urlscan.io logo urlscan.io
SecurityTrails logo

lps.winspark.com Open in urlscan Pro
147.78.140.59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://echo7.bluehornet.com/ct/58585238:6p7mF72eN:m:1:3293120753:44D6CFF0EC1205777D4B0274D5673DB0:r
Effective URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX...
Submission: On October 24 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 34 HTTP transactions. The main IP is 147.78.140.59, located in Bulgaria and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is lps.winspark.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 31st 2021. Valid for: a year.
This is the only time lps.winspark.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 44.228.70.130 16509 (AMAZON-02)
1 1 104.18.191.136 13335 (CLOUDFLAR...)
1 3 147.78.140.9 209242 (CLOUDFLAR...)
2 147.78.140.59 209242 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
7 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 147.78.140.26 209242 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 147.78.140.42 209242 (CLOUDFLAR...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 18.66.97.10 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.222.236.43 16509 (AMAZON-02)
1 18.66.112.107 16509 (AMAZON-02)
34 14
1    44.228.70.130 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-70-130.us-west-2.compute.amazonaws.com
echo7.bluehornet.com
1    104.18.191.136 (United States)

ASN13335 (CLOUDFLARENET, US)
wpnetopartners.com
3    147.78.140.9 (Bulgaria)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
click.power-ppp.com
2    147.78.140.59 (Bulgaria)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
lps.winspark.com
4    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a02:26f0:6c00::210:ba0a (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
8    147.78.140.26 (Bulgaria)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
ng-cms.winspark.com
2    2606:4700:3035::6815:d44 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cg-platform.com
1    147.78.140.42 (Bulgaria)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
js.maxmnp.com
1    2a02:26f0:6c00:2ae::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
static.hotjar.com
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.222.236.43 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net
script.hotjar.com
1    18.66.112.107 (United States)

ASN16509 (AMAZON-02, US)
vars.hotjar.com
Domain Requested by
8 ng-cms.winspark.com lps.winspark.com
7 use.typekit.net lps.winspark.com
use.typekit.net
4 fonts.googleapis.com lps.winspark.com
3 click.power-ppp.com 1 redirects js.maxmnp.com
2 cdn.cg-platform.com lps.winspark.com
2 www.google-analytics.com lps.winspark.com
www.google-analytics.com
2 lps.winspark.com lps.winspark.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.googletagmanager.com lps.winspark.com
1 static.hotjar.com lps.winspark.com
1 p.typekit.net use.typekit.net
1 js.maxmnp.com lps.winspark.com
1 ajax.googleapis.com lps.winspark.com
1 wpnetopartners.com 1 redirects
1 echo7.bluehornet.com 1 redirects
34 16

This site contains no links.

Subject Issuer Validity Valid
lps.winspark.com
Cloudflare Inc ECC CA-3		 2021-08-31 -
2022-08-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-31 -
2022-08-30		 a year crt.sh
js.maxmnp.com
Cloudflare Inc ECC CA-3		 2021-08-17 -
2022-08-16		 a year crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-16 -
2022-07-21		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
click.power-ppp.com
Cloudflare Inc ECC CA-3		 2021-08-22 -
2022-08-21		 a year crt.sh

This page contains 2 frames:

Primary Page: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Frame ID: AE4EAA77C65D4FBBED52A21F4C4C9CBA
Requests: 33 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Frame ID: 3FF6831F971072AF3FA66A643D024226
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Wild Leprechaun | de | euro

Page URL History Show full URLs

  1. http://echo7.bluehornet.com/ct/58585238:6p7mF72eN:m:1:3293120753:44D6CFF0EC1205777D4B0274D5673DB0:r HTTP 302
    https://wpnetopartners.com/_WtlwkeVC-OP6ZvQzL5ukL2Nd7ZgqdRLk/5/?pg=0&payload=XXX HTTP 301
    https://click.power-ppp.com/click/6087d0ff2a4cf?affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=X... HTTP 302
    https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7Zgqd... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

100 %
HTTPS

44 %
IPv6

11
Domains

16
Subdomains

14
IPs

4
Countries

843 kB
Transfer

1312 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://echo7.bluehornet.com/ct/58585238:6p7mF72eN:m:1:3293120753:44D6CFF0EC1205777D4B0274D5673DB0:r HTTP 302
    https://wpnetopartners.com/_WtlwkeVC-OP6ZvQzL5ukL2Nd7ZgqdRLk/5/?pg=0&payload=XXX HTTP 301
    https://click.power-ppp.com/click/6087d0ff2a4cf?affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media= HTTP 302
    https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lps.winspark.com/wildLeprechaun/de/euro/
Redirect Chain
  • http://echo7.bluehornet.com/ct/58585238:6p7mF72eN:m:1:3293120753:44D6CFF0EC1205777D4B0274D5673DB0:r
  • https://wpnetopartners.com/_WtlwkeVC-OP6ZvQzL5ukL2Nd7ZgqdRLk/5/?pg=0&payload=XXX
  • https://click.power-ppp.com/click/6087d0ff2a4cf?affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=
  • https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe15...
22 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.78.140.59 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6341bef2238f65073ad19a7a57ab3bc566ee1c07cb81770d3876e5c3d9d4bfd

Request headers

:method
GET
:authority
lps.winspark.com
:scheme
https
:path
/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
content-type
text/html
last-modified
Mon, 03 May 2021 14:11:43 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a31c3d089bc433f-FRA
content-encoding
gzip

Redirect headers

date
Sun, 24 Oct 2021 08:16:46 GMT
content-type
text/html; charset=UTF-8
rd
err: No redis
set-cookie
Click_6087cbbe155ee=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%2213351%22%3B%7D; expires=Tue, 23-Nov-2021 08:16:46 GMT; Max-Age=2592000; path=/ Count=1; expires=Tue, 23-Nov-2021 08:16:46 GMT; Max-Age=2592000; path=/
location
https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a31c3cf7f70c2fe-FRA
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@600;800;900&display=swap
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0b54243d2e4d631924e2c970df43573c04431d0165ff65807c035700c1e7f8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 08:16:46 GMT
server
ESF
date
Sun, 24 Oct 2021 08:16:46 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sun, 24 Oct 2021 08:16:46 GMT
cly3jnl.css
use.typekit.net/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/cly3jnl.css
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0c478963a2f5876b510f891bbaa2b813e0e68255b6e3732eef6b878cb0bcb058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Sun, 24 Oct 2021 08:16:46 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1739
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
972
date
Sun, 24 Oct 2021 08:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Sun, 24 Oct 2021 10:00:34 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 14:33:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63823
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sun, 23 Oct 2022 14:33:03 GMT
css2
fonts.googleapis.com/ 		1 KB
508 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@700&display=swap
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6409c4e0df68022b76429e1521e7043755c93e5785e0d383d9d0ddf611762944
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 08:16:46 GMT
server
ESF
date
Sun, 24 Oct 2021 08:16:46 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sun, 24 Oct 2021 08:16:46 GMT
css2
fonts.googleapis.com/ 		1 KB
496 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Anton&display=swap
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
91bb9babf9b922d9670efbad516ad7b026cc8bf763e1b5aaccb2e58c451e060a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 07:49:23 GMT
server
ESF
date
Sun, 24 Oct 2021 08:16:46 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sun, 24 Oct 2021 08:16:46 GMT
css2
fonts.googleapis.com/ 		2 KB
624 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300&display=swap
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f10fd88c3496b700fe1bf3cf205d6e10d635331860d9b809c9d107861914288f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 07:53:18 GMT
server
ESF
date
Sun, 24 Oct 2021 08:16:46 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sun, 24 Oct 2021 08:16:46 GMT
logo.png
ng-cms.winspark.com/LPs/wildLeprechaun/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng-cms.winspark.com/LPs/wildLeprechaun/logo.png
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.78.140.26 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
612eea2def437947ee390f9fc4c31aa2c802549ef5e5800ed84fddba131602a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
cf-cache-status
REVALIDATED
x-guploader-uploadid
ADPycduvZipzY3lgmNGYRrxGR4Ir77nLVM8Khjn6c33GpIVy_bJH6yiHLJIe3F-ln1RCAM_OY3-jtQeysoYJdio-Aa8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
7276
last-modified
Wed, 21 Apr 2021 08:08:53 GMT
server
cloudflare
etag
"b8f20e669d5e6b33211bb3a3c908808b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=fZgZMg==, md5=uPIOZp1eazMhG7OjyQiAiw==
x-goog-generation
1618992533218180
cache-control
public, max-age=14400
x-goog-stored-content-length
7276
accept-ranges
bytes
cf-ray
6a31c3d1de70dfdb-FRA
expires
Sun, 24 Oct 2021 12:16:46 GMT
placer-desktop.png
ng-cms.winspark.com/LPs/wildLeprechaun/ 		434 B
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng-cms.winspark.com/LPs/wildLeprechaun/placer-desktop.png
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.78.140.26 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ce67a9a118ddc084a68a190d3019e1e74d5672c87d260756f535f3f34674b1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
cf-cache-status
REVALIDATED
x-guploader-uploadid
ADPycduUpDLcHCKXDExsbSxsX2iOvf1EJexcfNFIqOhle3wTLqdY7ptquH4woRurbfaohxNso7ZZ_QJdxyM8-kWvXOQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
434
last-modified
Wed, 21 Apr 2021 08:11:41 GMT
server
cloudflare
etag
"3ecb54c35af22d2b74488c46a867cf05"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=2SaD6A==, md5=PstUw1ryLSt0SIxGqGfPBQ==
x-goog-generation
1618992701319410
cache-control
public, max-age=14400
x-goog-stored-content-length
434
accept-ranges
bytes
cf-ray
6a31c3d1de73dfdb-FRA
expires
Sun, 24 Oct 2021 12:16:46 GMT
g1.svg
ng-cms.winspark.com/LPs/wildLeprechaun/ 		512 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng-cms.winspark.com/LPs/wildLeprechaun/g1.svg
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.78.140.26 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f2a2d2e06cdc190c8990ae9feecc59dea75b5c7e216031c2210ed78256c6513

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-guploader-uploadid
ADPycdvf77_0Ye7qkDboz6WZ8H4iOVWsD6AN4jVFbPbrpHVLSA3oeHm-RK8uARIXTMISC835aWipT6FEFhtUHnNJfWk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 21 Apr 2021 13:27:11 GMT
server
cloudflare
etag
W/"7138dd3a9c4edeb90df011f2f9191f73"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=yS/slQ==, md5=cTjdOpxO3rkN8BHy+Rkfcw==
x-goog-generation
1619011631294257
cache-control
public, max-age=14400
x-goog-stored-content-length
512
cf-ray
6a31c3d1de74dfdb-FRA
expires
Sun, 24 Oct 2021 12:16:46 GMT
PMs-Austria-desktop.png
cdn.cg-platform.com/payment-methods/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/payment-methods/PMs-Austria-desktop.png
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4f5497e24b95cfc4825eb365d0c3aa8659fb78fabe01088ad161ff4b45cdf31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=fjQfMQ==, md5=CheLwUvbBBawUO+zUtLCgA==
date
Sun, 24 Oct 2021 08:16:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycduJVaWVX4vcB7n5pZCsLTfBwIVNI08wtAGyIpEAEUlBfy4gtrG2M96-1eVJY5P44-sADVzvVo68dVhMY4nfo2PllMhbAA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8118
last-modified
Thu, 28 Jan 2021 09:41:17 GMT
server
cloudflare
etag
"0a178bc14bdb0416b050efb352d2c280"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMGTZombEU9zw7%2BoqMRG8DZM%2BaKOrlKus%2BWB8U2E24%2F3EtOvGfnEBlStbnBtPQNf1w7pN%2F2poXirSTUuGnt%2F9if31C4yS15v306OHuG%2FijFfIzzDs437bDwvT%2FOc%2FsBi1YkQQ8iU4taoIrL1ouN%2Fz7qi"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1611826877366773
content-type
image/png
cache-control
public, max-age=14400
x-goog-stored-content-length
8118
accept-ranges
bytes
cf-ray
6a31c3d1dc730614-FRA
expires
Sun, 24 Oct 2021 09:16:46 GMT
DE-EUR-Austria_white.png
cdn.cg-platform.com/security/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/security/DE-EUR-Austria_white.png
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66ad3437e9d2f1fe0c3811948d9d54c8766ed3f7bc604c1b4282642ea0d53386

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=weNuFQ==, md5=RWMMtVnH/NCL2TFB+eMycg==
date
Sun, 24 Oct 2021 08:16:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ADPycduTTLPWAFN8b0pN3obakk3EEUrpSzMBceqTcbBhP_BiUHA-amBBouozj242l8R2UJ_jz5p3IweSGrjP9N2zohHMS1gAxw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3438
last-modified
Thu, 11 Feb 2021 11:20:01 GMT
server
cloudflare
etag
"45630cb559c7fcd08bd93141f9e33272"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKPAjntb2by4D8CXWG4Njr0oWQuvzwN4fkyj1kThVde80dSScUYZpaLYtPLqVxqt2xvKPaWptYTKbASn96yfhm2oojNlQVHkv6RvL9gs8QXmYTLUR4uWq4ib6yFdTX%2BrGAViNDg45zCL%2BaJMCld6EzF7"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1613042401455488
content-type
image/png
cache-control
public, max-age=14400
x-goog-stored-content-length
3438
accept-ranges
bytes
cf-ray
6a31c3d1dc790614-FRA
expires
Sun, 24 Oct 2021 09:16:46 GMT
email-decode.min.js
lps.winspark.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lps.winspark.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.78.140.59 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
lps.winspark.com
referer
https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 12:26:29 GMT
server
cloudflare
etag
W/"616eb975-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800 public
cf-ray
6a31c3d16b9c433f-FRA
vary
Accept-Encoding
expires
Tue, 26 Oct 2021 08:16:46 GMT
utils.js
js.maxmnp.com/common/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.maxmnp.com/common/utils.js
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.78.140.42 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3578b8e2c4134277525591132ebe4b48d1df7d47fb450782b56fe4146d2267f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Oct 2021 09:26:18 GMT
server
cloudflare
age
4596
etag
"3a01-5ced97caa10b2-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6a31c3d1bab25b92-FRA
content-length
3844
expires
Sun, 24 Oct 2021 12:16:46 GMT
p.css
p.typekit.net/ 		5 B
162 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=cly3jnl&ht=tk&f=295.305.1982.1983.1984.6839.6840.6844.6846.6851.6852.11043.15498.15508.15510.37469.29148.30761.30762.32220.36250.36259.40345&a=26294452&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/cly3jnl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2ae::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
last-modified
Thu, 05 Nov 2020 13:49:42 GMT
server
nginx
etag
"5fa402f6-5"
content-type
text/css
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
hotjar-915733.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-915733.js?sv=6
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9f5c008218286a35bd6dc1dec1bebcf8ff13b9f3e02f53ff55f6bfaff86d8199
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:06 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
54
etag
W/84fc12277894b6e629e80ff32eb67963
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
FRA56-P2
content-length
1911
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-id
srwZWLrkAiNP9PqsJNiO2_CvLNLYTdX8Br_Hm2hBtmjH5uM_6ODigg==
gtm.js
www.googletagmanager.com/ 		245 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KSBWD3B
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
513975e1d3e46f63cff0b9057cb5003d6b4ce1549f22a84a9ea86c0f034d0220
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
67574
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Oct 2021 08:16:46 GMT
chat.png
ng-cms.winspark.com/LPs/wildLeprechaun/ 		529 B
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng-cms.winspark.com/LPs/wildLeprechaun/chat.png
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.78.140.26 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5271d2db83c9e6af205844c5fb2f1728dd91322aa78081215bd612e9ff48747a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
cf-cache-status
REVALIDATED
x-guploader-uploadid
ADPycdteCTiGLUtEyxaSbZ-smp8w2GqIJ79KkxbIQkRYmMUCaqAX5IzjD6qJDLCJwjHMjzTlcaS_AHU-yCQs6X1lVjU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
529
last-modified
Wed, 21 Apr 2021 12:45:56 GMT
server
cloudflare
etag
"700c98373bca0f0953bdcd6f56a745b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=PsX+uw==, md5=cAyYNzvKDwlTvc1vVqdFsQ==
x-goog-generation
1619009156253625
cache-control
public, max-age=14400
x-goog-stored-content-length
529
accept-ranges
bytes
cf-ray
6a31c3d1de71dfdb-FRA
expires
Sun, 24 Oct 2021 12:16:46 GMT
secure_payments.png
ng-cms.winspark.com/LPs/wildLeprechaun/ 		281 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng-cms.winspark.com/LPs/wildLeprechaun/secure_payments.png
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.78.140.26 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
32303ca31032d2e99584868dfeb7789cecc8d03e6e1e39a56d603a636f8f36ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
cf-cache-status
REVALIDATED
x-guploader-uploadid
ADPycdsA_CrEZt-txYAeAc3WigprNt7by2j0zsxtnE5TcXhc3NuoUjp4AY8zY6ichC_oo4OLN2Wf0wdwVVEAXCuDUB0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
281
last-modified
Wed, 21 Apr 2021 12:45:56 GMT
server
cloudflare
etag
"2de0b3b86e869e049f826ebb6562c814"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=U1GNEw==, md5=LeCzuG6GngSfgm67ZWLIFA==
x-goog-generation
1619009156263648
cache-control
public, max-age=14400
x-goog-stored-content-length
281
accept-ranges
bytes
cf-ray
6a31c3d1de72dfdb-FRA
expires
Sun, 24 Oct 2021 12:16:46 GMT
GDPR.png
ng-cms.winspark.com/LPs/wildLeprechaun/ 		580 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng-cms.winspark.com/LPs/wildLeprechaun/GDPR.png
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.78.140.26 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2f7396c252150fa6353429b1a332d9d8567e8200968c6163bf01ea631a08265

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
cf-cache-status
REVALIDATED
x-guploader-uploadid
ADPycdvZHs7Cd4Pl9flY_P_smeiyhtcrQFspUEyJvf-wt18Oy3aYqU9M2wh7ncRIJ-0fVuhxIH-DV_7_79Y_lYHE-z0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
580
last-modified
Wed, 21 Apr 2021 12:45:56 GMT
server
cloudflare
etag
"f3b4f9e9fce1da9eca30654934b954c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=R74FLA==, md5=87T56fzh2p7KMGVJNLlUwA==
x-goog-generation
1619009156266665
cache-control
public, max-age=14400
x-goog-stored-content-length
580
accept-ranges
bytes
cf-ray
6a31c3d1de6ddfdb-FRA
expires
Sun, 24 Oct 2021 12:16:46 GMT
bg_desktop.png
ng-cms.winspark.com/LPs/wildLeprechaun/ 		470 KB
471 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng-cms.winspark.com/LPs/wildLeprechaun/bg_desktop.png
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.78.140.26 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
30b7a2d58977f8509525ca5f7b1221439047bb290b18319ff6d60643b511f70c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
cf-cache-status
REVALIDATED
x-guploader-uploadid
ADPycdtPQfdDAOt37JyJIurVvjSi-wGqZWDI5qyjYXL_BhZeshWnP8vlMXpVwmTPs1EoLU2KhSETxRs57H2MOkX9J60
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
481133
last-modified
Wed, 21 Apr 2021 08:08:53 GMT
server
cloudflare
etag
"9a3c8ddc35452112c0e256d555aab4f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=8sQt+Q==, md5=mjyN3DVFIRLA4lbVVaq0+A==
x-goog-generation
1618992533856604
cache-control
public, max-age=14400
x-goog-stored-content-length
481133
accept-ranges
bytes
cf-ray
6a31c3d1de6fdfdb-FRA
expires
Sun, 24 Oct 2021 12:16:46 GMT
btn.svg
ng-cms.winspark.com/LPs/wildLeprechaun/ 		763 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ng-cms.winspark.com/LPs/wildLeprechaun/btn.svg
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.78.140.26 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
17b8b3d551c91161943ae0ac725f327889c1b3fc82bc61d2f38c63611a60fbfa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-guploader-uploadid
ADPycdtDhM92IGQY8Y7uoaT1prFvvXkpOGhOlUbcbiQKuZaXRKSL0wukurlx_DSflgviVDV7HMSuhOfP4Ae7gLCJTYY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/svg+xml
last-modified
Wed, 21 Apr 2021 08:25:15 GMT
server
cloudflare
etag
W/"5fffa868968fda7fb1bff4f22fa77e72"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=wCK5LQ==, md5=X/+oaJaP2n+xv/TyL6d+cg==
x-goog-generation
1618993515006755
cache-control
public, max-age=14400
x-goog-stored-content-length
763
cf-ray
6a31c3d1de6bdfdb-FRA
expires
Sun, 24 Oct 2021 12:16:46 GMT
l
use.typekit.net/af/cafa63/00000000000000000001709a/27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/cafa63/00000000000000000001709a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/cly3jnl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
99fba0fe3401283e9b1f8411381cf8dc49d61c410cabef03c4f132649f3bf907

Request headers

Referer
https://use.typekit.net/cly3jnl.css
Origin
https://lps.winspark.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
server
nginx
etag
"1500587fffa9a4bb64d06e988493ea23a02a484a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24232
l
use.typekit.net/af/7f1b26/00000000000000007735a0ac/30/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/7f1b26/00000000000000007735a0ac/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/cly3jnl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
efc84783941b9e95742edc7be7d4135d6755f2c5d931dec73837f452698fab5b

Request headers

Referer
https://use.typekit.net/cly3jnl.css
Origin
https://lps.winspark.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
server
nginx
etag
"e8f0afc8be1f653a7bff6045a7dc07fba2140a10"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
30984
l
use.typekit.net/af/02218c/000000000000000000011b27/27/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/02218c/000000000000000000011b27/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
Requested by
Host: lps.winspark.com
URL: https://lps.winspark.com/wildLeprechaun/de/euro/?Inc=103096022&affToken=-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk&pg=0&payload=XXX&LP=728&referrer=&affiliateID=2809&media=&ABClicks=1&shorten_link=6087cbbe155ee&shorten_target=13351&netoClickId=6175166e5e0f95e66ddd1329
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
60547d94cd59b527a74f16c300559a443226392344a781271edd545591e4d35e

Request headers

Referer
https://lps.winspark.com/
Origin
https://lps.winspark.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
server
nginx
etag
"040b9e409ba2dd053ea1649b330999a51ec48ac1"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18824
l
use.typekit.net/af/d23205/000000000000000077359947/30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/d23205/000000000000000077359947/30/l?subset_id=2&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/cly3jnl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
4347a47c5b5b36935c1c340a1f00e61b7c61b8fe595aa62871b69f9823b12b31

Request headers

Referer
https://use.typekit.net/cly3jnl.css
Origin
https://lps.winspark.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
server
nginx
etag
"cfaebb2b0bdc12ee05299a6ed209a88a302dc094"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17272
l
use.typekit.net/af/95c20a/0000000000000000000170a0/27/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/95c20a/0000000000000000000170a0/27/l?subset_id=2&fvd=n9&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/cly3jnl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8da517360bfd4a3a27fb8467bd2abde0212a688ed0cfcff50ff6b3602fb287c3

Request headers

Referer
https://use.typekit.net/cly3jnl.css
Origin
https://lps.winspark.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
server
nginx
etag
"d860e5929fbdae3acd879a3a18880da0127dd65a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17928
l
use.typekit.net/af/7ad153/00000000000000007735a19d/30/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/7ad153/00000000000000007735a19d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/cly3jnl.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1f925ccf0e27c349fde3e75a7822f00e88805a663e4881750244249cddeee954

Request headers

Referer
https://use.typekit.net/cly3jnl.css
Origin
https://lps.winspark.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
server
nginx
etag
"189ccea79d5e851138710fcdf1b3415ef78c3849"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
46608
103096022
click.power-ppp.com/traffic/update/Arrived/ 		0
74 B 		Script
General
Check archive.org
Download Go to
Full URL
https://click.power-ppp.com/traffic/update/Arrived/103096022
Requested by
Host: js.maxmnp.com
URL: https://js.maxmnp.com/common/utils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.78.140.9 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a31c3d1da2ac2fe-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=UTF-8
modules.bff3b8d60820fc90decc.js
script.hotjar.com/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.bff3b8d60820fc90decc.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-915733.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-43.fra56.r.cloudfront.net
Software
/
Resource Hash
da4c70755f82ff615c0fd3cad94bf62b19a9d5c25ab87268097eaa9609098bec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:21:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
240940
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59887
access-control-allow-origin
*
last-modified
Thu, 21 Oct 2021 13:20:57 GMT
etag
"e6ca8fed932ccfd7b742e0e3ecb6d422"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
ypBxywAv6O3H52Mal2xF_kcmhT1jl0-Ue803n6ztE_InRYnznhWaww==
collect
www.google-analytics.com/j/ 		1 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=747996201&t=pageview&_s=1&dl=https%3A%2F%2Flps.winspark.com%2FwildLeprechaun%2Fde%2Feuro%2F%3FInc%3D103096022%26affToken%3D-E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk%26pg%3D0%26payload%3DXXX%26LP%3D728%26referrer%3D%26affiliateID%3D2809%26media%3D%26ABClicks%3D1%26shorten_link%3D6087cbbe155ee%26shorten_target%3D13351%26netoClickId%3D6175166e5e0f95e66ddd1329&ul=en-us&de=UTF-8&dt=Wild%20Leprechaun%20%7C%20de%20%7C%20euro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAAC~&jid=2140977994&gjid=882783695&cid=1186567825.1635063406&tid=UA-27702367-6&_gid=2125955204.1635063406&_r=1&gtm=2wgak0KSBWD3B&cd5=2809&cd6=&cd18=728&cd19=&z=701077171
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lps.winspark.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 08:16:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lps.winspark.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-d09a446edefba0dcce5d5143e1840e9a.html
vars.hotjar.com/ Frame 3FF6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-915733.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-d09a446edefba0dcce5d5143e1840e9a.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://lps.winspark.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/

Response headers

content-type
text/html
content-length
1044
date
Wed, 20 Oct 2021 07:15:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"63e08f928469ab67d9dac30c065ed182"
last-modified
Wed, 20 Oct 2021 07:15:01 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 604f8ac78ed3ba5235c1a14794f2ac65.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
2Jskdl2aZwqVYlP7eLgITigKZxBoOrHFiAywEe0L0cyXtH9TAo5-aw==
age
349301
103096022
click.power-ppp.com/traffic/update/Loaded/ 		0
72 B 		Script
General
Check archive.org
Download Go to
Full URL
https://click.power-ppp.com/traffic/update/Loaded/103096022
Requested by
Host: js.maxmnp.com
URL: https://js.maxmnp.com/common/utils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.78.140.9 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lps.winspark.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 08:16:46 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a31c3d2eb19c2fe-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| brandInfo function| hj object| _hjSettings object| dataLayer function| $ function| jQuery object| google_tag_data function| ga object| gaplugins object| gPixel object| utils object| Cookies object| isMobile object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager string| GoogleAnalyticsObject object| gaGlobal object| gaData

23 Cookies

Domain/Path Name / Value
echo7.bluehornet.com/ Name: AWSALB
Value: r23h/nIDHEFASxzmYesrMBYSfreqCW890d+xCIOjfUSzuh7zpXGFES8eGerUOW29QYXMGc2gM3/ItXrpVhtXJ8k6sifoiImdIuGakHtfv4jFP28sKQmoI9xjoGnf
wpnetopartners.com/ Name: VID1
Value: KCwzMFctMzhXLENAYApgCg%3D%3D
.wpnetopartners.com/ Name: ZBan
Value: -E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk
click.power-ppp.com/ Name: Click_6087cbbe155ee
Value: a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%2213351%22%3B%7D
click.power-ppp.com/ Name: Count
Value: 1
.winspark.com/ Name: gp.Arrived
Value: 103096022
.winspark.com/ Name: url_Inc
Value: 103096022
.winspark.com/ Name: url_affToken
Value: -E7KgAx4FvV5I8alS5GJrmNd7ZgqdRLk
.winspark.com/ Name: url_pg
Value: 0
.winspark.com/ Name: url_payload
Value: XXX
.winspark.com/ Name: url_LP
Value: 728
.winspark.com/ Name: url_affiliateID
Value: 2809
.winspark.com/ Name: url_ABClicks
Value: 1
.winspark.com/ Name: url_shorten_link
Value: 6087cbbe155ee
.winspark.com/ Name: url_shorten_target
Value: 13351
.winspark.com/ Name: url_netoClickId
Value: 6175166e5e0f95e66ddd1329
.winspark.com/ Name: _ga
Value: GA1.2.1186567825.1635063406
.winspark.com/ Name: _gid
Value: GA1.2.2125955204.1635063406
.winspark.com/ Name: _gat_UA-27702367-6
Value: 1
.winspark.com/ Name: _hjid
Value: 83b9c026-177b-4ab7-b23e-ac5c26296f41
.winspark.com/ Name: _hjFirstSeen
Value: 1
.winspark.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.winspark.com/ Name: gp.Loaded
Value: 103096022

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.cg-platform.com
click.power-ppp.com
echo7.bluehornet.com
fonts.googleapis.com
js.maxmnp.com
lps.winspark.com
ng-cms.winspark.com
p.typekit.net
script.hotjar.com
static.hotjar.com
use.typekit.net
vars.hotjar.com
wpnetopartners.com
www.google-analytics.com
www.googletagmanager.com
104.18.191.136
147.78.140.26
147.78.140.42
147.78.140.59
147.78.140.9
18.66.112.107
18.66.97.10
2606:4700:3035::6815:d44
2a00:1450:4001:800::2008
2a00:1450:4001:800::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:813::200a
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba0a
44.228.70.130
52.222.236.43
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c478963a2f5876b510f891bbaa2b813e0e68255b6e3732eef6b878cb0bcb058
17b8b3d551c91161943ae0ac725f327889c1b3fc82bc61d2f38c63611a60fbfa
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f925ccf0e27c349fde3e75a7822f00e88805a663e4881750244249cddeee954
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
30b7a2d58977f8509525ca5f7b1221439047bb290b18319ff6d60643b511f70c
32303ca31032d2e99584868dfeb7789cecc8d03e6e1e39a56d603a636f8f36ae
3ce67a9a118ddc084a68a190d3019e1e74d5672c87d260756f535f3f34674b1c
4347a47c5b5b36935c1c340a1f00e61b7c61b8fe595aa62871b69f9823b12b31
513975e1d3e46f63cff0b9057cb5003d6b4ce1549f22a84a9ea86c0f034d0220
5271d2db83c9e6af205844c5fb2f1728dd91322aa78081215bd612e9ff48747a
60547d94cd59b527a74f16c300559a443226392344a781271edd545591e4d35e
612eea2def437947ee390f9fc4c31aa2c802549ef5e5800ed84fddba131602a3
6409c4e0df68022b76429e1521e7043755c93e5785e0d383d9d0ddf611762944
66ad3437e9d2f1fe0c3811948d9d54c8766ed3f7bc604c1b4282642ea0d53386
69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7f2a2d2e06cdc190c8990ae9feecc59dea75b5c7e216031c2210ed78256c6513
8da517360bfd4a3a27fb8467bd2abde0212a688ed0cfcff50ff6b3602fb287c3
91bb9babf9b922d9670efbad516ad7b026cc8bf763e1b5aaccb2e58c451e060a
99fba0fe3401283e9b1f8411381cf8dc49d61c410cabef03c4f132649f3bf907
9f5c008218286a35bd6dc1dec1bebcf8ff13b9f3e02f53ff55f6bfaff86d8199
a3578b8e2c4134277525591132ebe4b48d1df7d47fb450782b56fe4146d2267f
c2f7396c252150fa6353429b1a332d9d8567e8200968c6163bf01ea631a08265
d6341bef2238f65073ad19a7a57ab3bc566ee1c07cb81770d3876e5c3d9d4bfd
da4c70755f82ff615c0fd3cad94bf62b19a9d5c25ab87268097eaa9609098bec
e0b54243d2e4d631924e2c970df43573c04431d0165ff65807c035700c1e7f8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f5497e24b95cfc4825eb365d0c3aa8659fb78fabe01088ad161ff4b45cdf31
efc84783941b9e95742edc7be7d4135d6755f2c5d931dec73837f452698fab5b
f10fd88c3496b700fe1bf3cf205d6e10d635331860d9b809c9d107861914288f
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3