Submitted URL: https://link.mail.beehiiv.com/ss/c/u001.hrL4oeozo6K_jWii9TYEkilYGSgTvihTUR2biRs7NA9iG2rVXQmUXxorbn2-s6GcQojhkam5F02PH0rtLZmxX9...
Effective URL: https://winningtrades.com/therma_bright
Submission: On October 22 via api from BE — Scanned from CA

Summary

This website contacted 14 IPs in 2 countries across 18 domains to perform 49 HTTP transactions. The main IP is 104.16.36.105, located in and belongs to CLOUDFLARENET, US. The main domain is winningtrades.com.
TLS certificate: Issued by WE1 on September 7th 2024. Valid for: 3 months.
This is the only time winningtrades.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 142.250.80.100 15169 (GOOGLE)
1 142.251.41.3 15169 (GOOGLE)
8 104.16.36.105 13335 (CLOUDFLAR...)
7 2a04:4e42:600... 54113 (FASTLY)
1 151.101.44.157 54113 (FASTLY)
2 5 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:310... 13335 (CLOUDFLAR...)
4 104.17.124.183 13335 (CLOUDFLAR...)
9 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a04:4e42::729 54113 (FASTLY)
1 142.251.40.195 15169 (GOOGLE)
49 14
Apex Domain
Subdomains
Transfer
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
15 KB
8 winningtrades.com
winningtrades.com
1 MB
7 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
79 KB
5 unpkg.com
unpkg.com — Cisco Umbrella Rank: 797
240 KB
4 bubble.io
3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io
20 KB
3 quilljs.com
cdn.quilljs.com — Cisco Umbrella Rank: 22252
54 KB
3 vpdae.com
www.vpdae.com — Cisco Umbrella Rank: 425059
2 KB
2 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 5947
170 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
263 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
995 B
1 iconify.design
code.iconify.design — Cisco Umbrella Rank: 34282
8 KB
1 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1472
27 KB
1 beehiiv.com
link.mail.beehiiv.com — Cisco Umbrella Rank: 51550
741 B
0 facebook.net Failed
connect.facebook.net Failed
0 taboola.com Failed
cdn.taboola.com Failed
0 clarity.ms Failed
www.clarity.ms Failed
0 youtube.com Failed
www.youtube.com Failed
0 viblast.com Failed
cdn.viblast.com Failed
49 18
Domain Requested by
9 fonts.googleapis.com winningtrades.com
8 winningtrades.com www.vpdae.com
winningtrades.com
7 cdn.jsdelivr.net winningtrades.com
5 unpkg.com 2 redirects winningtrades.com
4 3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io winningtrades.com
3 cdn.quilljs.com winningtrades.com
3 www.vpdae.com 1 redirects
2 vjs.zencdn.net winningtrades.com
2 www.google.com www.vpdae.com
www.gstatic.com
1 fonts.gstatic.com fonts.googleapis.com
1 code.iconify.design winningtrades.com
1 platform.twitter.com winningtrades.com
1 www.gstatic.com www.google.com
1 link.mail.beehiiv.com 1 redirects
0 connect.facebook.net Failed winningtrades.com
0 cdn.taboola.com Failed winningtrades.com
0 www.clarity.ms Failed winningtrades.com
0 www.youtube.com Failed cdn.jsdelivr.net
0 cdn.viblast.com Failed winningtrades.com
49 19

This site contains no links.

Subject Issuer Validity Valid
vpdae.com
WE1
2024-10-08 -
2025-01-06
3 months crt.sh
*.google.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.gstatic.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
winningtrades.com
WE1
2024-09-07 -
2024-12-06
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-24 -
2025-07-25
a year crt.sh
unpkg.com
WE1
2024-09-25 -
2024-12-24
3 months crt.sh
cdn.quilljs.com
WE1
2024-10-16 -
2025-01-14
3 months crt.sh
bubble.io
WE1
2024-10-15 -
2025-01-14
3 months crt.sh
upload.video.google.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
iconify.design
WE1
2024-10-10 -
2025-01-09
3 months crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-03-06 -
2025-04-07
a year crt.sh

This page contains 2 frames:

Primary Page: https://winningtrades.com/therma_bright
Frame ID: 8B1BE180CB44160ECA5F908DD9BD612B
Requests: 49 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcoracZAAAAAFPhwnLZhntvkLECD8z4uLMmxpUM&co=aHR0cHM6Ly93d3cudnBkYWUuY29tOjQ0Mw..&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=bffhqpc4zt7w
Frame ID: 91C913E98B0F0F6E0E1F76B324FE1AF3
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Winning Trades - Featured

Page URL History Show full URLs

  1. https://link.mail.beehiiv.com/ss/c/u001.hrL4oeozo6K_jWii9TYEkilYGSgTvihTUR2biRs7NA9iG2rVXQmUXxorbn2-s6GcQo... HTTP 302
    https://www.vpdae.com/redirect/7gdhjayet5cfqc8syc3hfxr56sx?utm_source=elitetrade.club&utm_medium=n... Page URL
  2. https://www.vpdae.com/redirect/checked?check_id=m-6fd627ff-5777-9773-9260-sexavrfyqpuj&link_hash=7... HTTP 302
    https://winningtrades.com/therma_bright Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

49
Requests

86 %
HTTPS

57 %
IPv6

18
Domains

19
Subdomains

14
IPs

2
Countries

1931 kB
Transfer

7198 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://link.mail.beehiiv.com/ss/c/u001.hrL4oeozo6K_jWii9TYEkilYGSgTvihTUR2biRs7NA9iG2rVXQmUXxorbn2-s6GcQojhkam5F02PH0rtLZmxX97-uUI-bVof4aLCd9JDEjcGuvDKU8h0yJpffN06uwqm6puTJruQpUu-QOWBd432wY1CgPgbbLTT3UM1lFpXNokTVtAr1Fv0mlO_DB0zZ3Wjk-IOIVYdgGb4rkqL-mpe7czlZ_m_ptz2CVcoYq7AK7WmDuSOBI9caHyL0TlBXG8grGeNv4ejq648jKBHFTvyviAjFTDJUVDpgiBfL3iFv2U/4at/OxF60YX_RluMIh7ICvEaxA/h7/h001.t2eptlV1pAf_LRyPiVN0aROlJAkRs8FBn1Gc5EbVKaA HTTP 302
    https://www.vpdae.com/redirect/7gdhjayet5cfqc8syc3hfxr56sx?utm_source=elitetrade.club&utm_medium=newsletter&utm_campaign=mixed-q3-results-for-verizon-and-gm&_bhlid=31cd7e3a0f22cd80b190c7456d06e45a7042f6c6 Page URL
  2. https://www.vpdae.com/redirect/checked?check_id=m-6fd627ff-5777-9773-9260-sexavrfyqpuj&link_hash=7gdhjayet5cfqc8syc3hfxr56sx&token=03AFcWeA5g9a4g1_EXNqqkKagYa8Q-t1uT2JNzmHfeGifXamggqrsRDUWLLXCBNrvlILiig9rFMzVy56Ac9fbth57WlWJN0qDZeK6-v-fVoVuRFwRDZhzPJq26jpQOsOfOo0juE1Nk41PseHEo4fpOdvqsqQ6X4D-VQOjRvJ0iUV3ueR1yrEmblIv6Fs9G1ioEvZMGEif25VY5GPfXrPktToYdKO9A0kuGMXFHP__Szusd8L7bMLm2JTTj8O3pg421UVGwWkhv2Yu0JvFKET7Guq_KuJuwocrt9rNyiKbNTvHQABDwtdOXw-yJLKbKCSeCe0hA--nJvLK2K49gggBqEZj16XJArUBGDo7SFs902hIEbsS1PLJX0Sl8H57bHeVZFBs4Gh7KpZrQho6VP2WlJFmJRRPrksDVHiTrRRVRM4_7lo9vXO76IMQrDdUrzIX7zlKBTVAvGETfO5M3eu8zXF6I3NBJjVxJIuB-0BNLLCKXBebbEEFxs0HT_iXmEif3853NUfZZQXbl1maJIWXmPGTERXux1B1Sry27K5JNvWcJZH9v2OErDFBMSHN4EiUXiAVQfOohdtrqNeXeJQjd8g5bCaqFvrEE0lI90nhGZAKw3_LxWaDOd43zF0UWeqHrJYKFGEo9TrdC1uMV6dPQ4_x4z_tGj-MCapp8256kSuLbqqpntDkvdNuwyBjEn5WQIzChqCuhD8AE8NotESEMNkoR1rm1eFQZAMfqoSK3SU9ezy74U8uJ9elC-ELbtf3nQiqJctgpLEVeDMtES5Mf-t0cq_wLw6MtTzAQ-84SSys8YEyCMT7ZaM3-b01b8W93pHHuZgSHnIq0SDLZLqM8lTv-pyA7_FsSNg HTTP 302
    https://winningtrades.com/therma_bright Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://link.mail.beehiiv.com/ss/c/u001.hrL4oeozo6K_jWii9TYEkilYGSgTvihTUR2biRs7NA9iG2rVXQmUXxorbn2-s6GcQojhkam5F02PH0rtLZmxX97-uUI-bVof4aLCd9JDEjcGuvDKU8h0yJpffN06uwqm6puTJruQpUu-QOWBd432wY1CgPgbbLTT3UM1lFpXNokTVtAr1Fv0mlO_DB0zZ3Wjk-IOIVYdgGb4rkqL-mpe7czlZ_m_ptz2CVcoYq7AK7WmDuSOBI9caHyL0TlBXG8grGeNv4ejq648jKBHFTvyviAjFTDJUVDpgiBfL3iFv2U/4at/OxF60YX_RluMIh7ICvEaxA/h7/h001.t2eptlV1pAf_LRyPiVN0aROlJAkRs8FBn1Gc5EbVKaA HTTP 302
  • https://www.vpdae.com/redirect/7gdhjayet5cfqc8syc3hfxr56sx?utm_source=elitetrade.club&utm_medium=newsletter&utm_campaign=mixed-q3-results-for-verizon-and-gm&_bhlid=31cd7e3a0f22cd80b190c7456d06e45a7042f6c6
Request Chain 14
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
Request Chain 16
  • https://unpkg.com/@lottiefiles/lottie-interactivity@latest/dist/lottie-interactivity.min.js HTTP 302
  • https://unpkg.com/@lottiefiles/lottie-interactivity@1.6.2/dist/lottie-interactivity.min.js

49 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
7gdhjayet5cfqc8syc3hfxr56sx
www.vpdae.com/redirect/
Redirect Chain
  • https://link.mail.beehiiv.com/ss/c/u001.hrL4oeozo6K_jWii9TYEkilYGSgTvihTUR2biRs7NA9iG2rVXQmUXxorbn2-s6GcQojhkam5F02PH0rtLZmxX97-uUI-bVof4aLCd9JDEjcGuvDKU8h0yJpffN06uwqm6puTJruQpUu-QOWBd432wY1CgPgbb...
  • https://www.vpdae.com/redirect/7gdhjayet5cfqc8syc3hfxr56sx?utm_source=elitetrade.club&utm_medium=newsletter&utm_campaign=mixed-q3-results-for-verizon-and-gm&_bhlid=31cd7e3a0f22cd80b190c7456d06e45a7...
601 B
1 KB
Document
General
Full URL
https://www.vpdae.com/redirect/7gdhjayet5cfqc8syc3hfxr56sx?utm_source=elitetrade.club&utm_medium=newsletter&utm_campaign=mixed-q3-results-for-verizon-and-gm&_bhlid=31cd7e3a0f22cd80b190c7456d06e45a7042f6c6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:be0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
819bec1b545db8586452976e5f556b797c157200eff90d9711f4e7cb7479ceae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d69bfb86ed24bd1-YUL
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 22 Oct 2024 13:14:10 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729602850&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=t3HlhsOJTiKfHtxIgMVXX3gQ%2BmeM1IFpGikNbE%2Fx3uo%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1729602850&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=t3HlhsOJTiKfHtxIgMVXX3gQ%2BmeM1IFpGikNbE%2Fx3uo%3D
server
cloudflare
via
1.1 vegur
x-request-id
7fee3f04-7b56-4b9e-b7ea-e6bb9bb28ffb
x-runtime
0.033792

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8d69bfb67f70a2d4-YUL
content-type
text/html; charset=utf-8
date
Tue, 22 Oct 2024 13:14:10 GMT
location
https://www.vpdae.com/redirect/7gdhjayet5cfqc8syc3hfxr56sx?utm_source=elitetrade.club&utm_medium=newsletter&utm_campaign=mixed-q3-results-for-verizon-and-gm&_bhlid=31cd7e3a0f22cd80b190c7456d06e45a7042f6c6
server
cloudflare
x-robots-tag
noindex, nofollow
api.js
www.google.com/recaptcha/
1 KB
995 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LcoracZAAAAAFPhwnLZhntvkLECD8z4uLMmxpUM
Requested by
Host: www.vpdae.com
URL: https://www.vpdae.com/redirect/7gdhjayet5cfqc8syc3hfxr56sx?utm_source=elitetrade.club&utm_medium=newsletter&utm_campaign=mixed-q3-results-for-verizon-and-gm&_bhlid=31cd7e3a0f22cd80b190c7456d06e45a7042f6c6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f4.1e100.net
Software
ESF /
Resource Hash
5df4da5ea4b97a8b1c3ba13f3ec326ad33271853aae19c7972a3f921a16f1887
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vpdae.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Tue, 22 Oct 2024 13:14:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Tue, 22 Oct 2024 13:14:10 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
recaptcha__en.js
www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/
544 KB
216 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcoracZAAAAAFPhwnLZhntvkLECD8z4uLMmxpUM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f3.1e100.net
Software
sffe /
Resource Hash
5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.vpdae.com
Referer
https://www.vpdae.com/

Response headers

content-encoding
gzip
age
848
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 13:00:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:00:03 GMT
last-modified
Mon, 14 Oct 2024 18:32:27 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
220736
x-xss-protection
0
server
sffe
anchor
www.google.com/recaptcha/api2/ Frame 91C9
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcoracZAAAAAFPhwnLZhntvkLECD8z4uLMmxpUM&co=aHR0cHM6Ly93d3cudnBkYWUuY29tOjQ0Mw..&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=bffhqpc4zt7w
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Y0B2HWOopY2T8JiW-5zH3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vpdae.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Y0B2HWOopY2T8JiW-5zH3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 13:14:11 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
favicon.ico
www.vpdae.com/
0
440 B
Other
General
Full URL
https://www.vpdae.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:be0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.vpdae.com/redirect/7gdhjayet5cfqc8syc3hfxr56sx?utm_source=elitetrade.club&utm_medium=newsletter&utm_campaign=mixed-q3-results-for-verizon-and-gm&_bhlid=31cd7e3a0f22cd80b190c7456d06e45a7042f6c6

Response headers

reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1729602852&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=y09XwUeEtAjxNh9vFHeZlAfRNlrJwGwEkACER4kN058%3D
x-request-id
86f97ca3-5bf7-47d5-8cd3-ecc54a24768c
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
max-age=14400
content-encoding
br
cf-cache-status
MISS
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729602852&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=y09XwUeEtAjxNh9vFHeZlAfRNlrJwGwEkACER4kN058%3D"}]}
via
1.1 vegur
cf-ray
8d69bfc2d8db4bd1-YUL
date
Tue, 22 Oct 2024 13:14:12 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-runtime
0.001738
server
cloudflare
Primary Request therma_bright
winningtrades.com/
Redirect Chain
  • https://www.vpdae.com/redirect/checked?check_id=m-6fd627ff-5777-9773-9260-sexavrfyqpuj&link_hash=7gdhjayet5cfqc8syc3hfxr56sx&token=03AFcWeA5g9a4g1_EXNqqkKagYa8Q-t1uT2JNzmHfeGifXamggqrsRDUWLLXCBNrvl...
  • https://winningtrades.com/therma_bright
26 KB
9 KB
Document
General
Full URL
https://winningtrades.com/therma_bright
Requested by
Host: www.vpdae.com
URL: https://www.vpdae.com/redirect/7gdhjayet5cfqc8syc3hfxr56sx?utm_source=elitetrade.club&utm_medium=newsletter&utm_campaign=mixed-q3-results-for-verizon-and-gm&_bhlid=31cd7e3a0f22cd80b190c7456d06e45a7042f6c6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
61b5d0a8e60b972c21b25bac9ad4c9caa4cd07f5ab3ab87850e42bcb4a10135e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Request headers

Referer
https://www.vpdae.com/redirect/7gdhjayet5cfqc8syc3hfxr56sx?utm_source=elitetrade.club&utm_medium=newsletter&utm_campaign=mixed-q3-results-for-verizon-and-gm&_bhlid=31cd7e3a0f22cd80b190c7456d06e45a7042f6c6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
8d69bfcaf9e97116-YYZ
content-encoding
br
content-security-policy
frame-ancestors 'none';
content-type
text/html
date
Tue, 22 Oct 2024 13:14:14 GMT
referrer-policy
origin
server
cloudflare
vary
Accept-Encoding
x-bubble-capacity-limit
0 ms slower
x-bubble-capacity-used
0.128 unit-seconds used
x-bubble-perf
{"total":305,"percents":{"top":{"bubble_cpu":18.3,"block":81.3,"capacity_rl":0,"other_pause":0,"pre_fiber":0.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":58.8,"appserver_cache_misses_time":0,"redis":87.2,"fiber_queue":4.5,"capacity_wait":0.9}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":8,"derived_cache_memory_misses":8,"serverjson":45,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":97,"fiber_queue":82,"blocks":81},"misc":{"userdb_results":1,"userdb_data":228,"spent_time":8349547}}
x-frame-options
DENY
x-powered-by
Express

Redirect headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8d69bfc8ad684bd1-YUL
content-type
text/html; charset=utf-8
date
Tue, 22 Oct 2024 13:14:13 GMT
location
https://winningtrades.com/therma_bright
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729602853&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=F7CwOFX67rK70BLCc622c47ptrA4fx7vmik7W4q5WRE%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1729602853&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=F7CwOFX67rK70BLCc622c47ptrA4fx7vmik7W4q5WRE%3D
server
cloudflare
via
1.1 vegur
x-request-id
a09992ec-848b-47e8-a27b-c4b85cdc4441
x-runtime
0.035960
early.js
winningtrades.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/
24 KB
9 KB
Script
General
Full URL
https://winningtrades.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://winningtrades.com
Referer
https://winningtrades.com/

Response headers

content-encoding
br
cf-cache-status
HIT
age
20460151
x-bubble-capacity-limit
0 ms slower
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
x-bubble-capacity-used
0.016 unit-seconds used
cf-ray
8d69bfcf6cf07116-YYZ
access-control-allow-origin
*
x-bubble-perf
{"total":59.8,"percents":{"top":{"bubble_cpu":11.6,"block":86.9,"capacity_rl":0,"other_pause":0,"pre_fiber":0.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":9.2,"appserver_cache_misses_time":0,"redis":9.6,"fiber_queue":1.1,"capacity_wait":10.1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1041703}}
x-powered-by
Express
server
cloudflare
run.css
winningtrades.com/package/run_css/4de1337f7dadfa72a25e99daeb43916adf9b89b4e0742eb013b552b1daa3dbc0/winningtrades/live/therma_bright/xfalse/xfalse/
73 KB
14 KB
Stylesheet
General
Full URL
https://winningtrades.com/package/run_css/4de1337f7dadfa72a25e99daeb43916adf9b89b4e0742eb013b552b1daa3dbc0/winningtrades/live/therma_bright/xfalse/xfalse/run.css
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
963ecfb4bf98969ac8bfec15f0ede5941ce3414b8f1ad3590ffe38fa8053453a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

content-encoding
br
cf-bgj
minify
cf-cache-status
HIT
age
40827
x-bubble-capacity-limit
0 ms slower
cf-polished
origSize=95472
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
x-bubble-capacity-used
0.067 unit-seconds used
cf-ray
8d69bfcf6cef7116-YYZ
access-control-allow-origin
*
x-bubble-perf
{"total":125.8,"percents":{"top":{"bubble_cpu":23.2,"block":74.2,"capacity_rl":0,"other_pause":0,"pre_fiber":0.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":12.1,"appserver_cache_misses_time":0,"redis":40.6,"fiber_queue":2.1,"capacity_wait":1.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":15,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":46,"fiber_queue":51,"blocks":50},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":4374885}}
x-powered-by
Express
server
cloudflare
pre_run_jquery.js
winningtrades.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/
88 KB
32 KB
Script
General
Full URL
https://winningtrades.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://winningtrades.com
Referer
https://winningtrades.com/

Response headers

content-encoding
br
cf-cache-status
HIT
age
20460151
x-bubble-capacity-limit
0 ms slower
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
x-bubble-capacity-used
0.128 unit-seconds used
cf-ray
8d69bfcf6cf17116-YYZ
access-control-allow-origin
*
x-bubble-perf
{"total":116.5,"percents":{"top":{"bubble_cpu":7.7,"block":92.1,"capacity_rl":0,"other_pause":0,"pre_fiber":0.3},"sub":{"pp_userdb":7.7,"pp_wait_userdb":0,"http_request":0,"serverjson":3.9,"appserver_cache_misses_time":0,"redis":17.4,"fiber_queue":1.4,"capacity_wait":1.5}},"counts":{"pp_userdb":2,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":21,"fiber_queue":25,"blocks":24},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":8346854}}
x-powered-by
Express
server
cloudflare
run.js
winningtrades.com/package/run_js/05e8a391fff0cbd251ade53b69c0eb45c53dac2f50895816f3ffa567b317d085/xfalse/x29/
3 MB
765 KB
Script
General
Full URL
https://winningtrades.com/package/run_js/05e8a391fff0cbd251ade53b69c0eb45c53dac2f50895816f3ffa567b317d085/xfalse/x29/run.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
683b90a5402ea01dca0d3b650012b1aae28fe15060eee9cebae216c659aa611d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://winningtrades.com
Referer
https://winningtrades.com/

Response headers

content-encoding
br
cf-cache-status
HIT
age
55426
x-bubble-capacity-limit
0 ms slower
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
x-bubble-capacity-used
0.251 unit-seconds used
cf-ray
8d69bfcf6cf37116-YYZ
access-control-allow-origin
*
x-bubble-perf
{"total":149.9,"percents":{"top":{"bubble_cpu":36.9,"block":58.8,"capacity_rl":0,"other_pause":0,"pre_fiber":1.8},"sub":{"pp_userdb":12,"pp_wait_userdb":0,"http_request":0,"serverjson":5.9,"appserver_cache_misses_time":0,"redis":13.9,"fiber_queue":1.6,"capacity_wait":2.3}},"counts":{"pp_userdb":2,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":20,"fiber_queue":26,"blocks":25},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":16296776}}
x-powered-by
Express
server
cloudflare
static.js
winningtrades.com/package/static_js/c176cea99d9a9f46fcadc697a4f5dbdc49b6c7c167386c8801213a58b290d917/winningtrades/live/therma_bright/xnull/xfalse/xfalse/xfalse/
810 KB
189 KB
Script
General
Full URL
https://winningtrades.com/package/static_js/c176cea99d9a9f46fcadc697a4f5dbdc49b6c7c167386c8801213a58b290d917/winningtrades/live/therma_bright/xnull/xfalse/xfalse/xfalse/static.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
37ec782f260baf91854194750d45ef07531f26bd82d4bb600fa0d48e9971ae21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://winningtrades.com
Referer
https://winningtrades.com/

Response headers

content-encoding
br
cf-cache-status
HIT
age
40826
x-bubble-capacity-limit
0 ms slower
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
x-bubble-capacity-used
0.093 unit-seconds used
cf-ray
8d69bfcf6cf57116-YYZ
access-control-allow-origin
*
x-bubble-perf
{"total":139.4,"percents":{"top":{"bubble_cpu":29,"block":69.6,"capacity_rl":0,"other_pause":0,"pre_fiber":0.4},"sub":{"pp_userdb":1.4,"pp_wait_userdb":0,"http_request":0,"serverjson":21.4,"appserver_cache_misses_time":0,"redis":46.9,"fiber_queue":5.1,"capacity_wait":1}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":7,"derived_cache_memory_misses":7,"serverjson":32,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":84,"fiber_queue":69,"blocks":68},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":6054459}}
x-powered-by
Express
server
cloudflare
dynamic.js
winningtrades.com/package/dynamic_js/4b3958153aef082dfdac4b929ec5377a701d525dbe1901a55d9c76220de6e010/winningtrades/live/therma_bright/xnull/xfalse/xfalse/en_us/xfalse/xfalse/
165 KB
34 KB
Script
General
Full URL
https://winningtrades.com/package/dynamic_js/4b3958153aef082dfdac4b929ec5377a701d525dbe1901a55d9c76220de6e010/winningtrades/live/therma_bright/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ead3d0ce072955194e4e6062c01e9fd7aa9e0503291e6e9cb15454e1a6bc23ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://winningtrades.com
Referer
https://winningtrades.com/

Response headers

content-encoding
br
cf-cache-status
HIT
age
40827
x-bubble-capacity-limit
0 ms slower
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
application/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
x-bubble-capacity-used
0.078 unit-seconds used
cf-ray
8d69bfcf6cf67116-YYZ
access-control-allow-origin
*
x-bubble-perf
{"total":152.7,"percents":{"top":{"bubble_cpu":17.6,"block":82.1,"capacity_rl":0,"other_pause":0,"pre_fiber":0.5},"sub":{"pp_userdb":2,"pp_wait_userdb":0,"http_request":0,"serverjson":5.7,"appserver_cache_misses_time":0,"redis":29.9,"fiber_queue":1.5,"capacity_wait":1.6}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":4,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":35,"fiber_queue":41,"blocks":40},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":5037909}}
x-powered-by
Express
server
cloudflare
swiper-bundle.min.css
cdn.jsdelivr.net/npm/swiper@11.1.4/
18 KB
4 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/swiper@11.1.4/swiper-bundle.min.css
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e6792bc2356c88d7cacf7351d64da1e7eaade694b9485daef7f4c84f5844968c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"47ff-d3a3yEz+9uIdA7uPkGvhHx1zZd4"
age
639588
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230023-FRA, cache-yul1970041-YUL
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
4464
x-jsd-version
11.1.4
swiper-bundle.min.js
cdn.jsdelivr.net/npm/swiper@11.1.4/
147 KB
43 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/swiper@11.1.4/swiper-bundle.min.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ac20020d60a9fd5cc8874aec07e8a940233d5c1bcef0735ed1f35239ae2ccacd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"24baf-SvYRfRJkVC7ONCBpuA5fO4KwFAk"
age
1749262
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230094-FRA, cache-yul1970041-YUL
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
43885
x-jsd-version
11.1.4
widgets.js
platform.twitter.com/
91 KB
27 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.44.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

content-encoding
gzip
etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
access-control-allow-methods
GET
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date
Tue, 22 Oct 2024 13:14:14 GMT
last-modified
Mon, 11 Dec 2023 17:20:28 GMT
vary
Accept-Encoding
x-served-by
cache-iad-kcgs7200137-IAD, cache-nyc-kteb1890082-NYC
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1800
tw-cdn
FT
accept-ranges
bytes
access-control-allow-origin
*
content-length
27597
x-amz-server-side-encryption
AES256
lottie-player.js
unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/
Redirect Chain
  • https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
  • https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
371 KB
120 KB
Script
General
Full URL
https://unpkg.com/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68b594d79a955d4237d365555d137be2842068c263d444f583556ee1f9a8cbc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"5cd35-FL4z5R7jgfyHeGPFiEURHtF1scw"
age
56263
x-content-type-options
nosniff
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JARG56TZH2JZXJGC6N4RCM0F-yul
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8d69bfd07f256e0b-YUL
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/@lottiefiles/lottie-player@2.0.4/dist/lottie-player.js
content-encoding
br
cf-cache-status
HIT
age
551
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8d69bfd03ee56e0b-YUL
access-control-allow-origin
*
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JAT59C1NW0NSSN5ZQ7PY21YH-yul
server
cloudflare
dotlottie-player.js
unpkg.com/@dotlottie/player-component@1.0.0/dist/
332 KB
113 KB
Script
General
Full URL
https://unpkg.com/@dotlottie/player-component@1.0.0/dist/dotlottie-player.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19aa295521f5fe3828d378798ce690ff429956271afab0ac12883f188bcf95be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"52f95-a5ortVpVcaDVdN2fO+5oFj6JbNE"
age
6966411
x-content-type-options
nosniff
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J4AJ476BK339VJTBM5W3JDW4-yul
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8d69bfd03ee86e0b-YUL
access-control-allow-origin
*
server
cloudflare
lottie-interactivity.min.js
unpkg.com/@lottiefiles/lottie-interactivity@1.6.2/dist/
Redirect Chain
  • https://unpkg.com/@lottiefiles/lottie-interactivity@latest/dist/lottie-interactivity.min.js
  • https://unpkg.com/@lottiefiles/lottie-interactivity@1.6.2/dist/lottie-interactivity.min.js
20 KB
7 KB
Script
General
Full URL
https://unpkg.com/@lottiefiles/lottie-interactivity@1.6.2/dist/lottie-interactivity.min.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d4cb67a77ccaac1eb6226ad28e5c991a57a03a8aea99e85523b7e0df6694770
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"4f2c-jEDFlsTFN2OEDC3P02SAdZDlWAQ"
age
6991309
x-content-type-options
nosniff
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J49TCDN8CAZ72GDMVH7W36XQ-yul
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8d69bfd07f286e0b-YUL
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/@lottiefiles/lottie-interactivity@1.6.2/dist/lottie-interactivity.min.js
content-encoding
br
cf-cache-status
HIT
age
375
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8d69bfd03ee66e0b-YUL
access-control-allow-origin
*
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JAT5EQDSY4WS13G7NH2FTHY1-yul
server
cloudflare
index.js
cdn.jsdelivr.net/npm/citizendev-bubble-utils@latest/dist/
3 KB
2 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/citizendev-bubble-utils@latest/dist/index.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1bd9724e3096fd34d6240a2aff5a6d7a46cf99ad3e5e529e0fe0bd95e26395a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://winningtrades.com
Referer
https://winningtrades.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"a7c-dTABh+FPDWWm/9oyORG1jwCeWFE"
age
21364
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230068-FRA, cache-yul1970074-YUL
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
1228
x-jsd-version
0.0.10
quill.min.js
cdn.quilljs.com/1.3.6/
210 KB
46 KB
Script
General
Full URL
https://cdn.quilljs.com/1.3.6/quill.min.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de86018869b5e845bdc101fc1b55611a1e375e08af6cee4a681d7446103da611
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"c2734fd6895bdfba13245fc2cda12202"
age
554428
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BVmMeGs0CsO6up17gPP%2BjLxk%2FqITabhsSvZqVfv9tmJPybd6Nr7IOHRJUhze0v1YdaU%2BZa57LmzBPoTI4a%2Fomo2qOlPjekjm%2FFMbhgLxBlm%2F8eMlA1xoJJuEdoLy80JvMXo0nvJwKRSdK789xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d69bfd03ca2a290-YUL
access-control-allow-origin
*
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
application/javascript
last-modified
Mon, 22 Apr 2024 16:07:39 UTC
vary
Accept-Encoding, Accept-Encoding
server
cloudflare
quill.snow.css
cdn.quilljs.com/1.3.6/
24 KB
4 KB
Stylesheet
General
Full URL
https://cdn.quilljs.com/1.3.6/quill.snow.css
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
892e299431955e9ae388ae257f72024ee76af2d52a7a97a868f70fbe50f16144
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"9b536bda67650c506df72197baec4c01"
age
96324
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UmmCGM9N%2BMUu%2FXUhnMdzdRy%2FZQvuFAXTVL64fDhW0j%2BU9SysY%2Fo%2FmJjypJSVGE9jGFTshvHOhDsbGxyeVbx%2BrPADkGLgUiTSUX8XGPaq1NpLLpeyfTh3naFUTs6Md%2BDRiUu288x6BI04EH8hJA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d69bfd03c9fa290-YUL
access-control-allow-origin
*
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 22 Apr 2024 16:07:39 UTC
vary
Accept-Encoding, Accept-Encoding
server
cloudflare
quill.bubble.css
cdn.quilljs.com/1.3.6/
25 KB
4 KB
Stylesheet
General
Full URL
https://cdn.quilljs.com/1.3.6/quill.bubble.css
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48b1b42379c43ddbbf6ca013334f983068a10a62f6d223432a166872ec0ec0e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"1481f6f60c160d773a7533c2db8c95fd"
age
322206
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M9rB1fG96pwYLSubkZt%2Fu%2F8r2y5n7qED7HrODBw9syUOzlJ63Owpm5QMI0RiMEW6BcSzyJX6TOUW7KGYWeK%2BRFo4KKhX0YKiEimfUbSu2wZiMaCPFvuRAM5zZZ6FYHV%2BiTcnUyJBGR2skWSGDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d69bfd03ca1a290-YUL
access-control-allow-origin
*
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 22 Apr 2024 16:07:39 UTC
vary
Accept-Encoding, Accept-Encoding
server
cloudflare
image-resize.min.js
3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1636107911716x342265603042299900/
27 KB
8 KB
Script
General
Full URL
https://3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1636107911716x342265603042299900/image-resize.min.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.124.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1c53b3339955bc59c534428474ecf96bc825f9b824754b84652d484adf67209

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

x-amz-meta-app-version
aless-fix-credits
content-encoding
br
cf-cache-status
HIT
etag
W/"c6329b8b4f764d9983d291c02ac2389d"
x-amz-version-id
I3KCV2PdUCTGK0pzaG4ro7k1XsZ1ftAb
age
83422
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
text/javascript
last-modified
Fri, 05 Nov 2021 10:25:13 GMT
vary
Accept-Encoding
x-amz-id-2
Aok/MNU1jtoN1yy3h6OkldpXe5EBzcFKUOatpgpivjOj6OtzSgGGGpDoFz05YwTe5NNThB+jPhJ+hmGsETXsas5SEsglFVZw
cache-control
public,max-age=86400
x-amz-meta-appname
meta
x-amz-request-id
ACCKWJSSMGMH5E5Y
cf-ray
8d69bfd02b69abbe-YYZ
server
cloudflare
x-amz-server-side-encryption
AES256
css
fonts.googleapis.com/
13 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Arial|Tinos|Raleway|Cousine|Open+Sans|Droid+Sans|Mizra
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f649962625d75ad320e6e08c7408167861ebc287ba3d6069ca01b7ce086d310
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 22 Oct 2024 13:14:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 22 Oct 2024 13:04:22 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Droid+Serif|EB+Garamond|PT+Sans|Ubuntu|Lato|Oswald|ABeeZee
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0faa25ae64edb714ae1148409c1e2ac4c0c84c6babcdd261b6b65cae42108fc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 22 Oct 2024 13:14:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 22 Oct 2024 13:14:14 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro|Alegreya|B612|Muli|Titillium|Varela|Volkorn|IBM+Plex|Crimson+Text|Cairo
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
08ae2d94daffc1537d98d92554c8e95937064fd9b827d3910b1aafdccd6fb7f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 22 Oct 2024 13:14:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 22 Oct 2024 12:47:31 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
4 KB
865 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Frank+Ruhl+Libre|Playfair+Display|Archivo
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7c96830aca4e709794d74b7b6d93d6e4e0f6c762ff21d8c96147b2eca86d8df2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 22 Oct 2024 13:14:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 22 Oct 2024 11:18:46 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
12 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Spectral|Fjalla+One|Roboto|Montserrat|Monospace|Serif|Sans-serif|Rubik|Source+Sans|Cardo|Cormorant
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1f1e36121cffdeced7b6bec3c6d0cd056004fe7ecbb51aba7991cc19d5ae78e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 22 Oct 2024 13:14:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 22 Oct 2024 13:14:14 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
13 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Work+Sans|Rakkas|Concert+One|Yatra+One|Arvo|Abril+Fatface|Ubuntu|PT+Serif|Old+Standard+TT|Oswald
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e8ccf814e7037888a21acd3e59fd28b265ddf7d04bbd38c5b41c99ec53311b1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 22 Oct 2024 13:14:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 22 Oct 2024 13:10:58 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
22 KB
3 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Sans|Poppins|Fira+Sans|Nunito|Oxygen|Exo+2|Open+Sans|Merriweather|Noto+Sans|Source+Sans+Pro
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
492c84a35f8efbb0a618bcf452deb28247326510c9fa896f443db0ad22a31027
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 22 Oct 2024 13:14:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 22 Oct 2024 13:10:01 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
6 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=BioRhyme|Karla|Lora|Mizra
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3929faed6f620d4993ccb7f980dcf8301046ede0ebbe1995a4ceb9e312aa07ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 22 Oct 2024 13:14:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 22 Oct 2024 13:14:14 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
rte-fonts.css
3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1585640996566x197128756908218080/
6 KB
1 KB
Stylesheet
General
Full URL
https://3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1585640996566x197128756908218080/rte-fonts.css
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.124.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83ce3e812921923e726be63f1dffb087ff1fcd0c3e39250c1286ebbb908f0acb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

x-amz-meta-app-version
live
content-encoding
br
cf-bgj
minify
etag
W/"7f0c2df1402262d9b3107b768c8acfbb"
x-amz-version-id
WGq5S1nZq.zanKJ6uzkiaqadV8QDj6WW
age
67173
cf-cache-status
HIT
cf-polished
origSize=7312
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
text/css
last-modified
Tue, 31 Mar 2020 07:49:57 GMT
vary
Accept-Encoding
x-amz-id-2
Yry/AE6iOfnk953U3C0ljfhdklHQsQj2t2qLfxkAcjLqajwxCBsu+FaD/RrqdzzNTD8Z0t8L0kA=
cache-control
public,max-age=86400
x-amz-meta-appname
meta
x-amz-request-id
RG6XFZTR9R225QYY
cf-ray
8d69bfd02b66abbe-YYZ
server
cloudflare
platform_compressed.js
3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1593946126189x197544584808178940/
14 KB
7 KB
Script
General
Full URL
https://3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1593946126189x197544584808178940/platform_compressed.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.124.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c039b6e245af3041933a2e283eb929be6c05618616e34ef2b8e3ca2bb368007

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

x-amz-meta-app-version
live
content-encoding
br
cf-cache-status
HIT
etag
W/"b21b9f252fb6c5c25ac24ab2fd546a32"
x-amz-version-id
mTTPnxjqytAN.Rq0oNpMhFc64KfN0fUA
age
83422
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
text/javascript
last-modified
Sun, 05 Jul 2020 10:48:47 GMT
vary
Accept-Encoding
x-amz-id-2
tHW1l7Z0l1Lm2+4rEaKJ1PCcEg36lLrhlNJvkpz9zB1JDaNTrk+Yeb9DlXddFx5zk2NNudSVbJ/9bSrVLV/TWo4d85PNgliw9gu2L77t1Cg=
cache-control
public,max-age=86400
x-amz-meta-appname
meta
x-amz-request-id
9W0C41DMG0CZY19E
cf-ray
8d69bfd02b68abbe-YYZ
server
cloudflare
iconify.min.js
code.iconify.design/1/1.0.7/
22 KB
8 KB
Script
General
Full URL
https://code.iconify.design/1/1.0.7/iconify.min.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:479f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a80c2efe80248a6ddbbf8f13b2632501da332c5a487efccacee6a9f33074f18e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

x-fastly-request-id
5733283779896b92d0b58067e9ae2417a380bd1c
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67055124-596e"
age
196
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JcRyCHKS4A9POa68H4%2BKS5QxsY7FT00OIULqv%2Fd7MZ2Acn0IiPHmcuhsEi39zA8mAlnj4BjQp9d1gTm93Y1SzOOv30cKSBByw4xrHcHdGcc0IFZ8Bjr1yvQExHG8rxWDW0zFd5XTmOlJLW6Ptm6OaJE%3D"}],"group":"cf-nel","max_age":604800}
x-github-request-id
DD5E:362EAA:BE2472:CEBEC2:67055268
expires
Tue, 22 Oct 2024 12:27:50 GMT
x-proxy-cache
MISS
x-cache
HIT
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-yul1970075-YUL
x-cache-hits
1
last-modified
Tue, 08 Oct 2024 15:35:00 GMT
vary
Accept-Encoding
cache-control
max-age=172800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer
S1729105411.710190,VS0,VE1
via
1.1 varnish
cf-ray
8d69bfd039097157-YUL
accept-ranges
bytes
access-control-allow-origin
*
content-length
7857
x-origin-cache
HIT
server
cloudflare
production.min.js
cdn.jsdelivr.net/gh/joeymalvinni/webrtc-ip/dist/
4 KB
2 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/joeymalvinni/webrtc-ip/dist/production.min.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3a6733e85a8e7daed51893fb8c1ec84fcb06627dc8b78dc614ad85ca967a6501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"10b2-wWyor/Ey3d2s5Lzum+lBNIcSW5A"
age
27572
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220066-FRA, cache-yul1970041-YUL
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
1185
x-jsd-version
3.5.4
video-js.css
vjs.zencdn.net/7.20.3/
46 KB
11 KB
Stylesheet
General
Full URL
https://vjs.zencdn.net/7.20.3/video-js.css
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a600e503fc0dcb171bd2ce6b639bbb5cf35b91ccc3c045324a7a4e2603683a0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

timing-allow-origin
*
content-encoding
gzip
etag
"92c4f5bba6e24134f07a508819300d2e"
access-control-allow-origin
*
x-cache
HIT
content-length
10964
date
Tue, 22 Oct 2024 13:14:14 GMT
last-modified
Fri, 09 Sep 2022 18:11:04 GMT
content-type
text/css
x-served-by
cache-yul1970026-YUL
x-cache-hits
1
vary
Accept-Encoding
video.min.js
vjs.zencdn.net/7.20.3/
570 KB
160 KB
Script
General
Full URL
https://vjs.zencdn.net/7.20.3/video.min.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
46763816babdcf547c1cbedf9a54a7295648cbc1ae648f5620c8e11264b01fcc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

timing-allow-origin
*
content-encoding
gzip
etag
"e8501cee3dd39de15e41eeb3298c9576"
access-control-allow-origin
*
x-cache
HIT
content-length
163091
date
Tue, 22 Oct 2024 13:14:14 GMT
last-modified
Fri, 09 Sep 2022 18:11:04 GMT
content-type
application/javascript
x-served-by
cache-yul1970026-YUL
x-cache-hits
5
vary
Accept-Encoding
Youtube.min.js
cdn.jsdelivr.net/npm/videojs-youtube@2.6.1/dist/
14 KB
4 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/videojs-youtube@2.6.1/dist/Youtube.min.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7d39b75f8d8895c21e8f271d6b110535f413f39d348da21dc0e669d2769ed41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"3678-YVZMRnLb6HnSGpkW8sui0W2NjYk"
age
1761683
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220130-FRA, cache-yul1970041-YUL
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
4093
x-jsd-version
2.6.1
videojs-vimeo.js
cdn.jsdelivr.net/npm/videojs7-vimeo@2.0.3/dist/
77 KB
19 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/videojs7-vimeo@2.0.3/dist/videojs-vimeo.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
864a0ef9790846a1508ce85f71d18c0d87fed5181f9bebe6684e0254db88b909
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"1328a-aCmXgzSBqV26sFQJldzSomP4mjc"
age
3294581
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230159-FRA, cache-yul1970041-YUL
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
19395
x-jsd-version
2.0.3
wistia.js
3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1600517538377x582687689465610100/
12 KB
4 KB
Script
General
Full URL
https://3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io/f1600517538377x582687689465610100/wistia.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.124.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1726ef5b0ce20ebb8f89227c1b206d1c354304c9fd0ca7c4beb44c92faa3ab6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

x-amz-meta-app-version
live
content-encoding
br
cf-cache-status
HIT
etag
W/"ad7ae326caa856784dcfdd60c3d30bda"
x-amz-version-id
fSCI.9xIvhAzue63lMCwZdwAeK506gqs
age
83422
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
text/javascript
last-modified
Sat, 19 Sep 2020 12:12:19 GMT
vary
Accept-Encoding
x-amz-id-2
uNcQRThZa5xzltlDyZwR4PW8F3gKFfo+5uqCfCD3DFGffZzHeJ24v5gRmpZZ4Azz9iB8OsmCHyA=
cache-control
public,max-age=86400
x-amz-meta-appname
meta
x-amz-request-id
RWXFRVHHR47291SX
cf-ray
8d69bfd02b64abbe-YYZ
server
cloudflare
jsVideoUrlParser.min.js
cdn.jsdelivr.net/npm/js-video-url-parser@0.4.1/dist/
17 KB
5 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/js-video-url-parser@0.4.1/dist/jsVideoUrlParser.min.js
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e8a987fd3ead2a48ab99ae5fd18c4fb1e320ab61930218eaf1757e83732ff5b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"4499-5iKfgqSa18I3qCzlvy61JyOTfs4"
age
2373529
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220143-FRA, cache-yul1970041-YUL
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
4732
x-jsd-version
0.4.1
viblast.js
cdn.viblast.com/vb/stable/
0
0

css
fonts.googleapis.com/
23 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:regular%7COpen+Sans:500%7COpen+Sans:600%7COpen+Sans:700
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba2587470e7ef35b0b0b9a489d5935c4775dd29d0f1f322bb3ffd078ce161c0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 22 Oct 2024 13:14:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 13:14:14 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 22 Oct 2024 13:14:14 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
data
winningtrades.com/api/1.1/init/
305 B
1 KB
XHR
General
Full URL
https://winningtrades.com/api/1.1/init/data?location=https%3A%2F%2Fwinningtrades.com%2Ftherma_bright
Requested by
Host: winningtrades.com
URL: https://winningtrades.com/therma_bright
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.36.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6f164fc5b48026bd0e7a2cfa7c31b7c3ab991692918142de87886b83e7f29769

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

x-bubble-capacity-used
0.111 unit-seconds used
cf-cache-status
DYNAMIC
cf-ray
8d69bfcfdad9a232-YYZ
x-bubble-capacity-limit
0 ms slower
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 13:14:14 GMT
x-bubble-perf
{"total":357,"percents":{"top":{"bubble_cpu":2.2,"block":97.4,"capacity_rl":0,"other_pause":0,"pre_fiber":0.2},"sub":{"pp_userdb":0.8,"pp_wait_userdb":0,"http_request":0,"serverjson":168.7,"appserver_cache_misses_time":0,"redis":92.2,"fiber_queue":2.8,"capacity_wait":0.7}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":17,"fiber_queue":21,"blocks":20},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":7201387}}
x-powered-by
Express
server
cloudflare
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular%7COpen+Sans:500%7COpen+Sans:600%7COpen+Sans:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://winningtrades.com
Referer
https://fonts.googleapis.com/

Response headers

age
542089
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 06:39:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 06:39:25 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
iframe_api
www.youtube.com/
0
0

o3s3yx3sn1
www.clarity.ms/tag/
0
0

tfa.js
cdn.taboola.com/libtrc/unip/1095034/
0
0

fbevents.js
connect.facebook.net/en_US/
0
0

truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://winningtrades.com/

Response headers

Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.viblast.com
URL
https://cdn.viblast.com/vb/stable/viblast.js
Domain
www.youtube.com
URL
https://www.youtube.com/iframe_api
Domain
www.clarity.ms
URL
https://www.clarity.ms/tag/o3s3yx3sn1
Domain
cdn.taboola.com
URL
https://cdn.taboola.com/libtrc/unip/1095034/tfa.js
Domain
connect.facebook.net
URL
https://connect.facebook.net/en_US/fbevents.js

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| bubble_session_uid object| headers_source_maps function| make_proxy function| appquery function| Lib function| load_error_function object| load_error_log function| disableLoadErrorFunction object| _bubble_page_load_data object| webfont object| WebFont function| FontFaceObserver string| gm_key string| bubble_page_load_id string| bubble_plp_token string| _p string| bubble_page_name function| $ function| jQuery string| bubble_bundle_name function| clearImmediate function| setImmediate object| BrowserDetect function| highlight_dom_changes function| local_storage_fallback object| u function| google_web_fonts_active_cb function| fontface_webfonts_loaded_cb object| element_performance_counts function| kill_notifier_socket function| restore_notifier_socket object| client_db object| safe_require object| __algolia object| testing function| authenticate_as object| document_ready_key function| gapListener function| display_page function| switch_page boolean| google_web_fonts_active object| fontface_loaded boolean| all_fontface_loaded object| preloaded object| __code__ function| Inputmask number| bubble_version object| optional_modules object| plugins object| bubble_run_derived object| translation_data object| language_data string| application_language object| app function| everything_ready function| wait_for_everything function| Swiper object| lottie-player object| reactiveElementVersions object| litHtmlVersions object| litElementVersions object| dotlottie-player function| JSCompiler_renameProperty object| LottieInteractivity function| Quill object| ImageResize object| platform object| Iconify object| SimpleSVG function| is_ipv4 function| is_ipv6 object| simpleIPRegex function| peer function| publicIPs function| getIPTypes function| getIPv4 function| getIPv6 function| getIPs object| vttjs function| WebVTT function| videojs boolean| VimeoPlayerResizeEmbeds_ object| videojsVimeo object| urlParser function| clarity object| _tfa function| fbq function| _fbq object| __twttrll object| twttr object| __twttr

6 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AGteOyoKUGqA4apx49JCLbNLnR7Ler3m9dlvHuYO9gKG6rSGJE41Qp4sH7V3JToY7FZxoIU-WTNwRZstgjSHBgw
.beehiiv.com/ Name: __cf_bm
Value: GfOzwEDmdtCoaX7gZF8vkOAL_CxTLFnOGs1amxaybsw-1729602850-1.0.1.1-En858lJs1bllXeqY78DhJpnF6sSxd1tSOdfQf9OpL7qROlsv9R7Osz1u6xoleYolUo0nXakAPi5kJql57J3vvg
www.vpdae.com/ Name: email_activity
Value: %7B%22token%22%3A%22qgiaievfeaoadsxukixgshwrxvumwmgtcpwpahrctnulsascqc%22%2C%22c_ids%22%3A%5B9773%5D%7D
.winningtrades.com/ Name: winningtrades_live_u2main
Value: bus|1729602853919x347456286215867650|1729602853964x530665551171611840
.winningtrades.com/ Name: winningtrades_live_u2main.sig
Value: 0Aq-K-Xrkan0fOX13HNYgL43fwo
.winningtrades.com/ Name: winningtrades_u1main
Value: 1729602853919x347456286215867650

2 Console Messages

Source Level URL
Text
network error URL: https://www.vpdae.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cdn.viblast.com/vb/stable/viblast.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3a9ce344f5b5a70712b5a47c7e0848b9.cdn.bubble.io
cdn.jsdelivr.net
cdn.quilljs.com
cdn.taboola.com
cdn.viblast.com
code.iconify.design
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
link.mail.beehiiv.com
platform.twitter.com
unpkg.com
vjs.zencdn.net
winningtrades.com
www.clarity.ms
www.google.com
www.gstatic.com
www.vpdae.com
www.youtube.com
cdn.taboola.com
cdn.viblast.com
connect.facebook.net
www.clarity.ms
www.youtube.com
104.16.36.105
104.17.124.183
142.250.80.100
142.251.40.195
142.251.41.3
151.101.44.157
2606:4700:20::681a:be0
2606:4700:20::ac43:479f
2606:4700:3108::ac42:2b5d
2606:4700::6811:f5cb
2606:4700::6812:4428
2607:f8b0:4006:81c::200a
2a04:4e42:600::485
2a04:4e42::729
08ae2d94daffc1537d98d92554c8e95937064fd9b827d3910b1aafdccd6fb7f0
0faa25ae64edb714ae1148409c1e2ac4c0c84c6babcdd261b6b65cae42108fc2
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
19aa295521f5fe3828d378798ce690ff429956271afab0ac12883f188bcf95be
1bd9724e3096fd34d6240a2aff5a6d7a46cf99ad3e5e529e0fe0bd95e26395a4
1f1e36121cffdeced7b6bec3c6d0cd056004fe7ecbb51aba7991cc19d5ae78e7
37ec782f260baf91854194750d45ef07531f26bd82d4bb600fa0d48e9971ae21
3929faed6f620d4993ccb7f980dcf8301046ede0ebbe1995a4ceb9e312aa07ac
3a6733e85a8e7daed51893fb8c1ec84fcb06627dc8b78dc614ad85ca967a6501
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
46763816babdcf547c1cbedf9a54a7295648cbc1ae648f5620c8e11264b01fcc
48b1b42379c43ddbbf6ca013334f983068a10a62f6d223432a166872ec0ec0e9
492c84a35f8efbb0a618bcf452deb28247326510c9fa896f443db0ad22a31027
5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d
5df4da5ea4b97a8b1c3ba13f3ec326ad33271853aae19c7972a3f921a16f1887
61b5d0a8e60b972c21b25bac9ad4c9caa4cd07f5ab3ab87850e42bcb4a10135e
683b90a5402ea01dca0d3b650012b1aae28fe15060eee9cebae216c659aa611d
68b594d79a955d4237d365555d137be2842068c263d444f583556ee1f9a8cbc1
6d4cb67a77ccaac1eb6226ad28e5c991a57a03a8aea99e85523b7e0df6694770
6f164fc5b48026bd0e7a2cfa7c31b7c3ab991692918142de87886b83e7f29769
7c96830aca4e709794d74b7b6d93d6e4e0f6c762ff21d8c96147b2eca86d8df2
7f649962625d75ad320e6e08c7408167861ebc287ba3d6069ca01b7ce086d310
819bec1b545db8586452976e5f556b797c157200eff90d9711f4e7cb7479ceae
83ce3e812921923e726be63f1dffb087ff1fcd0c3e39250c1286ebbb908f0acb
864a0ef9790846a1508ce85f71d18c0d87fed5181f9bebe6684e0254db88b909
892e299431955e9ae388ae257f72024ee76af2d52a7a97a868f70fbe50f16144
8c039b6e245af3041933a2e283eb929be6c05618616e34ef2b8e3ca2bb368007
963ecfb4bf98969ac8bfec15f0ede5941ce3414b8f1ad3590ffe38fa8053453a
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a600e503fc0dcb171bd2ce6b639bbb5cf35b91ccc3c045324a7a4e2603683a0f
a80c2efe80248a6ddbbf8f13b2632501da332c5a487efccacee6a9f33074f18e
ac20020d60a9fd5cc8874aec07e8a940233d5c1bcef0735ed1f35239ae2ccacd
ba2587470e7ef35b0b0b9a489d5935c4775dd29d0f1f322bb3ffd078ce161c0a
d1c53b3339955bc59c534428474ecf96bc825f9b824754b84652d484adf67209
d7d39b75f8d8895c21e8f271d6b110535f413f39d348da21dc0e669d2769ed41
de86018869b5e845bdc101fc1b55611a1e375e08af6cee4a681d7446103da611
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6792bc2356c88d7cacf7351d64da1e7eaade694b9485daef7f4c84f5844968c
e8a987fd3ead2a48ab99ae5fd18c4fb1e320ab61930218eaf1757e83732ff5b3
e8ccf814e7037888a21acd3e59fd28b265ddf7d04bbd38c5b41c99ec53311b1a
ead3d0ce072955194e4e6062c01e9fd7aa9e0503291e6e9cb15454e1a6bc23ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1726ef5b0ce20ebb8f89227c1b206d1c354304c9fd0ca7c4beb44c92faa3ab6