URL: https://win268.top/
Submission: On June 15 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 27 IPs in 4 countries across 27 domains to perform 44 HTTP transactions. The main IP is 104.21.96.32, located in and belongs to CLOUDFLARENET, US. The main domain is win268.top.
TLS certificate: Issued by E6 on June 10th 2024. Valid for: 3 months.
This is the only time win268.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 104.21.96.32 13335 (CLOUDFLAR...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
4 2a04:4e42:200... 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 108.167.180.88 19871 (NETWORK-S...)
1 209.212.30.156 21669 (NJ-STATEW...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:8e:... 54113 (FASTLY)
1 192.0.66.2 2635 (AUTOMATTIC)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 192.0.77.2 2635 (AUTOMATTIC)
1 18.156.206.15 16509 (AMAZON-02)
1 13.225.78.55 16509 (AMAZON-02)
1 94.198.55.224 56694 (SMARTAPE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a04:4e42:600... 54113 (FASTLY)
1 2600:9000:20b... 16509 (AMAZON-02)
1 151.101.193.124 54113 (FASTLY)
1 2a04:4e42:400... 54113 (FASTLY)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 34.173.227.91 396982 (GOOGLE-CL...)
1 13.35.58.24 16509 (AMAZON-02)
1 23.211.9.212 16625 (AKAMAI-AS)
1 2600:9000:206... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
44 27
Apex Domain
Subdomains
Transfer
12 win268.top
win268.top
232 KB
4 redd.it
i.redd.it — Cisco Umbrella Rank: 5751
external-preview.redd.it — Cisco Umbrella Rank: 3575
preview.redd.it — Cisco Umbrella Rank: 2957
1 MB
3 gstatic.com
fonts.gstatic.com
43 KB
2 media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 436
841 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
1 KB
1 liketoknow.it
product-images-cdn.liketoknow.it — Cisco Umbrella Rank: 54318
160 KB
1 telegraph.co.uk
www.telegraph.co.uk — Cisco Umbrella Rank: 37394
27 KB
1 wjla.com
wjla.com — Cisco Umbrella Rank: 419530
202 KB
1 highplainsspicecompany.com
highplainsspicecompany.com
53 KB
1 scdn.co
i.scdn.co — Cisco Umbrella Rank: 1569
101 KB
1 imgix.net
lp-cms-production.imgix.net — Cisco Umbrella Rank: 158648
218 KB
1 tyr.com
www.tyr.com — Cisco Umbrella Rank: 761871
47 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 6352
13 KB
1 welt.de
img.welt.de — Cisco Umbrella Rank: 103206
150 KB
1 thesaurus.plus
thesaurus.plus
21 KB
1 fineartamerica.com
render.fineartamerica.com — Cisco Umbrella Rank: 122371
151 KB
1 pixc.com
pixc.com
194 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 4272
25 KB
1 pinimg.com
i.pinimg.com — Cisco Umbrella Rank: 2454
32 KB
1 denverpost.com
www.denverpost.com — Cisco Umbrella Rank: 182155
15 KB
1 twimg.com
pbs.twimg.com — Cisco Umbrella Rank: 1225
2 MB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 119
100 KB
1 npl.org
www.npl.org
42 KB
1 a-b-cpr.com
a-b-cpr.com
928 KB
1 nigeriapropertycentre.com
images.nigeriapropertycentre.com
42 KB
1 s-nbcnews.com
media-cldnry.s-nbcnews.com — Cisco Umbrella Rank: 16251
31 KB
0 tiktok.com Failed
www.tiktok.com Failed
44 27
Domain Requested by
12 win268.top win268.top
3 fonts.gstatic.com fonts.googleapis.com
2 preview.redd.it win268.top
2 m.media-amazon.com win268.top
1 fonts.googleapis.com win268.top
1 product-images-cdn.liketoknow.it win268.top
1 www.telegraph.co.uk win268.top
1 wjla.com win268.top
1 highplainsspicecompany.com win268.top
1 i.scdn.co win268.top
1 lp-cms-production.imgix.net win268.top
1 www.tyr.com win268.top
1 static.wixstatic.com win268.top
1 img.welt.de win268.top
1 thesaurus.plus win268.top
1 render.fineartamerica.com win268.top
1 pixc.com win268.top
1 external-preview.redd.it win268.top
1 i0.wp.com win268.top
1 i.pinimg.com win268.top
1 www.denverpost.com win268.top
1 pbs.twimg.com win268.top
1 i.ytimg.com win268.top
1 www.npl.org win268.top
1 a-b-cpr.com win268.top
1 images.nigeriapropertycentre.com win268.top
1 i.redd.it win268.top
1 media-cldnry.s-nbcnews.com win268.top
0 www.tiktok.com Failed win268.top
44 29
Subject Issuer Validity Valid
win268.top
E6
2024-06-10 -
2024-09-08
3 months crt.sh
*.s-nbcnews.com
DigiCert TLS RSA SHA256 2020 CA1
2023-10-16 -
2024-10-16
a year crt.sh
*.redd.it
DigiCert TLS RSA SHA256 2020 CA1
2024-05-30 -
2024-11-26
6 months crt.sh
nigeriapropertycentre.com
Cloudflare Inc ECC CA-3
2024-02-10 -
2024-12-31
a year crt.sh
a-b-cpr.com
Sectigo RSA Domain Validation Secure Server CA
2023-06-29 -
2024-06-28
a year crt.sh
npl.org
R3
2024-04-21 -
2024-07-20
3 months crt.sh
edgestatic.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-21 -
2024-08-20
a year crt.sh
denverpost.com
R3
2024-04-21 -
2024-07-20
3 months crt.sh
i2.pinimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-04-23 -
2025-05-15
a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2023-11-28 -
2024-12-28
a year crt.sh
pixc.com
Amazon RSA 2048 M02
2024-04-06 -
2025-05-05
a year crt.sh
*.fineartamerica.com
Amazon RSA 2048 M02
2024-06-15 -
2025-07-14
a year crt.sh
thesaurus.plus
R10
2024-06-11 -
2024-09-09
3 months crt.sh
img.welt.de
R3
2024-04-22 -
2024-07-21
3 months crt.sh
images-na.ssl-images-amazon.com
DigiCert Global CA G2
2024-03-18 -
2025-03-09
a year crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA
2024-05-27 -
2024-11-23
6 months crt.sh
tyr.eu
R3
2024-05-17 -
2024-08-15
3 months crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4
2023-12-07 -
2025-01-07
a year crt.sh
*.scdn.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-31 -
2024-08-19
a year crt.sh
highplainsspicecompany.com
R3
2024-05-26 -
2024-08-24
3 months crt.sh
wjla.com
Amazon RSA 2048 M03
2024-02-21 -
2025-03-22
a year crt.sh
www.telegraph.co.uk
DigiCert TLS RSA SHA256 2020 CA1
2024-02-09 -
2025-01-23
a year crt.sh
liketoknow.it
Amazon RSA 2048 M03
2023-10-26 -
2024-11-22
a year crt.sh
upload.video.google.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
*.gstatic.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh

This page contains 1 frames:

Primary Page: https://win268.top/
Frame ID: 3768755D0A51E14F90B4F6A3BF11D6E9
Requests: 48 HTTP requests in this frame

Screenshot

Page Title

Receive Gen beneath diese Behave is lives concern otherwise an sentence in somebody measure ensure has necessary toward will payments via who type see get Actual are concern in who press date

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

98 %
HTTPS

54 %
IPv6

27
Domains

29
Subdomains

27
IPs

4
Countries

6847 kB
Transfer

7034 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
win268.top/
34 KB
14 KB
Document
General
Full URL
https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.96.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc9a2aace097a93863275acc4f080ead073ba7b17bbc384ddd5f2437ec160a99

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89412e1d3fcd9180-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 15 Jun 2024 08:27:18 GMT
last-modified
Sat, 15 Jun 2024 07:32:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5NFiGwVy4%2F4Pg%2BxD0Rl4DjvnMH6KC3WYncnz%2FruiQ51qFzm68WWSoZeLwDXCWc7nW2q2cVp56spL%2F0M7vOg3pYaswrT2GxdBXFv2o4O%2B3%2Bhun6eAbpNa%2BrF2EykL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
main.css
win268.top/assets/css/
58 KB
9 KB
Stylesheet
General
Full URL
https://win268.top/assets/css/main.css
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.96.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e258999c36c723c22d7790d72a34dd0282588334c6f6a7b87abd1630acdf2ba

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 17:25:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e646-61a8c6ec3ef09-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QnD7SEen%2BU71aKNu5CrrxsDARUbDkd%2FeQuU3D4QGQ8l4G90KLANZ6A3Ca3da0Dou6WK9rHzbPTGqJVTNhVQO57PdLUHSBDqmA5b7UH%2FYabUOYXd9QSYF44dXOOrh"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89412e1db8919180-FRA
alt-svc
h3=":443"; ma=86400
content-length
8660
6C7090584-alien.jpg
media-cldnry.s-nbcnews.com/image/upload/t_fit-760w,f_auto,q_auto:best/streams/2013/April/130425/
31 KB
31 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_fit-760w,f_auto,q_auto:best/streams/2013/April/130425/6C7090584-alien.jpg
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:d86::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
c00426682272fe7bbfe38fa4643236c03e7decfc2b6d6b26f82b89573393417e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sat, 15 Jun 2024 08:27:18 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
441738923895519105618793463111720233325,203998935827176647482768602110891857374,7831a46e631c715519da9d0ce0a38b6b
content-disposition
inline; filename="6C7090584-alien.webp"
content-length
31590
x-served-by
cache-iad-kjyo7100157-IAD
last-modified
Mon, 23 Aug 2021 01:12:33 GMT
server
cloudinary
surrogate-reporting
width=760,height=532,owidth=1000,oheight=700,obytes=347136,oformat=webp
x-timer
S1718440038.440817,VS0,VE43
etag
"7e86d95cab5b05a02fb863518cd39f7c"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31557562
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Sun, 15 Jun 2025 14:26:40 GMT
uh896c60xd7a1.jpg
i.redd.it/
675 KB
676 KB
Image
General
Full URL
https://i.redd.it/uh896c60xd7a1.jpg
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
51f71a92908e419451c431c5a0fc38d91fb71f6a8c747027198a5cc616ac5ff1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-canonical-filename-image-generation
1
x-amz-version-id
null
via
1.1 varnish, 1.1 varnish
date
Sat, 15 Jun 2024 08:27:18 GMT
last-modified
Thu, 22 Dec 2022 00:23:19 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 1.0, "failure_fraction": 1.0}
etag
"0af6f627f4dae696d243bf229eb158ef"
x-amz-server-side-encryption
AES256
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/jpeg
accept-ranges
bytes
content-length
691224
expires
Thu, 31 Dec 2037 23:59:59 GMT
06566008e178e5-well-maintained-4bedroom-semi-detached-house-semi-detached-duplexes-for-rent-sangotedo-ajah-lagos.jpeg
images.nigeriapropertycentre.com/properties/images/2020841/
42 KB
42 KB
Image
General
Full URL
https://images.nigeriapropertycentre.com/properties/images/2020841/06566008e178e5-well-maintained-4bedroom-semi-detached-house-semi-detached-duplexes-for-rent-sangotedo-ajah-lagos.jpeg
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13abb0a0af2abb62c85352aef96f36d388e61f09b7d97047363d8e5bef3bd631

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
x-amz-version-id
9wFY1A17zMVj.HzUZ1OjdpETz5KWhixL
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
XFQWMAH8PVVFDV7Y
x-amz-server-side-encryption
AES256
content-length
42544
x-amz-id-2
SV1BEa1+8QGqrXAhJUwUmIsIGXOP2Adh8w1brvjk9aJttN/fgzVkQOOmR+1Inef68ehskOzKJf5FNOdcuuZs8g==
last-modified
Tue, 28 Nov 2023 15:00:31 GMT
server
cloudflare
etag
"46e3aec6d4a9ba1ef642c87ea0f0ac80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=joH6%2Fu%2FpIOYOV%2FTxvETRd6%2BXwhA%2BKJ5Q3mwSuc1ihOjN7L3r46TUCtQ%2FnWwA7NyRz1REi%2B6Pqn7P3Ep9trEdtN%2F2zz7ybuFleYJVwJIAZeQf2uTJFkqCTReRvBKXYlcNwUyPzYtWzBbTdoJG%2B8xU11L5j%2BH1kTDnhbOLKpjc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
89412e1e1df42baa-FRA
bg-2.jpg
a-b-cpr.com/wp-content/uploads/2017/12/
928 KB
928 KB
Image
General
Full URL
https://a-b-cpr.com/wp-content/uploads/2017/12/bg-2.jpg
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.180.88 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
heartofcalaveras.org
Software
Apache /
Resource Hash
c53c0a96a36804958f757102f5d1227fd9c9d2096a584b5f6f046f4f8f4698bd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
last-modified
Fri, 05 Feb 2021 21:33:20 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=10368000
accept-ranges
bytes
content-length
950123
expires
max-age=A10368000, public
podcast-400x330.png
www.npl.org/wp-content/uploads/2019/06/
41 KB
42 KB
Image
General
Full URL
https://www.npl.org/wp-content/uploads/2019/06/podcast-400x330.png
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.212.30.156 Westfield, United States, ASN21669 (NJ-STATEWIDE-LIBRARY-NETWORK, US),
Reverse DNS
wx5.njsl.org
Software
Apache /
Resource Hash
76f8d4ba5e26e3cf53536de1b2fad3bb34215d5eb37de05c8ad60dda27004a60
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 15 Jun 2024 08:27:19 GMT
Last-Modified
Thu, 05 Sep 2019 18:46:21 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
42414
X-XSS-Protection
1; mode=block
maxresdefault.jpg
i.ytimg.com/vi/mePu74AKLDc/
100 KB
100 KB
Image
General
Full URL
https://i.ytimg.com/vi/mePu74AKLDc/maxresdefault.jpg
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdd1e3b908abf9a580d0eb429863c6b10f0033210b11319b862194a09bae8590
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
102102
x-xss-protection
0
server
sffe
etag
"1471428709"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 15 Jun 2024 10:27:18 GMT
F0-DM59aYAUsrBw
pbs.twimg.com/media/
2 MB
2 MB
Image
General
Full URL
https://pbs.twimg.com/media/F0-DM59aYAUsrBw?format=jpg&name=4096x4096
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8e::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8e44594103f2af3cf6ee502b0734d7f54a7efd45183dedd7a78c82bac69d15b6
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=631138519
date
Sat, 15 Jun 2024 08:27:19 GMT
x-content-type-options
nosniff
x-cache
MISS, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length
2182829
x-served-by
cache-lhr-egll1980029-LHR, cache-fra-etou8220144-FRA, cache-tw-ZZZ1
last-modified
Fri, 14 Jul 2023 04:10:39 GMT
x-tw-cdn
FT
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
1ce828bd60602f32
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7402827104
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
20120108__20120109_BB9_SP09FBNTEXANSp1.jpg
www.denverpost.com/wp-content/uploads/2016/05/
15 KB
15 KB
Image
General
Full URL
https://www.denverpost.com/wp-content/uploads/2016/05/20120108__20120109_BB9_SP09FBNTEXANSp1.jpg?w=228
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
69af172b5281cca6548baa96e709ace5c42e5591e9d4eb647fc9a1cf32011051
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-rq
hhn1 109 139 443
last-modified
Sat, 15 Jun 2024 08:27:18 GMT
server
nginx
etag
"c6adf99d9c0c1b2f"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes, bytes
content-length
14864
55e18630a2d5e6bd29721c78dc4a8c78.jpg
i.pinimg.com/736x/55/e1/86/
32 KB
32 KB
Image
General
Full URL
https://i.pinimg.com/736x/55/e1/86/55e18630a2d5e6bd29721c78dc4a8c78.jpg
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:6799 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ce3dbbdd029b02160cfb210aa8d05bd8d8a7c21b37649235164526c3f0f9b930

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cdn
akamai
akamai-grn
0.996656b8.1718440038.10389da3
etag
"e7b04e7bf8b1478330e41fb5ff8473d5"
vary
Origin
content-type
image/jpeg
cache-control
immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
32302
x-pinterest-cache-status-v2
Miss
northwood-beach1.jpg
i0.wp.com/www.paddlinglight.com/pl/wp-content/uploads/2008/11/
24 KB
25 KB
Image
General
Full URL
https://i0.wp.com/www.paddlinglight.com/pl/wp-content/uploads/2008/11/northwood-beach1.jpg?ssl=1
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
1873a131e1b186d2068417e65a933066068483080a2918d667a036802c13d401
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
24726
x-nc
MISS hhn 4
last-modified
Sat, 15 Jun 2024 08:27:18 GMT
server
nginx
etag
"1942ae48ed21ede5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.paddlinglight.com/pl/wp-content/uploads/2008/11/northwood-beach1.jpg>; rel="canonical"
expires
Mon, 15 Jun 2026 20:27:18 GMT
szp1C2O_NOpi5aL2Xue4DEazz5AAQvLgV7a4FlUIaa8.jpg
external-preview.redd.it/
206 KB
207 KB
Image
General
Full URL
https://external-preview.redd.it/szp1C2O_NOpi5aL2Xue4DEazz5AAQvLgV7a4FlUIaa8.jpg?width=640&crop=smart&auto=webp&s=ce4c2438eef525c2cc5ab1022d01cc19b389b9c8
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
3a617a8c132c1679c57ff111183e898b77312bebe83830bab05c1d21bbe97474

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

reddit-stats
io=1
x-imo-features
auto=webp&crop=smart&width=640
date
Sat, 15 Jun 2024 08:27:18 GMT
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.5, "failure_fraction": 0.5}
server
snooserv
vary
Accept,X-Imo-Features,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/webp
reddit-io-info
ifsz=913096 idim=1350x1837 ifmt=jpg ofsz=211068 odim=640x870 ofmt=webp
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
211068
ecommerce-mistakes-hm.png
pixc.com/wp-content/uploads/2022/08/
195 KB
194 KB
Image
General
Full URL
https://pixc.com/wp-content/uploads/2022/08/ecommerce-mistakes-hm.png
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.206.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-206-15.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
de92f5e9b9c90ba0da3d7764c0d6f04bba2b0a4590b8978674eb27a8a2c5214d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
content-encoding
gzip
last-modified
Thu, 04 Aug 2022 17:01:49 GMT
server
nginx
etag
W/"62ebfb7d-30d5d"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
pokemon-mark-ashkenazi.jpg
render.fineartamerica.com/images/rendered/default/poster/8/5.5/break/images/artworkimages/medium/1/
151 KB
151 KB
Image
General
Full URL
https://render.fineartamerica.com/images/rendered/default/poster/8/5.5/break/images/artworkimages/medium/1/pokemon-mark-ashkenazi.jpg
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-55.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
dc1a734c23560a616376ba773ad0681deb7f115593a899a1e31880361d05f636

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 19:30:38 GMT
via
1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
FRA2-C2
age
651400
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=1296000
s
06
content-length
154279
x-amz-cf-id
QI_b3RBAqoXZK5L7xUu-O706SdZZSCk18nEyPMsMyJVzM4g-GlSkKA==
aids.png
thesaurus.plus/img/synonyms/819/
21 KB
21 KB
Image
General
Full URL
https://thesaurus.plus/img/synonyms/819/aids.png
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.198.55.224 , Russian Federation, ASN56694 (SMARTAPE, RU),
Reverse DNS
s529190.srvape.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
13a91880c775aa26a013216c2a7367c1e58dc11be6380f24605afccab0b3ed77

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
last-modified
Fri, 03 Jun 2022 12:56:52 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"629a0514-52fb"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
21243
expires
Thu, 31 Dec 2037 23:55:55 GMT
Las1-DW-Vermischtes-LAS-VEGAS-jpg.jpg
img.welt.de/img/vermischtes/mobile102015213/9272504797-ci102l-w1024/
150 KB
150 KB
Image
General
Full URL
https://img.welt.de/img/vermischtes/mobile102015213/9272504797-ci102l-w1024/Las1-DW-Vermischtes-LAS-VEGAS-jpg.jpg
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9553864e8cde7659e1bf228ebeb4d6dac4e37378aebc3219bfde313d85051292

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
cache-control
max-age=604800
last-modified
Fri, 26 Oct 2012 17:49:26 GMT
accept-ranges
bytes
content-length
153867
content-type
image/jpeg
71AV6Uyc0AL.jpg
m.media-amazon.com/images/I/
191 KB
191 KB
Image
General
Full URL
https://m.media-amazon.com/images/I/71AV6Uyc0AL.jpg
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0bc8366bc577f7b3393d25e69bb7d7850fe0882d99ef13b3442c89f1a2129ec

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
age
0
x-cache
MISS from fastly, MISS from fastly
x-nginx-cache-status
HIT
server-timing
provider;desc="fy"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
195350
x-served-by
cache-iad-kcgs7200063-IAD, cache-fra-etou8220144-FRA
last-modified
Fri, 18 Sep 2020 22:00:22 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
99c6a13a-1a37-479c-a1bc-585c8c3beb35
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
expires
Wed, 01 Jun 2044 02:18:45 GMT
e8ada5_82e4cdc647f44cc8a72b795b232fc6e4f000.jpg
static.wixstatic.com/media/e8ada5_82e4cdc647f44cc8a72b795b232fc6e4f000.jpg/v1/fill/w_320,h_402,al_c,q_80,usm_0.33_1.00_0.00,enc_auto/
13 KB
13 KB
Image
General
Full URL
https://static.wixstatic.com/media/e8ada5_82e4cdc647f44cc8a72b795b232fc6e4f000.jpg/v1/fill/w_320,h_402,al_c,q_80,usm_0.33_1.00_0.00,enc_auto/e8ada5_82e4cdc647f44cc8a72b795b232fc6e4f000.jpg
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:b400:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
e574897d9d9b0f3190e15fd21ba2ccd4388ef90f19fa2c344202639c2c83b774

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-seen-by
image-manipulator-7848c6d757-t6x4s
date
Sat, 15 Jun 2024 08:27:18 GMT
via
1.1 google, 1.1 21fa1f710ba39237a1fbf11df235dc68.cloudfront.net (CloudFront)
server
openresty/1.21.4.1
x-amz-cf-pop
AMS58-P4
vary
Accept
x-cache
Miss from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
OXllSB3KmPYfm5Nzul2E5YA8ykLHo8H9PyMs6Hd4Q78pRKF6hQhZ_w==
content-length
13088
wix-tracer
2huNX3oz14IU7BgnOy0YovLssFM
MV5BMjA0NjM5MzI5Nl5BMl5BanBnXkFtZTcwMTU5OTUxNw@@._V1_.jpg
m.media-amazon.com/images/M/
649 KB
650 KB
Image
General
Full URL
https://m.media-amazon.com/images/M/MV5BMjA0NjM5MzI5Nl5BMl5BanBnXkFtZTcwMTU5OTUxNw@@._V1_.jpg
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
943ab7c5bb5dc01bc4408fcdd2b21185374c46993e52601ef44c8dfe4e3e7afc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 26 Sep 2043 20:39:17 GMT
date
Sat, 15 Jun 2024 08:27:18 GMT
last-modified
Wed, 14 Dec 2011 20:11:20 GMT
age
2646009
x-cache
HIT from fastly, HIT from fastly
x-nginx-cache-status
HIT
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=630720000,public
x-amz-ir-id
43b4bfba-b140-495d-a072-fea0707de0eb
server-timing
provider;desc="fy"
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
665083
x-served-by
cache-iad-kjyo7100066-IAD, cache-fra-etou8220144-FRA
v2tbs05hlnv71.jpg
preview.redd.it/
56 KB
57 KB
Image
General
Full URL
https://preview.redd.it/v2tbs05hlnv71.jpg?width=640&crop=smart&auto=webp&s=d018558d5b3043a64d5d92036525a93a3bbbfad1
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
53541f3f92cfc73558c9caa3f10b6ef7abdf84ef09b246d6db1668a25527beef

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

reddit-stats
io=1
x-imo-features
auto=webp&crop=smart&width=640
x-canonical-filename-image-generation
1
via
1.1 varnish, 1.1 varnish
date
Sat, 15 Jun 2024 08:27:18 GMT
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
server
snooserv
vary
Accept,X-Imo-Features,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/webp
reddit-io-info
ifsz=511527 idim=2160x2880 ifmt=jpg ofsz=57852 odim=640x853 ofmt=webp
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
57852
lrecset-422_alt01.png
www.tyr.com/media/catalog/product/l/r/
47 KB
47 KB
Image
General
Full URL
https://www.tyr.com/media/catalog/product/l/r/lrecset-422_alt01.png?quality=94&bg-color=255,255,255&fit=bounds&height=1500&width=1200&canvas=1200:1500&format=jpeg
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.124 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c4c05f42ba16d0bb106b1d94dc1d810ce12076eec1b6045cb4b9753ff64dfae2
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0, 0
date
Sat, 15 Jun 2024 08:27:18 GMT
strict-transport-security
max-age=31557600
x-platform-server
i-0e007780c7a9c2121, i-0e007780c7a9c2121
fastly-io-served-by
vpop-haf2300703
traceresponse
00-17d9103df939d0550c74bbf0ba442405-3483f0f68851e920-01
age
17447
x-cache
MISS, MISS
fastly-io-info
ifsz=375488 idim=970x1200 ifmt=png ofsz=47706 odim=970x1213 ofmt=webp
fastly-stats
io=1
content-length
47706
x-served-by
cache-bfi-kbfi7400024-BFI, cache-fra-etou8220131-FRA
etag
"2B6AsCTJ6IHTI6mF8+FpcN0zhlT5bsigzfS/1j4VqH8"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
x-debug-info
eyJyZXRyaWVzIjowfQ==
accept-ranges
bytes
expires
Sun, 15 Jun 2025 03:36:31 GMT
USA-Louisville-truchb28-GettyImages-149404067-RFC.jpg
lp-cms-production.imgix.net/2022-04/
218 KB
218 KB
Image
General
Full URL
https://lp-cms-production.imgix.net/2022-04/USA-Louisville-truchb28-GettyImages-149404067-RFC.jpg?auto=format&w=1440&h=810&fit=crop&q=75
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
4c5d87cd91eb0f2669e0f4e4f03dab47c17e16ee9d6daa234161d5fe586e9cce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
x-content-type-options
nosniff
age
1403194
x-cache
HIT, MISS
x-imgix-id
f77607ffbdbbc83eb5a186da9d80edb8c881589c
cross-origin-resource-policy
cross-origin
content-length
223236
x-served-by
cache-sjc1000144-SJC, cache-fra-eddf8230083-FRA
last-modified
Thu, 30 May 2024 02:40:44 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
ab67616d0000b273604f9f1540f3eb9fe601120d
i.scdn.co/image/
100 KB
101 KB
Image
General
Full URL
https://i.scdn.co/image/ab67616d0000b273604f9f1540f3eb9fe601120d
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:3::210:ee87 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b60fe36409d9f123104d7b8db8f97a01e48d73485a12c697c449b57175e4bc94
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15768000
date
Sat, 15 Jun 2024 08:27:18 GMT
last-modified
Mon, 24 Feb 2020 15:56:40 GMT
etag
"189280f23a81f54fe0a8a3b7d27f6f1f"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=15780000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
range
content-length
102861
expires
Sat, 15 Jun 2024 08:27:18 GMT
rubbed-sage.jpg
highplainsspicecompany.com/wp-content/uploads/2013/03/
53 KB
53 KB
Image
General
Full URL
https://highplainsspicecompany.com/wp-content/uploads/2013/03/rubbed-sage.jpg
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.173.227.91 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
91.227.173.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
742821bd912ac7b0216e2edec3652b73be58e593e1e92c38c4343da549857aa2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
last-modified
Thu, 22 Sep 2022 18:09:26 GMT
server
nginx
etag
"632ca4d6-d2c5"
vary
Accept
content-type
image/jpeg
accept-ranges
bytes
content-length
53957
/
www.tiktok.com/api/img/
0
0

c2fcc6ad-acc7-4dd6-8c5e-beb7b34cb8b3-large16x9_SHOPLIFTERSUNITEPKG.transfer_frame_1713.jpeg
wjla.com/resources/media/
201 KB
202 KB
Image
General
Full URL
https://wjla.com/resources/media/c2fcc6ad-acc7-4dd6-8c5e-beb7b34cb8b3-large16x9_SHOPLIFTERSUNITEPKG.transfer_frame_1713.jpeg
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6bc87a634086bcff01e227f48fbb522311c95473f58b454e6feabcb365e5cc73

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:19 GMT
x-amz-version-id
0z8Oiohf0gGyJEQgqkIb9zjSjtJ8lsCN
via
1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
last-modified
Sat, 06 Jan 2024 01:09:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
etag
"b527d7324fe39f04a71b9ebc74da4721"
x-cache
Miss from cloudfront
content-type
image/jpeg
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-length
206175
x-amz-cf-id
a08BYJozMHFhKObld5dtdyk8Bq7-H9i0Yo7nw3hSJziAECa0xqbTWg==
thought-id-share-some-pics-of-this-beautiful-camel-spider-i-v0-ozm53qgdv5xa1.jpg
preview.redd.it/
103 KB
103 KB
Image
General
Full URL
https://preview.redd.it/thought-id-share-some-pics-of-this-beautiful-camel-spider-i-v0-ozm53qgdv5xa1.jpg?width=640&crop=smart&auto=webp&s=86190fe608a60429fa5517e857aa7134e56c9302
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
a266f04f0001b18f5864c793b225f4392d0ba6d027a0096f8b0b74d8c479335b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

reddit-stats
io=1
x-imo-features
auto=webp&crop=smart&width=640
x-canonical-filename-image-generation
1
via
1.1 varnish, 1.1 varnish
date
Sat, 15 Jun 2024 08:27:18 GMT
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
server
snooserv
vary
Accept,X-Imo-Features,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/webp
reddit-io-info
ifsz=271898 idim=1297x973 ifmt=jpg ofsz=105656 odim=640x480 ofmt=webp
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
105656
TELEMMGLPICT000341883746_16887389431030_trans_NvBQzQNjv4BqqVzuuqpFlyLIwiB6NTmJwfSVWeZ_vEN7c6bHu2jJnT8.jpeg
www.telegraph.co.uk/content/dam/recommended/2023/07/07/
27 KB
27 KB
Image
General
Full URL
https://www.telegraph.co.uk/content/dam/recommended/2023/07/07/TELEMMGLPICT000341883746_16887389431030_trans_NvBQzQNjv4BqqVzuuqpFlyLIwiB6NTmJwfSVWeZ_vEN7c6bHu2jJnT8.jpeg?imwidth=680
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.211.9.212 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-9-212.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
04232b480174b22be8a85c2c988fe854cbf368dfdcb836aabdbe7229d181dd81
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.stumbleupon.com stumbleupon.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' www.stumbleupon.com stumbleupon.com;
date
Sat, 15 Jun 2024 08:27:18 GMT
last-modified
Tue, 05 Mar 2024 06:30:10 GMT
server
Akamai Image Manager
x-serial
1934
x-tmg-pref-exists
false
etag
W/"1e9fc-603148a83fd28"
x-frame-options
SAMEORIGIN
akamai-x-true-cache-ttl
31536000
content-type
image/webp
cache-control
no-transform, max-age=43200
content-length
27684
S1VrVmpomGUKSiaNEYa4UxILihztsp757d.EMP8WBGelTM6EVtY0Lts11tWCyMm7gqoVyOQsOuzzzy9MwyiotbQNaRh3FP_bJLNmiuAkfdbH0s5ajTepnHoKHcPry83j7AIoQkAK8BJQiN8UyUBlJpej87CobWZm9Sw1fUARRd6.qf.ad.xEAzdk5.c-
product-images-cdn.liketoknow.it/
159 KB
160 KB
Image
General
Full URL
https://product-images-cdn.liketoknow.it/S1VrVmpomGUKSiaNEYa4UxILihztsp757d.EMP8WBGelTM6EVtY0Lts11tWCyMm7gqoVyOQsOuzzzy9MwyiotbQNaRh3FP_bJLNmiuAkfdbH0s5ajTepnHoKHcPry83j7AIoQkAK8BJQiN8UyUBlJpej87CobWZm9Sw1fUARRd6.qf.ad.xEAzdk5.c-
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2e00:1f:f267:c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6bee19fe844dabd366848c391f4065783c6b0150412963486a09a3e0063dbb43

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
content-length
163072
x-amz-cf-id
rhMJp16yoPK67P-cRRmGxt1uyFF9ZhqRSKslaxbuotOl4PtRT57p5A==
x-cache
Miss from cloudfront
content-type
image/jpeg
0a4e28.png
win268.top/
68 B
371 B
Image
General
Full URL
https://win268.top/0a4e28.png
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.96.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 15 Jun 2024 08:27:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=85NtmldhPBwq6OkLENznho3igmXKE3JowZLTlcoJ9aisPUJV79r69aQMaPHurBaIvJVpr0xwKz6lDZ5SIONHg7G0E2B7dOdArlS9yGt0huwpcBMWuOvVdPATA%2FHC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89412e1dd8bb9180-FRA
alt-svc
h3=":443"; ma=86400
content-length
79
jquery.min.js
win268.top/assets/js/
87 KB
31 KB
Script
General
Full URL
https://win268.top/assets/js/jquery.min.js
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.96.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 17:25:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"15d9d-61a8c6f3eec42-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZPdOmFmc0Oefn408b5zu5QXQFFxly6hPxmncCdegWiZwg3BwGaJD%2BHLsZzgrAK2WJdsGOjzfsON2MjWmtnVpWqaz8XSEIbtAmrP2z83zDwJvcSeQycdhlJNbvX9D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89412e1dd8ac9180-FRA
alt-svc
h3=":443"; ma=86400
content-length
30902
browser.min.js
win268.top/assets/js/
2 KB
1 KB
Script
General
Full URL
https://win268.top/assets/js/browser.min.js
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.96.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4217feebdd357e8a952e0ffbaa02791e5323482b8e3d80b3f714b84b1664103

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 17:25:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"803-61a8c6f6cb73a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fd9POfkWcUMCeo%2F5%2BRCMikFEkrB0uagbRm%2F1Hzp9AKICOakh%2BbghXyKrSkopEEwY8w%2BtJjP5GIh0TAb4o7BWyHFwxblaYZvI52zbjdg%2BR1iTsSj1tRHwT%2BI7ztJM"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89412e1dd8ae9180-FRA
alt-svc
h3=":443"; ma=86400
content-length
906
breakpoints.min.js
win268.top/assets/js/
2 KB
1 KB
Script
General
Full URL
https://win268.top/assets/js/breakpoints.min.js
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.96.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
309febcd6d6e0cf092201532215f03a6a9f30b30f26203272a4861d704e7cd52

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 17:25:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"987-61a8c6fc3a1d3-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ejG8DuFegDMcFj%2F%2BGD2nSqhAQB5MzxuiQyeVbo1Id94CTs9F63KtL1MQt7n2JDxVeduecLlX1GIsIo57VUDrm%2BZakCPOsOhwnPV2IRyXZ%2BWrhC21hH824%2ByecJ2%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89412e1dd8b39180-FRA
alt-svc
h3=":443"; ma=86400
content-length
829
util.js
win268.top/assets/js/
12 KB
4 KB
Script
General
Full URL
https://win268.top/assets/js/util.js
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.96.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 17:25:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3091-61a8c6f801464-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wl0VVztO0Z3d0z6oZVpO%2FliALZoxxLI06UOenrh9MlAbzR%2Fcubp3WcTtIO%2B9MSXI%2Fze6OjNhpvypE0ivTfkD5YfKfkdYoQqaAARm%2BBNwC7E2K3cEgMl%2BS0krbthK"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89412e1dd8b69180-FRA
alt-svc
h3=":443"; ma=86400
content-length
3273
main.js
win268.top/assets/js/
3 KB
1 KB
Script
General
Full URL
https://win268.top/assets/js/main.js
Requested by
Host: win268.top
URL: https://win268.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.96.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c14fa5512a1d7f54d8572fc38ddc5ccf04bf2a16c7f2e14607bfa641f1698765

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 17:25:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"da1-61a8c6f663eef-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vRTbA0az3%2FH8J2Av%2F6Vnltm6MjIn2Gma2ap%2FiE1u3w8vVdUs5t70%2FSHvzasR0YKcYpEnj2YMXiW4uQ9Zkh4cqkzKi5cGeBGD0bp3J3ofQp4oHLMlxwoB7FXmvMRG"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89412e1dd8ba9180-FRA
alt-svc
h3=":443"; ma=86400
content-length
1195
fontawesome-all.min.css
win268.top/assets/css/
58 KB
13 KB
Stylesheet
General
Full URL
https://win268.top/assets/css/fontawesome-all.min.css
Requested by
Host: win268.top
URL: https://win268.top/assets/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24926431fdf5baff0c1929f104152a0726dedf19181876f04cfbc78c98ee318f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/assets/css/main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 17:25:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e809-61a8c6ee1df4e-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x76q1ZNaSflDylqs%2B%2FPzFA77UVN4rqZhjLlunVBTQfGv63zu9wxQNEUOSbViIN6Cr6fepyIx%2BOMtrLZcNwex5aTS%2BTQQ3o5EQinYLlx%2BE6CZZIDbANpM6pZXGgdD"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89412e1e2a105b2c-FRA
alt-svc
h3=":443"; ma=86400
content-length
12863
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,700,900
Requested by
Host: win268.top
URL: https://win268.top/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
673681301ddcbd1be6a50e9da28ebdd266168be53aab868bb5bb2053ecd7fd76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 15 Jun 2024 08:27:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 15 Jun 2024 08:11:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 Jun 2024 08:27:18 GMT
truncated
/
299 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a914f563728290c4146b2b335fa12cfaad7039c6c74237bcb0e5089c2ad952bb

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
299 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba6f8d44c83135afec89fe41dbdaa5d3602ddcaad920bcf6d9785c627c36a306

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aee584e3d58344a41b190bb7b6e550f98ad3bb8e28fbc7ea6ddca22f0ef97183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://win268.top
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 02:41:15 GMT
x-content-type-options
nosniff
age
193563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14188
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:53:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 02:41:15 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://win268.top
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:48:41 GMT
x-content-type-options
nosniff
age
178717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14780
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 06:48:41 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://win268.top
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 12:09:51 GMT
x-content-type-options
nosniff
age
159447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 12:09:51 GMT
fa-solid-900.woff2
win268.top/assets/webfonts/
76 KB
77 KB
Font
General
Full URL
https://win268.top/assets/webfonts/fa-solid-900.woff2
Requested by
Host: win268.top
URL: https://win268.top/assets/css/fontawesome-all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/assets/css/fontawesome-all.min.css
Origin
https://win268.top
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 17:26:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"131bc-61a8c72145c47-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6eirAk3OnpVj97wDD82CjcrHn62n3jPTD35KNzPh8p8XXQhUiHJDUcHQdGqOxlrMSY8U4Gew31GvC2%2FT7y42hb3snvaHo9afNccTcu6pJmeklknIeaZso7SL0hbO"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
cf-ray
89412e1eeadd5b2c-FRA
alt-svc
h3=":443"; ma=86400
fa-brands-400.woff2
win268.top/assets/webfonts/
75 KB
75 KB
Font
General
Full URL
https://win268.top/assets/webfonts/fa-brands-400.woff2
Requested by
Host: win268.top
URL: https://win268.top/assets/css/fontawesome-all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/assets/css/fontawesome-all.min.css
Origin
https://win268.top
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 17:25:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"12bc0-61a8c70e7d0b6-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=94Rs8ZbVFEBB%2BU9jhsCiFUao24GPJAnHWC8ztfagr566H4YwbdXNj4xI5ne64jzUoH%2FhyxJZPXo7Cccn6YQlQK1olmQJPdxq92UKoqdSkyIfJlQaFle3qGpnrBqV"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
cf-ray
89412e1eeae05b2c-FRA
alt-svc
h3=":443"; ma=86400
truncated
/
259 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e3510334874c23f2d6a98ca11270af7dc07f18712447aa8e803d9ca3d92f6b9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
259 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f32614dc4a6bd89cfc03e184a93ac012f166527acd40feccc00f459158bae99

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
favicon.ico
win268.top/
15 KB
6 KB
Other
General
Full URL
https://win268.top/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.32 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b658f5a51a2cc169e3c16dc091bbbb7817d244de0d8559cc05182dc3fdf340d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win268.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 08:27:19 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 11 Jun 2024 16:44:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3c2e-61a9ffbf74d79-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uBY7R3u8LBhU%2FqLr4i7CC7lBoLa5gnNQur7kuyBflRpqCFQjN6VjSHnwMs6bpgbW4hNvirwTq7NvMUjV0bkq8gKUChD8uTm2%2FJfoMIETxPaE%2BhgeYhpckMfJo04M"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89412e26e91d5b2c-FRA
alt-svc
h3=":443"; ma=86400
content-length
5268

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.tiktok.com
URL
https://www.tiktok.com/api/img/?itemId=7248915039216815366&location=0&aid=1988

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery object| browser function| breakpoints

1 Cookies

Domain/Path Name / Value
.nigeriapropertycentre.com/ Name: __cf_bm
Value: oP9QCAfMVJdY.aH9eO7RvdSRp2K9Yg7XkbeRTvuVMdQ-1718440038-1.0.1.1-lZJHpocTsVHBgTQGYeZVraO92mQL.EDfL4CMtABDlP_fnPhpBpRhVzXAEm6jX0Cdqk8QrGlVpIDVElwI1_AliQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-b-cpr.com
external-preview.redd.it
fonts.googleapis.com
fonts.gstatic.com
highplainsspicecompany.com
i.pinimg.com
i.redd.it
i.scdn.co
i.ytimg.com
i0.wp.com
images.nigeriapropertycentre.com
img.welt.de
lp-cms-production.imgix.net
m.media-amazon.com
media-cldnry.s-nbcnews.com
pbs.twimg.com
pixc.com
preview.redd.it
product-images-cdn.liketoknow.it
render.fineartamerica.com
static.wixstatic.com
thesaurus.plus
win268.top
wjla.com
www.denverpost.com
www.npl.org
www.telegraph.co.uk
www.tiktok.com
www.tyr.com
www.tiktok.com
104.21.96.32
108.167.180.88
13.225.78.55
13.35.58.24
151.101.193.124
18.156.206.15
192.0.66.2
192.0.77.2
209.212.30.156
23.211.9.212
2600:9000:206f:2e00:1f:f267:c0:93a1
2600:9000:20b4:b400:1e:5c56:d400:93a1
2606:4700:20::681a:115
2a00:1450:4001:829::200a
2a00:1450:4001:830::2016
2a00:1450:4001:831::2003
2a02:26f0:1700:11::b856:6799
2a02:26f0:3500:11::215:14d0
2a02:26f0:480:3::210:ee87
2a02:26f0:480:d86::a1d
2a04:4e42:200::396
2a04:4e42:400::720
2a04:4e42:600::272
2a04:4e42:8e::159
34.173.227.91
94.198.55.224
04232b480174b22be8a85c2c988fe854cbf368dfdcb836aabdbe7229d181dd81
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
13a91880c775aa26a013216c2a7367c1e58dc11be6380f24605afccab0b3ed77
13abb0a0af2abb62c85352aef96f36d388e61f09b7d97047363d8e5bef3bd631
1873a131e1b186d2068417e65a933066068483080a2918d667a036802c13d401
1e3510334874c23f2d6a98ca11270af7dc07f18712447aa8e803d9ca3d92f6b9
24926431fdf5baff0c1929f104152a0726dedf19181876f04cfbc78c98ee318f
309febcd6d6e0cf092201532215f03a6a9f30b30f26203272a4861d704e7cd52
3a617a8c132c1679c57ff111183e898b77312bebe83830bab05c1d21bbe97474
4c5d87cd91eb0f2669e0f4e4f03dab47c17e16ee9d6daa234161d5fe586e9cce
51f71a92908e419451c431c5a0fc38d91fb71f6a8c747027198a5cc616ac5ff1
53541f3f92cfc73558c9caa3f10b6ef7abdf84ef09b246d6db1668a25527beef
5b658f5a51a2cc169e3c16dc091bbbb7817d244de0d8559cc05182dc3fdf340d
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
673681301ddcbd1be6a50e9da28ebdd266168be53aab868bb5bb2053ecd7fd76
69af172b5281cca6548baa96e709ace5c42e5591e9d4eb647fc9a1cf32011051
6bc87a634086bcff01e227f48fbb522311c95473f58b454e6feabcb365e5cc73
6bee19fe844dabd366848c391f4065783c6b0150412963486a09a3e0063dbb43
742821bd912ac7b0216e2edec3652b73be58e593e1e92c38c4343da549857aa2
76f8d4ba5e26e3cf53536de1b2fad3bb34215d5eb37de05c8ad60dda27004a60
8e44594103f2af3cf6ee502b0734d7f54a7efd45183dedd7a78c82bac69d15b6
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
943ab7c5bb5dc01bc4408fcdd2b21185374c46993e52601ef44c8dfe4e3e7afc
9553864e8cde7659e1bf228ebeb4d6dac4e37378aebc3219bfde313d85051292
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9e258999c36c723c22d7790d72a34dd0282588334c6f6a7b87abd1630acdf2ba
9f32614dc4a6bd89cfc03e184a93ac012f166527acd40feccc00f459158bae99
a266f04f0001b18f5864c793b225f4392d0ba6d027a0096f8b0b74d8c479335b
a914f563728290c4146b2b335fa12cfaad7039c6c74237bcb0e5089c2ad952bb
aee584e3d58344a41b190bb7b6e550f98ad3bb8e28fbc7ea6ddca22f0ef97183
b60fe36409d9f123104d7b8db8f97a01e48d73485a12c697c449b57175e4bc94
ba6f8d44c83135afec89fe41dbdaa5d3602ddcaad920bcf6d9785c627c36a306
c00426682272fe7bbfe38fa4643236c03e7decfc2b6d6b26f82b89573393417e
c14fa5512a1d7f54d8572fc38ddc5ccf04bf2a16c7f2e14607bfa641f1698765
c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
c4217feebdd357e8a952e0ffbaa02791e5323482b8e3d80b3f714b84b1664103
c4c05f42ba16d0bb106b1d94dc1d810ce12076eec1b6045cb4b9753ff64dfae2
c53c0a96a36804958f757102f5d1227fd9c9d2096a584b5f6f046f4f8f4698bd
cc9a2aace097a93863275acc4f080ead073ba7b17bbc384ddd5f2437ec160a99
ce3dbbdd029b02160cfb210aa8d05bd8d8a7c21b37649235164526c3f0f9b930
dc1a734c23560a616376ba773ad0681deb7f115593a899a1e31880361d05f636
de92f5e9b9c90ba0da3d7764c0d6f04bba2b0a4590b8978674eb27a8a2c5214d
e0bc8366bc577f7b3393d25e69bb7d7850fe0882d99ef13b3442c89f1a2129ec
e574897d9d9b0f3190e15fd21ba2ccd4388ef90f19fa2c344202639c2c83b774
fdd1e3b908abf9a580d0eb429863c6b10f0033210b11319b862194a09bae8590
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e