":40.7,"appserver_cache_misses_time":0,"redis":59.4,"fiber_queue":5,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":9,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":744234}}

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
281 B 117ms
116ms XHR
text/plain 20.57.85.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.57.85.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://winningtrades.com/

Response headers

Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin: https://winningtrades.com
Date: Tue, 22 Oct 2024 13:14:38 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 204 unip Show response
trc-events.taboola.com/1095034/log/3/ 0
247 B 32ms
31ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1095034/log/3/unip?en=pre_d_eng_tb&tos=4578&scd=0&ssd=1&est=1729602874605&ver=36&isls=true&src=i&invt=3000&msa=3515&rv=1&tim=1729602879185&vi=1729602874582&ri=84142618c20bd79e4063cb7976f3b702&ref=null&cv=20241020-4-RELEASE&item-url=https%3A%2F%2Fwinningtrades.com%2Ftherma_bright&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1095034/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Attribution-Reporting-Eligible: trigger
Referer: https://winningtrades.com/

Response headers

access-control-allow-origin: https://winningtrades.com
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Tue, 22 Oct 2024 13:14:39 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

OPTIONS
H2 200 unip
trc-events.taboola.com/1095034/log/3/ Frame 0
0 38ms
38ms Preflight 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1095034/log/3/unip?en=pre_d_eng_tb&tos=4578&scd=0&ssd=1&est=1729602874605&ver=36&isls=true&src=i&invt=3000&msa=3515&rv=1&tim=1729602879185&vi=1729602874582&ri=84142618c20bd79e4063cb7976f3b702&ref=null&cv=20241020-4-RELEASE&item-url=https%3A%2F%2Fwinningtrades.com%2Ftherma_bright&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://winningtrades.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://winningtrades.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Tue, 22 Oct 2024 13:14:39 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

POST collect
e.clarity.ms/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.viblast.com
URL: https://cdn.viblast.com/vb/stable/viblast.js

Domain: e.clarity.ms
URL: https://e.clarity.ms/collect

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.beehiiv.com/	1970-01-21 00:26:44	Name: __cf_bm Value: og_j.u3yiKeAB9oqdvVs0Zy8gRVw9SN6yLsIKCnEGZg-1729602871-1.0.1.1-74UabPsZcQaHAcQlvqaasWidC8Ww3eRpOvrAO0FMqsONTqezzOHTBq_rcSqLry_9.XfbAfDIyu92Yps7QG0hkA
www.vpdae.com/	1970-01-21 10:02:42	Name: email_activity Value: %7B%22token%22%3A%22xghqhxvhbdmjiidqtzyxuwireocfabbjriqqrsqmyrqqyspodk%22%2C%22c_ids%22%3A%5B9773%5D%7D
.winningtrades.com/	1970-01-21 00:31:02	Name: winningtrades_live_u2main Value: bus\|1729602872144x304821319771238600\|1729602872163x431774468227053440
.winningtrades.com/	1970-01-21 00:31:02	Name: winningtrades_live_u2main.sig Value: 1xg-2R-ymMjpwde10jdfO6Du3ok
.winningtrades.com/	1969-12-31 23:59:59	Name: winningtrades_u1main Value: 1729602872144x304821319771238600
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 58Oj3Tmjto4
.youtube.com/	1970-01-21 04:45:54	Name: VISITOR_INFO1_LIVE Value: kMYQk4-IN0M
.youtube.com/	1970-01-21 04:45:54	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgGQ%3D%3D
.winningtrades.com/	1970-01-21 02:36:18	Name: _fbp Value: fb.1.1729602875025.213411478243972046

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.viblast.com/vb/stable/viblast.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
deprecation	warning	URL: https://winningtrades.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js(Line 1) Message: Listener added for a 'DOMNodeInserted' mutation event. This event type is deprecated, and will be removed from this browser VERY soon. Usage of this event listener will cause performance issues today, and represents a large risk of imminent site breakage. Consider using MutationObserver instead. See https://chromestatus.com/feature/5083947249172480 for more information.
network	error	URL: https://winningtrades.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io
api.iconify.design
cdn.jsdelivr.net
cdn.quilljs.com
cdn.taboola.com
cdn.viblast.com
code.iconify.design
connect.facebook.net
d1muf25xaso8hp.cloudfront.net
e.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
ipv4.geojs.io
jika.io
link.mail.beehiiv.com
platform.twitter.com
psb.taboola.com
trc-events.taboola.com
trc.taboola.com
unpkg.com
vjs.zencdn.net
widget.darqube.com
winningtrades.com
www.clarity.ms
www.facebook.com
www.jika.io
www.vpdae.com
www.youtube.com
cdn.viblast.com
e.clarity.ms
104.16.42.105
104.17.123.183
141.226.228.48
142.250.186.131
151.101.65.44
157.240.253.1
188.114.96.3
199.232.188.157
20.57.85.160
23.22.5.68
2600:9000:211e:e600:1c:37e5:3f40:21
2606:4700:20::681a:dcc
2606:4700:20::ac43:4657
2606:4700:3108::ac42:2b5d
2606:4700::6811:f7cb
2606:4700::6812:4428
2620:1ec:29:1::64
2a00:1450:4001:811::200a
2a00:1450:4001:82f::200e
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::485
2a04:4e42::729
3.226.182.14
5.161.104.165
06a835df6582c7d3ca08154adae28fe5b1c22ac4c51ddea43de691ab3e324b0d
08ae2d94daffc1537d98d92554c8e95937064fd9b827d3910b1aafdccd6fb7f0
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
0faa25ae64edb714ae1148409c1e2ac4c0c84c6babcdd261b6b65cae42108fc2
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
19aa295521f5fe3828d378798ce690ff429956271afab0ac12883f188bcf95be
1bd9724e3096fd34d6240a2aff5a6d7a46cf99ad3e5e529e0fe0bd95e26395a4
1c34bdb70c09a7c62cba99484f277e07cae4284dfc42a3185d4af27f3d078d0b
1df901c8c3974f6c0b88466dd310f156a9c65c3ae5e45a2b78bcdd8399aad50c
1f1e36121cffdeced7b6bec3c6d0cd056004fe7ecbb51aba7991cc19d5ae78e7
31e8f16dc406390f16837b79aae426f5010fe9139819fc2920d77d4833824b4b
36cb859be5a639c678f317d76c5c589da1b5e08820fcce41d67c38b517efa959
37ec782f260baf91854194750d45ef07531f26bd82d4bb600fa0d48e9971ae21
389951d474acb58180084a4e8c1cd61e8c3d16f5ddb73193079d1aeb6cc8e1b7
3929faed6f620d4993ccb7f980dcf8301046ede0ebbe1995a4ceb9e312aa07ac
3a6733e85a8e7daed51893fb8c1ec84fcb06627dc8b78dc614ad85ca967a6501
3a8cb49810c86c834c2b0ddc77a6c2f2e8ba11cf7617174537c58268de728cd6
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
46763816babdcf547c1cbedf9a54a7295648cbc1ae648f5620c8e11264b01fcc
48b1b42379c43ddbbf6ca013334f983068a10a62f6d223432a166872ec0ec0e9
492c84a35f8efbb0a618bcf452deb28247326510c9fa896f443db0ad22a31027
56f49928c069de03c5ccf1c3d0da1a3263e56feeb738bd4ca4742503332a2924
6456da72cd2d8b357eb7af8860bdaca22fb80766c907843ec5b525c3809d73cb
683b90a5402ea01dca0d3b650012b1aae28fe15060eee9cebae216c659aa611d
68b594d79a955d4237d365555d137be2842068c263d444f583556ee1f9a8cbc1
6d4cb67a77ccaac1eb6226ad28e5c991a57a03a8aea99e85523b7e0df6694770
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
7645e6318cef4edf687294610b2397e1a4be70567dbadfa49d99d24b4a6281b4
7c96830aca4e709794d74b7b6d93d6e4e0f6c762ff21d8c96147b2eca86d8df2
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
7edca385d14ed1f1f578f5288eeab5f8d25cabc5fa45c25f21bf6991920430eb
7f649962625d75ad320e6e08c7408167861ebc287ba3d6069ca01b7ce086d310
83ce3e812921923e726be63f1dffb087ff1fcd0c3e39250c1286ebbb908f0acb
864a0ef9790846a1508ce85f71d18c0d87fed5181f9bebe6684e0254db88b909
892e299431955e9ae388ae257f72024ee76af2d52a7a97a868f70fbe50f16144
8c039b6e245af3041933a2e283eb929be6c05618616e34ef2b8e3ca2bb368007
8d9052391bab9d7824e5397a287d8fb00bb5132567f596c17cdf3b4c8d681ce6
9548e58bb2919baea2b1fdaf0a0a4881a3e280d422375f37bdd2af2c24a80d32
963ecfb4bf98969ac8bfec15f0ede5941ce3414b8f1ad3590ffe38fa8053453a
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a600e503fc0dcb171bd2ce6b639bbb5cf35b91ccc3c045324a7a4e2603683a0f
a80c2efe80248a6ddbbf8f13b2632501da332c5a487efccacee6a9f33074f18e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac20020d60a9fd5cc8874aec07e8a940233d5c1bcef0735ed1f35239ae2ccacd
ba2587470e7ef35b0b0b9a489d5935c4775dd29d0f1f322bb3ffd078ce161c0a
ba8af6bb9df1ac6f799b603ebc06f4f3529084ee8548ed00ef4d33cca157941b
bbc4d9775bf7239d74962405a77935e4498d70c61941a7239f5d41c8cf54f0b0
c3d3036fdbd771d327ee2e9262a86eef41f96c3bffcc7adad2a91a651968923b
c5c1c02cdacc7820c13d87b9450d6b72bc5a669a816ca69585f6e84e187c84ef
d0d8f03b52c1b20b11128472a5306f63d6cd9b0d98eeb2f85194375b4cc1cc04
d1c53b3339955bc59c534428474ecf96bc825f9b824754b84652d484adf67209
d5e85921104888d83b3e7f5e976a2f8e5f64a7bdde320e4eece613a9a503129b
d7d39b75f8d8895c21e8f271d6b110535f413f39d348da21dc0e669d2769ed41
de86018869b5e845bdc101fc1b55611a1e375e08af6cee4a681d7446103da611
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6792bc2356c88d7cacf7351d64da1e7eaade694b9485daef7f4c84f5844968c
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e8a987fd3ead2a48ab99ae5fd18c4fb1e320ab61930218eaf1757e83732ff5b3
e8ccf814e7037888a21acd3e59fd28b265ddf7d04bbd38c5b41c99ec53311b1a
ead3d0ce072955194e4e6062c01e9fd7aa9e0503291e6e9cb15454e1a6bc23ce
eb5c5e827f3da6dd046acc090a3090e6ae6f9a6f9c445cfe250eac63f4375386
ed7084b01ffa9cbf32623d742e043b891326b91c72609605392a08d9d3f09735
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12b7bbf897cf3d52ff0e487c6a8f5682024782eada19775819d4c3785bfbe84
f1726ef5b0ce20ebb8f89227c1b206d1c354304c9fd0ca7c4beb44c92faa3ab6
f2e205898bbc3c3aac2b398e90b669dbbdf7e91e4c6d808df8783b0781d77d5d
f4101223ab5ef3ea08d5c0369a98a256d557417934ac6bb29a20343113e35a29
f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56
fbff4c49f47d67ae9ef56bc7115e503e17f45fef6f23b10bc8b9b0441056a790
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fe68d6c3967b21b4625752b57fb5c7111dc35dc4ac988307d3b7f2e90051a27c

winningtrades.com Open in urlscan Pro 104.16.42.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

94 Requests

96 %HTTPS

50 %IPv6

22 Domains

28 Subdomains

22 IPs

4 Countries

4267 kBTransfer

9788 kBSize

9 Cookies

1 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

winningtrades.com Open in urlscan Pro
104.16.42.105 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

96 %
HTTPS

50 %
IPv6

22
Domains

28
Subdomains

22
IPs

4
Countries

4267 kB
Transfer

9788 kB
Size

9
Cookies

94 HTTP transactions
1 data transactions