urlscan.io logo urlscan.io
SecurityTrails logo

wincountry.com Open in urlscan Pro
54.84.131.112  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wincountry.com/
Effective URL: https://wincountry.com/
Submission Tags: tranco_l324
Submission: On April 06 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 53 IPs in 8 countries across 43 domains to perform 219 HTTP transactions. The main IP is 54.84.131.112, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is wincountry.com.
TLS certificate: Issued by R3 on February 6th 2024. Valid for: 3 months.
This is the only time wincountry.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 54.84.131.112 14618 (AMAZON-AES)
8 18.173.205.124 16509 (AMAZON-02)
21 18.172.112.60 16509 (AMAZON-02)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:311... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.234.162.151 396982 (GOOGLE-CL...)
5 13.225.78.127 16509 (AMAZON-02)
37 13.225.78.67 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
7 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.193.44 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2001:4860:480... 15169 (GOOGLE)
2 52.216.8.107 16509 (AMAZON-02)
1 2a03:2880:f17... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 178.250.1.11 44788 (ASN-CRITE...)
4 2a00:1450:400... 15169 (GOOGLE)
10 172.66.41.9 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 172.66.42.247 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
17 22 35.204.158.49 396982 (GOOGLE-CL...)
1 2600:9000:211... 16509 (AMAZON-02)
2 3 46.228.174.117 56396 (AMOBEE)
1 76.223.111.18 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 52.209.133.200 16509 (AMAZON-02)
1 1 3.68.255.141 16509 (AMAZON-02)
2 2 2600:1901:0:8... 396982 (GOOGLE-CL...)
2 142.250.185.162 15169 (GOOGLE)
1 2 54.78.254.47 16509 (AMAZON-02)
1 52.73.47.87 14618 (AMAZON-AES)
1 2.19.217.66 16625 (AKAMAI-AS)
1 52.214.182.85 16509 (AMAZON-02)
1 52.209.51.105 16509 (AMAZON-02)
1 35.244.174.68 396982 (GOOGLE-CL...)
1 1 172.217.18.2 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 37.252.171.85 29990 (ASN-APPNEX)
1 69.173.144.139 26667 (RUBICONPR...)
1 35.244.159.8 396982 (GOOGLE-CL...)
1 63.140.62.222 15224 (OMNITURE)
219 53
24    54.84.131.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-131-112.compute-1.amazonaws.com
wincountry.com
8    18.173.205.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-124.fra56.r.cloudfront.net
cdn-css.socastsrm.com
21    18.172.112.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-60.fra60.r.cloudfront.net
cdn-js.socastsrm.com
3    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700:3110::6812:35ed (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.polyfill.io
9    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com
tag.simpli.fi
i.simpli.fi
5    13.225.78.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-127.fra2.r.cloudfront.net
media.socastsrm.com
37    13.225.78.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-67.fra2.r.cloudfront.net
media-cdn.socastsrm.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:810::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    2400:52e0:1e00::874:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.worldweatheronline.com
1    2a02:26f0:3500:e88::3282 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
widgets.media.weather.com
7    2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
ka-p.fontawesome.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
19    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
423a3eed0d1c3936d06a752af80abbb7.safeframe.googlesyndication.com
6    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
2    52.216.8.107 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
socast-public.s3.amazonaws.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3008.infolinks.com
1    2a02:26f0:3500:59a::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
is4-ssl.mzstatic.com
3    2a02:26f0:3500:590::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
is2-ssl.mzstatic.com
is1-ssl.mzstatic.com
1    2a02:26f0:3500:594::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
is3-ssl.mzstatic.com
3    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
router.infolinks.com
rt3008.infolinks.com
1    2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
22    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
1    2600:9000:211e:d600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2600:1f18:612b:4280:9b7:40bb:2e67:d86c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    52.209.133.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-133-200.eu-west-1.compute.amazonaws.com
aa.agkn.com
1    3.68.255.141 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-255-141.eu-central-1.compute.amazonaws.com
d.agkn.com
2    2600:1901:0:8eee:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
fei.pro-market.net
2    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    52.73.47.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-47-87.compute-1.amazonaws.com
sync.bfmio.com
1    2.19.217.66 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-66.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    52.214.182.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-182-85.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    52.209.51.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-51-105.eu-west-1.compute.amazonaws.com
ce.lijit.com
1    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    63.140.62.222 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-222.data.adobedc.net
adobedc.demdex.net
Apex Domain
Subdomains		 Transfer
71 socastsrm.com
cdn-css.socastsrm.com — Cisco Umbrella Rank: 117916
cdn-js.socastsrm.com — Cisco Umbrella Rank: 131562
media.socastsrm.com — Cisco Umbrella Rank: 181261
media-cdn.socastsrm.com — Cisco Umbrella Rank: 108775
2 MB
24 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
423a3eed0d1c3936d06a752af80abbb7.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
406 KB
24 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 4593
i.simpli.fi — Cisco Umbrella Rank: 4166
um.simpli.fi — Cisco Umbrella Rank: 842
11 KB
24 wincountry.com
wincountry.com
120 KB
13 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 5921
router.infolinks.com — Cisco Umbrella Rank: 2497
rt3008.infolinks.com — Cisco Umbrella Rank: 58700
81 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
711 KB
8 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
169 KB
7 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1784
ka-p.fontawesome.com — Cisco Umbrella Rank: 3182
150 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
region1.google-analytics.com — Cisco Umbrella Rank: 2709
21 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 3274
1 KB
5 mzstatic.com
is4-ssl.mzstatic.com — Cisco Umbrella Rank: 9803
is2-ssl.mzstatic.com — Cisco Umbrella Rank: 8077
is3-ssl.mzstatic.com — Cisco Umbrella Rank: 7696
is1-ssl.mzstatic.com — Cisco Umbrella Rank: 871
35 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
329 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
storage.googleapis.com — Cisco Umbrella Rank: 347
168 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
2 KB
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1908
2 KB
2 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2392
914 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 541
d.agkn.com — Cisco Umbrella Rank: 725
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 496
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 545
712 B
2 google.de
www.google.de — Cisco Umbrella Rank: 7528
127 B
2 amazonaws.com
socast-public.s3.amazonaws.com — Cisco Umbrella Rank: 94355
60 KB
2 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 917
370 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176
89 KB
1 demdex.net
adobedc.demdex.net — Cisco Umbrella Rank: 6338
919 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 530
264 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 374
239 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 129
23 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 456
98 B
1 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 870
205 B
1 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 957
266 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 961
481 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1556
421 B
1 tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6587
175 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 421
140 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1305
378 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 642
239 B
1 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 399
65 KB
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 465
288 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 99
1 weather.com
widgets.media.weather.com — Cisco Umbrella Rank: 15260
139 KB
1 worldweatheronline.com
cdn.worldweatheronline.com — Cisco Umbrella Rank: 198214
968 B
1 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 2815
383 B
0 intentiq.com Failed
sync.intentiq.com Failed
219 43
Domain Requested by
37 media-cdn.socastsrm.com wincountry.com
cdn-js.socastsrm.com
24 wincountry.com wincountry.com
cdn-js.socastsrm.com
22 um.simpli.fi 17 redirects
21 cdn-js.socastsrm.com wincountry.com
19 pagead2.googlesyndication.com securepubads.g.doubleclick.net
wincountry.com
pagead2.googlesyndication.com
9 www.googletagmanager.com wincountry.com
www.googletagmanager.com
8 cdn-css.socastsrm.com wincountry.com
6 resources.infolinks.com securepubads.g.doubleclick.net
wincountry.com
resources.infolinks.com
blank
5 ka-p.fontawesome.com kit.fontawesome.com
wincountry.com
5 media.socastsrm.com wincountry.com
4 rt3008.infolinks.com resources.infolinks.com
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
3 router.infolinks.com resources.infolinks.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 region1.analytics.google.com www.googletagmanager.com
3 region1.google-analytics.com www.googletagmanager.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 storage.googleapis.com wincountry.com
3 www.google.com 1 redirects wincountry.com
www.gstatic.com
2 ib.adnxs.com 1 redirects
2 loadm.exelator.com 1 redirects
2 cm.g.doubleclick.net
2 fei.pro-market.net 2 redirects
2 pixel.tapad.com 1 redirects
2 sync.1rx.io 2 redirects
2 is2-ssl.mzstatic.com wincountry.com
2 www.google.de wincountry.com
2 socast-public.s3.amazonaws.com cdn-js.socastsrm.com
2 cdn.taboola.com wincountry.com
cdn.taboola.com
2 kit.fontawesome.com wincountry.com
kit.fontawesome.com
2 connect.facebook.net wincountry.com
connect.facebook.net
2 fonts.googleapis.com wincountry.com
2 securepubads.g.doubleclick.net wincountry.com
securepubads.g.doubleclick.net
1 adobedc.demdex.net assets.adobedtm.com
1 us-u.openx.net
1 pixel.rubiconproject.com
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com 1 redirects
1 idsync.rlcdn.com
1 ce.lijit.com
1 bcp.crwdcntrl.net
1 stags.bluekai.com
1 sync.bfmio.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 eb2.3lift.com
1 sync.targeting.unrulymedia.com
1 s.ad.smaato.net
1 i.simpli.fi tag.simpli.fi
1 assets.adobedtm.com widgets.media.weather.com
1 is1-ssl.mzstatic.com wincountry.com
1 is3-ssl.mzstatic.com wincountry.com
1 is4-ssl.mzstatic.com wincountry.com
1 gum.criteo.com cdn.taboola.com
1 www.facebook.com connect.facebook.net
1 423a3eed0d1c3936d06a752af80abbb7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.gstatic.com www.google.com
1 widgets.media.weather.com wincountry.com
1 cdn.worldweatheronline.com wincountry.com
1 tag.simpli.fi wincountry.com
1 cdn.polyfill.io wincountry.com
0 sync.intentiq.com Failed
219 64
Subject Issuer Validity Valid
wnwn.com
R3		 2024-02-06 -
2024-05-06		 3 months crt.sh
*.socastsrm.com
Amazon RSA 2048 M01		 2023-08-02 -
2024-08-30		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.polyfill.io
Sectigo RSA Domain Validation Secure Server CA		 2024-02-20 -
2025-02-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
media.socastsrm.com
Amazon RSA 2048 M03		 2023-10-21 -
2024-11-18		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-14 -
2024-04-13		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
cdn.worldweatheronline.com
R3		 2024-02-24 -
2024-05-24		 3 months crt.sh
www.weather.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-10-23		 a year crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
*.google.de
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-08 -
2024-05-07		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-15 -
2024-05-14		 a year crt.sh
itunes.apple.com
Apple Public EV Server RSA CA 2 - G1		 2024-01-23 -
2024-07-21		 6 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
adobedc.demdex.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-22 -
2024-11-21		 a year crt.sh

This page contains 10 frames:

Primary Page: https://wincountry.com/
Frame ID: F4C90E8195DCBD3D6E30F503248AF9C0
Requests: 191 HTTP requests in this frame

Frame: https://423a3eed0d1c3936d06a752af80abbb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B3F712869EC6703CE1B0507F9094437D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v17.0/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9f132be7b56657de%26domain%3Dwincountry.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwincountry.com%252Ff498d8c3a01957b1f%26relation%3Dparent.parent&container_width=327&height=775&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FWIN985&locale=en_US&sdk=joey&show_facepile=false&show_posts=true&small_header=false&width=
Frame ID: B97A73E3BD9189341884E0FBEC4B464D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchdXMgAAAAAP4dU47UWMAhU0Tc8Uf0ldZrstqZ&co=aHR0cHM6Ly93aW5jb3VudHJ5LmNvbTo0NDM.&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=mpiubhjas1lz
Frame ID: 15D052C97B7553B75C39B529316E8955
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstRXgnha2qNn8556ScO4R9K-w99GhKr6GnOG6faG8IUPw-ljNrAw67MzUmSDYhAUCPbvPjo8I_yZlfG7c9_g7vGCiOu8sMmHt5A0g9-XDbaTpfByiXCJXUFUNqCbQtlx74kEQZccU_zH11-5p0HZzC_-msyPcwalhTC4dWb778yxSWouYTyjdBev9NswTJAY4BjpNu43qrDa9J4y7ZfPMn9J0BLgrTleWcjyPdgS7BA_mytP9aG91QfANOOWEV2YhQJ6gfwzJCGDiPK7FuhvDxKAw1c2kKbZGE6tvYuvsnd_6sL5dqBRIVQLYPEKd1YmN4Pf1Fc5b_wmZz-rHtO5pNdpRIZgMQzs2LZ0MBBy7nosb8fW2f4OaX_yE-iQr0&sig=Cg0ArKJSzPbLceAM-WIWEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 06E0EC7214E68207CF9925349DA8FF79
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu0pZpUDKAnqXiiDuVKfqtZ47EksKNBL-yBn4pUn3PXqm3KjrztLaXmTRK9BUOANYzQgu-t2RJpCHCuwigSQI4ihdK97j2HDTuXxoNltwwSkzUsvbqTjSJdVPjnTCLHdA6vYiQaQXNUpOCX5ZgJ58BEUaDPx1TWsLruQYp0tjOpNShb7kS3W2x10HmSJavmQnqX1itfQP9VA2HwB-zISWoXoSxLK3xM23o2FiaF9oDhmyeQ9khSoN_fGoJVpFK_JYrmVBVSPNs1fBku4Q_pw-Tu-0TvVq7uFe7U8tczg3y9wURFiNrVRpzkeCwuBZI_qwV9QdxvF2l9jS7JZPTK4QIodEEx9Oq36tHsskjRsIeOHGVb8BaMQ7CLDdHV41g&sig=Cg0ArKJSzLBb5LubrhiTEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 3D8815497A99567EF9237FBA51A41195
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsv_dGmohWk8djsWfF6USD_dxXPUjSr3qI606ZDCS4kaRQJ8m6MBxjw7rBwEQqfLI2UfYb6EIUW0tuSUPe3Hhcjaz-F4h2aUC6si1RL1Et0OQ9A_6MNM1FpzXl3D-UIGEXSe2QuL2CiZSFf2d8obNHqY-aPhUs-Oq2ZW8IDKKcLXuiFjAjpGLczQH1OKSKAOBbJwT4aB1kOdkAEMXQZCfBM2BpMyc0UsH9AFaPAIZgu13CyRJmmJI6lqHrSlNDb-c-AH0RZVtR8nlV36tE-4iNTnP_VSGohOfUDzbhA58kdA2pzbTapwAJRlQdwf3YAMox4gXhYjib0I1Ao_6NUiPJAcI3f3xxkR5s9OhD5NnrZ7khqSdjnhXrVsFs8qrCACOQ&sig=Cg0ArKJSzERn2jjFb9Y8EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: BD0C63CE039186762B25316DEE0F1FC2
Requests: 9 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3383084&wsid=0&pdom=wincountry.com&purl=https%3A%2F%2Fwincountry.com%2F
Frame ID: 2B530397187D70A87637E5D75960310D
Requests: 1 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/brands/TMobile_300x250.gif
Frame ID: 7D80345F95EF301C9E32458939158363
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1DAA76D2AA27457CFE102FA71CD9AA12
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WIN 98.5 Your Country | WNWN-FM | Battle Creek, MI

Page URL History Show full URLs

  1. http://wincountry.com/ HTTP 307
    https://wincountry.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

219
Requests

91 %
HTTPS

49 %
IPv6

43
Domains

64
Subdomains

53
IPs

8
Countries

4962 kB
Transfer

11882 kB
Size

39
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wincountry.com/ HTTP 307
    https://wincountry.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 193
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=01EC05CF1F57418BA0BB8D2DE0565EF1
Request Chain 194
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/01EC05CF1F57418BA0BB8D2DE0565EF1 HTTP 302
  • https://sync.1rx.io/usersync/simplifi/01EC05CF1F57418BA0BB8D2DE0565EF1?zcc=1&cb=1712391760929 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-27c48e56-12e0-4241-b7d0-a8285f930337-003
Request Chain 195
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=01EC05CF1F57418BA0BB8D2DE0565EF1&dongle=yf3
Request Chain 196
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=01EC05CF1F57418BA0BB8D2DE0565EF1
Request Chain 197
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=01EC05CF1F57418BA0BB8D2DE0565EF1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=01EC05CF1F57418BA0BB8D2DE0565EF1
Request Chain 198
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=01EC05CF1F57418BA0BB8D2DE0565EF1 HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1712391760981&ip=84.19.175.184&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219703204844000741964 HTTP 302
  • https://um.simpli.fi/aa_px?sk=219703204844000741964 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 199
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=01EC05CF1F57418BA0BB8D2DE0565EF1
Request Chain 202
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=01EC05CF1F57418BA0BB8D2DE0565EF1;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=01EC05CF1F57418BA0BB8D2DE0565EF1;mimetype=img;sr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTQ3MjI1NDkwNzE4ODE4Nzc5MTM=
Request Chain 203
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=01EC05CF1F57418BA0BB8D2DE0565EF1&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=01EC05CF1F57418BA0BB8D2DE0565EF1&j=0&xl8blockcheck=1
Request Chain 205
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=01EC05CF1F57418BA0BB8D2DE0565EF1
Request Chain 206
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=01EC05CF1F57418BA0BB8D2DE0565EF1
Request Chain 207
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=01EC05CF1F57418BA0BB8D2DE0565EF1
Request Chain 208
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=01EC05CF1F57418BA0BB8D2DE0565EF1
Request Chain 209
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=01EC05CF1F57418BA0BB8D2DE0565EF1
Request Chain 210
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1712391760719&cv=7&fst=1712391760719&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1559674288&cv=7&fst=1712391760719&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIjMP6tJSthQMVN09BAh0i7gHsMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd2luY291bnRyeS5jb20v HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1559674288&cv=7&fst=1712391760719&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIjMP6tJSthQMVN09BAh0i7gHsMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd2luY291bnRyeS5jb20v&is_vtc=1&cid=CAQSGwB7FLtquX2bWACN8Z1ApVZOYFZDJwNYCI7i4A&random=1667620376 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=1559674288&cv=7&fst=1712391760719&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIjMP6tJSthQMVN09BAh0i7gHsMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd2luY291bnRyeS5jb20v&is_vtc=1&cid=CAQSGwB7FLtquX2bWACN8Z1ApVZOYFZDJwNYCI7i4A&random=1667620376&ipr=y
Request Chain 212
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=01EC05CF1F57418BA0BB8D2DE0565EF1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D01EC05CF1F57418BA0BB8D2DE0565EF1
Request Chain 213
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=01EC05CF1F57418BA0BB8D2DE0565EF1&expires=365
Request Chain 214
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=01EC05CF1F57418BA0BB8D2DE0565EF1

219 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wincountry.com/
Redirect Chain
  • http://wincountry.com/
  • https://wincountry.com/
148 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wincountry.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) / PHP/7.4.20
Resource Hash
05f42c00cf0c93e6c0a63bebcab7ed16eaac1064cd67333a4d86cea13e83ccb6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
56
Cache-Control
public, max-age=6, s-maxage=300
Cache-control
private
Content-Encoding
gzip
Content-Length
28027
Content-Type
text/html; charset=UTF-8
Date
Sat, 06 Apr 2024 08:21:41 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Identity
Accept-Encoding, X-UA-Device, X-socast_header_type
Link
<https://wincountry.com/wp-json/>; rel="https://api.w.org/"
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding, User-Agent,
Via
1.1 varnish-v4
X-Cache
HIT
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/7.4.20
X-Varnish
699836399 697854448

Redirect headers

Location
https://wincountry.com/
Non-Authoritative-Reason
HttpsUpgrades
js_composer.min.css
wincountry.com/wp-content/plugins/js_composer/assets/css/ 		474 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wincountry.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.1
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a6f59fc654b5a739d372c1f6954a666d6518236ac67134523277a5548ec40ad0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:37 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Last-Modified
Mon, 27 Jul 2020 23:56:38 GMT
Server
Apache/2.4.29 (Ubuntu)
Identity
Accept-Encoding
Age
0
ETag
"76726-5ab7512c6bb19-gzip"
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Varnish
699319483
Accept-Ranges
bytes
Content-Length
45759
bootstrap.css
cdn-css.socastsrm.com/cdn_v17.8.1/application/css/bootstrap/4.1.0/css/ 		169 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-css.socastsrm.com/cdn_v17.8.1/application/css/bootstrap/4.1.0/css/bootstrap.css?ver=5.4.2
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-124.fra56.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
0ce7fbe215cdf921ed87d00a374404681d5d24898589a7fe60e068d09289b4ba

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:37:26 GMT
content-encoding
gzip
via
1.1 daf01c71790f42e645ae4024c607941e.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 18:04:14 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA56-P12
age
53111
etag
"2a327-6039af072b264-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
22804
x-amz-cf-id
cxwJdjiwyvYla0oxTohpGApIKZ-l7ciKHPhw79RB1G2TuP9wMRdMWg==
custom.css
cdn-css.socastsrm.com/cdn_v17.8.1/application/css/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-css.socastsrm.com/cdn_v17.8.1/application/css/custom.css?v=2013-10-02&ver=5.4.2
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-124.fra56.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
bf46a23dfe3055265d98d504e78159a6d10af7c0afe5ecabf0d967c74553402a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:37:26 GMT
content-encoding
gzip
via
1.1 daf01c71790f42e645ae4024c607941e.cloudfront.net (CloudFront)
last-modified
Thu, 16 Nov 2023 19:01:25 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA56-P12
age
53111
etag
"624b-60a49a5757f1c-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
6188
x-amz-cf-id
oENniWNYd6dyfFZLDfOTKDdzZKrPWJwSJMpiEyzZnYtQ_hsuDXPGHA==
global-theme.css
cdn-css.socastsrm.com/cdn_v17.8.1/application/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-css.socastsrm.com/cdn_v17.8.1/application/css/global-theme.css?ver=5.4.2
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-124.fra56.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
9fd17622bb1bfa27b87268e4d7016eb15805493288070214c94d966609d88fe8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:36:56 GMT
content-encoding
gzip
via
1.1 daf01c71790f42e645ae4024c607941e.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jul 2020 23:59:36 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA56-P12
age
53141
etag
"2c18-5ab751d63a433-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
2783
x-amz-cf-id
8wTifvsAi87NJppe4yow6jovDi_INx0A3fQrtjeYwBMLj3MdgYPPLg==
frontend.css
cdn-css.socastsrm.com/cdn_v17.8.1/application/stylesheets/frontend/ 		135 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-css.socastsrm.com/cdn_v17.8.1/application/stylesheets/frontend/frontend.css?ver=5.4.2
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-124.fra56.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
0393f18543365f0fe2dd16abbe815614acf4050b8ba25433c688caa277179a25

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:36:56 GMT
content-encoding
gzip
via
1.1 daf01c71790f42e645ae4024c607941e.cloudfront.net (CloudFront)
last-modified
Thu, 04 Apr 2024 17:34:27 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA56-P12
age
53141
etag
"21d95-61548c038fc5b-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
20212
x-amz-cf-id
zXvNH45qlnof523-9L_wImchhpq0KtYUn32EyyU6QEC0Sny9L78GdQ==
style.min.css
wincountry.com/wp-includes/css/dist/block-library/ 		52 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wincountry.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:37 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Last-Modified
Tue, 28 Jul 2020 21:36:37 GMT
Server
Apache/2.4.29 (Ubuntu)
Identity
Accept-Encoding
Age
0
ETag
"d159-5ab873be7bc4b-gzip"
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Varnish
696545648
Accept-Ranges
bytes
Content-Length
7642
socast-media-library-public.css
wincountry.com/wp-content/plugins/socast-media-library/public/css/ 		98 B
510 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wincountry.com/wp-content/plugins/socast-media-library/public/css/socast-media-library-public.css?ver=1.0.1
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:37 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Last-Modified
Thu, 29 Oct 2020 02:30:32 GMT
Server
Apache/2.4.29 (Ubuntu)
Identity
Accept-Encoding
Age
0
ETag
"62-5b2c61068c120-gzip"
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
text/css
Access-Control-Allow-Origin
*
X-Varnish
700812968
Accept-Ranges
bytes
Content-Length
106
jquery.js
cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:36:56 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jul 2020 23:59:38 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
53140
etag
"17a69-5ab751d8b0253-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
33776
x-amz-cf-id
TyObm3xJQpamLP-eIMFNhgBd80bZIvINGecjIId5FSXpEWdM7f9S7w==
jquery-ui.min.js
cdn-js.socastsrm.com/cdn_v17.8.1/application/js/jquery/jquery-ui-1.12.1/ 		248 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/application/js/jquery/jquery-ui-1.12.1/jquery-ui.min.js
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:36:56 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jul 2020 23:22:18 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
53141
etag
"3dee5-5ab7497ffffcc-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
B7JOdUdlwkg5qrRkz9Od2U4ELgO4JVmc2RXW3W_talOZe2WAzyoOCA==
popper-1.14.3.min.js
cdn-js.socastsrm.com/cdn_v17.8.1/application/css/bootstrap/4.1.0/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/application/css/bootstrap/4.1.0/js/popper-1.14.3.min.js
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:36:56 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 18:04:00 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
53141
etag
"4f71-6039aef9ada5c-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
7239
x-amz-cf-id
rVAnsRp6cjSMoWAHozG9t2pCKJOiTIcDPcDKSBiZl_q6qIM39waSDA==
bootstrap.min.js
cdn-js.socastsrm.com/cdn_v17.8.1/application/css/bootstrap/4.1.0/js/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/application/css/bootstrap/4.1.0/js/bootstrap.min.js
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:36:56 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Wed, 23 Aug 2023 18:04:01 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
53141
etag
"c5f4-6039aefb0f411-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
14038
x-amz-cf-id
MblfGX0JFs_qpH6u1szjaXl4-bdp_fkO1fjjZCk7QAvWdgKdC_pgNQ==
json2.js
cdn-js.socastsrm.com/cdn_v17.8.1/application/js/json/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/application/js/json/json2.js
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
4b05fd300b023998641714cb534c7c0d6b91bd4fb7ce461959ac28f9db0ec328

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:36:56 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jul 2020 23:59:42 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
53141
etag
"4471-5ab751dc9c1b4-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
5413
x-amz-cf-id
O32miZK26807wzX0BYMULnH6uqp9FHht6JfAluGR1DnYWz698VdS8A==
custom.js
cdn-js.socastsrm.com/cdn_v17.8.1/application/js/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/application/js/custom.js?v=2017-05-29
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
caac035c0ecf1c03e6ea51cdc70730ad87ff6998fe0e6df7b50d5a6d87bd4116

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:36:56 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:02:54 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
53141
etag
"aa6c-606d3b32f8edb-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
13723
x-amz-cf-id
jbgXNeJiJr44wXm8E6Zg-DLiTxu7HmDS7SCUapZZMOhivx-TWfJoSA==
lightBox.js
cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/js/lightBox.js?v=2014-08-21
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
06ab8804c22326649393b6b82923131952b97a8185b8ccec8893e356beaf670d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:36:56 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Wed, 11 Aug 2021 18:02:02 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
53141
etag
"397b-5c94c6a533b2d-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
3392
x-amz-cf-id
ngKp7FVJeEEJwRaTYTO7NNIUVwOXpashWNUhraFPdSapV-__E5xZjg==
socast.jquery.frontend.js
cdn-js.socastsrm.com/cdn_v17.8.1/application/js/jquery/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/application/js/jquery/socast.jquery.frontend.js
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
1e6d8362fe516844f04eb1868cff8f98facb24faf20cc02a208f3495e82f5136

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:36:56 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jul 2020 23:22:18 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
53140
etag
"d7c9-5ab7498001f0c-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
16587
x-amz-cf-id
NhB2Gg6EL3uocPrVrVj33ky5xSRzKAu9TDRVP5YFZAlTTvEEFFjKgg==
frontend.js
cdn-js.socastsrm.com/cdn_v17.8.1/application/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/application/js/frontend.js
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
84752bd808c9dc443c73279245cd16911b83152a0cb8e66ba5e60094a520a79f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:36:56 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Tue, 24 Jan 2023 18:31:16 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
53141
etag
"4d0f-5f306b89d042e-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
6025
x-amz-cf-id
p9sYt6Gw_IWTIDpPMWRzUfBqxQ1Z2asaeeQerGFdMhI8HAabkMLXTg==
jquery.ui.kk-chronomasonry.js
cdn-js.socastsrm.com/cdn_v17.8.1/application/js/jquery/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/application/js/jquery/jquery.ui.kk-chronomasonry.js
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
77626e92662a1cb3ba1c002bf50ad0676cc0be457009173d04b58b97de488dd3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:36:56 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jul 2020 23:22:18 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
53141
etag
"d4c-5ab7497ffffcc-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
1234
x-amz-cf-id
Fc1ORoKQCrHzEB2QJGsn_I6qA7046PbUSbCFy0qims_TpbYzXHXamQ==
jquery.ui.socastTouch.js
cdn-js.socastsrm.com/cdn_v17.8.1/application/js/jquery/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/application/js/jquery/jquery.ui.socastTouch.js
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
762e70ff6b0c0e2c91f57d48071560fc6f0e2f2179fa04deb48d7ad2091d2d2d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:36:56 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jul 2020 23:59:42 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
53141
etag
"bb6-5ab751dc9a274-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
831
x-amz-cf-id
pgeQfBPF2DltJF-NfQZbTyOhAlCjVvsju7Mh0TAlfMFT9XCXKyqYKg==
poll.js
cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/js/widgets/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/js/widgets/poll.js
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
6330d9d10ff63c82cbaa3f1f814b5639c2c7a47ded38d337d4e266c0d6d505e1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:36:56 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Tue, 11 May 2021 18:02:40 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
53141
etag
"1a27-5c211b339518e-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
2047
x-amz-cf-id
2bFjWPMXcB_mowjgjIC0JpQ_MxLt9S4ilPDLKZ1swLWU3o7QSEE_Pw==
api.js
www.google.com/recaptcha/ 		1 KB
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LchdXMgAAAAAP4dU47UWMAhU0Tc8Uf0ldZrstqZ
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d9955d15081d3cfe6caee66835fd0fa0c45ada70923e279612ef20db71da33b0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 06 Apr 2024 08:22:37 GMT
polyfill.min.js
cdn.polyfill.io/v2/ 		103 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=default%2CHTMLPictureElement&ver=5.4.2
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:35ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 19 Mar 2024 13:52:37 GMT
server
cloudflare
age
1535400
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
87005f0609cd531d-LHR
expires
Sat, 06 Apr 2024 12:22:37 GMT
socast-media-library-public.js
wincountry.com/wp-content/plugins/socast-media-library/public/js/ 		0
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wincountry.com/wp-content/plugins/socast-media-library/public/js/socast-media-library-public.js?ver=1.0.1
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:37 GMT
Via
1.1 varnish-v4
Last-Modified
Wed, 09 Feb 2022 18:31:04 GMT
Server
Apache/2.4.29 (Ubuntu)
Age
0
ETag
"0-5d79a094d4c41"
X-Cache
MISS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Varnish
697627384
Accept-Ranges
bytes
Content-Length
0
js
www.googletagmanager.com/gtag/ 		197 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-33491015-39
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
df683727493d0c968d5f4f4ec656d6874a68eea39413a01a87d13386f49f0616
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73281
x-xss-protection
0
last-modified
Sat, 06 Apr 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Apr 2024 08:22:38 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf19a2c38adaf4b593d66f54b4101d809e082d85ef8b2995635a20da83b2847e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29584
x-xss-protection
0
server
cafe
etag
653 / 19819 / 31082449 / config-hash: 7795631271343578687
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 08:22:38 GMT
css
fonts.googleapis.com/ 		15 KB
1021 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,700,900,100
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ce19d826208023fe492150f8005f27673a8db0eda3dbe4f9a437c66aec7cd536
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Apr 2024 08:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Apr 2024 08:22:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Apr 2024 08:22:37 GMT
css
fonts.googleapis.com/ 		27 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,700,900,100
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96db5db7e13f4e196848e1bf69005d804f783c628fc14444f5a797620a30b326
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Apr 2024 08:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Apr 2024 08:22:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Apr 2024 08:22:37 GMT
style.css
cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/themes/socast-3/assets/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/themes/socast-3/assets/css/style.css
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
cde7582e362eeeddc8e6a9a8432e6f61bc552a43956d0b54e6359f6770acd439

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:36:56 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Wed, 01 Nov 2023 18:10:33 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
53141
etag
"5c36-6091b2ff7bac3-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
5180
x-amz-cf-id
YBOmy72Xh5sfG6QvTKbwe54xrF-41c-OUaM7mfLjzI3LJpaXiGiPGQ==
scripts.js
cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/themes/socast-3/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/themes/socast-3/assets/js/scripts.js
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
6c5f1544ccc1550ef537d7a9bc4b7ec531c0113e500406cc63ac53bac67f37b8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:36:56 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Thu, 22 Oct 2020 17:30:18 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
53141
etag
"cd3-5b245d1574c6b-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
1025
x-amz-cf-id
KS4c9jOH7N5AnpsYPB8Dc3-rOQKAwbZHG9670gaM-AEWopaWSa5DIw==
js
www.googletagmanager.com/gtag/ 		197 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-4991594-2
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d1c98dc1f9dd01b0c77db1c670871602f34d74b3e2823535c373a1f2e419ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73182
x-xss-protection
0
last-modified
Sat, 06 Apr 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Apr 2024 08:22:38 GMT
e1b7a900-ff4f-0138-8007-06b4c2516bae
tag.simpli.fi/sifitag/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/e1b7a900-ff4f-0138-8007-06b4c2516bae
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
151.162.234.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
37221150011b4eda862110049502c536e32782d01159d1002944afa2a6fef821

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:38 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id
F8OjO0Il1UgSdkz7xNTB
expires
Thu, 01 Jan 1970 00:00:00 GMT
win-logo-1.png
media.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2020/05/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2020/05/win-logo-1.png
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-127.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7b08ea696e37f399732d6c1e4b951c209353efe9b2c0676c8141261f03eca4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 14 Mar 2024 13:48:00 GMT
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-amz-request-id
78218CX8WA8Q3QY7
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
1967678
x-cache
Hit from cloudfront
content-length
3242
x-amz-id-2
SFb6rc0gQNR8fxQunbCj/JCtp38R9oBBMpfTNa/lxK+gwPWDmvUpiT/Lz+mo3129MlVhbAI6bCk=
last-modified
Wed, 18 Oct 2023 18:01:33 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"8496d3d2584bce3d4e74977e27e04408"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
CE6M1Kd5G3fhAH7SfJwFiU4u2Q4Vk7JhdDCqjVpGyclOG9dO-YL6YQ==
win-logo.png
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2020/05/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2020/05/win-logo.png
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4fcd84bdfc8438442d57c12a4bc512e82c532c68bfbd9115ceb2d3b177ebc969

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 10:03:16 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
ME6G7M06QDK5FHRX
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
425962
x-cache
Hit from cloudfront
content-length
18536
x-amz-id-2
fIUpz1jtYoxUDjgXhRdtQjv7Ama5Ot91W3xOeZp0shO0Hg+z6lWJ85AFseDP00rRdQBqUg4bOCc=
last-modified
Wed, 18 Oct 2023 18:01:11 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"ad46f71289206f822168bba401327510"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
PAXV0xIxRHbXhbd3ZRmlVw_drAxoW91YHvLWHgAtvMAO3V_nwxDF7A==
listen_live_icon-572377a49ca3c.gif
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2020/05/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2020/05/listen_live_icon-572377a49ca3c.gif
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
924ddc3b4f4b93a87997ddd207fc8c8316db4264703361e2eefe91f80d8adff7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:37:12 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
6RS9J1ZEFYJ58J1B
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
67526
x-cache
Hit from cloudfront
content-length
8548
x-amz-id-2
9f7x0yBcopJZd0WEzzS8GDqc1CNH5RU8iUtM4Px8D+0GRxTQPx7Gvi9HAKi7wRkKccAJbFOB0EQ=
last-modified
Wed, 18 Oct 2023 18:01:11 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"36c097577a219d324693315883435e64"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
WHRN7QNkWdVi-UouKo0kK8-zNs8XSrIpAbBRqp-zrItkvH-71AhI8w==
facebook.png
media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/ 		754 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/facebook.png
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b64f7e2e52ae67458e04b7611e81a7c981a645c17d1c1749e066959c894abe9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 Nov 2023 18:57:26 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
N2V736T5TZYBT0N8
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
11193912
x-cache
Hit from cloudfront
content-length
754
x-amz-id-2
cOxYc3tNbVQRgW6jgc/x0JmBLvUlCulVt2rixYaQoouEhlCYzyVxjfCNCgU+IjlgC0g3YHy9HAc=
last-modified
Wed, 18 Oct 2023 17:54:02 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"c98e9289d40ddb10c446acb23bdadb3b"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_GaUTgVhi5rtXR8a8WrH8IPkY68m_vKyg812uBFytgeiJ2KjcjYFkA==
twitter.png
media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/ 		1000 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/twitter.png
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df91f674ce3902ef0e9ac337f8aa0a15d67b5ee7ce4ad5efa22ad8172e4e91eb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 Nov 2023 18:57:26 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
N2VE1WNNH0CPDD60
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
11193912
x-cache
Hit from cloudfront
content-length
1000
x-amz-id-2
rAFLVMx/xfK4muypLqD+5fndFvgzQYgo7Xa7a1E9m2tvl+Q7q1csyQcPSYMK7ldd8RzjOoeFuU0=
last-modified
Wed, 18 Oct 2023 17:54:05 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"7a48eb3e8ffb08f3e2825c9a5229fa69"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
EBxP5UjKzD3JtoSHg9nWCg7pjkBixWEd1y17Ay4pAao98iCkqbjQpA==
instagram.png
media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/instagram.png
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca8d3614e2555d32bd259350e4690bc16b3c45721faccd80de561d044cfbdcf2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Jan 2024 03:06:11 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
WK2GBE0VKFRCAHJF
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
6758188
x-cache
Hit from cloudfront
content-length
1118
x-amz-id-2
jU8+R1QGIyfPdlKCJP8Rtwfe8zR3klIGqEzUZSvtMeKfu8FK/uWWMHig0YCwQBQFhZizmkQnRUo=
last-modified
Wed, 18 Oct 2023 17:54:03 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"0befdf58bda53ac21425710c70ead776"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
1nHobhELOqGzhmTEqRKVaioFg6WC2xdDpkZx0YdNmm2G9aTdoQF_Hw==
ios.png
media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/ 		712 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/ios.png
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
391fd5670220eee47dfb98a1db121ee2f04ab166d3794d50eea9e4f1e05eeca4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 Nov 2023 18:57:26 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
N2V8TXZMDMSDS80K
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
11193913
x-cache
Hit from cloudfront
content-length
712
x-amz-id-2
XbllSxOdafPbUR/37ZApt0d5FpM0jN7/t9PJlX0a1XSH/8u4lmVABAC8ZDf622VV0Zxn6p3f5wM=
last-modified
Wed, 18 Oct 2023 17:54:05 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"86cf7b1d1a5e16a9813b77452c50ffb6"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
btoGJEaMk-RVl4Qg45YjgCpftAao6RO6XxowcfElljIkqr3NKBinNg==
android.png
media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/android.png
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9981531720e3b5aef19b3d1793da3a226372cb95ae219b68dd2e4c3b3f185f5a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 Nov 2023 18:57:26 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
N2VC367D3Z1EVNK5
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
11193913
x-cache
Hit from cloudfront
content-length
1162
x-amz-id-2
H/CbsEfEkKXvTEqsWoq23nbdEyyMJBJOKcEEgHPvZbMKMavyxMdh7ip2vEkzhc4+hijmW59dSYk=
last-modified
Wed, 18 Oct 2023 17:54:04 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"d0073de736328e1448f99cf39f1d225c"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Nw6nAlOY8bDsVa4T6MgswEnZi8TvlcakRfv121NEPB5pDzA8du1Epg==
alexa.png
media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/social/alexa.png
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
80a19c6081152a6060b590265119738a99570f4ff304163f7338b9e331a4db0a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 Nov 2023 20:27:22 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
205M97EXPSY5HDB2
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
11188517
x-cache
Hit from cloudfront
content-length
1376
x-amz-id-2
qFfk+bZ4stY0DS7cY5uOXnhGczhYhdSSrgNifZynMqaDqJcEliGxIrY28ouGMotNRVfTxj4Eq0A=
last-modified
Wed, 18 Oct 2023 17:54:04 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"974d8d1b4b986e56e36448575136cf86"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
stEj4CG10edBIoFwFy4yXpiiVEv_VQ5rLWMurjHgvM7ReG1kLC6xkQ==
wkzo-teacherofthemonth-primary.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2023/08/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2023/08/wkzo-teacherofthemonth-primary.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60537dcab91319ce098fe9c55a0ff7ece804449c149238e3c0564206d98146dc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 10:01:51 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
RF48W07YYGGP2ZV5
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
512448
x-cache
Hit from cloudfront
content-length
45646
x-amz-id-2
JA2FzJ4m+JCGFVYqdChGUdBxfJ+81OaQzaM/Co/mlmtfIf4K+ZzFiYMWdz6QiY8r6neFBauiPg0=
last-modified
Wed, 18 Oct 2023 18:04:21 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"62d856cf36392ffafcdce3ee16c3459f"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
tarS6v25VNEdzRDx7CxkHuKcoGkGL_7Uhikx13V3atsyqp6iEk7jQw==
wnwn-fasterhorses2024-primary.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2024/01/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2024/01/wnwn-fasterhorses2024-primary.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7afc9e1606492279c108afcffcd3aba9770f1d2d45360f4411af4956f5927573

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:37:12 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
6RS5DW2Z94V93AQN
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
67527
x-cache
Hit from cloudfront
content-length
60890
x-amz-id-2
t/lJNtDvEW4nxjzBMAShcJ4BX3KWrobDZX7yVSGqWpzIfR3BQwcIRVx/WAT7EskREdBprqzRg/k=
last-modified
Fri, 26 Jan 2024 00:21:11 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"fbfabb4c5ae2e839a9319dc28f5758c7"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
X_13hvJ0cJxRkUtBojUCOcFNOtIPlr1dzqjPs82e9VIGqqkBoKxdZA==
wvfm-veteranssalute-primary.jpg
media.socastsrm.com/wordpress/wp-content/blogs.dir/2297/files/2023/08/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.socastsrm.com/wordpress/wp-content/blogs.dir/2297/files/2023/08/wvfm-veteranssalute-primary.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-127.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14caade7152adb24edf1dec1437420acbf37b846f556f663c9c7856b8e91f54f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 09:43:55 GMT
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-amz-request-id
9SBZGRQHQBA6RZJ8
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
859124
x-cache
Hit from cloudfront
content-length
118236
x-amz-id-2
ZFnxkopVoL6oQ+vZiTbWz9aTEpy2+ptkoGGLDUyuwF/Ij32PebSf2Zy9Zc+3oQg72I2+UxqJX0U=
last-modified
Wed, 18 Oct 2023 17:55:37 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"1552d031118dcd0b580e505f92bbddfa"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
D0U3H1qvHKNvulz0BsGLBeqgs9WkZ2bQqH_QxbmeO36mkC7ku0f9Ig==
stations-howtolisten-primary.gif
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/11/ 		738 KB
739 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/11/stations-howtolisten-primary.gif
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84fc551d4cf20edb6525246d38632f5c2a68f4e5aebc77402434a0e781118363

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:37:12 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
6RS8FJQF76SFGK3A
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
67527
x-cache
Hit from cloudfront
content-length
755746
x-amz-id-2
FRjjOCHqK9FM5TqMJ9wPAvaLVG0/URdvvBmyhSg+wvVi0FEeI60Fyj0VBUjP6YJ0b0fq25MLSNk=
last-modified
Fri, 08 Dec 2023 00:17:02 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"3f77e21062a70fbaa70a5ecbe9f5c958"
content-type
image/webp
accept-ranges
bytes
x-amz-cf-id
6f9bhJTy0lCBWTZ3XN4ADj0siEOVxZyhqOYB31NlLjqhYZfe6Iix2A==
indicator-big.gif
media-cdn.socastsrm.com/application/theme/images/loaders/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/application/theme/images/loaders/indicator-big.gif
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
916301287f61100a9242eeee5168c1f1ed8367729998837d4aaced456c5d98c5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 07 Dec 2023 16:43:18 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
3MBA0T9EV4FT1WTQ
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
10424361
x-cache
Hit from cloudfront
content-length
4408
x-amz-id-2
sVufwi+8OX2xUyQiggj433O0OopTugvULU8T5B+48vtm7OJI0nXcmOpBN8MQ3z8JGWxY/OI+RR8=
last-modified
Wed, 18 Oct 2023 17:54:03 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"c97282fe5d5ca8e5644c67562285888b"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
AKRCetCw0yIGEBF-v1VLUfZA_w8F1kwvez35GcBE050LO1r8t_NQBw==
wtvb-rantsbymac-primary-300x200.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2484/files/2023/06/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2484/files/2023/06/wtvb-rantsbymac-primary-300x200.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9583322eb1c2b8e6866c4936460061fe807ac1140911dc3d09ba65950f5a2d95

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:37:12 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
6RS5CDKQEY1G2PTT
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
67527
x-cache
Hit from cloudfront
content-length
5742
x-amz-id-2
0p5cHXgsbCzHXi0ahi/QUUHHmUw4L8tlKpSyG1ox5WitNlUUsPnZkzNRNr2reG/w/ifjCoSVwYQ=
last-modified
Wed, 25 Oct 2023 10:15:17 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"88d4b093c68558ce0c736ec96dbe7977"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
2eKAsbw6CZeXSe4Q37LLZ09puR6xTn_4r2pzNAxqKmUhcAosBbbI-w==
wtvb-rantsbymac-primary.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2484/files//2023/06/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2484/files//2023/06/wtvb-rantsbymac-primary.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c99f4fc37ed922eefac07fdca8d4894c4b67acf0eb3ec00c8412ba7c7a324225

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:37:12 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
6RSA6Y3NA50YW9VT
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
67527
x-cache
Hit from cloudfront
content-length
27154
x-amz-id-2
9nf68KG27HSfj6Lo5Q3yQH3rAsvGRTZhmWuP0piRsI3tMJnG5tuvcBZiVtwBNuFFvzLBwPJdndg=
last-modified
Fri, 20 Oct 2023 01:30:59 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"39ecf59ae104f4e9768cb7ea0e77812f"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
VeJ_gcNiCYnLZ6RHu6i0P5xO4HxqG-49fTLgEfZyA0jiCF63w4zHJw==
jd-justice-interviews-podcast-300.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/11/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/11/jd-justice-interviews-podcast-300.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
db3ec5b517295e46a23e743579fbdd186ad1abe64c9c2b74a84572dbb5008782

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:37:12 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
6RSFHK6XR7YC0EAF
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
67527
x-cache
Hit from cloudfront
content-length
10410
x-amz-id-2
QkWTNBSZNvyXvfMuXJXHoLCM6V5r2EuZg5n939E1hI3diAaR9Av/J7YjJG8uc582lDODCFR1IUA=
last-modified
Fri, 10 Nov 2023 00:12:48 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"60191448d8d468b26e854168e34e2961"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
4B0ymmHwecWGEbTUQlhBppoPfmNw_kHgEMQ_nS8hjHOFnbR0dblmWw==
center-ice-large.png
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/11/ 		228 KB
229 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/11/center-ice-large.png
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ee9a6a60e37ff74e9e84a55f05213992a0463020a012016262d5bd3a4a10131

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:37:12 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
6RSA0FG5XAJGC402
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
67527
x-cache
Hit from cloudfront
content-length
233320
x-amz-id-2
SS6x+B2F097G8Dva8PZtab/1cfxTIbn1887tSqTjIXCV2GpHWbK9dZY9D9mVpTQEoYt4TG7amP8=
last-modified
Fri, 10 Nov 2023 00:18:13 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"f226c68a84463e2d3f46081de880533e"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
NhmjwXX5tCREb_z6AwrM_-Yfjh20iLNuVTVVCCyBO2Y9JkoP4YWyCw==
wnwn-first-tekonsha-baptist-chuch-1600.jpg
media.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/08/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/08/wnwn-first-tekonsha-baptist-chuch-1600.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-127.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
790e9e97a3027dee2861e6270457281acb00aaef8114697b7d9aac706320464a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:37:12 GMT
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-amz-request-id
6RS37RQFWCJA3FFB
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
67527
x-cache
Hit from cloudfront
content-length
69056
x-amz-id-2
vzTOAaVDWJOrPIKdztK9KwA/XkNJdklO2bXJxcgbNXlAUoJv7o2wDa1X962L2dzuGBOWeevLuL8=
last-modified
Fri, 20 Oct 2023 01:49:59 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"8e66813415853ffe84dbe3a688425da1"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
aepZ4TdNTVuNiLP2bVJZHVKmQvXPezBxtuS73Zdy0FIBNwslSz4UpA==
know-beer.jpg
media.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2022/02/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2022/02/know-beer.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-127.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5d3258e2164afeb105c953fea0e5b42a690b4bfe2dea2f221a6d1bb07a09ae8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:37:12 GMT
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-amz-request-id
6RS63CZYVDWAZHW1
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
67527
x-cache
Hit from cloudfront
content-length
85030
x-amz-id-2
95dqlLDnTQjmfMF7yObzdxrMv1YbVlc38orIsnbG2nPqrX5Xf+2WMhsoNTQJGsleY9vnQpQyGE4=
last-modified
Fri, 20 Oct 2023 01:49:59 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"ac2aad0f0ada4b102e824f57e410e441"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
AYp8zIyVeShlDfkH7JPy31Z7UmipFJuezMtOXJ9MUkOssAV1QQCL7w==
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7890a0e73a42b5f89ea689d06386b17322bfed522c11c744ea65ae6047b3767a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
Origin
https://wincountry.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 Apr 2024 08:22:38 GMT
content-md5
Z0u6G9AGUlv5HtLvNMfEpQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=12, mss=1326, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
uuW8gzX/U8MPaez9o+peFN/zW2uefTuMnATTljAKmWkA7TxFH7PDNLb/slVNmXEHpT5G5EiuWCOokZLJVMkZpA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
9d8447c3713251e4a141aa85fa566d21
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"17909b9c07f1f80e3065bee1a0c59e36"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Sat, 06 Apr 2024 08:27:45 GMT
IMG_2387-300x225.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2020/09/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2020/09/IMG_2387-300x225.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9df8b77a6d4bb3789adf419055441d975575ba594016889c76637522e38c196

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 18:39:15 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
45D4JWEQMGT4SRS9
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
49404
x-cache
Hit from cloudfront
content-length
9822
x-amz-id-2
42MgH08RpGKUXqwZbH8q/utMnkqDhCnN3VKe9+F4dDQJ55f/ckt7cWOSGlzqib0jPokRMLs7do8=
last-modified
Wed, 25 Oct 2023 12:21:26 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"49b051f86e407685759d3f6702bf675a"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
XPhJwuU2egpWlTT8eTMaVt3xToC8kXXOF45dLp8dnjOC1hRijuVfdg==
243183579-227996469364161-3074695921916386407-n-300x300.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2023/09/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2023/09/243183579-227996469364161-3074695921916386407-n-300x300.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9ac6b0df8fa77c80fd438c9748858f78426d1a0aa99b88496b9583d1a34f43c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:37:12 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
6RS1NYX0FZ1AF0PS
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
67527
x-cache
Hit from cloudfront
content-length
11740
x-amz-id-2
2zsSF1j98La7e1bBPDdQModni8VynNJfK9pTevitoATFv2VS3Hi9uCunLnHoXMGHXX1YDQyPQn0=
last-modified
Mon, 23 Oct 2023 10:19:10 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"3b29e7521c41f166d554f8644e27adbe"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
2jbUyK-ppyf1AkHyV0gf8Ufhb4hS5EhP86PKc1g9DjmWd9CWwGMFag==
truegretchcover-199x300.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2024/04/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2024/04/truegretchcover-199x300.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
111738bba95bee9f0332df2ca6600fcc1de5d09cca8d2dcabbd12559ba477010

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:37:12 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
6RS0C8CGSMW77Q4J
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
67527
x-cache
Hit from cloudfront
content-length
13306
x-amz-id-2
O5+qX20dD7hRPoI3e82gAhvcGgQY9I9WP0Rhye2FnWc1kTWVNqvLpxsRYgYmvqOxAzCA2omkkrk=
last-modified
Fri, 05 Apr 2024 12:41:36 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"4f846862980b2374c4718b71ca8916eb"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
6jBRhqlajTZU5kwbZBanhsxN-HBr4cT66DUK05i45R9Am_GteOYA-g==
3c2a5504-f2a1dac5-02bf-4b30-aea8-380147d1a5f6-300x150.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2024/03/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2024/03/3c2a5504-f2a1dac5-02bf-4b30-aea8-380147d1a5f6-300x150.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60d04d9eb41ea18934165560ae195bd4a596649ed3aeea706b9a7a267b229974

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 05:48:06 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
J1E4AKYC4P43CK2B
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
182073
x-cache
Hit from cloudfront
content-length
16188
x-amz-id-2
OZO3GtD5rr+qBdrzutC6OK2P3NItPO8tiajSXfKRPeFJvRIoc4Mf25R2QuKKJPBlBkCN2F8ZTzo=
last-modified
Tue, 26 Mar 2024 19:24:05 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"986eaef6e9cecab20fdd892418d77613"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
s2vv0GS-74xMy1qXPhq6PAsmkpvfF5z3GAO7ydYyP_jaBNenQIcAFg==
21515189-300x200.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2024/04/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2491/files/2024/04/21515189-300x200.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e287b9a44056830248fa0a52cff8cac873ac03f895a8217cb4ddb41525c28a9a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 08:32:27 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
9Q57E3119M4HCRQV
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
85812
x-cache
Hit from cloudfront
content-length
9144
x-amz-id-2
2RmG0jCBEEKa3sdoKurohQo+2MfuMYlGucvXvxSU1RqoV5fOqeBne8LZrqfRsbRQtJDV7VsLnRs=
last-modified
Thu, 04 Apr 2024 19:17:13 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"2a9bacee4a0f59b5b72240b86f3c1268"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
UMhN-4iMUkT9OHxWt2UHcs-f6NaF2-TUwNULEPbbl51P7yolCSqXRw==
2024-04-05T100315Z_1_LYNXNPEK340DT_RTROPTP_3_TELEVISION-SUGAR.JPG
storage.googleapis.com/media.mwcradio.com/mimesis/2024-04/05/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/media.mwcradio.com/mimesis/2024-04/05/2024-04-05T100315Z_1_LYNXNPEK340DT_RTROPTP_3_TELEVISION-SUGAR.JPG
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7d8ac31009d9814c493b8b4162298afaef0ab61e3e07e85b36c989f46da93465

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 07:55:49 GMT
age
1609
x-guploader-uploadid
ABPtcPrG6hl2cRvGsxGIHjqCRHoschyFbaTthw4dsykYJAVsWiU6uasaFmzvWQ5lHg_RZlBLPCQsK_VvsQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41960
last-modified
Fri, 05 Apr 2024 10:10:33 GMT
server
UploadServer
etag
"92775a6dc28ca012f5dabde3320bdbf1"
x-goog-generation
1712311833866953
x-goog-hash
crc32c=xckDuA==, md5=kndabcKMoBL12r3jMgvb8Q==
content-type
image/jpeg
cache-control
public, max-age=3600
x-goog-stored-content-length
41960
accept-ranges
bytes
expires
Sat, 06 Apr 2024 08:55:49 GMT
2024-04-04T160942Z_1_LYNXNPEK330LS_RTROPTP_3_PEOPLE-JUDY-CRAYMER-MAMMA-MIA.JPG
storage.googleapis.com/media.mwcradio.com/mimesis/2024-04/04/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/media.mwcradio.com/mimesis/2024-04/04/2024-04-04T160942Z_1_LYNXNPEK330LS_RTROPTP_3_PEOPLE-JUDY-CRAYMER-MAMMA-MIA.JPG
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9b10944ed9e172c41983d89eb9fa73931b46cd73f01d78490769ccb3d5714182

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 07:55:49 GMT
age
1609
x-guploader-uploadid
ABPtcPrWuMpPbR2cqOQQ6F3VTj0501MdED2jt63EhJTbwvxIsHyPY_6gdIC-AsZz-lTtmRxHKTI
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69834
last-modified
Thu, 04 Apr 2024 16:10:22 GMT
server
UploadServer
etag
"c2516228d7f588e163390a0984db8f08"
x-goog-generation
1712247022809063
x-goog-hash
crc32c=u1Dsuw==, md5=wlFiKNf1iOFjOQoJhNuPCA==
content-type
image/jpeg
cache-control
public, max-age=3600
x-goog-stored-content-length
69834
accept-ranges
bytes
expires
Sat, 06 Apr 2024 08:55:49 GMT
2024-04-04T135830Z_1_LYNXNPEK330HK_RTROPTP_3_DISNEY-EUROPE.JPG
storage.googleapis.com/media.mwcradio.com/mimesis/2024-04/04/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/media.mwcradio.com/mimesis/2024-04/04/2024-04-04T135830Z_1_LYNXNPEK330HK_RTROPTP_3_DISNEY-EUROPE.JPG
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
22ea76565ca3baab3211b5894bbf5c795e34e6e2f86335aa3370a7e4fec6544a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 07:55:49 GMT
age
1609
x-guploader-uploadid
ABPtcPrsG2YjMCEwlGxDOHfWq5RYJ44kCKNzulxOq6sbV1Op2MrZOmpN86iJdnDEqsNfzyIzgNtEQcngRw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55616
last-modified
Thu, 04 Apr 2024 14:00:21 GMT
server
UploadServer
etag
"9df9c49d284a062222a65deae26364ca"
x-goog-generation
1712239221010641
x-goog-hash
crc32c=9Ho5LA==, md5=nfnEnShKBiIipl3q4mNkyg==
content-type
image/jpeg
cache-control
public, max-age=3600
x-goog-stored-content-length
55616
accept-ranges
bytes
expires
Sat, 06 Apr 2024 08:55:49 GMT
wsymbol_0008_clear_sky_night.png
cdn.worldweatheronline.com/images/wsymbols01_png_64/ 		250 B
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.worldweatheronline.com/images/wsymbols01_png_64/wsymbol_0008_clear_sky_night.png
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::874:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-874 /
Resource Hash
8fca354f59752dce225bbeae9a11bc5c7c88fae899993bc4e4aa7c7ac615ad27

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
x-downloadsize
216
cdn-edgestorageid
1077
x-bo-processingtime
0
cdn-cachedat
10/31/2023 19:01:23
cdn-pullzone
57282
content-length
250
x-bo-server
DE-187
last-modified
Tue, 31 Oct 2023 19:01:23 GMT
server
BunnyCDN-DE1-874
cdn-proxyver
1.04
cdn-requestpullcode
200
x-bo-origindownloadtime
23
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
8fa3a04a-75d9-4707-8056-b7b33c8ac7fe
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
x-bo-compressionratio
0%
cdn-requestid
26b6a383e74a87202f762eb653b76b3a
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
PoweredBySoCastTagline-White.png
media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/themes/common_images/PoweredBySoCastTagline-White.png
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f88279a4bfa31852b69934e6d6b32910258274a5182d909d6c970e63dd5395fd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jan 2024 03:21:54 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
4V3422W44YBJQ3VR
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
8053245
x-cache
Hit from cloudfront
content-length
1222
x-amz-id-2
8r6Pws/7sUPacTD3fkAFSuFrxl60TskRChMdLagHIKU1tVviWe/2WjveEEj5tzBZE62idXSJUpo=
last-modified
Wed, 18 Oct 2023 17:54:04 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"ac5c3e1ebd9b63c37aa30a7c86806297"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
rhbJaEkCQLOpd63sxf6cRsh7elk20LMxONJZTtGV0ZTL76HOvqtW6A==
albumGallery.css
cdn-css.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/css/widgets/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-css.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/css/widgets/albumGallery.css?ver=5.4.2
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-124.fra56.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
521c38b16194e130c7c5bd73c40e84a59d9eb1e95c815e14eeb657873e722623

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:55:13 GMT
content-encoding
gzip
via
1.1 daf01c71790f42e645ae4024c607941e.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jul 2020 23:56:36 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA56-P12
age
52044
etag
"938-5ab7512af5ab9-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
745
x-amz-cf-id
kuZ9A4K11jDVuy39W3eUfPJs2hUTWoFePJlfhZIOL_wZlOttkAxdiw==
twoColumnLayout.css
cdn-css.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/css/ 		150 B
507 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-css.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/css/twoColumnLayout.css?ver=5.4.2
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-124.fra56.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
6106fba2c6f036bfd249c40d9df1fec6f9da3ee1ea754dccde3c0f9690fcc1b4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:42:23 GMT
content-encoding
gzip
via
1.1 daf01c71790f42e645ae4024c607941e.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jul 2020 23:56:36 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA56-P12
age
52814
etag
"96-5ab7512af5ab9-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
133
x-amz-cf-id
dBaGI2Tl27Hqd7pFIEwmweEidtdApcWcuVzUuoaecEaBas7q_v8Gsw==
eventDisplay.css
cdn-css.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/css/widgets/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-css.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/css/widgets/eventDisplay.css?v=2016-02-24&ver=5.4.2
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-124.fra56.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
ef82770a46ee476d8530cf09afd544198d12b23cc75a01e9e40015c11a8ab3cd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:38:01 GMT
content-encoding
gzip
via
1.1 daf01c71790f42e645ae4024c607941e.cloudfront.net (CloudFront)
last-modified
Thu, 12 Nov 2020 19:29:13 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA56-P12
age
53076
etag
"d56-5b3eded489130-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
924
x-amz-cf-id
g9zWmIJPVCAh6OgmBBvmSWFfldZPaDmqRN1ni1SPUaQ1O4DNGchTFQ==
weather.css
cdn-css.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/css/widgets/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-css.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/css/widgets/weather.css?ver=5.4.2
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-124.fra56.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
cac1df235adc210488f80cbb6f5aa4381d89e0767c104ffc85f9330ddc9cc66a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:36:56 GMT
content-encoding
gzip
via
1.1 daf01c71790f42e645ae4024c607941e.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jul 2020 23:59:43 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA56-P12
age
53141
etag
"1563-5ab751dd94274-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
1131
x-amz-cf-id
8QMsoP6mEJQ5ENZsBId7dn1yEz91gms_gWQm3VPT955JwE3djrf0mA==
css-var-polyfill.js
cdn-js.socastsrm.com/cdn_v17.8.1/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/js/css-var-polyfill.js
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
0c955fa8c779c4d8a38a36ec47e0eb653271d31844f356142ddf4688354e4afb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:36:57 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jul 2020 23:56:35 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
53140
etag
"18b3-5ab75129eef99-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
2254
x-amz-cf-id
v1z7hh3CGYP-wzyTSqcC9TJ_goXMwIPcM3oGiZRqOIzE-fOIzHuzcQ==
wp-embed.min.js
wincountry.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wincountry.com/wp-includes/js/wp-embed.min.js?ver=5.4.2
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:37 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Last-Modified
Mon, 27 Jul 2020 23:59:44 GMT
Server
Apache/2.4.29 (Ubuntu)
Identity
Accept-Encoding
Age
0
ETag
"59a-5ab751de8a3f4-gzip"
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Varnish
696218410
Accept-Ranges
bytes
Content-Length
769
js_composer_front.min.js
wincountry.com/wp-content/plugins/js_composer/assets/js/dist/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wincountry.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.1
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
43cdf46f331fec5ba92e402e3d5cad473099892cbdafca02e607cd03705104bf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:38 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Last-Modified
Mon, 27 Jul 2020 23:59:38 GMT
Server
Apache/2.4.29 (Ubuntu)
Identity
Accept-Encoding
Age
0
ETag
"5079-5ab751d879753-gzip"
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Varnish
700392472
Accept-Ranges
bytes
Content-Length
5818
blogNews.js
cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/js/widgets/ 		1007 B
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/js/widgets/blogNews.js?ver=5.4.2
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
ab40d2fd397d7357eec52b0a54abbbe4065909ae6993c7f321bcd91b7afa82b6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:37:27 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jul 2020 23:59:37 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
53111
etag
"3ef-5ab751d755773-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
496
x-amz-cf-id
9burrO1Jz5ZBOHwFF5qeIpqNqA-ZsbGPhLu3UK1N3aHnIhTM7fyyTg==
featureRotator.js
cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/js/widgets/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/js/widgets/featureRotator.js?ver=5.4.2
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
8ead246d96271c4e6ecbd16cb0cdfa5f292b9bd574ed8fcefb72ae3642bcdb67

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:37:39 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jul 2020 23:22:19 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
53111
etag
"1956-5ab74980fde4c-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
1841
x-amz-cf-id
7ZvYKB32GUMk9AsYvDv2d7pvovQJdDLSKZueTrp3oocWYkqU4nxdeQ==
albumGallery.js
cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/js/widgets/ 		920 B
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/js/widgets/albumGallery.js?ver=5.4.2
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
0ac6fd5b7d5afe27d5bdcc1a32f0101949f80841860b7f0c9b58bf28f50b5728

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:51:35 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jul 2020 23:56:36 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
52263
etag
"398-5ab7512af79f9-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
351
x-amz-cf-id
WTfLWWe5ICdOVCwzR0Moc8kGZeCIZTHSiyNpDc3wR3VjFe9SsVNacw==
twoColumnLayout.js
cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/js/ 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/js/twoColumnLayout.js?ver=5.4.2
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
eeb2f09a9511bc3c70d6a90a24ea942db06737392c3159c4058ccecc6055c147

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:42:05 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Mon, 27 Jul 2020 23:59:37 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
52833
etag
"70b-5ab751d7547d3-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
435
x-amz-cf-id
D9aW0XTupaUAKTjVVNyuTMvfDrVrhmmlB3T-LrNpXcdbYQ7if8x1Ug==
eventCalendarList.js
cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/js/widgets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/js/widgets/eventCalendarList.js?v=2013-06-25&ver=5.4.2
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
54ab0f51ec3cf63fc92dd3cb384defb55800fadc29b4798c4c13d4bce60bb4b8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:38:42 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Wed, 13 Sep 2023 15:03:26 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
53036
etag
"9a7-6053edc90dd7c-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
803
x-amz-cf-id
7PysVxPs1Q9tpuoT6BgebmVog7NIEAOjkJ98_m9LMjMsaqLNpE5uzg==
lastPlayed.js
cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/js/widgets/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-content/plugins/socast-widgets/js/widgets/lastPlayed.js?ver=5.4.2
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-60.fra60.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
c72dfe69c8fbdb44833c6dba3b69582e1c3ab3d07ae30a5d25ef0321677687e8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 17:39:31 GMT
content-encoding
gzip
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
last-modified
Wed, 30 Nov 2022 19:01:50 GMT
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA60-P8
age
52987
etag
"1035-5eeb4bca55448-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
1397
x-amz-cf-id
14rhkOnTjsakjlghbBH_GT_ULsiAgvouJaRi9waGkXHH3_gbvJjEvw==
wxwidget.loader.js
widgets.media.weather.com/ 		574 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.media.weather.com/wxwidget.loader.js?cid=158765827
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:e88::3282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / Express
Resource Hash
958fe2696b8f4d2ba074d2d0216bb3dbb505bd6f7ada4fa4230dc1dcb9357a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sat, 06 Apr 2024 08:22:38 GMT
server
nginx
x-powered-by
Express
etag
W/"8f669-bd3zzn0+z0/XfIS6S7gssKLaYI8"
x-cache-status
EXPIRED
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60445
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
141519
expires
Sun, 07 Apr 2024 01:10:03 GMT
9c51dd92b4.js
kit.fontawesome.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/9c51dd92b4.js
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc1c1aa45753383c29f0de5cc40d92e085412159e1d8d444638075061953a817

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
Origin
https://wincountry.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
87005f08ff455d85-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F8OfZmh4Q4i24IKcIjMB
wp-emoji-release.min.js
wincountry.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wincountry.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:38 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Last-Modified
Mon, 27 Jul 2020 23:59:38 GMT
Server
Apache/2.4.29 (Ubuntu)
Identity
Accept-Encoding
Age
0
ETag
"364d-5ab751d8b7f53-gzip"
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Varnish
700422423
Accept-Ranges
bytes
Content-Length
4653
recaptcha__de.js
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 		501 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LchdXMgAAAAAP4dU47UWMAhU0Tc8Uf0ldZrstqZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
Origin
https://wincountry.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 02:20:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205471
x-xss-protection
0
last-modified
Fri, 29 Mar 2024 04:30:36 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 06 Apr 2025 02:20:34 GMT
gtm.js
www.googletagmanager.com/ 		198 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TQ2K7TM
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bc550c39daf7872d5b61bc0d5224bea93f15520e9ce09eb8e6d5c26baadb1bed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70503
x-xss-protection
0
last-modified
Sat, 06 Apr 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Apr 2024 08:22:38 GMT
gtm.js
www.googletagmanager.com/ 		187 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KRSW9PG
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
28b130db0f36d4283a122dff8840082409841d43930fd6d09bb12bbcbb729afa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68299
x-xss-protection
0
last-modified
Sat, 06 Apr 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Apr 2024 08:22:38 GMT
loader.js
cdn.taboola.com/libtrc/midwestcommunications-network/ 		799 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/midwestcommunications-network/loader.js
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d655981dacea8e416d4224cf1fbd2f3348781f494d11d02edf78c92a1f3c3ae4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
JwTwgkApVM7.GelzpiwZyhnujoMzInDO
content-encoding
gzip
via
1.1 varnish
date
Sat, 06 Apr 2024 08:22:38 GMT
x-amz-request-id
37Y8561H7SFJN6CS
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
192961
x-amz-id-2
EP515P1kwk1DiVgS9wAJqr9QUXFJEXQasP60XVrBYMh+jdERWDPrI9mx26aou1//VjXb/uTf08o=
x-served-by
cache-fra-etou8220138-FRA
last-modified
Thu, 04 Apr 2024 11:09:50 GMT
server
AmazonS3
x-timer
S1712391758.346570,VS0,VE200
etag
"31bd3d49781a91bac7fc9dfe164f778a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
53
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
wnwn-heroimage-default2.jpg
media.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2020/05/ 		197 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2020/05/wnwn-heroimage-default2.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-127.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e22094228566ad4a7e84db5aa4d36c53ab016259c2e3ebd653f25c16534bd0d1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:37:12 GMT
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-amz-request-id
6RS0NHN5NHCVKTR1
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
67527
x-cache
Hit from cloudfront
content-length
201894
x-amz-id-2
VURZ4omDhvI7pSTr8+DsBhCKi6tWlyGIO+QcH3/LG0tHDG8FSxqCiUnuuT98FGH9daajY/ZezV4=
last-modified
Fri, 20 Oct 2023 01:49:58 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"ed02da22703348f2bd563e60dcf130aa"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
1_njIBig1i9269b3P4b79Ept1n9AJLyjEc4D3qWL3CjDlZDbkyP3_g==
fh-300x251.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/07/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/07/fh-300x251.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58c651a26071f79972de05cb4be8ea1bd2cc4833ff94654f34c4ab0085d3355b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:37:12 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
6RS73JSSS9MESS7K
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
67527
x-cache
Hit from cloudfront
content-length
11932
x-amz-id-2
J4x7zQWmesFTyazMuDfyBFjDlaSs5zSZe4vYrEyYZEv2F9AVji6NgD/pvWjNa6q25dPtw/yA1tM=
last-modified
Wed, 18 Oct 2023 18:01:11 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"554cedeb06713967c24902f61d860ec2"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
bvj3WFbHqaE4VFky_vVlQ8CVkr1N5mmce2yIhl1IBDQ3n1Xbgquwyw==
roofsit7-300x251.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/06/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2023/06/roofsit7-300x251.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
82ac1e85cfa0edc767331ac49c45efe8eb3e1ca20109ca3162b43c9db85b7dbc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:37:12 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
6RS2T5N2DGJJWC2C
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
67527
x-cache
Hit from cloudfront
content-length
12346
x-amz-id-2
3NRsLBFWTYZ+6At5uVjldi1Q94jruCOEqOsRkBApvO+E4zH6uVSgcdxivRWjm7BxGuiB35Lpbas=
last-modified
Wed, 18 Oct 2023 18:01:11 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"17ca403880d847408f50a53d09b9d42a"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
OWcgyXMP5bOD4ZpmLdSnY6vbXpC10IQFHI3fHKwBBhE05aoTRTrq1g==
kaylee-williams-300x251.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2022/06/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2022/06/kaylee-williams-300x251.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5823bba5d7ae356e30e6aba54cd1a353ba781f436c111547c05f244b6cf92d8f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:37:12 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
6RS0981WQ794YM20
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
67527
x-cache
Hit from cloudfront
content-length
5052
x-amz-id-2
nIal78i0D6P1h+gm4liaaT8rr9p4qixMB8zRAcGaqBV0kSpXuXkvG/FmuqoBCWPJcDYDcUyyRj4=
last-modified
Wed, 18 Oct 2023 18:01:11 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"468f72b5d510dee3099650775c7f9944"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
HBiVVOw-90D-6oR8ZgzU5HS9rGObokiT2A7BcFqTYcViiPuc9OMaJA==
img-0439-1-300x251.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2021/07/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2021/07/img-0439-1-300x251.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25173403d20076c00cc25a857f5162b0ef03f75d2ccf1d9501ce0ea27f4302ae

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:37:12 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
6RS3Q7CBKZT17GPA
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
67527
x-cache
Hit from cloudfront
content-length
14664
x-amz-id-2
8AjLGFAciJc+e62levhQGGa/HxIN/8pSsrAuK1z0zGAOQOb3ReUOa2BgEEpocI/Yu7tq1Z7unHM=
last-modified
Wed, 18 Oct 2023 18:01:11 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"36036ac43005ca82b07f9fa0853d22ed"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
51Xodb38mQU1ICn8qIW9grej-RzALji1ZbXHFiVfsH8mTC8jOpPoig==
kendyl-ashley-221x251.png
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2021/06/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2021/06/kendyl-ashley-221x251.png
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09912cb2d2c867208249706041eda1ec8d6fac4234841ffbf7c9ed6734fb8b5f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:37:12 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
6RS9ESBNA8D6XR4C
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
67527
x-cache
Hit from cloudfront
content-length
16266
x-amz-id-2
DuGxwlCmtcuXrGl8gSc7nPNP4SpOL8ippn5iec5wN7Xxfxq10nis0EdNiWHXtP944pXqVrITSgw=
last-modified
Wed, 18 Oct 2023 18:01:11 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"8ced06d26c2d302fe39e7b598d6fa230"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
y3YbYwcOcZocCHVZg2vSFTS16U-32JQF0CF9F3WfMrdpQIW-1jgd3w==
unnamed-4-300x251.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2021/03/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2021/03/unnamed-4-300x251.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f11bbd2091480997ca88487fcf008ee64ecfcdbd72d3a218f16eb3d4a562e1c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:37:12 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
6RS5ZYN61T5R33BA
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
67527
x-cache
Hit from cloudfront
content-length
17428
x-amz-id-2
HRRjTQ8QGlUooQyFpiL5Q1/Z4mfAWWGiTjxj/uNv3EoJoIc9CTLfjsyBWndxWIc6Rza922to3uo=
last-modified
Wed, 18 Oct 2023 18:01:11 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"5064aff23f2e8ab71d753fec6411c911"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
5647jADsaZNhR7ZQqS_1T5fphiVX798Kzs8oAtfctyZsPate_bBUcg==
83595934_178011173554402_120238781977591808_n-300x213.jpg
media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2020/05/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/wordpress/wp-content/blogs.dir/2532/files/2020/05/83595934_178011173554402_120238781977591808_n-300x213.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d31ccaf4d1d5a13148c3b3f8042110685395b9e09c6dc5540a4965a4fdbe480f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:37:12 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
6RSA10716QP2WA6X
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
67527
x-cache
Hit from cloudfront
content-length
12358
x-amz-id-2
VTujckj9Eh8JTg4WaPuv1/01WemByADdM96L/HOV7sBh6VLYLhh8kfC0g1Qs4P7SeWUEve0c238=
last-modified
Wed, 18 Oct 2023 18:01:11 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"5846003c1cde42b2e8362aa7b2820a4f"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
fWSUjoSlziwTxjel2aTHVOmkj_uH5IAvWuInlTheW1k6RrRbB4CO4Q==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,700,900,100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://wincountry.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 00:50:53 GMT
x-content-type-options
nosniff
age
372705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Apr 2025 00:50:53 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,700,900,100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://wincountry.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 23:56:41 GMT
x-content-type-options
nosniff
age
30357
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Apr 2025 23:56:41 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,700,900,100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://wincountry.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 04:51:07 GMT
x-content-type-options
nosniff
age
12691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50296
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:10:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 04:51:07 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,700,900,100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://wincountry.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 07:26:17 GMT
x-content-type-options
nosniff
age
3381
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 07:26:17 GMT
sdk.js
connect.facebook.net/en_US/ 		298 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=8c1b166308d76100c776dcea0c16a6f2
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e9c5bf3338c11ab0745787c6c21688cdc639b3cfe1a66a6d4510044aa71e8e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
Origin
https://wincountry.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 Apr 2024 08:22:38 GMT
content-md5
qZpKd+eWQ8DxmZJ/YQhIhw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87237
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=20, mss=1326, tbw=6406, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
tgqpHk6S5UoVrqMUYn2tdaDB0jyvyGBSY7yPq8ZNPElo1pU33NyLeuVbrboWbrzsltuYxjY5PKaeUW6WL24fCg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
fcd322c5fcf856fdaa58408bea83b14a
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"432dd71ca677199e98a9490255a26c73"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Sun, 06 Apr 2025 06:27:40 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/ 		441 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
826ad5ca08cda186fbf03678587298a48c69a6e4a8c426c3a7aa5bcf45a61878
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 19:00:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
48105
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141434
x-xss-protection
0
server
cafe
etag
9020292414496593553
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 05 Apr 2025 19:00:53 GMT
js
www.googletagmanager.com/gtag/ 		240 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BGC9VZD51N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33491015-39
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
60ad2cab7ebffae6e02715beb61152fb6e151f14adf31b9e743dacb2828a984d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87462
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Apr 2024 08:22:38 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33491015-39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 Apr 2024 07:38:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2636
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 06 Apr 2024 09:38:42 GMT
js
www.googletagmanager.com/gtag/ 		197 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-4991594-2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-33491015-39
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
32964b4676b104963517b95a1a4087871bf3d062a86e5e5618ba1e145ba9cf70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73241
x-xss-protection
0
last-modified
Sat, 06 Apr 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Apr 2024 08:22:38 GMT
js
www.googletagmanager.com/gtag/ 		257 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BFCN2RTHR1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4991594-2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
351ef5f200f2af06ec624eb9eab23ff863a29c8755d187e3fd00266279a71658
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91230
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Apr 2024 08:22:38 GMT
js
www.googletagmanager.com/gtag/ 		285 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QLTWJ7V56Q&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ2K7TM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6360ea9271ec98de9bf0d006c2a90d841b61cb9cb809d97825fdd8f6f729841d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97336
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Apr 2024 08:22:38 GMT
ads
pagead2.googlesyndication.com/gampad/ 		180 KB
29 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=2626436674215559&correlator=4346834359612831&eid=31079956%2C31081517%2C31082255%2C31082449%2C31079525&output=ldjh&gdfp_req=1&vrg=202404020201&ptt=17&impl=fifs&ltd_cs=1&iu_parts=21615947095%2Cleaderboard%2Cmobile-banner%2Csidebar-300x600%2Cprimary-sponsorship-300x250%2Cheader-leaderboard%2Cheader-leaderboard-300x100%2C300x250%2CInfolinks&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=728x90%2C728x90%2C728x90%2C320x50%2C300x600%2C300x250%2C728x90%2C300x100%2C300x250%2C300x250%2C300x250&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1712391758483&lmt=1712391758&adxs=436%2C470%2C470%2C-9%2C100%2C-12245933%2C436%2C-12245933%2C116%2C116%2C100&adys=1107%2C2408%2C7295%2C-9%2C2372%2C-12245933%2C0%2C-12245933%2C1223%2C2108%2C1556&biw=1600&bih=1113&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C-1%7C3%7C-1%7C0%7C-1%7C4%7C5%7C6&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&oid=2&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&url=https%3A%2F%2Fwincountry.com%2F&vis=1&psz=1600x100%7C1030x0%7C1030x0%7C0x-1%7C330x865%7C300x260%7C1600x0%7C1600x0%7C330x250%7C330x865%7C330x250&msz=728x-1%7C1030x0%7C1030x0%7C0x-1%7C300x-1%7C0x-1%7C1600x0%7C0x0%7C300x-1%7C300x-1%7C330x250&fws=4%2C4%2C4%2C2%2C4%2C132%2C4%2C132%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C0%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=168903808.1712391758&ga_sid=1712391758&ga_hid=1580008502&ga_fc=false&dlt=1712391757675&idt=779&prev_scp=Position%3D1%7CPosition%3D2%7CPosition%3D3%7C%7C%7CPosition%3DPrimary%2520Sponsor%7C%7C%7CPosition%3D1%7CPosition%3D2%7C&cust_params=call-letters%3DWNWN%26Slug%3D%252F%26Market%3DBattle%2520Creek%26blog-category%3Dnull%26platform%3Dweb&adks=1228188547%2C257837110%2C620219139%2C3201704947%2C2303480705%2C2180027617%2C1613825503%2C1162163396%2C4046684217%2C1645017044%2C1178224342&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1890c71cc95f2a3dc94ef622a427deb4286e82b51ae154774185b5397c9451af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30163
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,-2,6473637964,6698993483,6377555737
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2,-2,138359863686,138467530434,138424044265
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wincountry.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
423a3eed0d1c3936d06a752af80abbb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B3F7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://423a3eed0d1c3936d06a752af80abbb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wincountry.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Apr 2024 08:22:38 GMT
expires
Sun, 06 Apr 2025 08:22:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		258 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z48DQSG8XB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRSW9PG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7d72b4a59db3d6bfde6d8bd49d15663a94efb8f6ef41fed6833fbabc0e8dc378
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92164
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Apr 2024 08:22:38 GMT
pro.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 		672 KB
118 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro.min.css?token=9c51dd92b4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9c51dd92b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01a3066991f4af85d35aaa0068aa00054f9762f39c263853f49518d5f9784c4b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 15:26:26 GMT
server
cloudflare
age
35448
etag
"660c23a2-1d791"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
87005f0b38c65d85-FRA
content-length
120721
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 		27 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-shims.min.css?token=9c51dd92b4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9c51dd92b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f3387f11826be4923a2d3a8c1542780abd6d4c66ce13f2de770f2e386989593

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 15:26:24 GMT
server
cloudflare
age
294684
etag
"660c23a0-10e7"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
87005f0b38c15d85-FRA
content-length
4327
pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 		50 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v5-font-face.min.css?token=9c51dd92b4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9c51dd92b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1580a6a19cb081a84215f13b42f765469beb87d7401f16349760cd067fc4da71

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 02 Apr 2024 15:26:24 GMT
server
cloudflare
etag
"660c23a0-1c3b"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
87005f0b38c45d85-FRA
content-length
7227
pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.2/css/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/css/pro-v4-font-face.min.css?token=9c51dd92b4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9c51dd92b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
516640faeb856df6599d165f26ee51ce8cbaaf34f7c09d818509e75f6a48ae13

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 15:26:24 GMT
server
cloudflare
age
36206
etag
"660c23a0-6ca"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
87005f0b38c35d85-FRA
content-length
1738
kit-upload.css
kit.fontawesome.com/9c51dd92b4/2427203/ 		0
141 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/9c51dd92b4/2427203/kit-upload.css
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/9c51dd92b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
cf-cache-status
HIT
age
522733
content-length
0
x-request-id
F8HHzyaCfC6Dh2Y1taNB
server
cloudflare
etag
54af53b207eef226d6511e0a88e3038e
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges
bytes
cf-ray
87005f0b28b55d85-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-BGC9VZD51N&gtm=45je4430v9125549453za200&_p=1712391758142&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=168903808.1712391758&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1712391758&sct=1&seg=0&dl=https%3A%2F%2Fwincountry.com%2F&dt=WIN%2098.5%20Your%20Country%20%7C%20WNWN-FM%20%7C%20Battle%20Creek%2C%20MI&en=page_view&_fv=1&_ss=1&tfd=1538
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BGC9VZD51N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wincountry.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
facebook.svg
wincountry.com/wordpress/wp-content/themes/common_images/social/ 		534 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wincountry.com/wordpress/wp-content/themes/common_images/social/facebook.svg
Requested by
Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
8df8f305434997f9512cf9863088cccefa4006084fc4feb069f452edb31dad99

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01
Referer
https://wincountry.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:38 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Last-Modified
Mon, 27 Jul 2020 23:22:19 GMT
Server
Apache/2.4.29 (Ubuntu)
Identity
X-UA-Device, X-socast_header_type, Accept-Encoding
Age
0
ETag
W/"216-5ab749811072c"
Vary
User-Agent, , Accept-Encoding
X-Cache
MISS
X-Varnish
698896580
Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
369
twitter.svg
wincountry.com/wordpress/wp-content/themes/common_images/social/ 		686 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wincountry.com/wordpress/wp-content/themes/common_images/social/twitter.svg
Requested by
Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
467d16b159d4ccb43d7a3aab76d63d223d9dfae82dd03a3299da423513ddccd0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01
Referer
https://wincountry.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:38 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Last-Modified
Mon, 27 Jul 2020 23:59:37 GMT
Server
Apache/2.4.29 (Ubuntu)
Identity
X-UA-Device, X-socast_header_type, Accept-Encoding
Age
0
ETag
W/"2ae-5ab751d768053"
Vary
User-Agent, , Accept-Encoding
X-Cache
MISS
X-Varnish
700681060
Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
Transfer-Encoding
chunked
Accept-Ranges
bytes
instagram.svg
wincountry.com/wordpress/wp-content/themes/common_images/social/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wincountry.com/wordpress/wp-content/themes/common_images/social/instagram.svg
Requested by
Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
9a5ca76b8b860c6bec08a8592197e4c69fc26b67ad048e53aad4e5f7789d3d8a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01
Referer
https://wincountry.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:38 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Last-Modified
Wed, 31 May 2023 16:53:59 GMT
Server
Apache/2.4.29 (Ubuntu)
Identity
X-UA-Device, X-socast_header_type, Accept-Encoding
Age
0
ETag
W/"5ce-5fd002a8f8ce8"
Vary
User-Agent, , Accept-Encoding
X-Cache
MISS
X-Varnish
699807646
Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
813
ios.svg
wincountry.com/wordpress/wp-content/themes/common_images/social/ 		633 B
857 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wincountry.com/wordpress/wp-content/themes/common_images/social/ios.svg
Requested by
Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e2374a9d3759552a6170ed61e9ca572ac0951dc1d6099589366e1d4b30a7f2df

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01
Referer
https://wincountry.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:38 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Last-Modified
Tue, 28 Jul 2020 21:36:36 GMT
Server
Apache/2.4.29 (Ubuntu)
Identity
X-UA-Device, X-socast_header_type, Accept-Encoding
Age
0
ETag
W/"279-5ab873bdcdf0b"
Vary
User-Agent, , Accept-Encoding
X-Cache
MISS
X-Varnish
696037682
Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
401
android.svg
wincountry.com/wordpress/wp-content/themes/common_images/social/ 		998 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wincountry.com/wordpress/wp-content/themes/common_images/social/android.svg
Requested by
Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
c3d990019fac3b63ac16593e0661d71074091f96bfcefc99bc5466b4e33d964b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01
Referer
https://wincountry.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:38 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Last-Modified
Wed, 31 May 2023 16:53:57 GMT
Server
Apache/2.4.29 (Ubuntu)
Identity
X-UA-Device, X-socast_header_type, Accept-Encoding
Age
0
ETag
W/"3e6-5fd002a73c1a9"
Vary
User-Agent, , Accept-Encoding
X-Cache
MISS
X-Varnish
699646794
Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
Transfer-Encoding
chunked
Accept-Ranges
bytes
alexa.svg
wincountry.com/wordpress/wp-content/themes/common_images/social/ 		489 B
780 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wincountry.com/wordpress/wp-content/themes/common_images/social/alexa.svg
Requested by
Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b502ef69aba71449772f6e3d042e5ec7447f61d4bee52ce8cba3adfc6ceeb0c0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01
Referer
https://wincountry.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:38 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Last-Modified
Mon, 27 Jul 2020 23:56:36 GMT
Server
Apache/2.4.29 (Ubuntu)
Identity
X-UA-Device, X-socast_header_type, Accept-Encoding
Age
0
ETag
W/"1e9-5ab7512b0a2d9"
Vary
User-Agent, , Accept-Encoding
X-Cache
MISS
X-Varnish
698174136
Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
324
facebook.svg
wincountry.com/wordpress/wp-content/themes/common_images/social/ 		534 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wincountry.com/wordpress/wp-content/themes/common_images/social/facebook.svg
Requested by
Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
8df8f305434997f9512cf9863088cccefa4006084fc4feb069f452edb31dad99

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01
Referer
https://wincountry.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:38 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Last-Modified
Mon, 27 Jul 2020 23:22:19 GMT
Server
Apache/2.4.29 (Ubuntu)
Identity
X-UA-Device, X-socast_header_type, Accept-Encoding
Age
0
ETag
W/"216-5ab749811072c"
Vary
User-Agent, , Accept-Encoding
X-Cache
HIT
X-Varnish
698896582 698896581
Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
369
twitter.svg
wincountry.com/wordpress/wp-content/themes/common_images/social/ 		686 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wincountry.com/wordpress/wp-content/themes/common_images/social/twitter.svg
Requested by
Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
467d16b159d4ccb43d7a3aab76d63d223d9dfae82dd03a3299da423513ddccd0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01
Referer
https://wincountry.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:38 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Last-Modified
Mon, 27 Jul 2020 23:59:37 GMT
Server
Apache/2.4.29 (Ubuntu)
Identity
X-UA-Device, X-socast_header_type, Accept-Encoding
Age
0
ETag
W/"2ae-5ab751d768053"
Vary
User-Agent, , Accept-Encoding
X-Cache
HIT
X-Varnish
699091442 700681061
Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
401
instagram.svg
wincountry.com/wordpress/wp-content/themes/common_images/social/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wincountry.com/wordpress/wp-content/themes/common_images/social/instagram.svg
Requested by
Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
9a5ca76b8b860c6bec08a8592197e4c69fc26b67ad048e53aad4e5f7789d3d8a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01
Referer
https://wincountry.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:38 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Last-Modified
Wed, 31 May 2023 16:53:59 GMT
Server
Apache/2.4.29 (Ubuntu)
Identity
X-UA-Device, X-socast_header_type, Accept-Encoding
Age
0
ETag
W/"5ce-5fd002a8f8ce8"
Vary
User-Agent, , Accept-Encoding
X-Cache
HIT
X-Varnish
701137951 699807647
Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
813
PoweredBySoCastTagline.svg
wincountry.com/wordpress/wp-content/themes/common_images/ 		14 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wincountry.com/wordpress/wp-content/themes/common_images/PoweredBySoCastTagline.svg
Requested by
Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
c574bb878909238729bd58bbe8aacf92a35f79b36723b4fac61c14651526f650

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01
Referer
https://wincountry.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:38 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Last-Modified
Mon, 27 Jul 2020 23:59:37 GMT
Server
Apache/2.4.29 (Ubuntu)
Identity
X-UA-Device, X-socast_header_type, Accept-Encoding
Age
0
ETag
W/"371e-5ab751d768053"
Vary
User-Agent, , Accept-Encoding
X-Cache
MISS
X-Varnish
696384053
Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
4072
lp_2432_2824.js
socast-public.s3.amazonaws.com/player/ 		58 KB
59 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://socast-public.s3.amazonaws.com/player/lp_2432_2824.js?_=1712391758064
Requested by
Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.8.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
91df4bb77d6e119ba50b1fe3598b4feac0caa897a00212968fb920a51de7e407

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
text/html, */*; q=0.01
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:39 GMT
Last-Modified
Sat, 06 Apr 2024 08:20:43 GMT
Server
AmazonS3
x-amz-request-id
WQRKG427NRFNE98K
ETag
"4d5b02284679658605e51dccf7bd052e"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Content-Type
text/plain
x-amz-meta-content-type
text/plain
Accept-Ranges
bytes
Content-Length
59728
x-amz-id-2
KQEHOeaUUE5F7ulnaOESNnrNMSevZdrM6cLhtj5R0bxNxYfr+Eh84ynT9a1Mtpod04vGCFolL1E=
svg
media-cdn.socastsrm.com/image/ 		390 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://media-cdn.socastsrm.com/image/svg?icon=facebook&fill=currentColor
Requested by
Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) / PHP/7.4.20
Resource Hash
338f0a6b45397cbcb5eded5fb1c6910a71bd082d81ca5021eafa419572d280d9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
*/*
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA2-C2
x-powered-by
PHP/7.4.20
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400, s-maxage=86400
content-length
390
x-amz-cf-id
JF2S7QJk85gQzl_EXezyGcZTdRSfXDPsSgiOdbY-GMYVshLhLnlJ4Q==
expires
Thu, 19 Nov 1981 08:52:00 GMT
svg
media-cdn.socastsrm.com/image/ 		938 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://media-cdn.socastsrm.com/image/svg?icon=twitter&fill=currentColor
Requested by
Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) / PHP/7.4.20
Resource Hash
639545d99c924ff87fc97799f2dc94659aec811229272f3e8e5fe1b0a9da6af3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
*/*
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA2-C2
x-powered-by
PHP/7.4.20
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400, s-maxage=86400
content-length
938
x-amz-cf-id
AySD2satw1SiT_ImOqRaLmkeF1zwjXxhX_r-6ndYuXDEGsWrIbITQQ==
expires
Thu, 19 Nov 1981 08:52:00 GMT
svg
media-cdn.socastsrm.com/image/ 		761 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://media-cdn.socastsrm.com/image/svg?icon=instagram&fill=currentColor
Requested by
Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) / PHP/7.4.20
Resource Hash
ec14db41d8f5543c333c87b248783bac25cdab56936f67b80b2a06add6b4e4dd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
*/*
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA2-C2
x-powered-by
PHP/7.4.20
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400, s-maxage=86400
content-length
761
x-amz-cf-id
w-fQZJs0KL7au_7q7di2cGmkxoaoiKfpIVtsrfFbfA05D1RMNZ09cQ==
expires
Thu, 19 Nov 1981 08:52:00 GMT
svg
media-cdn.socastsrm.com/image/ 		825 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://media-cdn.socastsrm.com/image/svg?icon=apple&fill=currentColor
Requested by
Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) / PHP/7.4.20
Resource Hash
607aa273610a68a9d86314467885ff5502b12f8990530241eb51dd8c38a23a70

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
*/*
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:39 GMT
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA2-C2
x-powered-by
PHP/7.4.20
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400, s-maxage=86400
content-length
825
x-amz-cf-id
c84dytJyCtKrWVEgfOnMijso3n29BVLJqYwhXJNXDCvmyqZdh3ek0Q==
expires
Thu, 19 Nov 1981 08:52:00 GMT
svg
media-cdn.socastsrm.com/image/ 		518 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://media-cdn.socastsrm.com/image/svg?icon=google-play&fill=currentColor
Requested by
Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) / PHP/7.4.20
Resource Hash
5fc5ca6b03fb379940b73627d0dc7c3e26c78a719738be26aee764e7576f2de6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
*/*
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA2-C2
x-powered-by
PHP/7.4.20
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400, s-maxage=86400
content-length
518
x-amz-cf-id
SAbG20kbtcT_FwWob-MR7qmhGV1tarqY3DucFY7A98M-1dwuCn-7Aw==
expires
Thu, 19 Nov 1981 08:52:00 GMT
svg
media-cdn.socastsrm.com/image/ 		547 B
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://media-cdn.socastsrm.com/image/svg?icon=amazon-alexa&fill=currentColor
Requested by
Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) / PHP/7.4.20
Resource Hash
ec681a96a9411dee18ee60810d58daa40b8a0e62778b96c41106594058d71db4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
*/*
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:38 GMT
via
1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA2-C2
x-powered-by
PHP/7.4.20
x-cache
Miss from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400, s-maxage=86400
content-length
547
x-amz-cf-id
wj_o9cEvufQKDr6QVAYFwj41Z9S2V613k-t3sKDTSFNk0vUBFf9uPQ==
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache_check
wincountry.com/wp-json/socast-elasticsearch/v1/ 		48 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wincountry.com/wp-json/socast-elasticsearch/v1/cache_check?page_url=https%3A%2F%2Fwincountry.com%2F&cache_namespace=34303
Requested by
Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) / PHP/7.4.20
Resource Hash
451bdbf54aba489f904b7a11d417e7c74019220163357d7502bd77a3454e1984
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
*/*
Referer
https://wincountry.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.4.20
Transfer-Encoding
chunked
Pragma
no-cache
Server
Apache/2.4.29 (Ubuntu)
Allow
GET
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-WP-Total, X-WP-TotalPages
Cache-Control
no-store, no-cache, must-revalidate
X-Robots-Tag
noindex
Link
<https://wincountry.com/wp-json/>; rel="https://api.w.org/"
Access-Control-Allow-Headers
Authorization, Content-Type
Expires
Thu, 19 Nov 1981 08:52:00 GMT
eventCalendar
wincountry.com/ajax/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wincountry.com/ajax/eventCalendar?id=33122&range=current&offset=0&limit=5&timezone=America%2FDetroit&cacheKill=0.9175406818842979&accountID=2432&artistID=0
Requested by
Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) / PHP/7.4.20
Resource Hash
6f9e7fea4cf1ca2e913a46f8f5c11f5afa28cb8956a301ad1533bc4d644868a6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://wincountry.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:38 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Server
Apache/2.4.29 (Ubuntu)
Identity
Accept-Encoding, X-UA-Device, X-socast_header_type
Age
0
X-Powered-By
PHP/7.4.20
Vary
Accept-Encoding, User-Agent,
X-Cache
MISS
X-Varnish
699646798
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=UTF-8
Accept-Ranges
bytes
Content-Length
859
lightbox_FullscreenBtn.png
wincountry.com/images/common_theme/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wincountry.com/images/common_theme/lightbox_FullscreenBtn.png
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
2cd0f6bf27dd5392aee38f34ebd531cf947e52c5af687751f60bc6d0d28ee982

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:38 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Last-Modified
Mon, 27 Jul 2020 23:22:18 GMT
Server
Apache/2.4.29 (Ubuntu)
Identity
Accept-Encoding
Age
0
ETag
W/"719-5ab7497fe1b6c"
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Varnish
700715487
Transfer-Encoding
chunked
Accept-Ranges
bytes
lightbox_close_20x20.png
wincountry.com/images/common_theme/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wincountry.com/images/common_theme/lightbox_close_20x20.png
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
99b16b95e55ebbca52470456ed9da21d817c5f8b25a2ed7e3cdd217a0b5cd94d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:38 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Last-Modified
Mon, 27 Jul 2020 23:59:36 GMT
Server
Apache/2.4.29 (Ubuntu)
Identity
Accept-Encoding
Age
0
ETag
W/"5d8-5ab751d63d313"
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Varnish
697822946
Accept-Ranges
bytes
Content-Length
1206
lightbox_controls_prev.png
wincountry.com/images/common_theme/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wincountry.com/images/common_theme/lightbox_controls_prev.png
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
255c827d21a38302512295e9b6cea4bb875d8efe0da36ccf95b9e8c328093712

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:38 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Last-Modified
Mon, 27 Jul 2020 23:59:42 GMT
Server
Apache/2.4.29 (Ubuntu)
Identity
Accept-Encoding
Age
0
ETag
W/"f91-5ab751dc7be14"
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Varnish
700355887
Accept-Ranges
bytes
Content-Length
3713
lightbox_controls_next.png
wincountry.com/images/common_theme/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wincountry.com/images/common_theme/lightbox_controls_next.png
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.84.131.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-131-112.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
c70ff0c5e412f8332279f3466b11e9592884e93348f495f4f84298a9581c63a2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:38 GMT
Content-Encoding
gzip
Via
1.1 varnish-v4
Last-Modified
Tue, 28 Jul 2020 21:36:35 GMT
Server
Apache/2.4.29 (Ubuntu)
Identity
Accept-Encoding
Age
0
ETag
W/"f70-5ab873bca222b"
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Varnish
698567258
Transfer-Encoding
chunked
Accept-Ranges
bytes
page.php
www.facebook.com/v17.0/plugins/ Frame B97A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v17.0/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9f132be7b56657de%26domain%3Dwincountry.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwincountry.com%252Ff498d8c3a01957b1f%26relation%3Dparent.parent&container_width=327&height=775&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FWIN985&locale=en_US&sdk=joey&show_facepile=false&show_posts=true&small_header=false&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8c1b166308d76100c776dcea0c16a6f2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wincountry.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Apr 2024 08:22:39 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v17.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1326, tbw=2781, tp=-1, tpl=-1, uplat=1152, ullat=0
x-fb-debug
tr5O0IkutiNSsbqEV6FcyyY0kIHtGyvmdQzWKqiO5m4pJwaLxut4TbU+3wkjFbh427TsJ32tw25DXfTR9UtR1w==
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame 15D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchdXMgAAAAAP4dU47UWMAhU0Tc8Uf0ldZrstqZ&co=aHR0cHM6Ly93aW5jb3VudHJ5LmNvbTo0NDM.&hl=de&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=mpiubhjas1lz
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9ToHDxy2Ap6IyWeUSIHuPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wincountry.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-9ToHDxy2Ap6IyWeUSIHuPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 06 Apr 2024 08:22:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
www.google-analytics.com/j/ 		2 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1580008502&t=pageview&_s=1&dl=https%3A%2F%2Fwincountry.com%2F&ul=en-us&de=UTF-8&dt=WIN%2098.5%20Your%20Country%20%7C%20WNWN-FM%20%7C%20Battle%20Creek%2C%20MI&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YADAAUABAAAAACAAI~&jid=191553999&gjid=1637997159&cid=168903808.1712391758&tid=UA-33491015-39&_gid=1359825862.1712391759&_r=1&gtm=457e4430za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=1150642653
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wincountry.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1580008502&t=pageview&_s=1&dl=https%3A%2F%2Fwincountry.com%2F&ul=en-us&de=UTF-8&dt=WIN%2098.5%20Your%20Country%20%7C%20WNWN-FM%20%7C%20Battle%20Creek%2C%20MI&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YADAAUABAAAAACAAI~&jid=275087760&gjid=1607075504&cid=168903808.1712391758&tid=UA-4991594-2&_gid=1359825862.1712391759&_r=1&gtm=457e4430za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=292590401
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wincountry.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-BFCN2RTHR1&gtm=45je4430v9125806978za200&_p=1712391758142&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=168903808.1712391758&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1712391758&sct=1&seg=0&dl=https%3A%2F%2Fwincountry.com%2F&dt=WIN%2098.5%20Your%20Country%20%7C%20WNWN-FM%20%7C%20Battle%20Creek%2C%20MI&en=page_view&_fv=1&_ss=1&tfd=1758
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BFCN2RTHR1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wincountry.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-QLTWJ7V56Q&gtm=45je4430v884781301z8835650520za200&_p=1712391758142&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=168903808.1712391758&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712391758&sct=1&seg=0&dl=https%3A%2F%2Fwincountry.com%2F&dt=WIN%2098.5%20Your%20Country%20%7C%20WNWN-FM%20%7C%20Battle%20Creek%2C%20MI&en=page_view&_fv=1&_ss=1&ep.CompanyID=459&epn.AccountID=2432&ep.Platform=web&epn.PostID=35&ep.PostType=page&tfd=1803
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QLTWJ7V56Q&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wincountry.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QLTWJ7V56Q&cid=168903808.1712391758&gtm=45je4430v884781301z8835650520za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QLTWJ7V56Q&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wincountry.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-QLTWJ7V56Q&gtm=45je4430v884781301z8835650520za200&_p=1712391758142&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=168903808.1712391758&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=Ag&_s=2&sid=1712391758&sct=1&seg=0&dl=https%3A%2F%2Fwincountry.com%2F&dt=WIN%2098.5%20Your%20Country%20%7C%20WNWN-FM%20%7C%20Battle%20Creek%2C%20MI&en=web_impression&ep.CompanyID=459&epn.AccountID=2432&ep.Platform=web&epn.PostID=35&ep.PostType=page&_et=4&tfd=1817
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QLTWJ7V56Q&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wincountry.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QLTWJ7V56Q&cid=168903808.1712391758&gtm=45je4430v884781301z8835650520za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=585020164
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/midwestcommunications-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:39 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
302736
expires
60
impl.20240404-11-RELEASE.js
cdn.taboola.com/libtrc/ 		892 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20240404-11-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/midwestcommunications-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
6cd88ac489166117f6f1e0f760b8a9d89193920b711cca4478cd455620e7f135

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
ZDRHJq6Lc7F_WbLja63Vf5_tf5p1k.39
content-encoding
br
via
1.1 varnish
date
Sat, 06 Apr 2024 08:22:38 GMT
x-amz-request-id
1V58C8A2V83DFRNX
age
7345
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
185307
x-amz-id-2
JVMS+S0SspQ+YBU+KPS6OVWjahxnZcb1KHbiNxsSYR9OFl/OF8Sf6r5EmEgNFaKwALKYt4RTZRQ=
x-served-by
cache-fra-etou8220138-FRA
last-modified
Thu, 04 Apr 2024 10:00:11 GMT
server
AmazonS3-br
x-timer
S1712391759.975587,VS0,VE0
etag
"cb631d3c0de4445685d72b71b85d0b29"
vary
Accept-Encoding
content-type
application/javascript
abp
80
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
10081
view
pagead2.googlesyndication.com/pcs/ Frame 06E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstRXgnha2qNn8556ScO4R9K-w99GhKr6GnOG6faG8IUPw-ljNrAw67MzUmSDYhAUCPbvPjo8I_yZlfG7c9_g7vGCiOu8sMmHt5A0g9-XDbaTpfByiXCJXUFUNqCbQtlx74kEQZccU_zH11-5p0HZzC_-msyPcwalhTC4dWb778yxSWouYTyjdBev9NswTJAY4BjpNu43qrDa9J4y7ZfPMn9J0BLgrTleWcjyPdgS7BA_mytP9aG91QfANOOWEV2YhQJ6gfwzJCGDiPK7FuhvDxKAw1c2kKbZGE6tvYuvsnd_6sL5dqBRIVQLYPEKd1YmN4Pf1Fc5b_wmZz-rHtO5pNdpRIZgMQzs2LZ0MBBy7nosb8fW2f4OaX_yE-iQr0&sig=Cg0ArKJSzPbLceAM-WIWEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240403/r20110914/ Frame 06E0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240403/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 14:45:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
63430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9118
x-xss-protection
0
server
cafe
etag
6094826908298432593
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Apr 2024 14:45:29 GMT
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240403/r20110914/client/ Frame 06E0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240403/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 14:45:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
63430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Apr 2024 14:45:29 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 06E0 		215 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3539a95bd009f3c22e17b34e20a40d77b633533a972eb959fd3cfc512d92436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 07:45:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
2230
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66558
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 08:45:29 GMT
17758398872868568747
tpc.googlesyndication.com/simgad/ Frame 06E0 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17758398872868568747
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed7596a5a88bd0aeb221b8bf8a5aa67bef56d6068e1b2e657e7db99200c481f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sun, 06 Apr 2025 07:40:59 GMT
date
Sat, 06 Apr 2024 07:40:59 GMT
x-content-type-options
nosniff
age
2500
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108527
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 18:08:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
view
pagead2.googlesyndication.com/pcs/ Frame 3D88 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsu0pZpUDKAnqXiiDuVKfqtZ47EksKNBL-yBn4pUn3PXqm3KjrztLaXmTRK9BUOANYzQgu-t2RJpCHCuwigSQI4ihdK97j2HDTuXxoNltwwSkzUsvbqTjSJdVPjnTCLHdA6vYiQaQXNUpOCX5ZgJ58BEUaDPx1TWsLruQYp0tjOpNShb7kS3W2x10HmSJavmQnqX1itfQP9VA2HwB-zISWoXoSxLK3xM23o2FiaF9oDhmyeQ9khSoN_fGoJVpFK_JYrmVBVSPNs1fBku4Q_pw-Tu-0TvVq7uFe7U8tczg3y9wURFiNrVRpzkeCwuBZI_qwV9QdxvF2l9jS7JZPTK4QIodEEx9Oq36tHsskjRsIeOHGVb8BaMQ7CLDdHV41g&sig=Cg0ArKJSzLBb5LubrhiTEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240403/r20110914/ Frame 3D88 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240403/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 14:45:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
63430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9118
x-xss-protection
0
server
cafe
etag
6094826908298432593
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Apr 2024 14:45:29 GMT
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240403/r20110914/client/ Frame 3D88 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240403/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 14:45:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
63430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Apr 2024 14:45:29 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3D88 		215 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3539a95bd009f3c22e17b34e20a40d77b633533a972eb959fd3cfc512d92436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 07:45:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
2230
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66558
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 08:45:29 GMT
14978918128581470866
tpc.googlesyndication.com/simgad/ Frame 3D88 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14978918128581470866
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
515abf0a6b2f91db92dee41212ad49c8703793e561bdfbb81843c323dd1b1833
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

allow-fenced-frame-automatic-beacons
true
date
Sat, 06 Apr 2024 08:22:39 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27369
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 19:13:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 06 Apr 2025 08:22:39 GMT
view
pagead2.googlesyndication.com/pcs/ Frame BD0C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsv_dGmohWk8djsWfF6USD_dxXPUjSr3qI606ZDCS4kaRQJ8m6MBxjw7rBwEQqfLI2UfYb6EIUW0tuSUPe3Hhcjaz-F4h2aUC6si1RL1Et0OQ9A_6MNM1FpzXl3D-UIGEXSe2QuL2CiZSFf2d8obNHqY-aPhUs-Oq2ZW8IDKKcLXuiFjAjpGLczQH1OKSKAOBbJwT4aB1kOdkAEMXQZCfBM2BpMyc0UsH9AFaPAIZgu13CyRJmmJI6lqHrSlNDb-c-AH0RZVtR8nlV36tE-4iNTnP_VSGohOfUDzbhA58kdA2pzbTapwAJRlQdwf3YAMox4gXhYjib0I1Ao_6NUiPJAcI3f3xxkR5s9OhD5NnrZ7khqSdjnhXrVsFs8qrCACOQ&sig=Cg0ArKJSzERn2jjFb9Y8EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240403/r20110914/ Frame BD0C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240403/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 14:45:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
63430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9118
x-xss-protection
0
server
cafe
etag
6094826908298432593
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Apr 2024 14:45:29 GMT
infolinks_main.js
resources.infolinks.com/js/ Frame BD0C 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aae9c69e350c53a164f39e3dd9a338a11728ad5fecbc1ea150bfc1058d2d2c79

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:39 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 03 Apr 2024 09:01:28 GMT
server
cloudflare
age
12008
etag
W/"10d9-6152d77d7053a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
87005f0e5d606910-FRA
expires
Sat, 06 Apr 2024 06:02:31 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BD0C 		215 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3539a95bd009f3c22e17b34e20a40d77b633533a972eb959fd3cfc512d92436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 07:45:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
2230
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66558
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 08:45:29 GMT
truncated
/ Frame 06E0 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f9c4b0401e6584bb3a47041f136687c3e501022bbeb1e0d88c83278f4a5c49e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3D88 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f468505697bebac4bb97e9b74e04b92bfa45713f82516b4d0b1652e8f5c67825

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-33491015-39&cid=168903808.1712391758&jid=191553999&gjid=1637997159&_gid=1359825862.1712391759&npa=1&_u=YADAAUAAAAAAACAAI~&z=1339283786
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 06 Apr 2024 08:22:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wincountry.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4991594-2&cid=168903808.1712391758&jid=275087760&gjid=1607075504&_gid=1359825862.1712391759&npa=1&_u=YADAAUABAAAAACAAI~&z=1188513810
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 06 Apr 2024 08:22:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wincountry.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z48DQSG8XB&gtm=45je4430v876296498z8839180022za200&_p=1712391758142&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=168903808.1712391758&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712391759&sct=1&seg=0&dl=https%3A%2F%2Fwincountry.com%2F&dt=WIN%2098.5%20Your%20Country%20%7C%20WNWN-FM%20%7C%20Battle%20Creek%2C%20MI&en=page_view&_fv=1&_ss=1&tfd=2017
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z48DQSG8XB&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wincountry.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
100x100bb.jpg
is4-ssl.mzstatic.com/image/thumb/Music112/v4/12/a7/48/12a748d4-fe6e-2ee0-c5e1-829e16f321e5/054391712219.jpg/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is4-ssl.mzstatic.com/image/thumb/Music112/v4/12/a7/48/12a748d4-fe6e-2ee0-c5e1-829e16f321e5/054391712219.jpg/100x100bb.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:59a::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
4.0.0 /
Resource Hash
3b42df9a8d34009af50a576a3452bcfd3ff300bf6619f151b6ebd05fef064828
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-apple-jingle-correlation-key
DP6GINZXBE4KQLJTTPHVZ2T2YE
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Apr 2024 08:22:39 GMT
x-b3-traceid
718c6c009d62c6d7
x-daiquiri-instance
daiquiri:33624002:pv50p00it-hyhk12033901:7987:23RELEASE188:daiquiri-amp-processing-shared-int-001-pv, daiquiri:31338001:pv52p00it-qujn08063302:7987:23RELEASE188:daiquiri-amp-all-l7shared-int-001-pv
cdnuuid
6bc09f50-c7d5-4336-8398-daf75ad20d11-1575281073
x-cache
TCP_MISS from a23-36-160-149.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
x-b3-parentspanid
0a048ff18b891c06
b3
1bfc6437370938a82d339bcf5cea7ac1-676c79ccab998438
content-length
5607
apple-tk
false
server
4.0.0
apple-seq
0.0
last-modified
Sat, 09 Dec 2023 16:33:08 GMT
x-cache-remote
TCP_HIT from a23-36-160-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
etag
"MSwxLjczLjAtMjNPLFZlcnNpb24gMTMuNS4yIChCdWlsZCAyMkc5MSksMTcwMjEzOTU4ODQwNSxpc0J1aWxkVmVyc2lvbk5vdFNldCxmMjQxMWE3Zixub0VmZmVjdA=="
apple-originating-system
UnknownOriginatingSystem
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid
1bfc6437-3709-38a8-2d33-9bcf5cea7ac1
x-b3-spanid
676c79ccab998438
cache-control
no-transform, max-age=13659886
timing-allow-origin
*
itunes_badge_small.png
media-cdn.socastsrm.com/images/ 		626 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media-cdn.socastsrm.com/images/itunes_badge_small.png
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f028b3cbfdc7a92f7c1ad5eba9eccb98605823a174c2a0a500713ea414348381

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 Nov 2023 20:12:17 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
8G4NFBJ3KB2GB108
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
11189423
x-cache
Hit from cloudfront
content-length
626
x-amz-id-2
fpZ3b6c1m08db0LwlSWDPcXp3OwewNvnSC++jUYs/u/3b7AToqr9SeztMni4I1rX0GJYyOff1xk=
last-modified
Wed, 18 Oct 2023 17:54:10 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"4d4b20bda91b6e89da835b9c5db9e679"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
S09v-Q41yGjGGhGSKaeEqh2_SiC3TQ1K4nzvjFX8FkyqUns08a7XEA==
100x100bb.jpg
is2-ssl.mzstatic.com/image/thumb/Music116/v4/0e/60/5d/0e605dc7-e67d-432d-d2dc-46d3d64f35a3/23UMGIM07998.rgb.jpg/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is2-ssl.mzstatic.com/image/thumb/Music116/v4/0e/60/5d/0e605dc7-e67d-432d-d2dc-46d3d64f35a3/23UMGIM07998.rgb.jpg/100x100bb.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:590::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
daiquiri/3.0.0 /
Resource Hash
f8390acd9cb4cb42885f025a599cc697972f01120080df502e1c60797020633f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-apple-jingle-correlation-key
D7SB64NHXDUKBSTK4MQQC2TZDA
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Apr 2024 08:22:39 GMT
x-b3-traceid
1fe41f71a7b8e8a0ca6ae321016a7918
x-daiquiri-instance
daiquiri:43624002:st44p00it-hyhk15014701:7987:23RELEASE39:daiquiri-amp-processing-shared-int-001-st
cdnuuid
c5708e31-f3ce-476b-8153-fd82de85cc33-2152545687
x-cache
TCP_MISS from a23-36-160-156.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
b3
1fe41f71a7b8e8a0ca6ae321016a7918-462e01e29406ba8f
content-length
6970
apple-tk
false
server
daiquiri/3.0.0
apple-seq
0.0
last-modified
Thu, 06 Apr 2023 22:21:22 GMT
x-cache-remote
TCP_HIT from a23-36-160-138.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
etag
"MSwxLjUuMS0yM0QsVmVyc2lvbiAxMi4xIChCdWlsZCAyMUM1MiksMTY4MDgxOTY4MjExNixpc0J1aWxkVmVyc2lvbk5vdFNldCw3MDMxMyxub0VmZmVjdA=="
apple-originating-system
UnknownOriginatingSystem
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid
1fe41f71-a7b8-e8a0-ca6a-e321016a7918
x-b3-spanid
462e01e29406ba8f
cache-control
no-transform, max-age=15385126
timing-allow-origin
*
100x100bb.jpg
is3-ssl.mzstatic.com/image/thumb/Music/v4/d5/6c/e0/d56ce09a-696e-417f-cfb7-8ee5224a550a/source/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is3-ssl.mzstatic.com/image/thumb/Music/v4/d5/6c/e0/d56ce09a-696e-417f-cfb7-8ee5224a550a/source/100x100bb.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:594::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
4.0.0 /
Resource Hash
449ffe278d76b2ab3b8151db43f5706d2dbc320b23b03d8d0ee506fd68470a64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-apple-jingle-correlation-key
S3SAJQ6QQZQS36YA6W6BFOTGMM
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Apr 2024 08:22:39 GMT
x-b3-traceid
56f9562004e15e0d
x-daiquiri-instance
daiquiri:13624002:mr85p00it-hyhk03094901:7987:24RELEASE37:daiquiri-amp-processing-shared-int-001-mr, daiquiri:11338002:mr47p00it-qujn02122102:7987:24RELEASE37:daiquiri-amp-all-l7shared-int-001-mr
cdnuuid
c134743c-1fe8-434c-bf6a-d7c3037ff536-855270053
x-cache
TCP_MISS from a23-36-160-144.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
x-b3-parentspanid
77557b7b35e03465
b3
96e404c3d086612dfb00f5bc12ba6663-4834e3b5a25187df
content-length
4976
apple-tk
false
server
4.0.0
apple-seq
0.0
last-modified
Mon, 04 Mar 2024 17:21:14 GMT
x-cache-remote
TCP_HIT from a23-206-213-206.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
etag
"MSwxLjgzLjAsVmVyc2lvbiAxMy41LjIgKEJ1aWxkIDIyRzkxKSwxNzA5NTcyODc0MDc0LDI0QzMyLDYwMDYyYTdlLG5vRWZmZWN0"
apple-originating-system
UnknownOriginatingSystem
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid
96e404c3-d086-612d-fb00-f5bc12ba6663
x-b3-spanid
4834e3b5a25187df
cache-control
no-transform, max-age=16684482
timing-allow-origin
*
100x100bb.jpg
is1-ssl.mzstatic.com/image/thumb/Music126/v4/aa/39/ff/aa39fff5-7e7f-f6ad-b0cf-b392336c2d13/22BMR0003151.rgb.jpg/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is1-ssl.mzstatic.com/image/thumb/Music126/v4/aa/39/ff/aa39fff5-7e7f-f6ad-b0cf-b392336c2d13/22BMR0003151.rgb.jpg/100x100bb.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:590::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
4.0.0 /
Resource Hash
bce220b4c9adb99b9ace96f7b07287d04501f4a40a6d619b1124ac8cde23a3f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-apple-jingle-correlation-key
B2QYELOTT5BPKE6MQUQFATWRPQ
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Apr 2024 08:22:39 GMT
x-b3-traceid
5ad5c20ca66f6b0a
x-daiquiri-instance
daiquiri:33624002:pv50p00it-hyhk12033901:7987:23HOTFIX13:daiquiri-amp-processing-shared-int-001-pv, daiquiri:31338001:pv52p00it-qujn08063302:7987:23HOTFIX13:daiquiri-amp-all-l7shared-int-001-pv
cdnuuid
9285d83f-dd06-4225-ace4-23c46ac33670-1070621145
x-cache
TCP_MISS from a23-36-160-156.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
x-b3-parentspanid
3b9d17c563ac2606
b3
0ea1822dd39f42f513cc8520504ed17c-0ff8c26cdac4dc48
content-length
7102
apple-tk
false
server
4.0.0
apple-seq
0.0
last-modified
Sat, 20 Jan 2024 13:21:01 GMT
x-cache-remote
TCP_HIT from a23-36-160-154.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
etag
"MSwxLjczLjAtMjNPLFZlcnNpb24gMTMuNS4yIChCdWlsZCAyMkc5MSksMTcwNTc1Njg2MTM3OSxpc0J1aWxkVmVyc2lvbk5vdFNldCw5ZjE0YzYzYyxub0VmZmVjdA=="
apple-originating-system
UnknownOriginatingSystem
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid
0ea1822d-d39f-42f5-13cc-8520504ed17c
x-b3-spanid
0ff8c26cdac4dc48
cache-control
no-transform, max-age=15479562
timing-allow-origin
*
100x100bb.jpg
is2-ssl.mzstatic.com/image/thumb/Music124/v4/6b/7d/46/6b7d4625-952f-0f0f-bed2-9110c98faf6c/source/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is2-ssl.mzstatic.com/image/thumb/Music124/v4/6b/7d/46/6b7d4625-952f-0f0f-bed2-9110c98faf6c/source/100x100bb.jpg
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:590::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
4.0.0 /
Resource Hash
692f1bd5b14f490e9b266dd76a6a402e5d5575d4434d0cdc190d7312c57aab4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-apple-jingle-correlation-key
AHQVDPC374JQW6IOODLQWI6364
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 06 Apr 2024 08:22:39 GMT
x-b3-traceid
2e2748c64c3d2ddd
x-daiquiri-instance
daiquiri:33624002:pv50p00it-hyhk12033901:7987:24RELEASE37:daiquiri-amp-processing-shared-int-001-pv, daiquiri:31338003:pv52p00it-qujn10223301:7987:24RELEASE37:daiquiri-amp-all-l7shared-int-001-pv
cdnuuid
1d9a07a1-e2e3-43ea-b11e-0a4398c8eca5-2035300657
x-cache
TCP_MISS from a23-36-160-156.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
x-b3-parentspanid
9c1712edde6482d6
b3
01e151bc5bff130b790e70d70b23dbf7-f701805af16ad417
content-length
5819
apple-tk
false
server
4.0.0
apple-seq
0.0
last-modified
Fri, 08 Mar 2024 13:14:22 GMT
x-cache-remote
TCP_MISS from a2-16-240-4.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
etag
"MSwxLjgzLjAsVmVyc2lvbiAxMy41LjIgKEJ1aWxkIDIyRzkxKSwxNzA5OTAzNjYyNDg2LDI0QzM2LGE1Y2YwNWVmLG5vRWZmZWN0"
apple-originating-system
UnknownOriginatingSystem
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid
01e151bc-5bff-130b-790e-70d70b23dbf7
x-b3-spanid
f701805af16ad417
cache-control
no-transform, max-age=16382000
timing-allow-origin
*
pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.5.2/webfonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v6.5.2/webfonts/pro-fa-solid-900-12.woff2
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7742bb16ac54dbccd2a9df6edc159ff921e1e738f08dc0d4b4b9f31424ede919

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
Origin
https://wincountry.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:39 GMT
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 15:51:22 GMT
server
cloudflare
age
2498
etag
"660c297a-3878"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
87005f0f3b375d85-FRA
content-length
14456
np_2432_2824.js
socast-public.s3.amazonaws.com/player/ 		638 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://socast-public.s3.amazonaws.com/player/np_2432_2824.js?callback=jsonpcallback&_=1712391758065
Requested by
Host: cdn-js.socastsrm.com
URL: https://cdn-js.socastsrm.com/cdn_v17.8.1/wordpress/wp-includes/js/jquery/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.8.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7970b8024bc330047a2d26a1d1bf42736d603a7d10bec483c40b1cc0ef347c3a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Apr 2024 08:22:40 GMT
Last-Modified
Sat, 06 Apr 2024 08:20:43 GMT
Server
AmazonS3
x-amz-request-id
08QM3BW2SMYPQCAN
ETag
"6430e2de1dd95a84c41eb8e98d7d1348"
x-amz-server-side-encryption
AES256
Content-Type
text/plain
x-amz-meta-content-type
text/plain
Accept-Ranges
bytes
Content-Length
638
x-amz-id-2
IBoJjC1ZWRd3tKCDGIQSscu9fANBnh907O+b4ZFJQh4kHPtGFKtYoPoQM5/mx++5heH+YXVvZOA=
view
pagead2.googlesyndication.com/pcs/ Frame 06E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssmKdZQNeaS3TexK0kqURxrYZ8ey7rH6TdoBLnPI4XYvcYnTATAm1CzeTEQeHvNUiafYgVRRwyCMByvk_V6Crnhf-7vOR5FxwTJ-K7LgjKE_bJJxxTC0cgAOWPLwLF_y788ajfB-mbvh0_AJdanNtl4phSTs3Ae6pKn2aJRWro8hIg7XECQ3n1KCdsDCJWMsOMPj1LRNKCLtQe6llNMbdX6qoAfszpxU_IIyCD1nVbXeZWNrbHwIrIsisHRPojCPCxwe4tOGKYBWcZe2ASvk9U3NBdNJrEskuiKyxHoVkOlXyYjE9g2QvUwuf1_WKvo3-NB-OSmiP9q8c09KcnkjYtJ4bwebsiuXfp0lpVYpeeOglafnXLr-8W918EHvvj5QA&sig=Cg0ArKJSzDw0POsdBq45EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 06E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
frame_content.js
resources.infolinks.com/js/1928.005-3.034/ Frame BD0C 		2 KB
669 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1928.005-3.034/frame_content.js
Requested by
Host: wincountry.com
URL: https://wincountry.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc3a41863d92b22799ff23c52e2173e80b13ebc75b9144151ea105cd52b59de5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:39 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 06:51:03 GMT
server
cloudflare
age
7618
etag
W/"96d-61517879910a0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
87005f0fce536910-FRA
expires
Mon, 06 May 2024 06:15:41 GMT
view
pagead2.googlesyndication.com/pcs/ Frame 3D88 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssHeZNQ69lgg7CxiCyEpsOgaNWXHUNO2VIofkncpWP9BZCTGe6em6wpsvwdT-zGFSpgKInivxO04Q5Ep7Jo80e3myYL2-DCBkyMuD4uLx9s5JF9zetlCUYlx5RZYPInKbpmghcP-L2iAtqkhjxRp1k2w3-IEc0VkXp0KUm5v-UAbNo1XMKCQQ7oFoRahKR61IUEEEASL1ZYqraw4iY9yaTtkj39mJf80l0ZuWCAeah0cMR2GSt1-249zsCsF_Ymx0pyEvWC8X3oHEjthT-fmjt78CRhI1llO2Mlan1BC3iFVlu_xXj-udR_gdS882_jMIckCVzOv1lMVbcyTJLTVs7RFJHm4WMbySF8wKd2FBZEUxePNthg3mDlYGm8HhbCGA&sig=Cg0ArKJSzHpUvdyXkxi0EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D88 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD0C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame BD0C 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1dcc68cc96c80a3b221553592ea8e238adefac1b0ab412e8de05e4a1a46ae23f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
ice.js
resources.infolinks.com/js/1928.005-3.034/ 		189 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1928.005-3.034/ice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1928.005-3.034/frame_content.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7c674a82f8a947fc5a891870aa6e78930e7fe3533793921af870854bc0bf00

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:39 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 06:51:03 GMT
server
cloudflare
age
3907
etag
W/"2f3ac-615178797b4f0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
87005f112f2d6910-FRA
expires
Mon, 06 May 2024 07:17:32 GMT
frame_inplace.js
resources.infolinks.com/js/1928.005-3.034/ Frame BD0C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1928.005-3.034/frame_inplace.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1928.005-3.034/frame_content.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
851aab34e9b9e9c6252ed4a0bd57b30a79795aacdc7e036d7e824ed9e69b2807

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:39 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 06:51:03 GMT
server
cloudflare
age
7617
etag
W/"baa-61517879910a0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
87005f112f2e6910-FRA
expires
Mon, 06 May 2024 06:15:42 GMT
view
pagead2.googlesyndication.com/pcs/ Frame BD0C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssAGIsBMeZlO7QItN6C5Umvn2i56sqqcQa7Oc2EVYtfTVIMfiTHrw4pKwdXhUVSXAf1ad4siqN7elz26bh23nNLrH1qi9wClhjupp2oo6DiAk5EOpiZfsWAV3mn_z3oGgqmWizU2IaZu58fU2T4qiJBBaD-hw2uwxusaw-obw7mhS1A5RRS_gm6OJ-UP6BvLgpLDIJrWeyEMe0NU6OoophCthURYozMza4JEHhDBpHOqqQpFys9MaAGv_6JAGElMUdLLs9aAyhpMvioXLppDtQU14UFNvzFZLDVLZDoFjC267fVcgaYQd-YTF8iIcFXQYEynZlUK2GqbymSIr40YycSyepYRDKUrQr5i7e9uhy6ME2zWBgmcHfmI8Ao1HCcy-Xj&sig=Cg0ArKJSzG1VlmNtmVa8EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
manage
router.infolinks.com/usync/ Frame 2B53 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3383084&wsid=0&pdom=wincountry.com&purl=https%3A%2F%2Fwincountry.com%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1928.005-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://wincountry.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cf-cache-status
DYNAMIC
cf-ray
87005f121e5c3619-FRA
content-length
0
date
Sat, 06 Apr 2024 08:22:39 GMT
server
cloudflare
via
1.1 google
lcmanage
router.infolinks.com/usync/ 		0
43 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3383084&wsid=0&pdom=wincountry.com&purl=https%3A%2F%2Fwincountry.com%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1928.005-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
87005f11cf9c6910-FRA
content-length
0
gsd
router.infolinks.com/ 		317 B
509 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3383084&pdom=wincountry.com&purl=https%3A%2F%2Fwincountry.com%2F&jsv=1928.005-3.034&_cb=17123917596290
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1928.005-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2535cad14e44953bf2a5cf3dc6cd12046d54acdfce11aa35cbefc7e0bfe9396

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:39 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/javascript;charset=UTF-8
p3p
CP="NON DSP NID OUR COR"
cache-control
max-age=0
cf-ray
87005f11cf9d6910-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
doq.htm
rt3008.infolinks.com/action/ 		796 B
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3008.infolinks.com/action/doq.htm?pcode=utf-8&r=17123917597871
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1928.005-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9411f890bca20739c7f98ca90d9deb61fe70f99c3c3b14c7b95637cab436787a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:40 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://wincountry.com
p3p
CP="NON DSP NID OUR COR"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-language
de-DE
cf-ray
87005f134b0c5d93-FRA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
in_place.js
resources.infolinks.com/js/1928.005-3.034/ 		41 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1928.005-3.034/in_place.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1928.005-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd1bf71e74a1e68ee726d952d516148b497b32487a909a231fea49d575a7d2cf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:40 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 02 Apr 2024 06:51:03 GMT
server
cloudflare
age
6724
etag
W/"a2c2-615178798ce37"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
87005f14a93f6910-FRA
expires
Mon, 06 May 2024 06:30:36 GMT
getads.htm
rt3008.infolinks.com/action/ 		602 B
556 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3008.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22u_IL_INPLACE_div-gpt-ad-1676914055834-0_300x250%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22u%22%2C%22garc%22%3A0%2C%22as%22%3A%22300*250%22%2C%22sdata%22%3A%22air%22%2C%22scs%22%3A%22uipQfYbmHs%22%7D%5D&rid=57574ea9-c598-4671-a4c5-898fedad03a5&jsv=1928.005-3.034&sr=800X600&rts=1712391760138&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=123.0.0.0&dv=p&ce=t&purl=https%3A%2F%2Fwincountry.com%2F&tzo=%2B0200&c=c&strg=true&sua=%7B%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123.0.6312.105%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123.0.6312.105%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22123.0.6312.105%22%7D&rsd=U2hO5I1DYIYFwRVRF4dCrXbEHmVFGX1MhJ-_86dEVH94ATu9Imsx3BLhQzbLMZfwK66uwjTe3PmN-rbmYcKJc75TnqkAqa0yiWnMtK1rdXZPjdh7MRHjqQgDnaL1yH2lAGRueuwjheN5HqxANqJ4U5xqD8EFEaUDUu6HmsbaIbg&rsk=38&rcs=ggAC0KnpUjAwNykQ1E2K7g&cuid=90e10eeb-f477-4b3c-ad4e-43a60d1e6297&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1928.005-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec859a791b7826dbe09c15843aa03af6a4951db797c1f780a2ad15ce8069ae2c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:40 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
de-DE
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
87005f14e9686910-FRA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
dcl.htm
rt3008.infolinks.com/action/ 		0
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3008.infolinks.com/action/dcl.htm?rid=57574ea9-c598-4671-a4c5-898fedad03a5&jsv=1928.005-3.034&capara=%7B%22error%22%3A%22ICE_HB%20was%20not%20found%20on%20window%20-%20init%20not%20fired.%22%7D
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1928.005-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
87005f170a8a6910-FRA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
TMobile_300x250.gif
resources.infolinks.com/static/brands/ Frame 7D80 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.infolinks.com/static/brands/TMobile_300x250.gif
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a80b0a97b3c61becfe525651008453fa27ae4c9fff2ebcf5f6940b1faeb8810

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:40 GMT
via
1.1 google
cf-cache-status
HIT
age
10746
cf-polished
origFmt=gif, origSize=16204
content-disposition
inline; filename="TMobile_300x250.webp"
content-length
9616
cf-bgj
imgq:85,h2pri
last-modified
Mon, 20 Mar 2023 11:30:07 GMT
server
cloudflare
etag
"3f4c-5f7533fc23200"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
87005f171a956910-FRA
expires
Mon, 06 May 2024 05:23:34 GMT
adview.htm
rt3008.infolinks.com/action/ 		0
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3008.infolinks.com/action/adview.htm?rid=57574ea9-c598-4671-a4c5-898fedad03a5&bdc=1&midx=0&emd=NTd-bnVsbF9UTW9iaWxlXzMwMHgyNTA&rts=1712391760493&prod_t=u&jsv=1928.005-3.034&sdata=air&scs=uipQfYbmHs&rsd=U2hO5I1DYIYFwRVRF4dCrXbEHmVFGX1MhJ-_86dEVH94ATu9Imsx3BLhQzbLMZfwK66uwjTe3PmN-rbmYcKJc75TnqkAqa0yiWnMtK1rdXZPjdh7MRHjqQgDnaL1yH2lAGRueuwjheN5HqxANqJ4U5xqD8EFEaUDUu6HmsbaIbg&rsk=38&rcs=ggAC0KnpUjAwNykQ1E2K7g
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1928.005-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://wincountry.com
p3p
CP="NON DSP NID OUR COR"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cf-ray
87005f172dc35d93-FRA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
launch-7d75747d0373.min.js
assets.adobedtm.com/ddcf247e4bf5/82484060cd13/ 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/ddcf247e4bf5/82484060cd13/launch-7d75747d0373.min.js
Requested by
Host: widgets.media.weather.com
URL: https://widgets.media.weather.com/wxwidget.loader.js?cid=158765827
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7b654fe170aaf0c8a28cc5f6bcd17ffa355cd67167dd504c1942116c90342ca4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:40 GMT
content-encoding
gzip
last-modified
Thu, 29 Feb 2024 22:07:31 GMT
server
AkamaiNetStorage
etag
"c49e54534598cf5878d95b504b36f633:1709244451.06972"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://wincountry.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
66627
expires
Sat, 06 Apr 2024 09:22:40 GMT
p
i.simpli.fi/ 		809 B
771 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=289345&cb=sifi_att_3302528591574142._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/e1b7a900-ff4f-0138-8007-06b4c2516bae
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
151.162.234.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
96940f5ab67fe88ca5dbd9ef8f178e9bc0f1576d76b204ad5ab1991a2dd0cc86

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:40 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404020201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7056ddb92319452688df800a17c3b2781463df6e369b35bdfcc1217e6fd00e8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12358
x-xss-protection
0
home_screen_logo-5f45423427098.jpg
media-cdn.socastsrm.com/uploads/station/2206/ 		178 B
681 B 		Other
General
Check archive.org
Download Go to
Full URL
https://media-cdn.socastsrm.com/uploads/station/2206/home_screen_logo-5f45423427098.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
449432e909c4c1f4308e387f8090918b4e905fab81363c20809f25aec0ded61a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 14 Mar 2024 07:35:36 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-request-id
SH6F8X01FSDRJF6C
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
age
1990025
x-cache
Hit from cloudfront
content-length
178
x-amz-id-2
WmoiqVzEUTadw4VFrJH9up2jNoj0S1Z2jgZ0x/RpZOqMvH//ccjB5zvt30spU0JxqI8hu5ixVL4=
last-modified
Wed, 18 Oct 2023 18:01:18 GMT
server
AmazonS3
x-lambda-region
eu-central-1
etag
"bd79cfc37dea78ccdfb8423765413368"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
A_fDTQo4aRDXdEUS8ZbDc9o_WJyOKyG26LyE0WA60ywtTq47PP6BVg==
/
s.ad.smaato.net/c/
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=01EC05CF1F57418BA0BB8D2DE0565EF1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=01EC05CF1F57418BA0BB8D2DE0565EF1
Protocol
H2
Server
2600:9000:211e:d600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wincountry.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 08:22:40 GMT
cache-control
no-cache, must-revalidate
via
1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
2jB26mVRDmOXr7VOPGyqYdHiT_gVMeqNPRWVuxhTU_0PYNMCz5bvXw==
x-cache
Miss from cloudfront

Redirect headers

date
Sat, 06 Apr 2024 08:22:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=01EC05CF1F57418BA0BB8D2DE0565EF1
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 05 Apr 2024 08:22:40 GMT
RX-27c48e56-12e0-4241-b7d0-a8285f930337-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/01EC05CF1F57418BA0BB8D2DE0565EF1
  • https://sync.1rx.io/usersync/simplifi/01EC05CF1F57418BA0BB8D2DE0565EF1?zcc=1&cb=1712391760929
  • https://sync.targeting.unrulymedia.com/csync/RX-27c48e56-12e0-4241-b7d0-a8285f930337-003
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-27c48e56-12e0-4241-b7d0-a8285f930337-003
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wincountry.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 08:22:41 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-27c48e56-12e0-4241-b7d0-a8285f930337-003
pragma
no-cache
date
Sat, 06 Apr 2024 08:22:40 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
xuid
eb2.3lift.com/
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=01EC05CF1F57418BA0BB8D2DE0565EF1&dongle=yf3
37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=01EC05CF1F57418BA0BB8D2DE0565EF1&dongle=yf3
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wincountry.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 08:22:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

date
Sat, 06 Apr 2024 08:22:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=01EC05CF1F57418BA0BB8D2DE0565EF1&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 05 Apr 2024 08:22:40 GMT
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=01EC05CF1F57418BA0BB8D2DE0565EF1
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=01EC05CF1F57418BA0BB8D2DE0565EF1
Protocol
H2
Server
2600:1f18:612b:4280:9b7:40bb:2e67:d86c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wincountry.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 06 Apr 2024 08:22:41 GMT
server
nginx
content-type
image/gif

Redirect headers

date
Sat, 06 Apr 2024 08:22:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://simplifi.partners.tremorhub.com/sync?UISF=01EC05CF1F57418BA0BB8D2DE0565EF1
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 05 Apr 2024 08:22:40 GMT
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=01EC05CF1F57418BA0BB8D2DE0565EF1
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=01EC05CF1F57418BA0BB8D2DE0565EF1
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=01EC05CF1F57418BA0BB8D2DE0565EF1
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wincountry.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 08:22:40 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sat, 06 Apr 2024 08:22:40 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=01EC05CF1F57418BA0BB8D2DE0565EF1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
empty.gif
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=01EC05CF1F57418BA0BB8D2DE0565EF1
  • https://d.agkn.com/pixel/10751/?che=1712391760981&ip=84.19.175.184&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219703204844000741964
  • https://um.simpli.fi/aa_px?sk=219703204844000741964
  • https://um.simpli.fi/empty.gif
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wincountry.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 08:22:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43

Redirect headers

date
Sat, 06 Apr 2024 08:22:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
/empty.gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=01EC05CF1F57418BA0BB8D2DE0565EF1
0
0
pubmatic
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 05 Apr 2024 08:22:40 GMT
freewheel
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 05 Apr 2024 08:22:40 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=01EC05CF1F57418BA0BB8D2DE0565EF1;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=01EC05CF1F57418BA0BB8D2DE0565EF1;mimetype=img;sr
  • https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTQ3MjI1NDkwNzE4ODE4Nzc5MTM=
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTQ3MjI1NDkwNzE4ODE4Nzc5MTM=
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wincountry.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:40 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp-eu-5.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=LTQ3MjI1NDkwNzE4ODE4Nzc5MTM=
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=01EC05CF1F57418BA0BB8D2DE0565EF1&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=01EC05CF1F57418BA0BB8D2DE0565EF1&j=0&xl8blockcheck=1
0
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=01EC05CF1F57418BA0BB8D2DE0565EF1&j=0&xl8blockcheck=1
Protocol
H2
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wincountry.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 08:22:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Sat, 06 Apr 2024 08:22:41 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=01EC05CF1F57418BA0BB8D2DE0565EF1&j=0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
yahoo
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/yahoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 05 Apr 2024 08:22:40 GMT
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=01EC05CF1F57418BA0BB8D2DE0565EF1
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=01EC05CF1F57418BA0BB8D2DE0565EF1
Protocol
HTTP/1.1
Server
52.73.47.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-47-87.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wincountry.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 06 Apr 2024 08:22:40 GMT

Redirect headers

date
Sat, 06 Apr 2024 08:22:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.bfmio.com/sync?pid=141&uid=01EC05CF1F57418BA0BB8D2DE0565EF1
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 05 Apr 2024 08:22:40 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=01EC05CF1F57418BA0BB8D2DE0565EF1
62 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=01EC05CF1F57418BA0BB8D2DE0565EF1
Protocol
H2
Server
2.19.217.66 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-66.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wincountry.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sat, 06 Apr 2024 08:22:41 GMT
content-length
62
x-request-id
d897331e6bb13aff886a64b836b769a4
content-type
image/gif

Redirect headers

date
Sat, 06 Apr 2024 08:22:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://stags.bluekai.com/site/29931?id=01EC05CF1F57418BA0BB8D2DE0565EF1
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 05 Apr 2024 08:22:40 GMT
tpid=01EC05CF1F57418BA0BB8D2DE0565EF1
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=01EC05CF1F57418BA0BB8D2DE0565EF1
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=01EC05CF1F57418BA0BB8D2DE0565EF1
Protocol
H2
Server
52.214.182.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-182-85.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wincountry.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:41 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.10.148
content-length
49
expires
0

Redirect headers

date
Sat, 06 Apr 2024 08:22:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=01EC05CF1F57418BA0BB8D2DE0565EF1
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 05 Apr 2024 08:22:40 GMT
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=01EC05CF1F57418BA0BB8D2DE0565EF1
0
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=01EC05CF1F57418BA0BB8D2DE0565EF1
Protocol
H2
Server
52.209.51.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-51-105.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wincountry.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

expires
Fri, 20 Mar 2009 00:00:00 GMT
pragma
no-cache
date
Sat, 06 Apr 2024 08:22:41 GMT
x-merge
GDPR Optout true
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
p3p
CP="CUR ADM OUR NOR STA NID"

Redirect headers

date
Sat, 06 Apr 2024 08:22:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=01EC05CF1F57418BA0BB8D2DE0565EF1
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 05 Apr 2024 08:22:40 GMT
419566.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=01EC05CF1F57418BA0BB8D2DE0565EF1
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/419566.gif?partner_uid=01EC05CF1F57418BA0BB8D2DE0565EF1
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wincountry.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 08:22:40 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Sat, 06 Apr 2024 08:22:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://idsync.rlcdn.com/419566.gif?partner_uid=01EC05CF1F57418BA0BB8D2DE0565EF1
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 05 Apr 2024 08:22:40 GMT
/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1712391760719&cv=7&fst=1712391760719&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1559674288&cv=7&fst=1712391760719&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1559674288&cv=7&fst=1712391760719&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiw...
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=1559674288&cv=7&fst=1712391760719&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiww...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1026675585/?random=1559674288&cv=7&fst=1712391760719&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIjMP6tJSthQMVN09BAh0i7gHsMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd2luY291bnRyeS5jb20v&is_vtc=1&cid=CAQSGwB7FLtquX2bWACN8Z1ApVZOYFZDJwNYCI7i4A&random=1667620376&ipr=y
Protocol
H3
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wincountry.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:41 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/1026675585/?random=1559674288&cv=7&fst=1712391760719&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIjMP6tJSthQMVN09BAh0i7gHsMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6F2h0dHBzOi8vd2luY291bnRyeS5jb20v&is_vtc=1&cid=CAQSGwB7FLtquX2bWACN8Z1ApVZOYFZDJwNYCI7i4A&random=1667620376&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spotx_match
um.simpli.fi/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/spotx_match
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sat, 06 Apr 2024 08:22:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
bounce
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=01EC05CF1F57418BA0BB8D2DE0565EF1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D01EC05CF1F57418BA0BB8D2DE0565EF1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D01EC05CF1F57418BA0BB8D2DE0565EF1
Protocol
H2
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wincountry.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:41 GMT
an-x-request-uuid
c0a59f9f-f3e4-4657-8f1d-926c3ba068ce
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
84.19.175.184; 84.19.175.184; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:41 GMT
an-x-request-uuid
37bb12a9-d269-4270-8b8f-7f9a03b22f10
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D01EC05CF1F57418BA0BB8D2DE0565EF1
cache-control
no-store, no-cache, private
x-proxy-origin
84.19.175.184; 84.19.175.184; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=01EC05CF1F57418BA0BB8D2DE0565EF1&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=01EC05CF1F57418BA0BB8D2DE0565EF1&expires=365
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wincountry.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 06 Apr 2024 08:22:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=01EC05CF1F57418BA0BB8D2DE0565EF1&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 05 Apr 2024 08:22:40 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=01EC05CF1F57418BA0BB8D2DE0565EF1
43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=01EC05CF1F57418BA0BB8D2DE0565EF1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wincountry.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sat, 06 Apr 2024 08:22:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=01EC05CF1F57418BA0BB8D2DE0565EF1
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 05 Apr 2024 08:22:40 GMT
pixel
cm.g.doubleclick.net/ 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404020201/pubads_impl.js?cb=31082449
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 08:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 06 Apr 2024 08:22:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1DAA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wincountry.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
63431
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 05 Apr 2024 14:45:29 GMT
expires
Sat, 05 Apr 2025 14:45:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
interact
adobedc.demdex.net/ee/v1/ 		731 B
919 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adobedc.demdex.net/ee/v1/interact?configId=656100c2-2477-4105-bbeb-16724c3fefe1&requestId=d28a8892-8b39-4c85-ad17-c203791b6f60
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ddcf247e4bf5/82484060cd13/launch-7d75747d0373.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.222 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-222.data.adobedc.net
Software
jag /
Resource Hash
3f340c260c1902bfeba0033dd7488f1e8f741d62215e8fe5214b8f92e8e8c7ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Sat, 06 Apr 2024 08:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
server
jag
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wincountry.com
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge
IRL1;6
access-control-allow-credentials
true
x-konductor
N/A
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-xss-protection
1; mode=block
x-request-id
d28a8892-8b39-4c85-ad17-c203791b6f60
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-QLTWJ7V56Q&gtm=45je4430v884781301za200&_p=1712391758142&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=168903808.1712391758&ul=en-us&sr=800x600&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&_eu=AAg&_s=3&sid=1712391758&sct=1&seg=0&dl=https%3A%2F%2Fwincountry.com%2F&dt=WIN%2098.5%20Your%20Country%20%7C%20WNWN-FM%20%7C%20Battle%20Creek%2C%20MI&en=web_impression&ep.CompanyID=459&epn.AccountID=2432&ep.Platform=web&epn.PostID=35&ep.PostType=page&_et=1&tfd=6818
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QLTWJ7V56Q&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://wincountry.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 08:22:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wincountry.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=01EC05CF1F57418BA0BB8D2DE0565EF1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404020201&jk=2626436674215559&bg=!LS6lLmHNAAanmIpSh5g7ADQBe5WfOD0tEg2i6F5hUR3wInQSkQ-28o_iSKQ8MVjQxoV1tK6f_vRWsYOwgDjbO81PG5GqAgAAAMBSAAAABGgBB34ANa6P3LqtSQmemNLHYoWxtcYDU0Y9ae1WhR6-fZkHTYrqsc4cgcVPwCOPXbYw_z7J6CshtISACgCDdsDa6chWsZJa4IySr5fKLPqs98czqZmitWywiI2wWIYbTC-O3_5IE5EQc5egPaZLhQ-nSSQULqwydQ7etRfiwAlVnBjCjh0m_LeJGXMRFerlqCeBgR52liFt3t2ijlepC100685U3PKTC4Db8kYKI0mSxqJbxGkVZa6lX-SyN8c-xz-ZAo_AaIw3dhzD3N2Jnf2COaErbe6uY7ml-QkmCyPlRy5YAKlqspBilaD29eSapMgwnxJcS8b2N_yOquFJ8bYIp8wXnug0eMCpIiiGStmMZtNKwJjAf1C1JrRRVzFWijYUxQ6NYC-wbujVKorhD2uy36thR5797lkVpSzrOpG38owbmihF9_K17CxJGLsfiyvtlO_7KS0T5lDznb3ysPAck3enUNdCD3un3ry51WSu2Oxf6r-jNl1tDPznzjety8lwvo4QKDgS5YkXqSIyr-4m_v6RkTLmn5l7V5dNM7KRjXcDpVEcYB7ZF37Oo-e-TjLPK6l9Ceb8DHnRLWY4-cr1-iyE84vieA9275nvD4s4XLJ5-_2hWPs3rg0xO4z48RxeqbzqItjxSU5FUM-asdwai3Jpv6wwJhMZEp3fUUnEYuVaO12PJGIU7psL9Dec4jutFF5oky_l5k8K5tpE_07hxgpD4PBYozsCYBKGm3j9ydSLXsVpnJE2CHtmKdZ4XHVtMDEGLpMeYticqY9XWUFnLickwl-Bgq6YjW3zB2zoC9PkGSnwQax0fN8a5FyZ7OrrdgBwcRhz84a7ldKPUletZIColFpx6kobcd8yMds888m-sy9Ao2NjpCY0NjhERR8hPGDzdjrJndT71uvQNVyOjo0Q786U7R9lFKUZtj257_UGxrRc3raoA--cTAHgLfgBd7SUjw4TwU3LtgYGFi8ewVtzgjo077AAoT3PEfs6StGzv9cP6MiuBNgy3uUXUmTvXt8o950vOwpRzf8PixKsAcgnHthEIxbLSDrpecjcwB4b3us1343aLWU6ujSCMHk-nRH2nPK6jlt5VUa5n2Gp8SZpYH07eh9-Mg4ExD9Rjfix

Verdicts & Comments Add Verdict or Comment

218 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 boolean| isIE8 object| socast_page object| adMacros object| Page object| gvars string| CDN_HOST_MEDIA boolean| isMobileUserAgent object| communityUserName object| communityUserIcon string| V3_RECAPTCHA_SITE_KEY boolean| hasPlayer boolean| isInsideSocastIframe string| playerType string| popupPlayerURL string| popupPlayerSize object| _wpemojiSettings function| $ function| jQuery function| Popper object| bootstrap object| jQuery112401413130998565877 object| App object| socast function| text2linkB function| text2linkC function| safeString function| notIE function| extractYoutubeCode function| hasLocalStorage function| capitalize function| isExternal function| validateEmail function| isDate function| createCookie function| readCookie function| eraseCookie function| getFacebookSocialImage function| socialImgError function| dump function| parseUAgent function| utc2local function| isFileAPIEnabled object| SCFileReader function| notifyResponse function| openPostFormInPopup function| styleDataTableSearch function| loadSvg function| getLuminance function| roundPrecision function| getShortNumberFormat object| LocationSelector function| dateFormat function| isUrlValid object| SVGLoader function| Lightbox function| launchFullscreen boolean| mCustomScrollbar object| SCTracking function| WidgetTemplate function| facebookSignup function| alertBar function| closeAlertBar function| closeAllAlertBars function| getFramedAd object| fullScreenApi object| SCPoll object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| dataLayer function| gtag object| googletag object| stickyHeaderData function| setupHeader function| stickyHeader function| windowResize function| scrollIndicator object| toggleMobileNavigationMenuTimeout function| toggleMobileNavigationMenu object| _taboola object| heroBgds number| randomIndex object| lightbox_43508_548714850 object| lightbox_43399_548714850 object| lightbox_41512_548714850 object| lightbox_39097_548714850 object| lightbox_38335_548714850 object| lightbox_37306_548714850 object| lightbox_33123_548714850 object| gallery_548714850 object| eventCalendarList_1067103162 function| openLogin object| cssVarPoly object| wp function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox function| AlbumGallery function| twoColumnLayout function| EventCalendarList object| LastPlayed object| FB object| sifi_att_3302528591574142 object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager string| GoogleAnalyticsObject function| ga object| __buffer undefined| google_measure_js_timing number| google_unique_id object| gaGlobal object| webpackChunkwsi_media_widgets object| regeneratorRuntime object| wxWidgets object| wxMicroWidgets object| wxSunWidgetEventEmitter object| wxMapboxPlaceholder object| twemoji object| FontAwesomeKitConfig object| recaptcha number| width number| height object| closure_lm_560624 object| gaplugins object| gaData function| onYouTubeIframeAPIReady object| taboolaEvents object| _tblConsole number| trc_debug_level object| TRC object| TRCImpl undefined| __startEngine object| __visibleCallbackList object| __visibleElementToIdMap object| __visibleIdToElementMap boolean| __tblTrecsInit function| __trcDebug function| __trcError function| __trcInfo function| __trcWarn function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam string| trc_article_id string| trc_item_url string| trc_map_url object| trc number| infolinks_pid undefined| infolinks_wsid undefined| infolinks_advtq boolean| infolinks_iframe string| infolinks_basePath object| infolinks_slots boolean| infolinks_initFromFrame boolean| iceLoadStarted function| _typeof function| _defineProperty number| $iceId object| stip object| hook object| dimObj string| adviewUrl object| GoogleGcLKhOms object| _satellite boolean| __satelliteLoaded function| alloy object| __alloyNS object| adobeDataLayer object| google_image_requests

39 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AO9sCLgbD5FrMAUSJz442T2dRfthXbd2EOxvPW165AIURn3Skx3xzk6gz_c76TOfpeB2Zk-TOVlukd8LFuIDCSk
wincountry.com/ Name: SERVERID
Value: v1
.simpli.fi/ Name: suid
Value: 01EC05CF1F57418BA0BB8D2DE0565EF1
.wincountry.com/ Name: _ga_BGC9VZD51N
Value: GS1.1.1712391758.1.0.1712391758.0.0.0
.wincountry.com/ Name: _gid
Value: GA1.2.1359825862.1712391759
.wincountry.com/ Name: _gat_gtag_UA_33491015_39
Value: 1
.wincountry.com/ Name: _gat_gtag_UA_4991594_2
Value: 1
.wincountry.com/ Name: _ga_BFCN2RTHR1
Value: GS1.1.1712391758.1.0.1712391758.0.0.0
.wincountry.com/ Name: _ga
Value: GA1.1.168903808.1712391758
.wincountry.com/ Name: _ga_QLTWJ7V56Q
Value: GS1.1.1712391758.1.0.1712391758.60.0.0
wincountry.com/ Name: PHPSESSID
Value: db844dffb4e4a39143b906bbb8ca39ac
.wincountry.com/ Name: __eoi
Value: ID=2ca1198271f1826d:T=1712391758:RT=1712391758:S=AA-AfjbBcW8IBZiJBDwffDHdQT2i
.wincountry.com/ Name: _ga_Z48DQSG8XB
Value: GS1.1.1712391759.1.0.1712391759.0.0.0
wincountry.com/ Name: logglytrackingsession
Value: 10e47ac3-30db-43dc-9fbd-e225b3a9b4b2
.infolinks.com/ Name: cuid
Value: 90e10eeb-f477-4b3c-ad4e-43a60d1e6297
.simpli.fi/ Name: uid_syncd_secure
Value: true
.tapad.com/ Name: TapAd_TS
Value: 1712391760919
.tapad.com/ Name: TapAd_DID
Value: b32168d0-33f1-4f13-9b0e-12a7e57df915
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-27c48e56-12e0-4241-b7d0-a8285f930337-003%22%7D
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.pro-market.net/ Name: anProfile
Value: "-zvo3xh7es9ll+1+1f=1+1g=1+1j=41+rs=s+rt=20011B6010100002101248BAF83D27AB+s2=(sbihxs)+vm=24-01EC05CF1F57418BA0BB8D2DE0565EF1"
.pro-market.net/ Name: anHistory
Value: "-zvo3xh7es9ll+2+!#7%.#)!4dJ"
.agkn.com/ Name: ab
Value: 0001%3AcSysjBHCfAVan7kK854zJtB45P95yjr4
.adnxs.com/ Name: XANDR_PANID
Value: ZR1epXCoAkZYL2PwPyHnHurAKM5xQKDyZM155Uk2ATU2QCsA3va3GhPfBs2-mwjTLwvHw1p_ISlcPyXDX-n5ytSnK3A8KCmu517TTJVlAMA.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 2720378850709696869
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2GTzF$i:`!@wnfH8KW.dG5<#Z0rbuqB3psqy8LsG5VOtnX.a4oGM7^oTotcG4hgwElm[)pO!nh%(2K:$doS]%6lNX@#su+
.bluekai.com/ Name: bku
Value: blx99aWsWVqHznRD
.bluekai.com/ Name: bkpa
Value: KJy9nyexd02pSUHknp/8mE1hwtkAwE9hHD1yBDBs1DRNBpxhmWJO1WJYmWx0HWDyBERNHDRh9y9oJ9rt
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-27c48e56-12e0-4241-b7d0-a8285f930337-003%22%7D
.agkn.com/ Name: u
Value: C|0AAAAAAAALaPC0QAAAAAA
.exelator.com/ Name: EE
Value: "f78bbb825fb6da26a977b6e355bc1692"
.demdex.net/ Name: demdex
Value: 61021834398413488440192820168334599526
.wincountry.com/ Name: kndctr_C7884A3A64E46D6E0A495EEB_AdobeOrg_identity
Value: CiY2MTAyMzIyMzg4NDQ4NTMwMDYwMDE5Mjk2MjY5MDM1NDYzNjU1MFITCLLagpTrMRABGAEqBElSTDEwAPABstqClOsx
.wincountry.com/ Name: kndctr_C7884A3A64E46D6E0A495EEB_AdobeOrg_cluster
Value: irl1
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHN3CIpKcnCyDQtySwl0cgs0dLcPMks1djUNCnZ0MzSaHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIeEl%252BUWb6IhfXxUUpaQyLSopPBR%252BPdAAAvQsqMQ%253D%253D"
.bfmio.com/ Name: __141_cid
Value: 01EC05CF1F57418BA0BB8D2DE0565EF1
.bfmio.com/ Name: __io_cid
Value: ea3c2341fd7fb0becfab81a49a09a7bbd0c0f932

93 Console Messages

Source Level URL
Text
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cdn.taboola.com/libtrc/midwestcommunications-network/loader.js
Message:
Unrecognized feature: 'browsing-topics'.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://idsync.rlcdn.com/419566.gif?partner_uid=01EC05CF1F57418BA0BB8D2DE0565EF1
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=01EC05CF1F57418BA0BB8D2DE0565EF1
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wincountry.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

423a3eed0d1c3936d06a752af80abbb7.safeframe.googlesyndication.com
aa.agkn.com
adobedc.demdex.net
assets.adobedtm.com
bcp.crwdcntrl.net
cdn-css.socastsrm.com
cdn-js.socastsrm.com
cdn.polyfill.io
cdn.taboola.com
cdn.worldweatheronline.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
d.agkn.com
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
is1-ssl.mzstatic.com
is2-ssl.mzstatic.com
is3-ssl.mzstatic.com
is4-ssl.mzstatic.com
ka-p.fontawesome.com
kit.fontawesome.com
loadm.exelator.com
media-cdn.socastsrm.com
media.socastsrm.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.tapad.com
region1.analytics.google.com
region1.google-analytics.com
resources.infolinks.com
router.infolinks.com
rt3008.infolinks.com
s.ad.smaato.net
securepubads.g.doubleclick.net
simplifi.partners.tremorhub.com
socast-public.s3.amazonaws.com
stags.bluekai.com
stats.g.doubleclick.net
storage.googleapis.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
tag.simpli.fi
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
widgets.media.weather.com
wincountry.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
pagead2.googlesyndication.com
sync.intentiq.com
13.225.78.127
13.225.78.67
142.250.185.162
151.101.193.44
172.217.18.2
172.66.41.9
172.66.42.247
178.250.1.11
18.172.112.60
18.173.205.124
2.19.217.66
2001:4860:4802:32::36
2400:52e0:1e00::874:1
2600:1901:0:8eee::
2600:1f18:612b:4280:9b7:40bb:2e67:d86c
2600:9000:211e:d600:1b:5138:8a40:93a1
2606:4700:3110::6812:35ed
2606:4700:4400::ac40:93bc
2a00:1450:4001:801::2002
2a00:1450:4001:806::200e
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::201b
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9c
2a02:26f0:3500:587::1e80
2a02:26f0:3500:590::2a1
2a02:26f0:3500:594::2a1
2a02:26f0:3500:59a::2a1
2a02:26f0:3500:e88::3282
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.68.255.141
34.111.113.62
35.204.158.49
35.234.162.151
35.244.159.8
35.244.174.68
37.252.171.85
46.228.174.117
52.209.133.200
52.209.51.105
52.214.182.85
52.216.8.107
52.73.47.87
54.78.254.47
54.84.131.112
63.140.62.222
69.173.144.139
76.223.111.18
01a3066991f4af85d35aaa0068aa00054f9762f39c263853f49518d5f9784c4b
0393f18543365f0fe2dd16abbe815614acf4050b8ba25433c688caa277179a25
05f42c00cf0c93e6c0a63bebcab7ed16eaac1064cd67333a4d86cea13e83ccb6
06ab8804c22326649393b6b82923131952b97a8185b8ccec8893e356beaf670d
09912cb2d2c867208249706041eda1ec8d6fac4234841ffbf7c9ed6734fb8b5f
0ac6fd5b7d5afe27d5bdcc1a32f0101949f80841860b7f0c9b58bf28f50b5728
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0c955fa8c779c4d8a38a36ec47e0eb653271d31844f356142ddf4688354e4afb
0ce7fbe215cdf921ed87d00a374404681d5d24898589a7fe60e068d09289b4ba
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
111738bba95bee9f0332df2ca6600fcc1de5d09cca8d2dcabbd12559ba477010
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
14caade7152adb24edf1dec1437420acbf37b846f556f663c9c7856b8e91f54f
1580a6a19cb081a84215f13b42f765469beb87d7401f16349760cd067fc4da71
1890c71cc95f2a3dc94ef622a427deb4286e82b51ae154774185b5397c9451af
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1dcc68cc96c80a3b221553592ea8e238adefac1b0ab412e8de05e4a1a46ae23f
1e6d8362fe516844f04eb1868cff8f98facb24faf20cc02a208f3495e82f5136
1f3387f11826be4923a2d3a8c1542780abd6d4c66ce13f2de770f2e386989593
22ea76565ca3baab3211b5894bbf5c795e34e6e2f86335aa3370a7e4fec6544a
25173403d20076c00cc25a857f5162b0ef03f75d2ccf1d9501ce0ea27f4302ae
255c827d21a38302512295e9b6cea4bb875d8efe0da36ccf95b9e8c328093712
28b130db0f36d4283a122dff8840082409841d43930fd6d09bb12bbcbb729afa
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2cd0f6bf27dd5392aee38f34ebd531cf947e52c5af687751f60bc6d0d28ee982
2ee9a6a60e37ff74e9e84a55f05213992a0463020a012016262d5bd3a4a10131
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32964b4676b104963517b95a1a4087871bf3d062a86e5e5618ba1e145ba9cf70
338f0a6b45397cbcb5eded5fb1c6910a71bd082d81ca5021eafa419572d280d9
351ef5f200f2af06ec624eb9eab23ff863a29c8755d187e3fd00266279a71658
37221150011b4eda862110049502c536e32782d01159d1002944afa2a6fef821
391fd5670220eee47dfb98a1db121ee2f04ab166d3794d50eea9e4f1e05eeca4
3958a93184f498eaa140c746fa8b3ce7e540d38898f2b1c1acf9c7e8f6c5f429
3a80b0a97b3c61becfe525651008453fa27ae4c9fff2ebcf5f6940b1faeb8810
3b42df9a8d34009af50a576a3452bcfd3ff300bf6619f151b6ebd05fef064828
3b7b08ea696e37f399732d6c1e4b951c209353efe9b2c0676c8141261f03eca4
3b7c674a82f8a947fc5a891870aa6e78930e7fe3533793921af870854bc0bf00
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f340c260c1902bfeba0033dd7488f1e8f741d62215e8fe5214b8f92e8e8c7ce
43cdf46f331fec5ba92e402e3d5cad473099892cbdafca02e607cd03705104bf
449432e909c4c1f4308e387f8090918b4e905fab81363c20809f25aec0ded61a
449ffe278d76b2ab3b8151db43f5706d2dbc320b23b03d8d0ee506fd68470a64
451bdbf54aba489f904b7a11d417e7c74019220163357d7502bd77a3454e1984
467d16b159d4ccb43d7a3aab76d63d223d9dfae82dd03a3299da423513ddccd0
4b05fd300b023998641714cb534c7c0d6b91bd4fb7ce461959ac28f9db0ec328
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fcd84bdfc8438442d57c12a4bc512e82c532c68bfbd9115ceb2d3b177ebc969
51586ec2d56dc12c32b65b0612d89695b3a5b7d0c91592acad6ec8a04f8701aa
515abf0a6b2f91db92dee41212ad49c8703793e561bdfbb81843c323dd1b1833
516640faeb856df6599d165f26ee51ce8cbaaf34f7c09d818509e75f6a48ae13
521c38b16194e130c7c5bd73c40e84a59d9eb1e95c815e14eeb657873e722623
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
54ab0f51ec3cf63fc92dd3cb384defb55800fadc29b4798c4c13d4bce60bb4b8
5823bba5d7ae356e30e6aba54cd1a353ba781f436c111547c05f244b6cf92d8f
58c651a26071f79972de05cb4be8ea1bd2cc4833ff94654f34c4ab0085d3355b
5fc5ca6b03fb379940b73627d0dc7c3e26c78a719738be26aee764e7576f2de6
60537dcab91319ce098fe9c55a0ff7ece804449c149238e3c0564206d98146dc
607aa273610a68a9d86314467885ff5502b12f8990530241eb51dd8c38a23a70
60ad2cab7ebffae6e02715beb61152fb6e151f14adf31b9e743dacb2828a984d
60d04d9eb41ea18934165560ae195bd4a596649ed3aeea706b9a7a267b229974
6106fba2c6f036bfd249c40d9df1fec6f9da3ee1ea754dccde3c0f9690fcc1b4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6330d9d10ff63c82cbaa3f1f814b5639c2c7a47ded38d337d4e266c0d6d505e1
6360ea9271ec98de9bf0d006c2a90d841b61cb9cb809d97825fdd8f6f729841d
639545d99c924ff87fc97799f2dc94659aec811229272f3e8e5fe1b0a9da6af3
692f1bd5b14f490e9b266dd76a6a402e5d5575d4434d0cdc190d7312c57aab4c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c5f1544ccc1550ef537d7a9bc4b7ec531c0113e500406cc63ac53bac67f37b8
6cd88ac489166117f6f1e0f760b8a9d89193920b711cca4478cd455620e7f135
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6f9e7fea4cf1ca2e913a46f8f5c11f5afa28cb8956a301ad1533bc4d644868a6
7056ddb92319452688df800a17c3b2781463df6e369b35bdfcc1217e6fd00e8d
762e70ff6b0c0e2c91f57d48071560fc6f0e2f2179fa04deb48d7ad2091d2d2d
7742bb16ac54dbccd2a9df6edc159ff921e1e738f08dc0d4b4b9f31424ede919
77626e92662a1cb3ba1c002bf50ad0676cc0be457009173d04b58b97de488dd3
7890a0e73a42b5f89ea689d06386b17322bfed522c11c744ea65ae6047b3767a
790e9e97a3027dee2861e6270457281acb00aaef8114697b7d9aac706320464a
7970b8024bc330047a2d26a1d1bf42736d603a7d10bec483c40b1cc0ef347c3a
7afc9e1606492279c108afcffcd3aba9770f1d2d45360f4411af4956f5927573
7b654fe170aaf0c8a28cc5f6bcd17ffa355cd67167dd504c1942116c90342ca4
7d72b4a59db3d6bfde6d8bd49d15663a94efb8f6ef41fed6833fbabc0e8dc378
7d8ac31009d9814c493b8b4162298afaef0ab61e3e07e85b36c989f46da93465
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7e9c5bf3338c11ab0745787c6c21688cdc639b3cfe1a66a6d4510044aa71e8e3
7f11bbd2091480997ca88487fcf008ee64ecfcdbd72d3a218f16eb3d4a562e1c
80a19c6081152a6060b590265119738a99570f4ff304163f7338b9e331a4db0a
826ad5ca08cda186fbf03678587298a48c69a6e4a8c426c3a7aa5bcf45a61878
82ac1e85cfa0edc767331ac49c45efe8eb3e1ca20109ca3162b43c9db85b7dbc
84752bd808c9dc443c73279245cd16911b83152a0cb8e66ba5e60094a520a79f
84fc551d4cf20edb6525246d38632f5c2a68f4e5aebc77402434a0e781118363
851aab34e9b9e9c6252ed4a0bd57b30a79795aacdc7e036d7e824ed9e69b2807
8d1c98dc1f9dd01b0c77db1c670871602f34d74b3e2823535c373a1f2e419ede
8df8f305434997f9512cf9863088cccefa4006084fc4feb069f452edb31dad99
8ead246d96271c4e6ecbd16cb0cdfa5f292b9bd574ed8fcefb72ae3642bcdb67
8fca354f59752dce225bbeae9a11bc5c7c88fae899993bc4e4aa7c7ac615ad27
916301287f61100a9242eeee5168c1f1ed8367729998837d4aaced456c5d98c5
91df4bb77d6e119ba50b1fe3598b4feac0caa897a00212968fb920a51de7e407
924ddc3b4f4b93a87997ddd207fc8c8316db4264703361e2eefe91f80d8adff7
9411f890bca20739c7f98ca90d9deb61fe70f99c3c3b14c7b95637cab436787a
9583322eb1c2b8e6866c4936460061fe807ac1140911dc3d09ba65950f5a2d95
958fe2696b8f4d2ba074d2d0216bb3dbb505bd6f7ada4fa4230dc1dcb9357a2f
96940f5ab67fe88ca5dbd9ef8f178e9bc0f1576d76b204ad5ab1991a2dd0cc86
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
96db5db7e13f4e196848e1bf69005d804f783c628fc14444f5a797620a30b326
9981531720e3b5aef19b3d1793da3a226372cb95ae219b68dd2e4c3b3f185f5a
99b16b95e55ebbca52470456ed9da21d817c5f8b25a2ed7e3cdd217a0b5cd94d
9a5ca76b8b860c6bec08a8592197e4c69fc26b67ad048e53aad4e5f7789d3d8a
9b10944ed9e172c41983d89eb9fa73931b46cd73f01d78490769ccb3d5714182
9b64f7e2e52ae67458e04b7611e81a7c981a645c17d1c1749e066959c894abe9
9f9c4b0401e6584bb3a47041f136687c3e501022bbeb1e0d88c83278f4a5c49e
9fd17622bb1bfa27b87268e4d7016eb15805493288070214c94d966609d88fe8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a5d3258e2164afeb105c953fea0e5b42a690b4bfe2dea2f221a6d1bb07a09ae8
a6f59fc654b5a739d372c1f6954a666d6518236ac67134523277a5548ec40ad0
aae9c69e350c53a164f39e3dd9a338a11728ad5fecbc1ea150bfc1058d2d2c79
ab40d2fd397d7357eec52b0a54abbbe4065909ae6993c7f321bcd91b7afa82b6
b502ef69aba71449772f6e3d042e5ec7447f61d4bee52ce8cba3adfc6ceeb0c0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc550c39daf7872d5b61bc0d5224bea93f15520e9ce09eb8e6d5c26baadb1bed
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
bce220b4c9adb99b9ace96f7b07287d04501f4a40a6d619b1124ac8cde23a3f6
bd1bf71e74a1e68ee726d952d516148b497b32487a909a231fea49d575a7d2cf
bf19a2c38adaf4b593d66f54b4101d809e082d85ef8b2995635a20da83b2847e
bf46a23dfe3055265d98d504e78159a6d10af7c0afe5ecabf0d967c74553402a
c3d990019fac3b63ac16593e0661d71074091f96bfcefc99bc5466b4e33d964b
c574bb878909238729bd58bbe8aacf92a35f79b36723b4fac61c14651526f650
c70ff0c5e412f8332279f3466b11e9592884e93348f495f4f84298a9581c63a2
c72dfe69c8fbdb44833c6dba3b69582e1c3ab3d07ae30a5d25ef0321677687e8
c99f4fc37ed922eefac07fdca8d4894c4b67acf0eb3ec00c8412ba7c7a324225
c9ac6b0df8fa77c80fd438c9748858f78426d1a0aa99b88496b9583d1a34f43c
ca8d3614e2555d32bd259350e4690bc16b3c45721faccd80de561d044cfbdcf2
caac035c0ecf1c03e6ea51cdc70730ad87ff6998fe0e6df7b50d5a6d87bd4116
cac1df235adc210488f80cbb6f5aa4381d89e0767c104ffc85f9330ddc9cc66a
cc1c1aa45753383c29f0de5cc40d92e085412159e1d8d444638075061953a817
cc3a41863d92b22799ff23c52e2173e80b13ebc75b9144151ea105cd52b59de5
cde7582e362eeeddc8e6a9a8432e6f61bc552a43956d0b54e6359f6770acd439
ce19d826208023fe492150f8005f27673a8db0eda3dbe4f9a437c66aec7cd536
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d31ccaf4d1d5a13148c3b3f8042110685395b9e09c6dc5540a4965a4fdbe480f
d3539a95bd009f3c22e17b34e20a40d77b633533a972eb959fd3cfc512d92436
d655981dacea8e416d4224cf1fbd2f3348781f494d11d02edf78c92a1f3c3ae4
d9955d15081d3cfe6caee66835fd0fa0c45ada70923e279612ef20db71da33b0
d9df8b77a6d4bb3789adf419055441d975575ba594016889c76637522e38c196
db3ec5b517295e46a23e743579fbdd186ad1abe64c9c2b74a84572dbb5008782
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df683727493d0c968d5f4f4ec656d6874a68eea39413a01a87d13386f49f0616
df91f674ce3902ef0e9ac337f8aa0a15d67b5ee7ce4ad5efa22ad8172e4e91eb
e22094228566ad4a7e84db5aa4d36c53ab016259c2e3ebd653f25c16534bd0d1
e2374a9d3759552a6170ed61e9ca572ac0951dc1d6099589366e1d4b30a7f2df
e2535cad14e44953bf2a5cf3dc6cd12046d54acdfce11aa35cbefc7e0bfe9396
e287b9a44056830248fa0a52cff8cac873ac03f895a8217cb4ddb41525c28a9a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec14db41d8f5543c333c87b248783bac25cdab56936f67b80b2a06add6b4e4dd
ec681a96a9411dee18ee60810d58daa40b8a0e62778b96c41106594058d71db4
ec859a791b7826dbe09c15843aa03af6a4951db797c1f780a2ad15ce8069ae2c
ed7596a5a88bd0aeb221b8bf8a5aa67bef56d6068e1b2e657e7db99200c481f5
eeb2f09a9511bc3c70d6a90a24ea942db06737392c3159c4058ccecc6055c147
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef82770a46ee476d8530cf09afd544198d12b23cc75a01e9e40015c11a8ab3cd
f028b3cbfdc7a92f7c1ad5eba9eccb98605823a174c2a0a500713ea414348381
f468505697bebac4bb97e9b74e04b92bfa45713f82516b4d0b1652e8f5c67825
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f8390acd9cb4cb42885f025a599cc697972f01120080df502e1c60797020633f
f88279a4bfa31852b69934e6d6b32910258274a5182d909d6c970e63dd5395fd