winmoney.click Open in urlscan Pro
104.21.84.179 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://winmoney.click/
Submission: On November 13 via automatic, source certstream-suspicious (November 13th 2024, 12:29:44 pm UTC) — Scanned from DE

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 34 HTTP transactions. The main IP is 104.21.84.179, located in and belongs to CLOUDFLARENET, US. The main domain is winmoney.click.
TLS certificate: Issued by WE1 on November 13th 2024. Valid for: 3 months.

This is the only time winmoney.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	104.21.84.179 104.21.84.179	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
34	4

25 104.21.84.179 (None, )

ASN13335 (CLOUDFLARENET, US)

winmoney.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	winmoney.click winmoney.click	4 MB
6	gstatic.com fonts.gstatic.com	216 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 55	2 KB
1	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 4859	5 KB
34	4

	Domain	Requested by
25	winmoney.click	winmoney.click
6	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	winmoney.click
1	netdna.bootstrapcdn.com	winmoney.click
34	4

This site contains no links.

Subject Issuer	Validity	Valid
winmoney.click WE1	`2024-11-13` - `2025-02-11`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://winmoney.click/
Frame ID: 99AE45D5CCF320E12D82877F6967449B
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

JugaBet

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

34
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

4485 kB
Transfer

4643 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
winmoney.click/ 67 KB
7 KB 588ms
421ms Document
text/html 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winmoney.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9ed596b51408caa7810d9bf900f51b7375c10f9ace7b809a7a236014f7a9902

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-expose-headers: Authorization
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e1ec4a7ab435e28-MAD
content-encoding: zstd
content-language: de-DE
content-type: text/html; charset=utf-8
date: Wed, 13 Nov 2024 12:29:35 GMT
expect-ct: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S30gUdHuiuSBbTTs95F43KLVQR9L%2Bmpi1rujxRqTnGMSda7vxtI%2BFKVoIUYvc6WcBtAoE9HZeKIWZF47E1BXdffVL0EZlhDM0UKJqBYgPRDFG%2BoAeS%2B%2BkNgS%2BQi5nFdeJA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=33050&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3896&recv_bytes=2288&delivery_rate=114704&cwnd=34&unsent_bytes=0&cid=fc98d052b24713eb&ts=506&x=0"
strict-transport-security: max-age=15552000; includeSubDomains
vary: accept-encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
2 KB 291ms
42ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: winmoney.click
URL: https://winmoney.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 13 Nov 2024 12:29:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 12:29:35 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 13 Nov 2024 11:18:25 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.1.0/css/ 20 KB
5 KB 286ms
25ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css

Requested by

Host: winmoney.click
URL: https://winmoney.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "bbfef9385083d307ad2692c0cf99f611"
age: 727267
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Wed, 13 Nov 2024 12:29:36 GMT
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 09/26/2024 12:21:36
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 1
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: d4b86e5f7208759a8c020be6aa85622e
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8e1ec4abfb2f4d7a-FRA
access-control-allow-origin: *
cdn-edgestorageid: 1002
server: cloudflare
cdn-requestcountrycode: US

GET
H3 200 style.min.css
winmoney.click/assets/old/css/ 72 KB
19 KB 462ms
461ms Stylesheet
text/css 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winmoney.click/assets/old/css/style.min.css?v=34.0.0
Requested by: Host: winmoney.click
URL: https://winmoney.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a67c617ecbe79765f2c70b4b6dadec010b91cec9ea8fe749f8c0f23248373151

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"67179b80-1208b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=33nG2Z3mBldOPOq0SKYifOchI6A6k%2Bzq%2F9CBx28g%2FZKXOjFepwK1Cc6QZ9z9cR50NDp26mERwKXspqkMs5ELp2MzUczrkjDv1D2kHi3%2FYKZiSPjEQ97rIiARpsu5N%2B3AJA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1ec4aacd2ba3c5-SEA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=147820&sent=18&recv=27&lost=0&retrans=0&sent_bytes=5173&recv_bytes=10384&delivery_rate=162&cwnd=12000&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=910&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: text/css
last-modified: Tue, 22 Oct 2024 12:33:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 591 B
446 B 285ms
43ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material+Icons&display=swap

Requested by

Host: winmoney.click
URL: https://winmoney.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b4d62246577dee6135cfa6bd090e515f18ee1b8525fa8c704a03365c231c61e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 13 Nov 2024 12:29:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 12:29:35 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 13 Nov 2024 12:29:35 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 65.png
winmoney.click/native/4/65/ 22 KB
22 KB 635ms
634ms Image
image/png 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winmoney.click/native/4/65/65.png?s=180x180

Requested by

Host: winmoney.click
URL: https://winmoney.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

598cb05aaee02a2df13235738ff11495ece470c177bd203f1dca1bfac1b1aef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: Authorization
cf-cache-status: MISS
etag: W/"56ac-uOyBQsayqXoNvwrwJBu9212QEvQ"
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YyQ06TCKN5xEnebw5r25x2j7hpAFYSYtIH7k8fiPZPMZN5LlSxMqDrMm1CEQB1YSl5zB5uOBuXUXLtuy0SE%2BiUzjYNbLWrotdKDRekCtBeN5Zi%2BuLDAQw4npkiNev55v9A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=177078&sent=36&recv=33&lost=0&retrans=0&sent_bytes=25461&recv_bytes=10642&delivery_rate=27475&cwnd=18600&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=1084&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: image/png
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=86400, immutable
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
x-download-options: noopen
cf-ray: 8e1ec4aacd2ea3c5-SEA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22188
x-xss-protection: 0
content-language: de-DE
server: cloudflare

GET
H3 200 choise.png
winmoney.click/assets/old/img/ 218 B
875 B 405ms
405ms Image
image/png 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winmoney.click/assets/old/img/choise.png
Requested by: Host: winmoney.click
URL: https://winmoney.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d1510bb842ca08d4529ada5711e0bd4724153439efe49c5ff6f2f8d36c23027

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "661530a0-da"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=je%2FpGuVSPSlfyN377pDAu4JUE%2Fk3O2gJ7xBB4KnvXWzu8Z1n4KZvqwA7OK3p%2F8P6VGUg3KbhnPtby%2Bgwx0YgTSL37f%2Bv5MBC64Hvei1yYI%2B5Y4weVpZInWNqxVKt5yL9eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1ec4aacd30a3c5-SEA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=147820&sent=12&recv=12&lost=0&retrans=0&sent_bytes=4158&recv_bytes=5138&delivery_rate=162&cwnd=12000&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=854&x=1", cfHdrFlush;dur=0
content-length: 218
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: image/png
last-modified: Tue, 09 Apr 2024 12:12:16 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 star-full.png
winmoney.click/assets/old/img/ 176 B
796 B 484ms
482ms Image
image/png 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winmoney.click/assets/old/img/star-full.png
Requested by: Host: winmoney.click
URL: https://winmoney.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38ec1d8b7d4b66f131f79489feca40ff46a74bd2e6500c2d1dc2cceb737a4ef5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "661530a0-b0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5OFj8Y6JJMzp2Av8Q%2BUnKp40LHTVJ8aUNtCFfAyuvWivmb9SQlS5pdtvHlZha1I%2FSQlxdJsnMvGbmhC719ADi9YWnPfbWNCV1R4hb3kooXj5xrIlMiY3x%2F1KKZrGCApz3A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1ec4ac7e9ca3c5-SEA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=177078&sent=44&recv=33&lost=0&retrans=0&sent_bytes=34875&recv_bytes=10642&delivery_rate=27475&cwnd=18600&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=1125&x=1", cfHdrFlush;dur=80
content-length: 176
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: image/png
last-modified: Tue, 09 Apr 2024 12:12:16 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 user.png
winmoney.click/assets/old/img/ 148 B
773 B 509ms
505ms Image
image/png 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winmoney.click/assets/old/img/user.png
Requested by: Host: winmoney.click
URL: https://winmoney.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9137b07942abada9db72a2a5596506a46532a071339fd07f7434a76017bbacd0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "661530a0-94"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9mOsV0kEvI524fupA1HYmbl%2F%2BSCa0NF4%2FenGm2av8A%2B3TXVx9HXdsSedJaASeMirQYR%2F58fcYn02Cq2pqExbrBRMLwoNjGQKNCj%2F3I8IeYDVsUM6qR6fhEdBbKB%2F720w5A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1ec4ac8ea4a3c5-SEA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=177078&sent=44&recv=33&lost=0&retrans=0&sent_bytes=34875&recv_bytes=10642&delivery_rate=27475&cwnd=18600&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=1135&x=1", cfHdrFlush;dur=70
content-length: 148
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: image/png
last-modified: Tue, 09 Apr 2024 12:12:16 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 65.1.jpg
winmoney.click/verticals/4/65/ 1 MB
1 MB 631ms
628ms Image
image/jpeg 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winmoney.click/verticals/4/65/65.1.jpg
Requested by: Host: winmoney.click
URL: https://winmoney.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ada08fd847255de812a234dc4cd8384e6c0dd77c0ba492a64ff970306660ea68

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "660ad751-10fe1e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rWPJMt9OevnC3O05SeXklUckUKIm6fkg3mDm11xfGmaBkXy60WMKPPQxypCJC%2F38EzN%2B3neL6R3KImyetuAjs0PNhYXyQZz1DbIANaQObTBZP1mky3KFo4iB3TSNnGVkhg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1ec4ac8ea8a3c5-SEA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=183057&sent=77&recv=41&lost=0&retrans=0&sent_bytes=69675&recv_bytes=10986&delivery_rate=42582&cwnd=34800&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=1261&x=1", cfHdrFlush;dur=93
content-length: 1113630
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: image/jpeg
last-modified: Mon, 01 Apr 2024 15:48:33 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 65.2.jpg
winmoney.click/verticals/4/65/ 1 MB
1 MB 1621ms
1618ms Image
image/jpeg 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winmoney.click/verticals/4/65/65.2.jpg
Requested by: Host: winmoney.click
URL: https://winmoney.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aa0172c27fb4cc1f6dc0c438a4b151ab4a1881addda0a86aa519a518de11ef6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "660ad751-103248"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l63rZs2jG5B3AxuPZ2syOXIXGhVK9P%2BWn%2B4w8I5htjXgr6MfKx%2BgrmwZ2PER%2BZQduYwY4JlT5EWDEbP8bufCROUBpBV90SxLG%2BTqa6aWgCjJoDbCrRKeI9koO1v0jdMDyg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1ec4ac8eaaa3c5-SEA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=183057&sent=77&recv=41&lost=0&retrans=0&sent_bytes=69675&recv_bytes=10986&delivery_rate=42582&cwnd=34800&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=1251&x=1", cfHdrFlush;dur=0
content-length: 1061448
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: image/jpeg
last-modified: Mon, 01 Apr 2024 15:48:33 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 65.3.jpg
winmoney.click/verticals/4/65/ 1 MB
1 MB 2429ms
2424ms Image
image/jpeg 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winmoney.click/verticals/4/65/65.3.jpg
Requested by: Host: winmoney.click
URL: https://winmoney.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d63a33697c0ee0a4acb9b9cb7ca04929bcf44e9cb6d60f4efed0ec5b8d0b5376

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "660ad751-101323"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6h2GDwXTJi%2FSkEHO1AUOqLqQmWaVSfWnlMsaI4gQ6i0gSc6DmuUlEr9ZL7lUIP8qEggjabzdGS4QsnXIcGfyDKDYPjavuvc0ntTeoNhy20wo8IreYZn0GqS5DiZl7BjLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1ec4ac8eaba3c5-SEA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=183057&sent=77&recv=41&lost=0&retrans=0&sent_bytes=69675&recv_bytes=10986&delivery_rate=42582&cwnd=34800&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=1251&x=1", cfHdrFlush;dur=103
content-length: 1053475
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: image/jpeg
last-modified: Mon, 01 Apr 2024 15:48:33 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 65.4.jpg
winmoney.click/verticals/4/65/ 1010 KB
1011 KB 3153ms
3148ms Image
image/jpeg 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winmoney.click/verticals/4/65/65.4.jpg
Requested by: Host: winmoney.click
URL: https://winmoney.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a3c3d097e2d70156d0333786c9466341c4ebc8bc84dc6b9ad4d5cee4a45c449

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "660ad751-fc9a2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3IgG19sMcf2xuiLd31rRBmidXD68fkYLC174qK7quFvkA8xoH6OKOU0hhzj0ltFFuHFNDfmD1RNRZMRECY%2F%2BRsohOlMLdNgxxNHlv2NEDL5Q4xKHuvChuyXWNp45g4KooQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1ec4ac8eaca3c5-SEA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=183057&sent=77&recv=41&lost=0&retrans=0&sent_bytes=69675&recv_bytes=10986&delivery_rate=42582&cwnd=34800&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=1253&x=1", cfHdrFlush;dur=101
content-length: 1034658
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: image/jpeg
last-modified: Mon, 01 Apr 2024 15:48:33 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 star-full-big.png
winmoney.click/assets/old/img/ 259 B
881 B 508ms
503ms Image
image/png 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winmoney.click/assets/old/img/star-full-big.png
Requested by: Host: winmoney.click
URL: https://winmoney.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ebb9fe215655ca06215613c88e1e46b9d460f0dc32e3577d4f0593701cae3f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "661530a0-103"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZT5ymMAsgZWSvNCss%2FkYx4ApsbVdNrzYc16VIhIUhxWwcVT19L0Gk%2BskUpJX2IaZ3Vl6b%2FHcsCaJB8fs8DuSzIKZAEH7wv5fIQbZlHQ9JserINkkY7i%2BZhZnk5u0cYM1bA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1ec4ac8eada3c5-SEA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=177078&sent=44&recv=33&lost=0&retrans=0&sent_bytes=34875&recv_bytes=10642&delivery_rate=27475&cwnd=18600&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=1135&x=1", cfHdrFlush;dur=70
content-length: 259
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: image/png
last-modified: Tue, 09 Apr 2024 12:12:16 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 7nLl1tm4B1R.png
winmoney.click/uploads/pwas/f2Jd0KIixQy/ 5 KB
5 KB 508ms
503ms Image
image/png 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winmoney.click/uploads/pwas/f2Jd0KIixQy/7nLl1tm4B1R.png?v=1722681214144
Requested by: Host: winmoney.click
URL: https://winmoney.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f59d0e7fb1633ad01bba07add78170d07fa4ecfc945e70dad153ef745b50168

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "66ae077e-1242"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=diNdeobRk0nCqAytJaxQzfB64NlgWsrjH7ppbjHhVWw2TqLLLewyLk9U4IMkndnIoiNT%2BdUxgB7QiZC%2FhzpnInxU7WIm3hNDmAN28FI8nMu1dqQiOZNk%2FFsk5IJOS7K05A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1ec4ac8eafa3c5-SEA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=177078&sent=44&recv=33&lost=0&retrans=0&sent_bytes=34875&recv_bytes=10642&delivery_rate=27475&cwnd=18600&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=1138&x=1", cfHdrFlush;dur=67
content-length: 4674
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: image/png
last-modified: Sat, 03 Aug 2024 10:33:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 pH9lnJbzvfW.png
winmoney.click/uploads/pwas/f2Jd0KIixQy/ 4 KB
5 KB 3861ms
3856ms Image
image/png 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winmoney.click/uploads/pwas/f2Jd0KIixQy/pH9lnJbzvfW.png?v=1722681224390
Requested by: Host: winmoney.click
URL: https://winmoney.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6199fbd8d68e92fbe9352a327a1cdfe5557e2bd9a8af62d73ab4d46f3fb8192

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "66ae0788-fe2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sJcVxRFt63ACEvQimkVgsKczbL%2FyJRPsBOm4EfQ26oR7UgqozHU9IVXLtNfhh29BcIvsJVoOlmnKk761V9TPXyIh9UktGWQK58w78qbiXNnoYBQTm14zDEzIN%2BuhWpw%2B1g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1ec4ac8eb0a3c5-SEA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=177078&sent=44&recv=33&lost=0&retrans=0&sent_bytes=34875&recv_bytes=10642&delivery_rate=27475&cwnd=18600&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=1134&x=1", cfHdrFlush;dur=71
content-length: 4066
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: image/png
last-modified: Sat, 03 Aug 2024 10:33:44 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 hJB3-66zFlM.png
winmoney.click/uploads/pwas/f2Jd0KIixQy/ 5 KB
5 KB 3861ms
3856ms Image
image/png 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winmoney.click/uploads/pwas/f2Jd0KIixQy/hJB3-66zFlM.png?v=1722681235251
Requested by: Host: winmoney.click
URL: https://winmoney.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19435ba5379739e0978aa206d58163f5249a1e004f77ed217a215fa2844229e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "66ae0793-12c1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nZX2jYNn1GEyZF%2FI8MME5xxQA7PeAOqgDHR%2Fhsvfg8mtqJRxOGNeYQDdnDpaAUI6tMI81m0xMlA9BTqnCXOGCNKgsyQwMb5Am%2FnF5KUu1KncbNEettWXm7LjTZYP6pHHLw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1ec4ac8eb2a3c5-SEA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=177078&sent=44&recv=33&lost=0&retrans=0&sent_bytes=34875&recv_bytes=10642&delivery_rate=27475&cwnd=18600&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=1137&x=1", cfHdrFlush;dur=68
content-length: 4801
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: image/png
last-modified: Sat, 03 Aug 2024 10:33:55 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Jx_DPo8DMHX.png
winmoney.click/uploads/pwas/f2Jd0KIixQy/ 5 KB
5 KB 3886ms
3881ms Image
image/png 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winmoney.click/uploads/pwas/f2Jd0KIixQy/Jx_DPo8DMHX.png?v=1722681244424
Requested by: Host: winmoney.click
URL: https://winmoney.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56fc979d23fae12c095b7355824ebcbf69a97fa45ebaa4163bd22c55420ecc2f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "66ae079c-1231"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=04u9co%2B7wt6DS4iAtAE4ZF38yfpqPvrExdIA4%2BitTJCSUYL%2BbD%2FHxqx5NSZmA%2BtzqAFn%2FNT8lqIb9uElWxi1kyOwhQEbCSZ%2BQOegRloA4bio7V%2BgG709gzlsEQZEhTJBhA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1ec4ac8eb3a3c5-SEA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=177078&sent=44&recv=33&lost=0&retrans=0&sent_bytes=34875&recv_bytes=10642&delivery_rate=27475&cwnd=18600&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=1142&x=1", cfHdrFlush;dur=63
content-length: 4657
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: image/png
last-modified: Sat, 03 Aug 2024 10:34:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 yweFLo5Btsz.png
winmoney.click/uploads/pwas/f2Jd0KIixQy/ 4 KB
5 KB 3886ms
3881ms Image
image/png 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winmoney.click/uploads/pwas/f2Jd0KIixQy/yweFLo5Btsz.png?v=1722681254865
Requested by: Host: winmoney.click
URL: https://winmoney.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8c1d3a2409988cc1f0be96f4dd942321810fd696fbf642209642e6454613330

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "66ae07a6-113f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=skibeYdQ9LxHs8N4D66Fcmo2arl%2BEIMOdQI0NkeGbtdlLDKlK1H9H20uQUPBnO%2BAyXkV6%2FEK9FlB5rWEegy4SSsLs%2Bt3C5aiLDxls39npSGhRoiZjiVA91cXcpCJhW9cZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1ec4ac8eb4a3c5-SEA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=177078&sent=44&recv=33&lost=0&retrans=0&sent_bytes=34875&recv_bytes=10642&delivery_rate=27475&cwnd=18600&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=1137&x=1", cfHdrFlush;dur=68
content-length: 4415
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: image/png
last-modified: Sat, 03 Aug 2024 10:34:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 right-arrow.svg
winmoney.click/assets/old/img/ 226 B
825 B 3895ms
3890ms Image
image/svg+xml 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winmoney.click/assets/old/img/right-arrow.svg
Requested by: Host: winmoney.click
URL: https://winmoney.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e83c7215bc8fc58ea06d5e459ee3c3823cb9a556f967326884189f281699e33e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"661530a0-e2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VJD7odz1Z8s8Z9GGfSLmJyfQ07m7UiUnl9e%2BxpPr43PK%2BnnhpWsnIsuyMeyg8AO9i1BKa4Mxk8w6RWygT9Zg6pNyOx2Z33XRzjBZOYvLJ2WevRLKrKiIt%2F%2Flvmnu1DjHdw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1ec4ac8eb6a3c5-SEA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=177078&sent=44&recv=33&lost=0&retrans=0&sent_bytes=34875&recv_bytes=10642&delivery_rate=27475&cwnd=18600&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=1137&x=1", cfHdrFlush;dur=94
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: image/svg+xml
last-modified: Tue, 09 Apr 2024 12:12:16 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 script.js Show response
winmoney.click/assets/old/js/ 2 KB
1 KB 484ms
481ms Script
application/javascript 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winmoney.click/assets/old/js/script.js?v=34.0.0
Requested by: Host: winmoney.click
URL: https://winmoney.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9cd7c73d08775e0d258d81cd2480c61ea77ab82ba7b50d399392c1f93f62d57

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"66fcf523-751"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KhyZBGYEbEQ4UOYJjAbEb%2BaBOodcC%2FCtG6ql58xoXrHhhMbfr3mXC6gF%2FAp%2BCD6Pbz9nclhONUZvGnemrPFOuhzWgino5i9E5L%2Fo0OeCpphWlOvd01ACYQ9aT7hIroGjrw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1ec4ac8ea0a3c5-SEA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=177078&sent=44&recv=33&lost=0&retrans=0&sent_bytes=34875&recv_bytes=10642&delivery_rate=27475&cwnd=18600&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=1135&x=1", cfHdrFlush;dur=70
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: application/javascript
last-modified: Wed, 02 Oct 2024 07:24:19 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 main.min.js Show response
winmoney.click/assets/old/js/ 27 KB
12 KB 484ms
481ms Script
application/javascript 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winmoney.click/assets/old/js/main.min.js?v=34.0.0
Requested by: Host: winmoney.click
URL: https://winmoney.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d74474c4a2f1bed3958984d8b6d743daced4fa9f2dcd5b4251295867b23e61d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"66e1450d-6b35"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FV0T2u3E9wAGIdiQh9snTUTCDRYST2XmuY9tFcP0X6XU6katsvP2mwG55aFIJdrAtwgA4yrxkXmX0yaNtCktG5Wng8RpaiKa3BVc707X4vox0U1%2BQgclWuCDJfUP0VC7ig%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1ec4ac8ea1a3c5-SEA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=177078&sent=44&recv=33&lost=0&retrans=0&sent_bytes=34875&recv_bytes=10642&delivery_rate=27475&cwnd=18600&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=1136&x=1", cfHdrFlush;dur=69
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: application/javascript
last-modified: Wed, 11 Sep 2024 07:21:49 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 star-full.png
winmoney.click/assets/old/img/ 176 B
0 482ms
482ms Image
image/png 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winmoney.click/assets/old/img/star-full.png
Requested by: Host: winmoney.click
URL: https://winmoney.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38ec1d8b7d4b66f131f79489feca40ff46a74bd2e6500c2d1dc2cceb737a4ef5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "661530a0-b0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5OFj8Y6JJMzp2Av8Q%2BUnKp40LHTVJ8aUNtCFfAyuvWivmb9SQlS5pdtvHlZha1I%2FSQlxdJsnMvGbmhC719ADi9YWnPfbWNCV1R4hb3kooXj5xrIlMiY3x%2F1KKZrGCApz3A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1ec4ac7e9ca3c5-SEA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=177078&sent=44&recv=33&lost=0&retrans=0&sent_bytes=34875&recv_bytes=10642&delivery_rate=27475&cwnd=18600&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=1125&x=1", cfHdrFlush;dur=80
content-length: 176
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: image/png
last-modified: Tue, 09 Apr 2024 12:12:16 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 star-full-big.png
winmoney.click/assets/old/img/ 259 B
0 508ms
507ms Image
image/png 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winmoney.click/assets/old/img/star-full-big.png
Requested by: Host: winmoney.click
URL: https://winmoney.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ebb9fe215655ca06215613c88e1e46b9d460f0dc32e3577d4f0593701cae3f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "661530a0-103"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZT5ymMAsgZWSvNCss%2FkYx4ApsbVdNrzYc16VIhIUhxWwcVT19L0Gk%2BskUpJX2IaZ3Vl6b%2FHcsCaJB8fs8DuSzIKZAEH7wv5fIQbZlHQ9JserINkkY7i%2BZhZnk5u0cYM1bA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1ec4ac8eada3c5-SEA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=177078&sent=44&recv=33&lost=0&retrans=0&sent_bytes=34875&recv_bytes=10642&delivery_rate=27475&cwnd=18600&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=1135&x=1", cfHdrFlush;dur=70
content-length: 259
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: image/png
last-modified: Tue, 09 Apr 2024 12:12:16 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 user.png
winmoney.click/assets/old/img/ 148 B
0 507ms
507ms Image
image/png 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winmoney.click/assets/old/img/user.png
Requested by: Host: winmoney.click
URL: https://winmoney.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9137b07942abada9db72a2a5596506a46532a071339fd07f7434a76017bbacd0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "661530a0-94"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9mOsV0kEvI524fupA1HYmbl%2F%2BSCa0NF4%2FenGm2av8A%2B3TXVx9HXdsSedJaASeMirQYR%2F58fcYn02Cq2pqExbrBRMLwoNjGQKNCj%2F3I8IeYDVsUM6qR6fhEdBbKB%2F720w5A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1ec4ac8ea4a3c5-SEA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=177078&sent=44&recv=33&lost=0&retrans=0&sent_bytes=34875&recv_bytes=10642&delivery_rate=27475&cwnd=18600&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=1135&x=1", cfHdrFlush;dur=70
content-length: 148
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: image/png
last-modified: Tue, 09 Apr 2024 12:12:16 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 ozf2AJJdQL0KF-Ii Show response
winmoney.click/analytic/ 326 B
1012 B 3383ms
3383ms Fetch
application/json 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winmoney.click/analytic/ozf2AJJdQL0KF-Ii

Requested by

Host: winmoney.click
URL: https://winmoney.click/assets/old/js/main.min.js?v=34.0.0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84fb738434707947d1004c6f02d33b0bc12da6f581990ec4999c4c484b8f88dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: Authorization
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"146-xMHoArMl2I7jcltHHrHBmibOO28"
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=15MdSidELHYxFICO0orCtyEHmHYWrSnMqtwIShWfNjVmB5miN31wPH%2BD5ByQw2UdZ0gcIaMD%2FasFAc37poGr6LfCaRdxmPPQ0E%2BMB9r0eRi%2Fk5hPvkrTl1E75wEn%2FdLYTw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=158363&sent=246&recv=76&lost=0&retrans=0&sent_bytes=267375&recv_bytes=12798&delivery_rate=395904&cwnd=129000&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=1646&x=1", cfHdrFlush;dur=11
date: Wed, 13 Nov 2024 12:29:36 GMT
content-type: application/json; charset=utf-8
vary: accept-encoding
strict-transport-security: max-age=15552000; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
referrer-policy: no-referrer
x-download-options: noopen
cf-ray: 8e1ec4afb947a3c5-SEA
access-control-allow-origin: *
x-xss-protection: 0
content-language: de-DE
server: cloudflare

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 34ms
12ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://winmoney.click
Referer: https://fonts.googleapis.com/

Response headers

age: 83457
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 12 Nov 2025 13:18:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 13:18:42 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 41ms
20ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://winmoney.click
Referer: https://fonts.googleapis.com/

Response headers

age: 264
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 12:25:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 12:25:15 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 31ms
9ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://winmoney.click
Referer: https://fonts.googleapis.com/

Response headers

age: 592743
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:50:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:50:36 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 39ms
19ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

96643bfad5a17eada947d707441559202c83a2cc9acb28aa860b7d64e3e55747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://winmoney.click
Referer: https://fonts.googleapis.com/

Response headers

age: 59275
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 12 Nov 2025 20:01:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 20:01:44 GMT
last-modified: Thu, 01 Aug 2024 20:41:18 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18540
x-xss-protection: 0
server: sffe

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
125 KB 37ms
16ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Material+Icons&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://winmoney.click
Referer: https://fonts.googleapis.com/

Response headers

age: 592468
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:55:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:55:11 GMT
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 128352
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 29ms
9ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://winmoney.click
Referer: https://fonts.googleapis.com/

Response headers

age: 594611
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:19:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:19:28 GMT
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18492
x-xss-protection: 0
server: sffe

GET
H3 400 65.png
winmoney.click/native/4/65/ 120 B
922 B 409ms
408ms Other
application/json 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winmoney.click/native/4/65/65.png?s=50x50

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df6e18effc2e072e13f591793362405ca9e23ef03f06da8bc5f82cd5f1dfe81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: Authorization
cf-cache-status: BYPASS
etag: W/"78-k0D0Ogx1EgLJZyjbPKBdURMLz6k"
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5vvQ9fePkPESg0RJG41Va3JrjcgbxQrCUEfDuuh4yMTdDwu2jGzsEalH3XnR58n%2B%2Bbd3HsXUFKK8YLJCrIVuOurExgHeXj4bmUw%2BJkhHDeaTKmA%2FssPB3a3IdwktyJWuLA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=152310&sent=3817&recv=480&lost=10&retrans=10&sent_bytes=4470296&recv_bytes=32008&delivery_rate=904697&cwnd=165858&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=5237&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 12:29:40 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
referrer-policy: no-referrer
x-download-options: noopen
cf-ray: 8e1ec4c62c0da3c5-SEA
access-control-allow-origin: *
content-length: 120
x-xss-protection: 0
content-language: de-DE
server: cloudflare

GET
H3 200 manifest.json
winmoney.click/ 2 KB
1 KB 407ms
406ms Manifest
application/manifest+json 104.21.84.179
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winmoney.click/manifest.json

Requested by

Host: winmoney.click
URL: https://winmoney.click/assets/old/js/main.min.js?v=34.0.0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.84.179 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0997b98419bb0136831d7e40c891b26ed643d621d4a6558ba9a356411ec02222

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: Authorization
content-encoding: zstd
cf-cache-status: DYNAMIC
etag: W/"71e-EUuWkRfKzYk5wjis5LDtaY4I0lI"
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=njuSvh8TXmQNAD%2F2dKLdebeTuIvYFHpGhxEWylCjQWzkM5U0noUDLz35uvnxd4WkL%2BkQnpN97uDzlvlhv983YPhcWuqY07sGtqbPSkI%2Bsd1%2FRL5hOue6rvdTvOMYZwOaGw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=151172&sent=3819&recv=483&lost=10&retrans=10&sent_bytes=4471267&recv_bytes=32390&delivery_rate=4594&cwnd=165858&unsent_bytes=0&cid=4a81ebff42a9aef1&ts=5604&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 12:29:40 GMT
content-type: application/manifest+json; charset=utf-8
strict-transport-security: max-age=15552000; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
referrer-policy: no-referrer
x-download-options: noopen
cf-ray: 8e1ec4c87e7da3c5-SEA
access-control-allow-origin: *
x-xss-protection: 0
content-language: de-DE
server: cloudflare

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| convertNumbersToBengali function| UAParser object| serviceWorkerRegistration

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			winmoney.click/	1970-01-21 09:43:56	Name: pwauid Value: ozf2AJJdQL0KF-Ii

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://winmoney.click/native/4/65/65.png?s=50x50 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
netdna.bootstrapcdn.com
winmoney.click
104.18.10.207
104.21.84.179
142.250.185.227
2a00:1450:4001:829::200a
0997b98419bb0136831d7e40c891b26ed643d621d4a6558ba9a356411ec02222
0ebb9fe215655ca06215613c88e1e46b9d460f0dc32e3577d4f0593701cae3f5
19435ba5379739e0978aa206d58163f5249a1e004f77ed217a215fa2844229e6
1b4d62246577dee6135cfa6bd090e515f18ee1b8525fa8c704a03365c231c61e
29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f
38ec1d8b7d4b66f131f79489feca40ff46a74bd2e6500c2d1dc2cceb737a4ef5
3d1510bb842ca08d4529ada5711e0bd4724153439efe49c5ff6f2f8d36c23027
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
56fc979d23fae12c095b7355824ebcbf69a97fa45ebaa4163bd22c55420ecc2f
598cb05aaee02a2df13235738ff11495ece470c177bd203f1dca1bfac1b1aef4
6a3c3d097e2d70156d0333786c9466341c4ebc8bc84dc6b9ad4d5cee4a45c449
6df6e18effc2e072e13f591793362405ca9e23ef03f06da8bc5f82cd5f1dfe81
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
84fb738434707947d1004c6f02d33b0bc12da6f581990ec4999c4c484b8f88dd
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8aa0172c27fb4cc1f6dc0c438a4b151ab4a1881addda0a86aa519a518de11ef6
8f59d0e7fb1633ad01bba07add78170d07fa4ecfc945e70dad153ef745b50168
9137b07942abada9db72a2a5596506a46532a071339fd07f7434a76017bbacd0
96643bfad5a17eada947d707441559202c83a2cc9acb28aa860b7d64e3e55747
a67c617ecbe79765f2c70b4b6dadec010b91cec9ea8fe749f8c0f23248373151
ada08fd847255de812a234dc4cd8384e6c0dd77c0ba492a64ff970306660ea68
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b6199fbd8d68e92fbe9352a327a1cdfe5557e2bd9a8af62d73ab4d46f3fb8192
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
c9ed596b51408caa7810d9bf900f51b7375c10f9ace7b809a7a236014f7a9902
d63a33697c0ee0a4acb9b9cb7ca04929bcf44e9cb6d60f4efed0ec5b8d0b5376
d74474c4a2f1bed3958984d8b6d743daced4fa9f2dcd5b4251295867b23e61d6
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
d9cd7c73d08775e0d258d81cd2480c61ea77ab82ba7b50d399392c1f93f62d57
e83c7215bc8fc58ea06d5e459ee3c3823cb9a556f967326884189f281699e33e
e8c1d3a2409988cc1f0be96f4dd942321810fd696fbf642209642e6454613330

winmoney.click Open in urlscan Pro 104.21.84.179 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

34 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

4485 kBTransfer

4643 kBSize

1 Cookies

0 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

winmoney.click Open in urlscan Pro
104.21.84.179 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

4485 kB
Transfer

4643 kB
Size

1
Cookies

34 HTTP transactions
0 data transactions