thewinclubes.com Open in urlscan Pro
18.164.174.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://storage.googleapis.com/a3e03486629dffb/optygfroiuyt#pFVgER
Effective URL:
https://thewinclubes.com/
Submission: On May 02 via manual (May 2nd 2023, 9:50:19 am UTC) from FR — Scanned from FR

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 11 domains to perform 30 HTTP transactions. The main IP is 18.164.174.68, located in United States and belongs to AMAZON-02, US. The main domain is thewinclubes.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on January 31st 2023. Valid for: a year.

This is the only time thewinclubes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:1450:400... 2a00:1450:4001:803::2010	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:483... 2a05:d018:483:6110:cf06:58f0:8ffa:7743	16509 (AMAZON-02) (AMAZON-02)
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 21	18.164.174.68 18.164.174.68	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3032::6815:2d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	10

1 2a00:1450:4001:803::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:483:6110:cf06:58f0:8ffa:7743 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

cfstrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.g33tr4c3r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 18.164.174.68 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-164-174-68.lax53.r.cloudfront.net

thewinclubes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

wellnessoasis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:2d8 (United States)

ASN13335 (CLOUDFLARENET, US)

flagcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	thewinclubes.com 1 redirects thewinclubes.com	545 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	21 KB
2	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 625 fonts.googleapis.com — Cisco Umbrella Rank: 119	2 KB
1	flagcdn.com flagcdn.com — Cisco Umbrella Rank: 48224	696 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	wellnessoasis.net wellnessoasis.net
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166	346 B
1	gstatic.com fonts.gstatic.com	44 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1543	12 KB
1	g33tr4c3r.com 1 redirects www.g33tr4c3r.com	849 B
1	cfstrck.com 1 redirects cfstrck.com	3 KB
30	11

	Domain	Requested by
21	thewinclubes.com	1 redirects storage.googleapis.com thewinclubes.com
2	www.google-analytics.com	thewinclubes.com www.google-analytics.com
1	flagcdn.com	thewinclubes.com
1	www.facebook.com	thewinclubes.com
1	wellnessoasis.net	thewinclubes.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	use.fontawesome.com	thewinclubes.com
1	fonts.googleapis.com	thewinclubes.com
1	www.g33tr4c3r.com	1 redirects
1	cfstrck.com	1 redirects
1	storage.googleapis.com
30	12

This site contains no links.

Subject Issuer	Validity	Valid
storage.googleapis.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.thewinclubes.com Amazon RSA 2048 M01	`2023-01-31` - `2024-02-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.wellnessoasis.net GTS CA 1P5	`2023-04-10` - `2023-07-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-08` - `2023-05-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://thewinclubes.com/
Frame ID: F36EB344852FD8E276BD896AEA5660BC
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Offre spéciale | AMPOULE LED SUPER EFFICACE

Page URL History Show full URLs

https://storage.googleapis.com/a3e03486629dffb/optygfroiuyt Page URL
https://cfstrck.com/?a=94006&c=300509 HTTP 302
https://www.g33tr4c3r.com/8LJN3/6JHXF/?uid=2207&sub1=94006&sub2=&sub3=ace2053d88854ba08d5fcfa5c51f6ec0... HTTP 302
https://thewinclubes.com/o/39FC2383?clickid=582868bb834e46809a7828d1c3f69c4b&subid=94006&sourceid=&da... HTTP 302
https://thewinclubes.com/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

30
Requests

100 %
HTTPS

92 %
IPv6

11
Domains

12
Subdomains

10
IPs

4
Countries

626 kB
Transfer

1023 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://storage.googleapis.com/a3e03486629dffb/optygfroiuyt Page URL
https://cfstrck.com/?a=94006&c=300509 HTTP 302
https://www.g33tr4c3r.com/8LJN3/6JHXF/?uid=2207&sub1=94006&sub2=&sub3=ace2053d88854ba08d5fcfa5c51f6ec01c250 HTTP 302
https://thewinclubes.com/o/39FC2383?clickid=582868bb834e46809a7828d1c3f69c4b&subid=94006&sourceid=&data=199.48.45.32001%3A41d0%3A8%3Ad154%3A%3A41.164.22.1846646254.1683021011.1586856147 HTTP 302
https://thewinclubes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 optygfroiuyt
storage.googleapis.com/a3e03486629dffb/ 181 B
664 B 99ms
27ms Document
text/html 2a00:1450:4001:803::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/a3e03486629dffb/optygfroiuyt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 126
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 181
content-type: text/html
date: Tue, 02 May 2023 09:48:05 GMT
etag: "44eac045b8d788aa9fedc5a14ed075a5"
expires: Tue, 02 May 2023 10:48:05 GMT
last-modified: Sat, 22 Apr 2023 03:17:44 GMT
server: UploadServer
x-goog-generation: 1682133464902770
x-goog-hash: crc32c=WxrolQ== md5=ROrARbjXiKqf7cWhTtB1pQ==
x-goog-metageneration: 3
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 181
x-guploader-uploadid: ADPycdsWSZjO4cAeOAGf_kc7zhmZIHSSreUyScoCNGSRBb_9UeczTKKQzKwqQf_ppZN5yT9LZvuQNi8N4PbjPj7_ASMGwA

GET
H2

200

Primary Request / Show response
thewinclubes.com/
Redirect Chain

https://cfstrck.com/?a=94006&c=300509
https://www.g33tr4c3r.com/8LJN3/6JHXF/?uid=2207&sub1=94006&sub2=&sub3=ace2053d88854ba08d5fcfa5c51f6ec01c250
https://thewinclubes.com/o/39FC2383?clickid=582868bb834e46809a7828d1c3f69c4b&subid=94006&sourceid=&data=199.48.45.32001%3A41d0%3A8%3Ad154%3A%3A41.164.22.1846646254.1683021011.1586856147
https://thewinclubes.com/

13 KB
4 KB

455ms
454ms

Document
text/html

18.164.174.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thewinclubes.com/

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/a3e03486629dffb/optygfroiuyt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.174.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-174-68.lax53.r.cloudfront.net

Software

nginx /

Resource Hash

14073fe25f49c59b78a4960f57b66faa02f71c46491be064fcecb0d284299035

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://storage.googleapis.com/a3e03486629dffb/optygfroiuyt#pFVgER
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: max-age=0, must-revalidate, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 02 May 2023 09:50:13 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-id: ItAoUdhIzmlpwyUjkTG6J4Ro-V4qqmjdWXzCbNLQgGbUZsmqadC-3A==
x-amz-cf-pop: LAX53-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=0, must-revalidate, private
content-type: text/html; charset=UTF-8
date: Tue, 02 May 2023 09:50:12 GMT
location: /
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-id: uWG-wclSO4S5v83Pn96kChVZTPLlpoH_uY2-sm3sRt6fUyfc6ON5KQ==
x-amz-cf-pop: LAX53-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 index.css
thewinclubes.com/lp/_common/libs/payment-form/dist/ 16 KB
4 KB 436ms
435ms Stylesheet
text/css 18.164.174.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thewinclubes.com/lp/_common/libs/payment-form/dist/index.css?1683021013

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.174.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-174-68.lax53.r.cloudfront.net

Software

nginx /

Resource Hash

4916f977c7c0a73275020871b382f13041f115c54b4f8cf0130381e06e6e0308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Tue, 11 Apr 2023 08:18:08 GMT
server: nginx
content-encoding: gzip
x-amz-cf-pop: LAX53-P4
etag: W/"643517c0-4048"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-cache: Miss from cloudfront
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-id: 3NsYs5-LlvTSd1u9Gd5OZpcnPQ2Nh0xRQYj96ZfvM70ujBwogFgkxQ==
x-xss-protection: 1; mode=block

GET
H2 200 index.js Show response
thewinclubes.com/lp/_common/libs/payment-form/dist/ 231 KB
76 KB 443ms
442ms Script
application/javascript 18.164.174.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thewinclubes.com/lp/_common/libs/payment-form/dist/index.js?1683021013

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.174.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-174-68.lax53.r.cloudfront.net

Software

nginx /

Resource Hash

0dbca8a66e76458caeca1312d6d6b5f20dfa8b457e47ab197f240d6d4c58c468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thewinclubes.com/
Origin: https://thewinclubes.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 11:19:30 GMT
server: nginx
content-encoding: gzip
x-amz-cf-pop: LAX53-P4
etag: W/"644908c2-39a3f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-cache: Miss from cloudfront
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-id: Cf64axXOb4kDzacDoazaRudYIKbqGDIg62uD045yGasP1gIK4q134Q==
x-xss-protection: 1; mode=block

GET
H2 200 index.css
thewinclubes.com/lp/template-led-bulb.src/ 162 KB
19 KB 456ms
456ms Stylesheet
text/css 18.164.174.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thewinclubes.com/lp/template-led-bulb.src/index.css?1683021013

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.174.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-174-68.lax53.r.cloudfront.net

Software

nginx /

Resource Hash

428b5053a155f3dee9427504dd629a47ac990d036cb1d99c2bf8ba6cca26a966

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Thu, 02 Mar 2023 14:32:45 GMT
server: nginx
content-encoding: gzip
x-amz-cf-pop: LAX53-P4
etag: W/"6400b38d-28868"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-cache: Miss from cloudfront
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-id: E30cvRnJBOMxSpp5m_tUxgPpULBhN5IWd7hur8ToEK_Wde7HtoRwrQ==
x-xss-protection: 1; mode=block

GET
H2 200 index.js Show response
thewinclubes.com/lp/template-led-bulb.src/ 2 KB
1 KB 615ms
613ms Script
application/javascript 18.164.174.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thewinclubes.com/lp/template-led-bulb.src/index.js?1683021013

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.174.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-174-68.lax53.r.cloudfront.net

Software

nginx /

Resource Hash

5c0ab24ed01ad574cca075d2661ea355031ad0fc2bf22508384130351adc952a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Thu, 02 Mar 2023 14:32:45 GMT
server: nginx
content-encoding: gzip
x-amz-cf-pop: LAX53-P4
etag: W/"6400b38d-8d1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-cache: Miss from cloudfront
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-id: Y28VYhEd0T8BNjrKOD1hvjgCefbQWUfQjl7qtMcEW0EOkJDUgMLzzQ==
x-xss-protection: 1; mode=block

GET
H2 200 head1.png
thewinclubes.com/lp/template-led-bulb.src/img/ 1 KB
1 KB 616ms
613ms Image
image/png 18.164.174.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thewinclubes.com/lp/template-led-bulb.src/img/head1.png

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.174.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-174-68.lax53.r.cloudfront.net

Software

nginx /

Resource Hash

5110ad16d7ca5c0eee29fcc7d3e828e0610e6dfde431be150ff23d34c5010a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
server: nginx
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX53-P4
etag: "61165b63-42c"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1068
x-xss-protection: 1; mode=block
x-amz-cf-id: KvlmDkAno9uDmKAxsqknQDyivqAEv0Avi0DYvC3rRvr3JV5Ggm3kgw==

GET
H2 200 head2.png
thewinclubes.com/lp/template-led-bulb.src/img/ 982 B
1 KB 472ms
470ms Image
image/png 18.164.174.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thewinclubes.com/lp/template-led-bulb.src/img/head2.png

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.174.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-174-68.lax53.r.cloudfront.net

Software

nginx /

Resource Hash

8c8ee19febc8b79281e58733bed14453ff0f666237991b12167ef9077f0f41de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
server: nginx
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX53-P4
etag: "61165b63-3d6"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 982
x-xss-protection: 1; mode=block
x-amz-cf-id: Qz1_A5bnVQMIXVlYqH3VPqxf-tb9s4FZv5nkWtviR7QN3im3AuidFA==

GET
H2 200 head3.png
thewinclubes.com/lp/template-led-bulb.src/img/ 913 B
1 KB 612ms
609ms Image
image/png 18.164.174.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thewinclubes.com/lp/template-led-bulb.src/img/head3.png

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.174.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-174-68.lax53.r.cloudfront.net

Software

nginx /

Resource Hash

ee57bb991736ef071270b69fd8720fc9046fcbeaa6533ef9ef0090a6ff4a4f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
server: nginx
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX53-P4
etag: "61165b63-391"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 913
x-xss-protection: 1; mode=block
x-amz-cf-id: F0slFP9AUfCVUkGA7pnJ5C5YRg9Qgvt-JMEmJdYYPTfsL0j3YcD2JQ==

GET
H2 200 head4.png
thewinclubes.com/lp/template-led-bulb.src/img/ 996 B
1 KB 611ms
608ms Image
image/png 18.164.174.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thewinclubes.com/lp/template-led-bulb.src/img/head4.png

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.174.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-174-68.lax53.r.cloudfront.net

Software

nginx /

Resource Hash

e4a815e57a6e5242f86f07f5d3857167b3d6da38e9574e3512cba7e34fec992e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
server: nginx
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX53-P4
etag: "61165b63-3e4"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 996
x-xss-protection: 1; mode=block
x-amz-cf-id: o1IPAhY_0t_Ye7ppfezRhinRLUiBFKy8dfZO31vBU7T4mxQ8X-aGhw==

GET
H2 200 product-main.png
thewinclubes.com/lp/template-led-bulb.src/img/ 85 KB
85 KB 478ms
476ms Image
image/png 18.164.174.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thewinclubes.com/lp/template-led-bulb.src/img/product-main.png

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.174.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-174-68.lax53.r.cloudfront.net

Software

nginx /

Resource Hash

15169ca2c38b3d1d40c7ae6c81135238850018aa59445ac60c9713efcea7353b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
server: nginx
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX53-P4
etag: "61165b63-153b3"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 86963
x-xss-protection: 1; mode=block
x-amz-cf-id: j6kM2Zoy7xDaIQO7Zmjc6-Hheb_duTkj7cSAI1T0HD5qjHWU5Djx9A==

GET
H2 200 midimages.png
thewinclubes.com/lp/template-led-bulb.src/img/ 232 KB
233 KB 592ms
590ms Image
image/png 18.164.174.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thewinclubes.com/lp/template-led-bulb.src/img/midimages.png

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.174.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-174-68.lax53.r.cloudfront.net

Software

nginx /

Resource Hash

611c9283c8e78fe32825713120a5b251cdc4af1e2d041f651e9f191d9da417ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:13 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
server: nginx
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX53-P4
etag: "61165b63-3a198"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 237976
x-xss-protection: 1; mode=block
x-amz-cf-id: gq5PhVu9OXVq_5COKemq4X1FyHlJl_gLZebP8AC7fPlanEQyiDYUNg==

GET
H2 200 ic1.png
thewinclubes.com/lp/template-led-bulb.src/img/ 1 KB
2 KB 721ms
719ms Image
image/png 18.164.174.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thewinclubes.com/lp/template-led-bulb.src/img/ic1.png

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.174.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-174-68.lax53.r.cloudfront.net

Software

nginx /

Resource Hash

ffb722848ac2830bde2963a51616683b535d648500e93ee28b11bf5aa7de14fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:14 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
server: nginx
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX53-P4
etag: "61165b63-5d2"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1490
x-xss-protection: 1; mode=block
x-amz-cf-id: PipiF_CBf5T0bQR7PyBRVdd6cbEGnoDqnbhsFmd3YFwkSC_83VKrpQ==

GET
H2 200 ic2.png
thewinclubes.com/lp/template-led-bulb.src/img/ 1 KB
2 KB 738ms
736ms Image
image/png 18.164.174.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thewinclubes.com/lp/template-led-bulb.src/img/ic2.png

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.174.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-174-68.lax53.r.cloudfront.net

Software

nginx /

Resource Hash

4befec109f41d7895165601f7a9a74fe3b20484a40e9cf168855b671bdb0b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:14 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
server: nginx
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX53-P4
etag: "61165b63-5e2"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1506
x-xss-protection: 1; mode=block
x-amz-cf-id: fOgwbOlNs7KEORAGHp3dBB2O6vzVJHfGTZLeIzRWcYpCcQnJUhpNqw==

GET
H2 200 ic3.png
thewinclubes.com/lp/template-led-bulb.src/img/ 1 KB
2 KB 635ms
633ms Image
image/png 18.164.174.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thewinclubes.com/lp/template-led-bulb.src/img/ic3.png

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.174.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-174-68.lax53.r.cloudfront.net

Software

nginx /

Resource Hash

7be3332c69a736617cbb9229a62c71c5f937105848db3cf537a1b47111ada775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:14 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
server: nginx
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX53-P4
etag: "61165b63-5de"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1502
x-xss-protection: 1; mode=block
x-amz-cf-id: ud_BhjjrhoZtBbFZtDKAOt_paFcUAy7MPe7KPQ3WDAdSzxDkHf7ULA==

GET
H2 200 ic4.png
thewinclubes.com/lp/template-led-bulb.src/img/ 1 KB
2 KB 640ms
639ms Image
image/png 18.164.174.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thewinclubes.com/lp/template-led-bulb.src/img/ic4.png

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.174.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-174-68.lax53.r.cloudfront.net

Software

nginx /

Resource Hash

62585d0741d1ab378a375e19e22a6b96c1f5b4dcbfc1e0dba06ba26f2b7eca17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:14 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
server: nginx
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX53-P4
etag: "61165b63-5a8"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1448
x-xss-protection: 1; mode=block
x-amz-cf-id: EmrPlaVkvj75t4QeiK5wMJfU1-H_bjnIuLu29ARYxM1fu_9jgEZ1Ig==

GET
H2 200 ic5.png
thewinclubes.com/lp/template-led-bulb.src/img/ 2 KB
2 KB 737ms
735ms Image
image/png 18.164.174.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thewinclubes.com/lp/template-led-bulb.src/img/ic5.png

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.174.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-174-68.lax53.r.cloudfront.net

Software

nginx /

Resource Hash

eabc89696374ac3f27774c6931c5b9ce3e63270d1f55a9f3e3c2abcd5fda603a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:14 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
server: nginx
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX53-P4
etag: "61165b63-771"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1905
x-xss-protection: 1; mode=block
x-amz-cf-id: 6mx03BplW96fFmet40SfO7ygSDI7olV5pT1dME06UTtAhqrMljNYEg==

GET
H2 200 ic6.png
thewinclubes.com/lp/template-led-bulb.src/img/ 2 KB
2 KB 637ms
636ms Image
image/png 18.164.174.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thewinclubes.com/lp/template-led-bulb.src/img/ic6.png

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.174.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-174-68.lax53.r.cloudfront.net

Software

nginx /

Resource Hash

96b2e72bb9a3dca2506fbcfa09a4b538ca3970515a047a5369a0e519ce63eba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:14 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
server: nginx
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX53-P4
etag: "61165b63-6e0"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1760
x-xss-protection: 1; mode=block
x-amz-cf-id: q_Hao6gK-X-U558wcU790oVgWIZZuBx-1I7xprSNa3WWuHaRX6Af8w==

GET
H2 200 product.jpg
thewinclubes.com/lp/template-led-bulb.src/img/ 29 KB
29 KB 647ms
646ms Image
image/jpeg 18.164.174.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thewinclubes.com/lp/template-led-bulb.src/img/product.jpg

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.174.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-174-68.lax53.r.cloudfront.net

Software

nginx /

Resource Hash

e728220f7d3f777af859fb8125b90050dac10089cfcdb1e1bef78f2e4fff217f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:14 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
server: nginx
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX53-P4
etag: "61165b63-73ee"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 29678
x-xss-protection: 1; mode=block
x-amz-cf-id: hCH5EJf5CnYzem9k-rGVQ2XnVqdkAL0cEUvyUduuVi2nApBvmw_H6w==

GET
H2 200 paycards.png
thewinclubes.com/lp/_global/img/ 38 KB
39 KB 721ms
720ms Image
image/png 18.164.174.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thewinclubes.com/lp/_global/img/paycards.png

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.174.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-174-68.lax53.r.cloudfront.net

Software

nginx /

Resource Hash

bcbba6b1642f8d581cca594275c19501804c452b19376f27ffada1d5141c8389

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:14 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Tue, 03 Aug 2021 20:40:22 GMT
server: nginx
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX53-P4
etag: "6109a9b6-9951"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 39249
x-xss-protection: 1; mode=block
x-amz-cf-id: QoOoTCie1zCSpW9OEXg73ujbIaaCzRHBbZP04LD-GDdKN5u4DBH29Q==

GET
H2 200 css
fonts.googleapis.com/ 18 KB
1 KB 94ms
36ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/lp/template-led-bulb.src/index.css?1683021013

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

956e74115c3fce160975e1f4133892b3f63a6835be3a848c2257760b4fca076f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 May 2023 09:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 02 May 2023 09:50:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 May 2023 09:50:14 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.1/css/ 54 KB
12 KB 74ms
33ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by: Host: thewinclubes.com
URL: https://thewinclubes.com/lp/template-led-bulb.src/index.css?1683021013
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QYRYHR760YQ5NFAV
age: 1087358
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 4WPRlx7r55sEpRImpnt3yFnulQgZ4aKjTVoYMgZ3DTFQLYhZEX5JRKEq1a070M36gNEHMs4wwlI=
last-modified: Wed, 30 Jun 2021 15:46:39 GMT
server: cloudflare
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZYcYt%2BvjlYeOUA0Y1svyXG7Sj5Q1yGzrTAekJv4qJwRnV3ZnghIRAw7h9upIwVswrl6FlZz%2FJ%2FGyto4lSG%2FlW8XR%2B5rhdrExdcHZ3PP0j%2BM1pepmjp%2BZ9Myf79PvUe%2BvRMD8viB30MnbQul4auZJXYo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7c0f5bdb5c1c75b9-LHR

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 81ms
25ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 May 2023 08:35:44 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4470
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 02 May 2023 10:35:44 GMT

GET
H2 200 bg.jpg
thewinclubes.com/lp/template-led-bulb.src/img/ 35 KB
35 KB 293ms
293ms Image
image/jpeg 18.164.174.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thewinclubes.com/lp/template-led-bulb.src/img/bg.jpg

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/lp/template-led-bulb.src/index.css?1683021013

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.174.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-174-68.lax53.r.cloudfront.net

Software

nginx /

Resource Hash

8d665608b4150f798d8c8593b95972669fe48b29e59e3998b466a5797c8f2f17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/lp/template-led-bulb.src/index.css?1683021013
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:14 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
server: nginx
via: 1.1 b7f2e03ea82ba959032d68c9a16e911e.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX53-P4
etag: "61165b63-8b6a"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 35690
x-xss-protection: 1; mode=block
x-amz-cf-id: MwCu9H2ztxPAG9u7VqvzKvc5lNpZ5agNHm960WM2iCFvQLYuNkVmvA==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 84ms
25ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thewinclubes.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:01:02 GMT
x-content-type-options: nosniff
age: 233352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 17:01:02 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 32ms
31ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=76850918&t=pageview&_s=1&dl=https%3A%2F%2Fthewinclubes.com%2F&dr=https%3A%2F%2Fstorage.googleapis.com%2F&ul=en-us&de=UTF-8&dt=Offre%20sp%C3%A9ciale%20%7C%20AMPOULE%20LED%20SUPER%20EFFICACE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=634839747&gjid=1974581161&cid=914461207.1683021014&tid=UA-103066933-1&_gid=1089957766.1683021014&_r=1&_slc=1&z=259314203

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thewinclubes.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 May 2023 09:50:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thewinclubes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 67ms
22ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-103066933-1&cid=914461207.1683021014&jid=634839747&gjid=1974581161&_gid=1089957766.1683021014&_u=IEBAAEAAAAAAACAAI~&z=1591706909

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thewinclubes.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 02 May 2023 09:50:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thewinclubes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 201 st
wellnessoasis.net/ 0
0 95ms
54ms Fetch 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wellnessoasis.net/st?i=1&t=template-led-bulb&g=fr
Requested by: Host: thewinclubes.com
URL: https://thewinclubes.com/lp/_common/libs/payment-form/dist/index.js?1683021013
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://thewinclubes.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abMorZ0Q%2BrahOuvrINuc7Cq7ezGmMkOUw6OjXSAUH1DqIV2xFGuaOXRe%2FrnEgXA2jWVHkFNbgERBaJYDA%2FCXQgs0HmNieedNX0yO6JBlc4%2FW5zM4AgC7kcBzitj7%2B%2BwL3rLcI9OiU2KMYWJ5NT9Ong%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7c0f5bdddaff3cfb-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 tr
www.facebook.com/ 0
185 B 69ms
22ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=&ev=PageView&noscript=1

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 02 May 2023 09:50:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 fr.svg
flagcdn.com/ 194 B
696 B 64ms
24ms Image
image/svg+xml 2606:4700:3032::6815:2d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://flagcdn.com/fr.svg

Requested by

Host: thewinclubes.com
URL: https://thewinclubes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

562a4c9c6601bfbd1c4a3209c47f2b840650a431041f6616b8af9a0eaa888489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://thewinclubes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:50:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 778499
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 Nov 2020 12:03:17 GMT
server: cloudflare
etag: W/"5fb65f05-c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBuIiGgFqfbjre5cCNg0ROMDQ2OcLMaV%2F7%2FGOJqenFz%2B8HUSsdpTd9ir3wEjcGq8vNqaXICmINzPZ2wlruBLYcRF%2BgrgNQIuV2ZwMyo%2Btv2NVaIMdG1GpxQKBOBph%2FlA0TMTY13h73ZPWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-maxage=2678400
cf-ray: 7c0f5bdde95ad672-CDG

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cfstrck.com/	1970-01-20 13:39:57	Name: gdm_click_adv_freq_v2_1_001 Value: HSUfoXMu3hf0403QIr/sBN1F4C++eFUdYRM+PndMA5HGMIVsxVNpp3MzNvYkODHc
.cfstrck.com/	1970-01-20 13:39:57	Name: gdm_suid_v2_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ==
.cfstrck.com/	1970-01-20 13:39:57	Name: gdm_uid_v2_1_001 Value: 3ig/3QXoNm+9ZmI8444kFxJY9e8v+HLhO6jvPaUaqjUOMCtQXGGk3EYnPgKQBdXf
.cfstrck.com/	1970-01-20 13:39:57	Name: gdm_click_freq_v1_1_001 Value: YTEuhUF2hjPJ+ShCBRj4Rgp8zqrgr39kSIEIWQLoAaPgOKvlXuRFJ8QanfNdtqcp
.cfstrck.com/	1970-01-20 13:39:57	Name: gdm_click_adv_freq_v1_1_001 Value: HSUfoXMu3hf0403QIr/sBN1F4C++eFUdYRM+PndMA5HGMIVsxVNpp3MzNvYkODHc
.cfstrck.com/	1970-01-20 13:39:57	Name: gdm_click_freq_v2_1_001 Value: YTEuhUF2hjPJ+ShCBRj4Rgp8zqrgr39kSIEIWQLoAaPgOKvlXuRFJ8QanfNdtqcp
.cfstrck.com/	1970-01-20 13:39:57	Name: gdm_uid_v1_1_001 Value: 3ig/3QXoNm+9ZmI8444kFxJY9e8v+HLhO6jvPaUaqjUOMCtQXGGk3EYnPgKQBdXf
.cfstrck.com/	1970-01-20 13:39:57	Name: gdm_sid_v2_3_001 Value: vO6/m7E5TphAH5ss8k0diB7oDz/c1qPapjSnanYLcJhr1H1mRdBNUswBxoj8hEnnXhM3aQXJmMLvbqAp9jc9TTduWEtn+r/eloNGuYWs8HbC+QMLe5lCKnj8HqarOekkAocCtnE8IlgN0Lc/mVKSroQq9Glt+t45y2MNpobdGh4zT9I2LgUhH4vEr+1zO9JVx0LLmUrWKq2plHL6sAxgGSARDL1/wE8vGsE6Z9mHz6izB75Kk8hBkrCgFYr/PUWFJdDuZ39OmY6WyjyxlS3V9cLhmbyyT97GFCZc8sKukF3M5d2QNvED1AJfYzEhE2rpX/8fAOFHVRIakN9AsSI1u0VI8V7Bily48xyh7HRPArluSW+6HvhF6uKjbA3/aBy1nHDmBRpdcpEB3IUe5ZV1LHtGHRcYYqBYxT63t5zrF0kU+T6x7z4FXT2NZZrI0myD4gaX/xwnxzkj4dnrheq3URc2G4oMe7IFbOD4MN2ITUEi/kuRpioc7u06fbsDFeN8XXhL/zkAr4zwi2hyshVH5CLSse0C9iaXsgkdOhQKms3PeLunwCOSn94/MZIQ17q+QrXCLq1CZT14Zvqj5wya3vlIwYsQvX67rrieSqZIH07ZAFYHvZ/FKvGCnoLpIIZ4+3QaqqRRi4Tdeyjq0HkwNGt9LAptdEhCtkHHG0Lolz56n/vFRGvIgItQ4sxyRSrSjOAFUJFP7cZrOd6++FHoLOk8CzcQoFX0/P9gFgWf/2VTcEVoTLJ1D7ogXF1NEenb9da1M7SNj3ApDfzu6gATqUG1Pb9ENwFmEdQTTKxYL2I6EIG6Wgi8i0ykf78FWKliT6MZhxoBW2yv5toMXIiDCs7mVDdQcc2xcMpWzsQ1UpES6kB/DXCdQ+ZMOkkl5uNCpPGiw3MdGf/EAEs875L7tmKCQF5YtKU8jPWVDE3sY4EytDzW/aZGR3pN4NcD78jcR58t+8f26KyT/ODUc/5y39ELIdGtvUcfkYIGkXjN8aC8tUlwsM6Uu80zYxYvC2EKtuVhBmMOYz7P5mH2PN3LHPhnwBxwPyvoNJo/KLe0ebHD6enPLAIZEZwUIKBxEP19LI3IeMCCfWBZ7kCCwvDldQ==
.cfstrck.com/	1970-01-20 13:39:57	Name: gdm_suid_v1_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ==
.cfstrck.com/	1970-01-20 13:39:57	Name: gdm_sid_v1_3_001 Value: vO6/m7E5TphAH5ss8k0diB7oDz/c1qPapjSnanYLcJhr1H1mRdBNUswBxoj8hEnnXhM3aQXJmMLvbqAp9jc9TTduWEtn+r/eloNGuYWs8HbC+QMLe5lCKnj8HqarOekkAocCtnE8IlgN0Lc/mVKSroQq9Glt+t45y2MNpobdGh4zT9I2LgUhH4vEr+1zO9JVx0LLmUrWKq2plHL6sAxgGSARDL1/wE8vGsE6Z9mHz6izB75Kk8hBkrCgFYr/PUWFJdDuZ39OmY6WyjyxlS3V9cLhmbyyT97GFCZc8sKukF3M5d2QNvED1AJfYzEhE2rpX/8fAOFHVRIakN9AsSI1u0VI8V7Bily48xyh7HRPArluSW+6HvhF6uKjbA3/aBy1nHDmBRpdcpEB3IUe5ZV1LHtGHRcYYqBYxT63t5zrF0kU+T6x7z4FXT2NZZrI0myD4gaX/xwnxzkj4dnrheq3URc2G4oMe7IFbOD4MN2ITUEi/kuRpioc7u06fbsDFeN8XXhL/zkAr4zwi2hyshVH5CLSse0C9iaXsgkdOhQKms3PeLunwCOSn94/MZIQ17q+QrXCLq1CZT14Zvqj5wya3vlIwYsQvX67rrieSqZIH07ZAFYHvZ/FKvGCnoLpIIZ4+3QaqqRRi4Tdeyjq0HkwNGt9LAptdEhCtkHHG0Lolz56n/vFRGvIgItQ4sxyRSrSjOAFUJFP7cZrOd6++FHoLOk8CzcQoFX0/P9gFgWf/2VTcEVoTLJ1D7ogXF1NEenb9da1M7SNj3ApDfzu6gATqUG1Pb9ENwFmEdQTTKxYL2I6EIG6Wgi8i0ykf78FWKliT6MZhxoBW2yv5toMXIiDCs7mVDdQcc2xcMpWzsQ1UpES6kB/DXCdQ+ZMOkkl5uNCpPGiw3MdGf/EAEs875L7tmKCQF5YtKU8jPWVDE3sY4EytDzW/aZGR3pN4NcD78jcR58t+8f26KyT/ODUc/5y39ELIdGtvUcfkYIGkXjN8aC8tUlwsM6Uu80zYxYvC2EKtuVhBmMOYz7P5mH2PN3LHPhnwBxwPyvoNJo/KLe0ebHD6enPLAIZEZwUIKBxEP19LI3IeMCCfWBZ7kCCwvDldQ==
thewinclubes.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 42r6orlp6hbro4f54ei3lhnmoo
.thewinclubes.com/	1970-01-20 21:06:21	Name: _ga Value: GA1.2.914461207.1683021014
.thewinclubes.com/	1970-01-20 11:31:47	Name: _gid Value: GA1.2.1089957766.1683021014
.thewinclubes.com/	1970-01-20 11:30:21	Name: _gat Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cfstrck.com
flagcdn.com
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
storage.googleapis.com
thewinclubes.com
use.fontawesome.com
wellnessoasis.net
www.facebook.com
www.g33tr4c3r.com
www.google-analytics.com
18.164.174.68
2606:4700:3032::6815:2d8
2606:4700:e2::ac40:840f
2a00:1450:4001:803::2010
2a00:1450:4001:806::2003
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:400c:c07::9b
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:483:6110:cf06:58f0:8ffa:7743
2a06:98c1:3120::3
2a06:98c1:3121::3
0dbca8a66e76458caeca1312d6d6b5f20dfa8b457e47ab197f240d6d4c58c468
14073fe25f49c59b78a4960f57b66faa02f71c46491be064fcecb0d284299035
15169ca2c38b3d1d40c7ae6c81135238850018aa59445ac60c9713efcea7353b
428b5053a155f3dee9427504dd629a47ac990d036cb1d99c2bf8ba6cca26a966
4916f977c7c0a73275020871b382f13041f115c54b4f8cf0130381e06e6e0308
4befec109f41d7895165601f7a9a74fe3b20484a40e9cf168855b671bdb0b743
5110ad16d7ca5c0eee29fcc7d3e828e0610e6dfde431be150ff23d34c5010a48
562a4c9c6601bfbd1c4a3209c47f2b840650a431041f6616b8af9a0eaa888489
5c0ab24ed01ad574cca075d2661ea355031ad0fc2bf22508384130351adc952a
611c9283c8e78fe32825713120a5b251cdc4af1e2d041f651e9f191d9da417ec
62585d0741d1ab378a375e19e22a6b96c1f5b4dcbfc1e0dba06ba26f2b7eca17
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7be3332c69a736617cbb9229a62c71c5f937105848db3cf537a1b47111ada775
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8c8ee19febc8b79281e58733bed14453ff0f666237991b12167ef9077f0f41de
8d665608b4150f798d8c8593b95972669fe48b29e59e3998b466a5797c8f2f17
956e74115c3fce160975e1f4133892b3f63a6835be3a848c2257760b4fca076f
96b2e72bb9a3dca2506fbcfa09a4b538ca3970515a047a5369a0e519ce63eba6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bcbba6b1642f8d581cca594275c19501804c452b19376f27ffada1d5141c8389
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a815e57a6e5242f86f07f5d3857167b3d6da38e9574e3512cba7e34fec992e
e728220f7d3f777af859fb8125b90050dac10089cfcdb1e1bef78f2e4fff217f
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eabc89696374ac3f27774c6931c5b9ce3e63270d1f55a9f3e3c2abcd5fda603a
ee57bb991736ef071270b69fd8720fc9046fcbeaa6533ef9ef0090a6ff4a4f88
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ffb722848ac2830bde2963a51616683b535d648500e93ee28b11bf5aa7de14fc

thewinclubes.com Open in urlscan Pro 18.164.174.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

100 %HTTPS

92 %IPv6

11 Domains

12 Subdomains

10 IPs

4 Countries

626 kBTransfer

1023 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thewinclubes.com Open in urlscan Pro
18.164.174.68 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

92 %
IPv6

11
Domains

12
Subdomains

10
IPs

4
Countries

626 kB
Transfer

1023 kB
Size

14
Cookies

30 HTTP transactions
0 data transactions