Submitted URL: https://www.www.059879e5-b2e8-4f58-aa46-95f69d92aa34.random.toonova.net/
Effective URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6
Submission: On December 06 via api from US — Scanned from CA

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3032::6815:1253, located in United States and belongs to CLOUDFLARENET, US. The main domain is thewinnertips.com.
TLS certificate: Issued by WE1 on November 11th 2024. Valid for: 3 months.
This is the only time thewinnertips.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.232.31.180 63949 (AKAMAI-LI...)
2 69.16.230.228 32244 (LIQUIDWEB)
1 4 103.224.182.206 133618 (TRELLIAN-...)
16 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
28 8
Apex Domain
Subdomains
Transfer
16 thewinnertips.com
thewinnertips.com
317 KB
4 dyetui.com
dyetui.com
18 KB
3 toonova.net
www.www.059879e5-b2e8-4f58-aa46-95f69d92aa34.random.toonova.net
ww99.toonova.net
4 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
120 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 gstatic.com
fonts.gstatic.com
33 KB
28 7
Domain Requested by
16 thewinnertips.com dyetui.com
thewinnertips.com
4 dyetui.com 1 redirects ww99.toonova.net
dyetui.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com thewinnertips.com
www.googletagmanager.com
2 ww99.toonova.net ww99.toonova.net
1 www.google.com www.googletagmanager.com
1 fonts.gstatic.com thewinnertips.com
1 www.www.059879e5-b2e8-4f58-aa46-95f69d92aa34.random.toonova.net 1 redirects
28 8

This site contains links to these domains. Also see Links.

Domain
clk-ca.com
Subject Issuer Validity Valid
ww99.toonova.net
R10
2024-11-14 -
2025-02-12
3 months crt.sh
amymajorsphotography.com
R11
2024-10-07 -
2025-01-05
3 months crt.sh
thewinnertips.com
WE1
2024-11-11 -
2025-02-09
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh

This page contains 2 frames:

Primary Page: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6
Frame ID: 774040C576D7B34296A5FB8FAC3CC2BE
Requests: 32 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fthewinnertips.com
Frame ID: 6F64FFDFC6120A5A3F5A027209B02408
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

The Winners Tips

Page URL History Show full URLs

  1. https://www.www.059879e5-b2e8-4f58-aa46-95f69d92aa34.random.toonova.net/ HTTP 302
    http://ww99.toonova.net/ HTTP 307
    https://ww99.toonova.net/ Page URL
  2. https://ww99.toonova.net/page/bouncy.php?&bpae=GbhGcw3nwtR5jkv7sCzFxW1hSjmFr3qgo9Q58CaTQfOeQ451z9IAVE... Page URL
  3. http://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzlt... HTTP 307
    https://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzlt... Page URL
  4. http://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzlt... HTTP 307
    https://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzlt... Page URL
  5. http://dyetui.com/f2.php?e=GoqwP1j9zGgL%2BF9JXhK0fX49flBkaGs5ek9kT0xXSGI2WVF2cHlRUkVpa1Z2UDlnN... HTTP 307
    https://dyetui.com/f2.php?e=GoqwP1j9zGgL%2BF9JXhK0fX49flBkaGs5ek9kT0xXSGI2WVF2cHlRUkVpa1Z2UDlnN... HTTP 302
    https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480d... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

28
Requests

86 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

513 kB
Transfer

988 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.www.059879e5-b2e8-4f58-aa46-95f69d92aa34.random.toonova.net/ HTTP 302
    http://ww99.toonova.net/ HTTP 307
    https://ww99.toonova.net/ Page URL
  2. https://ww99.toonova.net/page/bouncy.php?&bpae=GbhGcw3nwtR5jkv7sCzFxW1hSjmFr3qgo9Q58CaTQfOeQ451z9IAVEbKyRa4RxZRlu50PLTdGm7zJeMMcheyDyVNvpoV7O7HW5FPvLk6HxjwZ7inmNrh4uVAlZMl9JHKX1jgmecx3Pbvu5DXp85HVN3Fl3CMt9CawZgAiJr%2BNa2or8inBuCF5PTMCdvv2V62bLsewB1%2BA%2BugqTEPXdz%2F4cptWBtX4mzPohSdJ9n7iyAFhIuiq%2BuYGyvFrlqSnrDEkJvWEarWtQZV9Ppx5qxQWL1MfGDfYrEV0zAESou4SNjvvGkvu1xVghTq5m7ZFuhysGkjg0JmUrNQvbQfYHqbd4fuQm32zVDAOBlCbMVzjhJemyHCUj37q%2F%2F48QAiUUrg25vu26%2FUQ6Y0zlttlpzlnN9OCOBNwvPEY5q%2FMUSRU9576WZ%2Byqu2wlj5s38ktXcNQEJH66jPE4THJ%2FXsFWiyqyf%2Fa6x14zXeqtgJnTlwGsY1tb7C83dGCVljBGRPYy%2F2ubVkyqcVUKpXcB1QnAI7q38UAEHO8xlsUlNEuYJ9IOrsRq37nY72wBFssW%2FO6e2U6fildQZf2c0EHWBbhyhcdEEYbBqG5xCatB0GuVAxWbHq8ShCGWBm340nYXrmM9DG7RWxoK8s7eae8FZJ1BncHvGLrYmuibB9hAKmyIAtPvdRe0yyLARM1hzynLpNHCf%2FoBwDzAThmzE2AnGJv4GPN2bAUDEH%2FCgoSfy5TAWFwjZQt08wiiLS85TgwLx6DQmG3%2BM8XjckmLhfE7sAceEAVamOgukgeNHqpYXNQm0U%2BC9s5ho8hvFj6fLMrHH%2BksExclI3p83%2F4oiI2Fi5iGnzlS4Z2oyOfIsOu2Q3Tlk4bKh0CXKTdnvjSaJ%2BHvhsbnS6pi8q9hPXPqWik2y9U%2B44nzheN1KxcqXiNpHxeNlgSlzv%2BcL1yUBmMsCj6DAwDCp3T4o%2FBtWNUXCXWGts5ifWKTTMGiOYVVLC6G8bqvaVm8z33eS%2FUGXQJt%2BYOQ9YzePQMddxybdy4RQIm88SzsLIJJxEsVIRO3jakecr%2FqwjVdCpTCDOOYgaWlHyFByC5cUgyGD8kZ0nu7X8WqldEsm%2B%2BpZCO3vjQbvJAERF4PFcfp%2Fo5cXh%2FjalZBqJB10wMGYdXQsBveUQqP2D0NdhWpyeJjOFHmnzmnK9ehIR1zxYM9vG8EfZJhBT6CZ%2BPEigsbfvdv%2FSSxYYymlJ%2FLgDY%2Fm5RFTLdVa0n%2FNgHHapAPlkYpBPJwl4QhxhLw%2FiLKDQpeoUk90mx21rTp43x%2FkC2xN5C3fdaM0c9VdaJMZZIpfkso1D8BSZF%2FdUAw7EIptxS9drMTH19%2FURxTimUFVAdyEdSi2Yhh%2BxOQCdHkvgKQP7%2FG7YTcr4kq%2FtaHcPLIIVvqE8IjkycR0e6qkmyr5TkHGkcozapQSahhWVltpTwI528WAwjzQJOjBNP6jd0ZWKD2Sqjrfxkxnu3s2eR5q8ng4rh6HLQ9xl69UNZkMMtdqafQlG5bpLQpQbrVmfxm8cMJtR2mInmJ32lHmp1CL7JdL2w99MXfdBb7hrxPmg8H%2FgFkojgqlwm1zm386ASvqoQQ1Biz%2Fu9KTMsgbd6TUluMOBvPdkrcypS4uE058IuhC6AAKthm%2F%2BaguGSrWd68DUmhjutX7WT5%2FmR7hfxP4un4k7q1JSsEsr1ZD%2Fiz6ZWhh25%2B6N4M7SBJ9Ec6czZjVpBbv5jImJlXYUfE4U4sdD5T6rFnybeMv8fVeLifqwS4JHbE0%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. http://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjVZNGdqYUxmQ1I4U0IzcWZ1RHRYWjdUbEYrZzIrbXVNekVCa3hldnJ5VjZleTVpSGNFSWVBZ25IUUZLTmlGWldobkN4M0trUTRhT1hWYTcrbDV5QXN2RFpYZzZzV3ZnSm1Xai9nMnh2dFVkdS9YemJXYkYxR04xY1RkeHJiV3dweXhUZURWdU5pQnRpS3VFWW9UUHRCNU4rdUNyR3BPMHVYejFicDc1K3Q1Q2dvSEczVWFpaFJXUkRQMk1ndWQxSkx5ZmlzVmxraUxOaWlIYzc4RjZGQ0dIc1pWcTlRQlZ5UFF5ZVR2N2lubWRNcTVGemRoeUZubFhTUXRvNUwrMUtYUENYMzRud3RpZE12NnVqMDFIM2VOelZmd0lVU09QOUpDYmtzS1lVekRhd1p4dG5KSnlBRFhpNVZQeEN5ekVHT3ZITktDY0oyOVFZSXBlbWYzZ21aeE1mK1R0NlcxOEdmN0VoYjR1SE9zeVJZYmVCWW80MmJWV3R6MXIrUkpwOUxKek81MkxmZDJvNWdSaGx5YWc5WWRUcVRVUHBMU0NmVm05ZVZ5MXNOUWsxYm05NXJtSzhWMHpWNlp3WC9YYmxCVmtDVWlCM293aXlXOXBWbGVGZHY3Mlc0T3BKSlNTYXR1U2poUkhnT3pzZzl6T0Jvc2sxZzA1QmlSSlNvaVRuVXRsT0I5c3BXeld2dzRDL0hLeTVUODJxamV4d0VsNE5LVElRZlluUHVlVDZQdzJhRVVOTGhuRzNtVytTTU8rNTRnandWRW1Bbm05cE9IZGVmSDh3TUJFT2o1L3psY21wNUFvTG80RklUTFVNZzdmd3hWZTl0SDk3eE1sdHhkbjJBYmlDaXk1bzJ1SCs5YlBGRys1aDJRUWt5RTFNZlZvNjFCQTV1KzRCZlY1WUg5ZWRZN2kwV2MyeXBjd0hxSy8rOXB3eGMybDJIQjVrNXZFQitBR0hrd1FLSVhra3NPdldoZ0FTYXE3SCtEM3NmaXp1THB1elBzK3A4QzNUMnNIcjZweFo0MUczTUo4K01XQ25NQTZLRDJ4eCtyWFJHSUFEMUFBcUhqWFd0Vm5TQ3RoQXp4UXYwWTQ4dmJ0LzMwcldxWlg3VnNNZUlteE1qQjlSL2tIMW9xN3JyWHlkLzJNYlhLdVZiM1JtYkE9PQ%3D%3D HTTP 307
    https://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjVZNGdqYUxmQ1I4U0IzcWZ1RHRYWjdUbEYrZzIrbXVNekVCa3hldnJ5VjZleTVpSGNFSWVBZ25IUUZLTmlGWldobkN4M0trUTRhT1hWYTcrbDV5QXN2RFpYZzZzV3ZnSm1Xai9nMnh2dFVkdS9YemJXYkYxR04xY1RkeHJiV3dweXhUZURWdU5pQnRpS3VFWW9UUHRCNU4rdUNyR3BPMHVYejFicDc1K3Q1Q2dvSEczVWFpaFJXUkRQMk1ndWQxSkx5ZmlzVmxraUxOaWlIYzc4RjZGQ0dIc1pWcTlRQlZ5UFF5ZVR2N2lubWRNcTVGemRoeUZubFhTUXRvNUwrMUtYUENYMzRud3RpZE12NnVqMDFIM2VOelZmd0lVU09QOUpDYmtzS1lVekRhd1p4dG5KSnlBRFhpNVZQeEN5ekVHT3ZITktDY0oyOVFZSXBlbWYzZ21aeE1mK1R0NlcxOEdmN0VoYjR1SE9zeVJZYmVCWW80MmJWV3R6MXIrUkpwOUxKek81MkxmZDJvNWdSaGx5YWc5WWRUcVRVUHBMU0NmVm05ZVZ5MXNOUWsxYm05NXJtSzhWMHpWNlp3WC9YYmxCVmtDVWlCM293aXlXOXBWbGVGZHY3Mlc0T3BKSlNTYXR1U2poUkhnT3pzZzl6T0Jvc2sxZzA1QmlSSlNvaVRuVXRsT0I5c3BXeld2dzRDL0hLeTVUODJxamV4d0VsNE5LVElRZlluUHVlVDZQdzJhRVVOTGhuRzNtVytTTU8rNTRnandWRW1Bbm05cE9IZGVmSDh3TUJFT2o1L3psY21wNUFvTG80RklUTFVNZzdmd3hWZTl0SDk3eE1sdHhkbjJBYmlDaXk1bzJ1SCs5YlBGRys1aDJRUWt5RTFNZlZvNjFCQTV1KzRCZlY1WUg5ZWRZN2kwV2MyeXBjd0hxSy8rOXB3eGMybDJIQjVrNXZFQitBR0hrd1FLSVhra3NPdldoZ0FTYXE3SCtEM3NmaXp1THB1elBzK3A4QzNUMnNIcjZweFo0MUczTUo4K01XQ25NQTZLRDJ4eCtyWFJHSUFEMUFBcUhqWFd0Vm5TQ3RoQXp4UXYwWTQ4dmJ0LzMwcldxWlg3VnNNZUlteE1qQjlSL2tIMW9xN3JyWHlkLzJNYlhLdVZiM1JtYkE9PQ%3D%3D Page URL
  4. http://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjVZNGdqYUxmQ1I4U0IzcWZ1RHRYWjdUbEYrZzIrbXVNekVCa3hldnJ5VjZleTVpSGNFSWVBZ25IUUZLTmlGWldobkN4M0trUTRhT1hWYTcrbDV5QXN2RFpYZzZzV3ZnSm1Xai9nMnh2dFVkdS9YemJXYkYxR04xY1RkeHJiV3dweXhUZURWdU5pQnRpS3VFWW9UUHRCNU4rdUNyR3BPMHVYejFicDc1K3Q1Q2dvSEczVWFpaFJXUkRQMk1ndWQxSkx5ZmlzVmxraUxOaWlIYzc4RjZGQ0dIc1pWcTlRQlZ5UFF5ZVR2N2lubWRNcTVGemRoeUZubFhTUXRvNUwrMUtYUENYMzRud3RpZE12NnVqMDFIM2VOelZmd0lVU09QOUpDYmtzS1lVekRhd1p4dG5KSnlBRFhpNVZQeEN5ekVHT3ZITktDY0oyOVFZSXBlbWYzZ21aeE1mK1R0NlcxOEdmN0VoYjR1SE9zeVJZYmVCWW80MmJWV3R6MXIrUkpwOUxKek81MkxmZDJvNWdSaGx5YWc5WWRUcVRVUHBMU0NmVm05ZVZ5MXNOUWsxYm05NXJtSzhWMHpWNlp3WC9YYmxCVmtDVWlCM293aXlXOXBWbGVGZHY3Mlc0T3BKSlNTYXR1U2poUkhnT3pzZzl6T0Jvc2sxZzA1QmlSSlNvaVRuVXRsT0I5c3BXeld2dzRDL0hLeTVUODJxamV4d0VsNE5LVElRZlluUHVlVDZQdzJhRVVOTGhuRzNtVytTTU8rNTRnandWRW1Bbm05cE9IZGVmSDh3TUJFT2o1L3psY21wNUFvTG80RklUTFVNZzdmd3hWZTl0SDk3eE1sdHhkbjJBYmlDaXk1bzJ1SCs5YlBGRys1aDJRUWt5RTFNZlZvNjFCQTV1KzRCZlY1WUg5ZWRZN2kwV2MyeXBjd0hxSy8rOXB3eGMybDJIQjVrNXZFQitBR0hrd1FLSVhra3NPdldoZ0FTYXE3SCtEM3NmaXp1THB1elBzK3A4QzNUMnNIcjZweFo0MUczTUo4K01XQ25NQTZLRDJ4eCtyWFJHSUFEMUFBcUhqWFd0Vm5TQ3RoQXp4UXYwWTQ4dmJ0LzMwcldxWlg3VnNNZUlteE1qQjlSL2tIMW9xN3JyWHlkLzJNYlhLdVZiM1JtYkE9PQ%3D%3D&fp=f23f236e65060067df470cea123fee21 HTTP 307
    https://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjVZNGdqYUxmQ1I4U0IzcWZ1RHRYWjdUbEYrZzIrbXVNekVCa3hldnJ5VjZleTVpSGNFSWVBZ25IUUZLTmlGWldobkN4M0trUTRhT1hWYTcrbDV5QXN2RFpYZzZzV3ZnSm1Xai9nMnh2dFVkdS9YemJXYkYxR04xY1RkeHJiV3dweXhUZURWdU5pQnRpS3VFWW9UUHRCNU4rdUNyR3BPMHVYejFicDc1K3Q1Q2dvSEczVWFpaFJXUkRQMk1ndWQxSkx5ZmlzVmxraUxOaWlIYzc4RjZGQ0dIc1pWcTlRQlZ5UFF5ZVR2N2lubWRNcTVGemRoeUZubFhTUXRvNUwrMUtYUENYMzRud3RpZE12NnVqMDFIM2VOelZmd0lVU09QOUpDYmtzS1lVekRhd1p4dG5KSnlBRFhpNVZQeEN5ekVHT3ZITktDY0oyOVFZSXBlbWYzZ21aeE1mK1R0NlcxOEdmN0VoYjR1SE9zeVJZYmVCWW80MmJWV3R6MXIrUkpwOUxKek81MkxmZDJvNWdSaGx5YWc5WWRUcVRVUHBMU0NmVm05ZVZ5MXNOUWsxYm05NXJtSzhWMHpWNlp3WC9YYmxCVmtDVWlCM293aXlXOXBWbGVGZHY3Mlc0T3BKSlNTYXR1U2poUkhnT3pzZzl6T0Jvc2sxZzA1QmlSSlNvaVRuVXRsT0I5c3BXeld2dzRDL0hLeTVUODJxamV4d0VsNE5LVElRZlluUHVlVDZQdzJhRVVOTGhuRzNtVytTTU8rNTRnandWRW1Bbm05cE9IZGVmSDh3TUJFT2o1L3psY21wNUFvTG80RklUTFVNZzdmd3hWZTl0SDk3eE1sdHhkbjJBYmlDaXk1bzJ1SCs5YlBGRys1aDJRUWt5RTFNZlZvNjFCQTV1KzRCZlY1WUg5ZWRZN2kwV2MyeXBjd0hxSy8rOXB3eGMybDJIQjVrNXZFQitBR0hrd1FLSVhra3NPdldoZ0FTYXE3SCtEM3NmaXp1THB1elBzK3A4QzNUMnNIcjZweFo0MUczTUo4K01XQ25NQTZLRDJ4eCtyWFJHSUFEMUFBcUhqWFd0Vm5TQ3RoQXp4UXYwWTQ4dmJ0LzMwcldxWlg3VnNNZUlteE1qQjlSL2tIMW9xN3JyWHlkLzJNYlhLdVZiM1JtYkE9PQ%3D%3D&fp=f23f236e65060067df470cea123fee21 Page URL
  5. http://dyetui.com/f2.php?e=GoqwP1j9zGgL%2BF9JXhK0fX49flBkaGs5ek9kT0xXSGI2WVF2cHlRUkVpa1Z2UDlnN1MydkQ1dXp3SjdYL0dXMnFicHM4RmdhL1Y0N0l2Y091dVJSNGhiYmM0TFhxaU9aK3oxZGxTY1k0UE9iWEYwVHhVZHY5OEV2YkVEdUM0YlNzU0pYNXBmdHVseWZJVGdHdjZ3ODVTTkRBQ1hNRDZEdjlrOWdpQzlxQVB0K0hrUHplOGdDTWhkT0swVXB1emV0VGw3dlRpN3RrNm16eENRLzFRSFVNS2U4Y0g0dWgrdUJNSUw5cEVUSjF0UUxXbTE3QkJHTFFXNXpkaHMxeDdOdTJqZ1QwSlBPZ0thS2tEQ1FiYU03QmtwQ0RjZFRwSUZ5b0xVclgwWWFLeDFxRkNaWXFVVEkrOXlFOHBucFBoT25kakx4NDMvaDB5ZUozYlMzOHJqM3drMlVlVlowam5qTzNRZzVGV1FPdkYvSzVEMCtRWG9SdnFsRm90ekJOMERNK01HTVRTbUtxcEFzNklIeVlCaWIzMThrTGY3K2F6aWhYcjZTNnVWZlZVeVFHdGt4VTZjRzNmOS9RZzBwZVVGd1h3MkQvOHlOS0pqOUNyRnFQc09tdER3QTNBMWZjc1BzZmZ4RmF5RVlNVFNHMnZGNVZSZUtDamtERURYYnhhM3pzeUlkK3dGb3hwdHkySCtobnJuMVVjcnRnN0dWNlNpeWNQMS9nekdwOEgvTEI5ZExKRGxEbSt1WGNiajJTOXIxZnoxczJnM2NKaWN0TVFOU0tyUi8xdjZRaHdYdjNIa3JrQ2xiWWpIeHp2a1ZYb0k1ZEZqS3I1Mm5WV0JFQkRyV3N1MXN3NDJUTVBNcEh3S0NvNThFVkdwRGZjSUhaemc2UW9zNW1zdTlMaktiaktTQ0FJNi95YUtSbmUzS0NNL2RiSmcrMngrS3dFU1ZveGt1WE44cU9jNWs0ZElOajZIWlJ0eDV0b2lpcjJSZ2ZSNWtIU25ONXdiTHMxSU1RNjNjeHo3TUZqMS94Qll0UXJteWFtUHRyQVdrM3l4V3hmMExCYmNmY2Q5dCt3L0xmVmxFMnVlRG5Zb05WTTRySXZpRFlXSTVVa2RHTkZOSnluZlh1RmlZa2xaelh4aVlzZVVPL3lGZlRld0hlYW5rOTB6L2JVWmE1YjFoanN2RFd4c0hSdkt1UXpFNHc1czgydy9SWXN0eDVUQnNGN2xjZVp6dmVvUUQwUk9HUkRmdWJqSWZrY2NMK0ZVcUZVL2FnejBIdW5KdS9PUUk1Q2FLMGFpaEpGR1d1aDhOOWpJZHdDNGo3R2lzSTQ5VjdPUjM0T1d2SzN2SFB0dUU3dUZwTm9xdGp0MDJVbjloZlVKZG1Qbld1QXQ0SWRZTTVQZlJDNkdtdkhxRGY0emxIQ1d0ZGdUSTVQOU9IN2Q1SVo3K2dML3BuY2pvdk1Qd24wMjBTS0dwYWZlMXFsSTNLQXZmeXVLSjRtKytzeXo2QT09&vs=1600:1200&ds=1600:1200&sl=190:190&os=f&nos=f HTTP 307
    https://dyetui.com/f2.php?e=GoqwP1j9zGgL%2BF9JXhK0fX49flBkaGs5ek9kT0xXSGI2WVF2cHlRUkVpa1Z2UDlnN1MydkQ1dXp3SjdYL0dXMnFicHM4RmdhL1Y0N0l2Y091dVJSNGhiYmM0TFhxaU9aK3oxZGxTY1k0UE9iWEYwVHhVZHY5OEV2YkVEdUM0YlNzU0pYNXBmdHVseWZJVGdHdjZ3ODVTTkRBQ1hNRDZEdjlrOWdpQzlxQVB0K0hrUHplOGdDTWhkT0swVXB1emV0VGw3dlRpN3RrNm16eENRLzFRSFVNS2U4Y0g0dWgrdUJNSUw5cEVUSjF0UUxXbTE3QkJHTFFXNXpkaHMxeDdOdTJqZ1QwSlBPZ0thS2tEQ1FiYU03QmtwQ0RjZFRwSUZ5b0xVclgwWWFLeDFxRkNaWXFVVEkrOXlFOHBucFBoT25kakx4NDMvaDB5ZUozYlMzOHJqM3drMlVlVlowam5qTzNRZzVGV1FPdkYvSzVEMCtRWG9SdnFsRm90ekJOMERNK01HTVRTbUtxcEFzNklIeVlCaWIzMThrTGY3K2F6aWhYcjZTNnVWZlZVeVFHdGt4VTZjRzNmOS9RZzBwZVVGd1h3MkQvOHlOS0pqOUNyRnFQc09tdER3QTNBMWZjc1BzZmZ4RmF5RVlNVFNHMnZGNVZSZUtDamtERURYYnhhM3pzeUlkK3dGb3hwdHkySCtobnJuMVVjcnRnN0dWNlNpeWNQMS9nekdwOEgvTEI5ZExKRGxEbSt1WGNiajJTOXIxZnoxczJnM2NKaWN0TVFOU0tyUi8xdjZRaHdYdjNIa3JrQ2xiWWpIeHp2a1ZYb0k1ZEZqS3I1Mm5WV0JFQkRyV3N1MXN3NDJUTVBNcEh3S0NvNThFVkdwRGZjSUhaemc2UW9zNW1zdTlMaktiaktTQ0FJNi95YUtSbmUzS0NNL2RiSmcrMngrS3dFU1ZveGt1WE44cU9jNWs0ZElOajZIWlJ0eDV0b2lpcjJSZ2ZSNWtIU25ONXdiTHMxSU1RNjNjeHo3TUZqMS94Qll0UXJteWFtUHRyQVdrM3l4V3hmMExCYmNmY2Q5dCt3L0xmVmxFMnVlRG5Zb05WTTRySXZpRFlXSTVVa2RHTkZOSnluZlh1RmlZa2xaelh4aVlzZVVPL3lGZlRld0hlYW5rOTB6L2JVWmE1YjFoanN2RFd4c0hSdkt1UXpFNHc1czgydy9SWXN0eDVUQnNGN2xjZVp6dmVvUUQwUk9HUkRmdWJqSWZrY2NMK0ZVcUZVL2FnejBIdW5KdS9PUUk1Q2FLMGFpaEpGR1d1aDhOOWpJZHdDNGo3R2lzSTQ5VjdPUjM0T1d2SzN2SFB0dUU3dUZwTm9xdGp0MDJVbjloZlVKZG1Qbld1QXQ0SWRZTTVQZlJDNkdtdkhxRGY0emxIQ1d0ZGdUSTVQOU9IN2Q1SVo3K2dML3BuY2pvdk1Qd24wMjBTS0dwYWZlMXFsSTNLQXZmeXVLSjRtKytzeXo2QT09&vs=1600:1200&ds=1600:1200&sl=190:190&os=f&nos=f HTTP 302
    https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.www.059879e5-b2e8-4f58-aa46-95f69d92aa34.random.toonova.net/ HTTP 302
  • http://ww99.toonova.net/ HTTP 307
  • https://ww99.toonova.net/
Request Chain 2
  • http://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjVZNGdqYUxmQ1I4U0IzcWZ1RHRYWjdUbEYrZzIrbXVNekVCa3hldnJ5VjZleTVpSGNFSWVBZ25IUUZLTmlGWldobkN4M0trUTRhT1hWYTcrbDV5QXN2RFpYZzZzV3ZnSm1Xai9nMnh2dFVkdS9YemJXYkYxR04xY1RkeHJiV3dweXhUZURWdU5pQnRpS3VFWW9UUHRCNU4rdUNyR3BPMHVYejFicDc1K3Q1Q2dvSEczVWFpaFJXUkRQMk1ndWQxSkx5ZmlzVmxraUxOaWlIYzc4RjZGQ0dIc1pWcTlRQlZ5UFF5ZVR2N2lubWRNcTVGemRoeUZubFhTUXRvNUwrMUtYUENYMzRud3RpZE12NnVqMDFIM2VOelZmd0lVU09QOUpDYmtzS1lVekRhd1p4dG5KSnlBRFhpNVZQeEN5ekVHT3ZITktDY0oyOVFZSXBlbWYzZ21aeE1mK1R0NlcxOEdmN0VoYjR1SE9zeVJZYmVCWW80MmJWV3R6MXIrUkpwOUxKek81MkxmZDJvNWdSaGx5YWc5WWRUcVRVUHBMU0NmVm05ZVZ5MXNOUWsxYm05NXJtSzhWMHpWNlp3WC9YYmxCVmtDVWlCM293aXlXOXBWbGVGZHY3Mlc0T3BKSlNTYXR1U2poUkhnT3pzZzl6T0Jvc2sxZzA1QmlSSlNvaVRuVXRsT0I5c3BXeld2dzRDL0hLeTVUODJxamV4d0VsNE5LVElRZlluUHVlVDZQdzJhRVVOTGhuRzNtVytTTU8rNTRnandWRW1Bbm05cE9IZGVmSDh3TUJFT2o1L3psY21wNUFvTG80RklUTFVNZzdmd3hWZTl0SDk3eE1sdHhkbjJBYmlDaXk1bzJ1SCs5YlBGRys1aDJRUWt5RTFNZlZvNjFCQTV1KzRCZlY1WUg5ZWRZN2kwV2MyeXBjd0hxSy8rOXB3eGMybDJIQjVrNXZFQitBR0hrd1FLSVhra3NPdldoZ0FTYXE3SCtEM3NmaXp1THB1elBzK3A4QzNUMnNIcjZweFo0MUczTUo4K01XQ25NQTZLRDJ4eCtyWFJHSUFEMUFBcUhqWFd0Vm5TQ3RoQXp4UXYwWTQ4dmJ0LzMwcldxWlg3VnNNZUlteE1qQjlSL2tIMW9xN3JyWHlkLzJNYlhLdVZiM1JtYkE9PQ%3D%3D HTTP 307
  • https://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjVZNGdqYUxmQ1I4U0IzcWZ1RHRYWjdUbEYrZzIrbXVNekVCa3hldnJ5VjZleTVpSGNFSWVBZ25IUUZLTmlGWldobkN4M0trUTRhT1hWYTcrbDV5QXN2RFpYZzZzV3ZnSm1Xai9nMnh2dFVkdS9YemJXYkYxR04xY1RkeHJiV3dweXhUZURWdU5pQnRpS3VFWW9UUHRCNU4rdUNyR3BPMHVYejFicDc1K3Q1Q2dvSEczVWFpaFJXUkRQMk1ndWQxSkx5ZmlzVmxraUxOaWlIYzc4RjZGQ0dIc1pWcTlRQlZ5UFF5ZVR2N2lubWRNcTVGemRoeUZubFhTUXRvNUwrMUtYUENYMzRud3RpZE12NnVqMDFIM2VOelZmd0lVU09QOUpDYmtzS1lVekRhd1p4dG5KSnlBRFhpNVZQeEN5ekVHT3ZITktDY0oyOVFZSXBlbWYzZ21aeE1mK1R0NlcxOEdmN0VoYjR1SE9zeVJZYmVCWW80MmJWV3R6MXIrUkpwOUxKek81MkxmZDJvNWdSaGx5YWc5WWRUcVRVUHBMU0NmVm05ZVZ5MXNOUWsxYm05NXJtSzhWMHpWNlp3WC9YYmxCVmtDVWlCM293aXlXOXBWbGVGZHY3Mlc0T3BKSlNTYXR1U2poUkhnT3pzZzl6T0Jvc2sxZzA1QmlSSlNvaVRuVXRsT0I5c3BXeld2dzRDL0hLeTVUODJxamV4d0VsNE5LVElRZlluUHVlVDZQdzJhRVVOTGhuRzNtVytTTU8rNTRnandWRW1Bbm05cE9IZGVmSDh3TUJFT2o1L3psY21wNUFvTG80RklUTFVNZzdmd3hWZTl0SDk3eE1sdHhkbjJBYmlDaXk1bzJ1SCs5YlBGRys1aDJRUWt5RTFNZlZvNjFCQTV1KzRCZlY1WUg5ZWRZN2kwV2MyeXBjd0hxSy8rOXB3eGMybDJIQjVrNXZFQitBR0hrd1FLSVhra3NPdldoZ0FTYXE3SCtEM3NmaXp1THB1elBzK3A4QzNUMnNIcjZweFo0MUczTUo4K01XQ25NQTZLRDJ4eCtyWFJHSUFEMUFBcUhqWFd0Vm5TQ3RoQXp4UXYwWTQ4dmJ0LzMwcldxWlg3VnNNZUlteE1qQjlSL2tIMW9xN3JyWHlkLzJNYlhLdVZiM1JtYkE9PQ%3D%3D
Request Chain 5
  • http://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjVZNGdqYUxmQ1I4U0IzcWZ1RHRYWjdUbEYrZzIrbXVNekVCa3hldnJ5VjZleTVpSGNFSWVBZ25IUUZLTmlGWldobkN4M0trUTRhT1hWYTcrbDV5QXN2RFpYZzZzV3ZnSm1Xai9nMnh2dFVkdS9YemJXYkYxR04xY1RkeHJiV3dweXhUZURWdU5pQnRpS3VFWW9UUHRCNU4rdUNyR3BPMHVYejFicDc1K3Q1Q2dvSEczVWFpaFJXUkRQMk1ndWQxSkx5ZmlzVmxraUxOaWlIYzc4RjZGQ0dIc1pWcTlRQlZ5UFF5ZVR2N2lubWRNcTVGemRoeUZubFhTUXRvNUwrMUtYUENYMzRud3RpZE12NnVqMDFIM2VOelZmd0lVU09QOUpDYmtzS1lVekRhd1p4dG5KSnlBRFhpNVZQeEN5ekVHT3ZITktDY0oyOVFZSXBlbWYzZ21aeE1mK1R0NlcxOEdmN0VoYjR1SE9zeVJZYmVCWW80MmJWV3R6MXIrUkpwOUxKek81MkxmZDJvNWdSaGx5YWc5WWRUcVRVUHBMU0NmVm05ZVZ5MXNOUWsxYm05NXJtSzhWMHpWNlp3WC9YYmxCVmtDVWlCM293aXlXOXBWbGVGZHY3Mlc0T3BKSlNTYXR1U2poUkhnT3pzZzl6T0Jvc2sxZzA1QmlSSlNvaVRuVXRsT0I5c3BXeld2dzRDL0hLeTVUODJxamV4d0VsNE5LVElRZlluUHVlVDZQdzJhRVVOTGhuRzNtVytTTU8rNTRnandWRW1Bbm05cE9IZGVmSDh3TUJFT2o1L3psY21wNUFvTG80RklUTFVNZzdmd3hWZTl0SDk3eE1sdHhkbjJBYmlDaXk1bzJ1SCs5YlBGRys1aDJRUWt5RTFNZlZvNjFCQTV1KzRCZlY1WUg5ZWRZN2kwV2MyeXBjd0hxSy8rOXB3eGMybDJIQjVrNXZFQitBR0hrd1FLSVhra3NPdldoZ0FTYXE3SCtEM3NmaXp1THB1elBzK3A4QzNUMnNIcjZweFo0MUczTUo4K01XQ25NQTZLRDJ4eCtyWFJHSUFEMUFBcUhqWFd0Vm5TQ3RoQXp4UXYwWTQ4dmJ0LzMwcldxWlg3VnNNZUlteE1qQjlSL2tIMW9xN3JyWHlkLzJNYlhLdVZiM1JtYkE9PQ%3D%3D&fp=f23f236e65060067df470cea123fee21 HTTP 307
  • https://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjVZNGdqYUxmQ1I4U0IzcWZ1RHRYWjdUbEYrZzIrbXVNekVCa3hldnJ5VjZleTVpSGNFSWVBZ25IUUZLTmlGWldobkN4M0trUTRhT1hWYTcrbDV5QXN2RFpYZzZzV3ZnSm1Xai9nMnh2dFVkdS9YemJXYkYxR04xY1RkeHJiV3dweXhUZURWdU5pQnRpS3VFWW9UUHRCNU4rdUNyR3BPMHVYejFicDc1K3Q1Q2dvSEczVWFpaFJXUkRQMk1ndWQxSkx5ZmlzVmxraUxOaWlIYzc4RjZGQ0dIc1pWcTlRQlZ5UFF5ZVR2N2lubWRNcTVGemRoeUZubFhTUXRvNUwrMUtYUENYMzRud3RpZE12NnVqMDFIM2VOelZmd0lVU09QOUpDYmtzS1lVekRhd1p4dG5KSnlBRFhpNVZQeEN5ekVHT3ZITktDY0oyOVFZSXBlbWYzZ21aeE1mK1R0NlcxOEdmN0VoYjR1SE9zeVJZYmVCWW80MmJWV3R6MXIrUkpwOUxKek81MkxmZDJvNWdSaGx5YWc5WWRUcVRVUHBMU0NmVm05ZVZ5MXNOUWsxYm05NXJtSzhWMHpWNlp3WC9YYmxCVmtDVWlCM293aXlXOXBWbGVGZHY3Mlc0T3BKSlNTYXR1U2poUkhnT3pzZzl6T0Jvc2sxZzA1QmlSSlNvaVRuVXRsT0I5c3BXeld2dzRDL0hLeTVUODJxamV4d0VsNE5LVElRZlluUHVlVDZQdzJhRVVOTGhuRzNtVytTTU8rNTRnandWRW1Bbm05cE9IZGVmSDh3TUJFT2o1L3psY21wNUFvTG80RklUTFVNZzdmd3hWZTl0SDk3eE1sdHhkbjJBYmlDaXk1bzJ1SCs5YlBGRys1aDJRUWt5RTFNZlZvNjFCQTV1KzRCZlY1WUg5ZWRZN2kwV2MyeXBjd0hxSy8rOXB3eGMybDJIQjVrNXZFQitBR0hrd1FLSVhra3NPdldoZ0FTYXE3SCtEM3NmaXp1THB1elBzK3A4QzNUMnNIcjZweFo0MUczTUo4K01XQ25NQTZLRDJ4eCtyWFJHSUFEMUFBcUhqWFd0Vm5TQ3RoQXp4UXYwWTQ4dmJ0LzMwcldxWlg3VnNNZUlteE1qQjlSL2tIMW9xN3JyWHlkLzJNYlhLdVZiM1JtYkE9PQ%3D%3D&fp=f23f236e65060067df470cea123fee21

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
ww99.toonova.net/
Redirect Chain
  • https://www.www.059879e5-b2e8-4f58-aa46-95f69d92aa34.random.toonova.net/
  • http://ww99.toonova.net/
  • https://ww99.toonova.net/
6 KB
2 KB
Document
General
Full URL
https://ww99.toonova.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.230.228 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb05.parklogic.com
Software
/
Resource Hash
ea75d217f7e0ce5a50d63fda4ffd83f1d91230143c3ae7960196167f85b45b7f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Fri, 06 Dec 2024 08:01:03 GMT

Redirect headers

Location
https://ww99.toonova.net/
Non-Authoritative-Reason
HttpsUpgrades
bouncy.php
ww99.toonova.net/page/
5 KB
1 KB
Document
General
Full URL
https://ww99.toonova.net/page/bouncy.php?&bpae=GbhGcw3nwtR5jkv7sCzFxW1hSjmFr3qgo9Q58CaTQfOeQ451z9IAVEbKyRa4RxZRlu50PLTdGm7zJeMMcheyDyVNvpoV7O7HW5FPvLk6HxjwZ7inmNrh4uVAlZMl9JHKX1jgmecx3Pbvu5DXp85HVN3Fl3CMt9CawZgAiJr%2BNa2or8inBuCF5PTMCdvv2V62bLsewB1%2BA%2BugqTEPXdz%2F4cptWBtX4mzPohSdJ9n7iyAFhIuiq%2BuYGyvFrlqSnrDEkJvWEarWtQZV9Ppx5qxQWL1MfGDfYrEV0zAESou4SNjvvGkvu1xVghTq5m7ZFuhysGkjg0JmUrNQvbQfYHqbd4fuQm32zVDAOBlCbMVzjhJemyHCUj37q%2F%2F48QAiUUrg25vu26%2FUQ6Y0zlttlpzlnN9OCOBNwvPEY5q%2FMUSRU9576WZ%2Byqu2wlj5s38ktXcNQEJH66jPE4THJ%2FXsFWiyqyf%2Fa6x14zXeqtgJnTlwGsY1tb7C83dGCVljBGRPYy%2F2ubVkyqcVUKpXcB1QnAI7q38UAEHO8xlsUlNEuYJ9IOrsRq37nY72wBFssW%2FO6e2U6fildQZf2c0EHWBbhyhcdEEYbBqG5xCatB0GuVAxWbHq8ShCGWBm340nYXrmM9DG7RWxoK8s7eae8FZJ1BncHvGLrYmuibB9hAKmyIAtPvdRe0yyLARM1hzynLpNHCf%2FoBwDzAThmzE2AnGJv4GPN2bAUDEH%2FCgoSfy5TAWFwjZQt08wiiLS85TgwLx6DQmG3%2BM8XjckmLhfE7sAceEAVamOgukgeNHqpYXNQm0U%2BC9s5ho8hvFj6fLMrHH%2BksExclI3p83%2F4oiI2Fi5iGnzlS4Z2oyOfIsOu2Q3Tlk4bKh0CXKTdnvjSaJ%2BHvhsbnS6pi8q9hPXPqWik2y9U%2B44nzheN1KxcqXiNpHxeNlgSlzv%2BcL1yUBmMsCj6DAwDCp3T4o%2FBtWNUXCXWGts5ifWKTTMGiOYVVLC6G8bqvaVm8z33eS%2FUGXQJt%2BYOQ9YzePQMddxybdy4RQIm88SzsLIJJxEsVIRO3jakecr%2FqwjVdCpTCDOOYgaWlHyFByC5cUgyGD8kZ0nu7X8WqldEsm%2B%2BpZCO3vjQbvJAERF4PFcfp%2Fo5cXh%2FjalZBqJB10wMGYdXQsBveUQqP2D0NdhWpyeJjOFHmnzmnK9ehIR1zxYM9vG8EfZJhBT6CZ%2BPEigsbfvdv%2FSSxYYymlJ%2FLgDY%2Fm5RFTLdVa0n%2FNgHHapAPlkYpBPJwl4QhxhLw%2FiLKDQpeoUk90mx21rTp43x%2FkC2xN5C3fdaM0c9VdaJMZZIpfkso1D8BSZF%2FdUAw7EIptxS9drMTH19%2FURxTimUFVAdyEdSi2Yhh%2BxOQCdHkvgKQP7%2FG7YTcr4kq%2FtaHcPLIIVvqE8IjkycR0e6qkmyr5TkHGkcozapQSahhWVltpTwI528WAwjzQJOjBNP6jd0ZWKD2Sqjrfxkxnu3s2eR5q8ng4rh6HLQ9xl69UNZkMMtdqafQlG5bpLQpQbrVmfxm8cMJtR2mInmJ32lHmp1CL7JdL2w99MXfdBb7hrxPmg8H%2FgFkojgqlwm1zm386ASvqoQQ1Biz%2Fu9KTMsgbd6TUluMOBvPdkrcypS4uE058IuhC6AAKthm%2F%2BaguGSrWd68DUmhjutX7WT5%2FmR7hfxP4un4k7q1JSsEsr1ZD%2Fiz6ZWhh25%2B6N4M7SBJ9Ec6czZjVpBbv5jImJlXYUfE4U4sdD5T6rFnybeMv8fVeLifqwS4JHbE0%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: ww99.toonova.net
URL: https://ww99.toonova.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.230.228 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb05.parklogic.com
Software
/
Resource Hash
75b323a0bbe1ae496293e0a4584869e25741e02cdc2920601acadb16c41f4ce4

Request headers

Referer
https://ww99.toonova.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Fri, 06 Dec 2024 08:01:04 GMT
f.php
dyetui.com/
Redirect Chain
  • http://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjV...
  • https://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdj...
5 KB
2 KB
Document
General
Full URL
https://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjVZNGdqYUxmQ1I4U0IzcWZ1RHRYWjdUbEYrZzIrbXVNekVCa3hldnJ5VjZleTVpSGNFSWVBZ25IUUZLTmlGWldobkN4M0trUTRhT1hWYTcrbDV5QXN2RFpYZzZzV3ZnSm1Xai9nMnh2dFVkdS9YemJXYkYxR04xY1RkeHJiV3dweXhUZURWdU5pQnRpS3VFWW9UUHRCNU4rdUNyR3BPMHVYejFicDc1K3Q1Q2dvSEczVWFpaFJXUkRQMk1ndWQxSkx5ZmlzVmxraUxOaWlIYzc4RjZGQ0dIc1pWcTlRQlZ5UFF5ZVR2N2lubWRNcTVGemRoeUZubFhTUXRvNUwrMUtYUENYMzRud3RpZE12NnVqMDFIM2VOelZmd0lVU09QOUpDYmtzS1lVekRhd1p4dG5KSnlBRFhpNVZQeEN5ekVHT3ZITktDY0oyOVFZSXBlbWYzZ21aeE1mK1R0NlcxOEdmN0VoYjR1SE9zeVJZYmVCWW80MmJWV3R6MXIrUkpwOUxKek81MkxmZDJvNWdSaGx5YWc5WWRUcVRVUHBMU0NmVm05ZVZ5MXNOUWsxYm05NXJtSzhWMHpWNlp3WC9YYmxCVmtDVWlCM293aXlXOXBWbGVGZHY3Mlc0T3BKSlNTYXR1U2poUkhnT3pzZzl6T0Jvc2sxZzA1QmlSSlNvaVRuVXRsT0I5c3BXeld2dzRDL0hLeTVUODJxamV4d0VsNE5LVElRZlluUHVlVDZQdzJhRVVOTGhuRzNtVytTTU8rNTRnandWRW1Bbm05cE9IZGVmSDh3TUJFT2o1L3psY21wNUFvTG80RklUTFVNZzdmd3hWZTl0SDk3eE1sdHhkbjJBYmlDaXk1bzJ1SCs5YlBGRys1aDJRUWt5RTFNZlZvNjFCQTV1KzRCZlY1WUg5ZWRZN2kwV2MyeXBjd0hxSy8rOXB3eGMybDJIQjVrNXZFQitBR0hrd1FLSVhra3NPdldoZ0FTYXE3SCtEM3NmaXp1THB1elBzK3A4QzNUMnNIcjZweFo0MUczTUo4K01XQ25NQTZLRDJ4eCtyWFJHSUFEMUFBcUhqWFd0Vm5TQ3RoQXp4UXYwWTQ4dmJ0LzMwcldxWlg3VnNNZUlteE1qQjlSL2tIMW9xN3JyWHlkLzJNYlhLdVZiM1JtYkE9PQ%3D%3D
Requested by
Host: ww99.toonova.net
URL: https://ww99.toonova.net/page/bouncy.php?&bpae=GbhGcw3nwtR5jkv7sCzFxW1hSjmFr3qgo9Q58CaTQfOeQ451z9IAVEbKyRa4RxZRlu50PLTdGm7zJeMMcheyDyVNvpoV7O7HW5FPvLk6HxjwZ7inmNrh4uVAlZMl9JHKX1jgmecx3Pbvu5DXp85HVN3Fl3CMt9CawZgAiJr%2BNa2or8inBuCF5PTMCdvv2V62bLsewB1%2BA%2BugqTEPXdz%2F4cptWBtX4mzPohSdJ9n7iyAFhIuiq%2BuYGyvFrlqSnrDEkJvWEarWtQZV9Ppx5qxQWL1MfGDfYrEV0zAESou4SNjvvGkvu1xVghTq5m7ZFuhysGkjg0JmUrNQvbQfYHqbd4fuQm32zVDAOBlCbMVzjhJemyHCUj37q%2F%2F48QAiUUrg25vu26%2FUQ6Y0zlttlpzlnN9OCOBNwvPEY5q%2FMUSRU9576WZ%2Byqu2wlj5s38ktXcNQEJH66jPE4THJ%2FXsFWiyqyf%2Fa6x14zXeqtgJnTlwGsY1tb7C83dGCVljBGRPYy%2F2ubVkyqcVUKpXcB1QnAI7q38UAEHO8xlsUlNEuYJ9IOrsRq37nY72wBFssW%2FO6e2U6fildQZf2c0EHWBbhyhcdEEYbBqG5xCatB0GuVAxWbHq8ShCGWBm340nYXrmM9DG7RWxoK8s7eae8FZJ1BncHvGLrYmuibB9hAKmyIAtPvdRe0yyLARM1hzynLpNHCf%2FoBwDzAThmzE2AnGJv4GPN2bAUDEH%2FCgoSfy5TAWFwjZQt08wiiLS85TgwLx6DQmG3%2BM8XjckmLhfE7sAceEAVamOgukgeNHqpYXNQm0U%2BC9s5ho8hvFj6fLMrHH%2BksExclI3p83%2F4oiI2Fi5iGnzlS4Z2oyOfIsOu2Q3Tlk4bKh0CXKTdnvjSaJ%2BHvhsbnS6pi8q9hPXPqWik2y9U%2B44nzheN1KxcqXiNpHxeNlgSlzv%2BcL1yUBmMsCj6DAwDCp3T4o%2FBtWNUXCXWGts5ifWKTTMGiOYVVLC6G8bqvaVm8z33eS%2FUGXQJt%2BYOQ9YzePQMddxybdy4RQIm88SzsLIJJxEsVIRO3jakecr%2FqwjVdCpTCDOOYgaWlHyFByC5cUgyGD8kZ0nu7X8WqldEsm%2B%2BpZCO3vjQbvJAERF4PFcfp%2Fo5cXh%2FjalZBqJB10wMGYdXQsBveUQqP2D0NdhWpyeJjOFHmnzmnK9ehIR1zxYM9vG8EfZJhBT6CZ%2BPEigsbfvdv%2FSSxYYymlJ%2FLgDY%2Fm5RFTLdVa0n%2FNgHHapAPlkYpBPJwl4QhxhLw%2FiLKDQpeoUk90mx21rTp43x%2FkC2xN5C3fdaM0c9VdaJMZZIpfkso1D8BSZF%2FdUAw7EIptxS9drMTH19%2FURxTimUFVAdyEdSi2Yhh%2BxOQCdHkvgKQP7%2FG7YTcr4kq%2FtaHcPLIIVvqE8IjkycR0e6qkmyr5TkHGkcozapQSahhWVltpTwI528WAwjzQJOjBNP6jd0ZWKD2Sqjrfxkxnu3s2eR5q8ng4rh6HLQ9xl69UNZkMMtdqafQlG5bpLQpQbrVmfxm8cMJtR2mInmJ32lHmp1CL7JdL2w99MXfdBb7hrxPmg8H%2FgFkojgqlwm1zm386ASvqoQQ1Biz%2Fu9KTMsgbd6TUluMOBvPdkrcypS4uE058IuhC6AAKthm%2F%2BaguGSrWd68DUmhjutX7WT5%2FmR7hfxP4un4k7q1JSsEsr1ZD%2Fiz6ZWhh25%2B6N4M7SBJ9Ec6czZjVpBbv5jImJlXYUfE4U4sdD5T6rFnybeMv8fVeLifqwS4JHbE0%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash
d4067b6c1c1b795a532c5c84bcdd2b76e07e13e65fde5b419b2a6d660e91f047

Request headers

Referer
https://ww99.toonova.net/page/bouncy.php?&bpae=GbhGcw3nwtR5jkv7sCzFxW1hSjmFr3qgo9Q58CaTQfOeQ451z9IAVEbKyRa4RxZRlu50PLTdGm7zJeMMcheyDyVNvpoV7O7HW5FPvLk6HxjwZ7inmNrh4uVAlZMl9JHKX1jgmecx3Pbvu5DXp85HVN3Fl3CMt9CawZgAiJr%2BNa2or8inBuCF5PTMCdvv2V62bLsewB1%2BA%2BugqTEPXdz%2F4cptWBtX4mzPohSdJ9n7iyAFhIuiq%2BuYGyvFrlqSnrDEkJvWEarWtQZV9Ppx5qxQWL1MfGDfYrEV0zAESou4SNjvvGkvu1xVghTq5m7ZFuhysGkjg0JmUrNQvbQfYHqbd4fuQm32zVDAOBlCbMVzjhJemyHCUj37q%2F%2F48QAiUUrg25vu26%2FUQ6Y0zlttlpzlnN9OCOBNwvPEY5q%2FMUSRU9576WZ%2Byqu2wlj5s38ktXcNQEJH66jPE4THJ%2FXsFWiyqyf%2Fa6x14zXeqtgJnTlwGsY1tb7C83dGCVljBGRPYy%2F2ubVkyqcVUKpXcB1QnAI7q38UAEHO8xlsUlNEuYJ9IOrsRq37nY72wBFssW%2FO6e2U6fildQZf2c0EHWBbhyhcdEEYbBqG5xCatB0GuVAxWbHq8ShCGWBm340nYXrmM9DG7RWxoK8s7eae8FZJ1BncHvGLrYmuibB9hAKmyIAtPvdRe0yyLARM1hzynLpNHCf%2FoBwDzAThmzE2AnGJv4GPN2bAUDEH%2FCgoSfy5TAWFwjZQt08wiiLS85TgwLx6DQmG3%2BM8XjckmLhfE7sAceEAVamOgukgeNHqpYXNQm0U%2BC9s5ho8hvFj6fLMrHH%2BksExclI3p83%2F4oiI2Fi5iGnzlS4Z2oyOfIsOu2Q3Tlk4bKh0CXKTdnvjSaJ%2BHvhsbnS6pi8q9hPXPqWik2y9U%2B44nzheN1KxcqXiNpHxeNlgSlzv%2BcL1yUBmMsCj6DAwDCp3T4o%2FBtWNUXCXWGts5ifWKTTMGiOYVVLC6G8bqvaVm8z33eS%2FUGXQJt%2BYOQ9YzePQMddxybdy4RQIm88SzsLIJJxEsVIRO3jakecr%2FqwjVdCpTCDOOYgaWlHyFByC5cUgyGD8kZ0nu7X8WqldEsm%2B%2BpZCO3vjQbvJAERF4PFcfp%2Fo5cXh%2FjalZBqJB10wMGYdXQsBveUQqP2D0NdhWpyeJjOFHmnzmnK9ehIR1zxYM9vG8EfZJhBT6CZ%2BPEigsbfvdv%2FSSxYYymlJ%2FLgDY%2Fm5RFTLdVa0n%2FNgHHapAPlkYpBPJwl4QhxhLw%2FiLKDQpeoUk90mx21rTp43x%2FkC2xN5C3fdaM0c9VdaJMZZIpfkso1D8BSZF%2FdUAw7EIptxS9drMTH19%2FURxTimUFVAdyEdSi2Yhh%2BxOQCdHkvgKQP7%2FG7YTcr4kq%2FtaHcPLIIVvqE8IjkycR0e6qkmyr5TkHGkcozapQSahhWVltpTwI528WAwjzQJOjBNP6jd0ZWKD2Sqjrfxkxnu3s2eR5q8ng4rh6HLQ9xl69UNZkMMtdqafQlG5bpLQpQbrVmfxm8cMJtR2mInmJ32lHmp1CL7JdL2w99MXfdBb7hrxPmg8H%2FgFkojgqlwm1zm386ASvqoQQ1Biz%2Fu9KTMsgbd6TUluMOBvPdkrcypS4uE058IuhC6AAKthm%2F%2BaguGSrWd68DUmhjutX7WT5%2FmR7hfxP4un4k7q1JSsEsr1ZD%2Fiz6ZWhh25%2B6N4M7SBJ9Ec6czZjVpBbv5jImJlXYUfE4U4sdD5T6rFnybeMv8fVeLifqwS4JHbE0%3D&redirectType=js&inIframe=false&inPopUp=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

connection
close
content-encoding
gzip
content-length
1710
content-type
text/html; charset=UTF-8
date
Fri, 06 Dec 2024 08:01:04 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Location
https://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjVZNGdqYUxmQ1I4U0IzcWZ1RHRYWjdUbEYrZzIrbXVNekVCa3hldnJ5VjZleTVpSGNFSWVBZ25IUUZLTmlGWldobkN4M0trUTRhT1hWYTcrbDV5QXN2RFpYZzZzV3ZnSm1Xai9nMnh2dFVkdS9YemJXYkYxR04xY1RkeHJiV3dweXhUZURWdU5pQnRpS3VFWW9UUHRCNU4rdUNyR3BPMHVYejFicDc1K3Q1Q2dvSEczVWFpaFJXUkRQMk1ndWQxSkx5ZmlzVmxraUxOaWlIYzc4RjZGQ0dIc1pWcTlRQlZ5UFF5ZVR2N2lubWRNcTVGemRoeUZubFhTUXRvNUwrMUtYUENYMzRud3RpZE12NnVqMDFIM2VOelZmd0lVU09QOUpDYmtzS1lVekRhd1p4dG5KSnlBRFhpNVZQeEN5ekVHT3ZITktDY0oyOVFZSXBlbWYzZ21aeE1mK1R0NlcxOEdmN0VoYjR1SE9zeVJZYmVCWW80MmJWV3R6MXIrUkpwOUxKek81MkxmZDJvNWdSaGx5YWc5WWRUcVRVUHBMU0NmVm05ZVZ5MXNOUWsxYm05NXJtSzhWMHpWNlp3WC9YYmxCVmtDVWlCM293aXlXOXBWbGVGZHY3Mlc0T3BKSlNTYXR1U2poUkhnT3pzZzl6T0Jvc2sxZzA1QmlSSlNvaVRuVXRsT0I5c3BXeld2dzRDL0hLeTVUODJxamV4d0VsNE5LVElRZlluUHVlVDZQdzJhRVVOTGhuRzNtVytTTU8rNTRnandWRW1Bbm05cE9IZGVmSDh3TUJFT2o1L3psY21wNUFvTG80RklUTFVNZzdmd3hWZTl0SDk3eE1sdHhkbjJBYmlDaXk1bzJ1SCs5YlBGRys1aDJRUWt5RTFNZlZvNjFCQTV1KzRCZlY1WUg5ZWRZN2kwV2MyeXBjd0hxSy8rOXB3eGMybDJIQjVrNXZFQitBR0hrd1FLSVhra3NPdldoZ0FTYXE3SCtEM3NmaXp1THB1elBzK3A4QzNUMnNIcjZweFo0MUczTUo4K01XQ25NQTZLRDJ4eCtyWFJHSUFEMUFBcUhqWFd0Vm5TQ3RoQXp4UXYwWTQ4dmJ0LzMwcldxWlg3VnNNZUlteE1qQjlSL2tIMW9xN3JyWHlkLzJNYlhLdVZiM1JtYkE9PQ%3D%3D
Non-Authoritative-Reason
HttpsUpgrades
iife.min.js
dyetui.com/js/fingerprint/
33 KB
14 KB
Script
General
Full URL
https://dyetui.com/js/fingerprint/iife.min.js
Requested by
Host: dyetui.com
URL: https://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjVZNGdqYUxmQ1I4U0IzcWZ1RHRYWjdUbEYrZzIrbXVNekVCa3hldnJ5VjZleTVpSGNFSWVBZ25IUUZLTmlGWldobkN4M0trUTRhT1hWYTcrbDV5QXN2RFpYZzZzV3ZnSm1Xai9nMnh2dFVkdS9YemJXYkYxR04xY1RkeHJiV3dweXhUZURWdU5pQnRpS3VFWW9UUHRCNU4rdUNyR3BPMHVYejFicDc1K3Q1Q2dvSEczVWFpaFJXUkRQMk1ndWQxSkx5ZmlzVmxraUxOaWlIYzc4RjZGQ0dIc1pWcTlRQlZ5UFF5ZVR2N2lubWRNcTVGemRoeUZubFhTUXRvNUwrMUtYUENYMzRud3RpZE12NnVqMDFIM2VOelZmd0lVU09QOUpDYmtzS1lVekRhd1p4dG5KSnlBRFhpNVZQeEN5ekVHT3ZITktDY0oyOVFZSXBlbWYzZ21aeE1mK1R0NlcxOEdmN0VoYjR1SE9zeVJZYmVCWW80MmJWV3R6MXIrUkpwOUxKek81MkxmZDJvNWdSaGx5YWc5WWRUcVRVUHBMU0NmVm05ZVZ5MXNOUWsxYm05NXJtSzhWMHpWNlp3WC9YYmxCVmtDVWlCM293aXlXOXBWbGVGZHY3Mlc0T3BKSlNTYXR1U2poUkhnT3pzZzl6T0Jvc2sxZzA1QmlSSlNvaVRuVXRsT0I5c3BXeld2dzRDL0hLeTVUODJxamV4d0VsNE5LVElRZlluUHVlVDZQdzJhRVVOTGhuRzNtVytTTU8rNTRnandWRW1Bbm05cE9IZGVmSDh3TUJFT2o1L3psY21wNUFvTG80RklUTFVNZzdmd3hWZTl0SDk3eE1sdHhkbjJBYmlDaXk1bzJ1SCs5YlBGRys1aDJRUWt5RTFNZlZvNjFCQTV1KzRCZlY1WUg5ZWRZN2kwV2MyeXBjd0hxSy8rOXB3eGMybDJIQjVrNXZFQitBR0hrd1FLSVhra3NPdldoZ0FTYXE3SCtEM3NmaXp1THB1elBzK3A4QzNUMnNIcjZweFo0MUczTUo4K01XQ25NQTZLRDJ4eCtyWFJHSUFEMUFBcUhqWFd0Vm5TQ3RoQXp4UXYwWTQ4dmJ0LzMwcldxWlg3VnNNZUlteE1qQjlSL2tIMW9xN3JyWHlkLzJNYlhLdVZiM1JtYkE9PQ%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash
c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjVZNGdqYUxmQ1I4U0IzcWZ1RHRYWjdUbEYrZzIrbXVNekVCa3hldnJ5VjZleTVpSGNFSWVBZ25IUUZLTmlGWldobkN4M0trUTRhT1hWYTcrbDV5QXN2RFpYZzZzV3ZnSm1Xai9nMnh2dFVkdS9YemJXYkYxR04xY1RkeHJiV3dweXhUZURWdU5pQnRpS3VFWW9UUHRCNU4rdUNyR3BPMHVYejFicDc1K3Q1Q2dvSEczVWFpaFJXUkRQMk1ndWQxSkx5ZmlzVmxraUxOaWlIYzc4RjZGQ0dIc1pWcTlRQlZ5UFF5ZVR2N2lubWRNcTVGemRoeUZubFhTUXRvNUwrMUtYUENYMzRud3RpZE12NnVqMDFIM2VOelZmd0lVU09QOUpDYmtzS1lVekRhd1p4dG5KSnlBRFhpNVZQeEN5ekVHT3ZITktDY0oyOVFZSXBlbWYzZ21aeE1mK1R0NlcxOEdmN0VoYjR1SE9zeVJZYmVCWW80MmJWV3R6MXIrUkpwOUxKek81MkxmZDJvNWdSaGx5YWc5WWRUcVRVUHBMU0NmVm05ZVZ5MXNOUWsxYm05NXJtSzhWMHpWNlp3WC9YYmxCVmtDVWlCM293aXlXOXBWbGVGZHY3Mlc0T3BKSlNTYXR1U2poUkhnT3pzZzl6T0Jvc2sxZzA1QmlSSlNvaVRuVXRsT0I5c3BXeld2dzRDL0hLeTVUODJxamV4d0VsNE5LVElRZlluUHVlVDZQdzJhRVVOTGhuRzNtVytTTU8rNTRnandWRW1Bbm05cE9IZGVmSDh3TUJFT2o1L3psY21wNUFvTG80RklUTFVNZzdmd3hWZTl0SDk3eE1sdHhkbjJBYmlDaXk1bzJ1SCs5YlBGRys1aDJRUWt5RTFNZlZvNjFCQTV1KzRCZlY1WUg5ZWRZN2kwV2MyeXBjd0hxSy8rOXB3eGMybDJIQjVrNXZFQitBR0hrd1FLSVhra3NPdldoZ0FTYXE3SCtEM3NmaXp1THB1elBzK3A4QzNUMnNIcjZweFo0MUczTUo4K01XQ25NQTZLRDJ4eCtyWFJHSUFEMUFBcUhqWFd0Vm5TQ3RoQXp4UXYwWTQ4dmJ0LzMwcldxWlg3VnNNZUlteE1qQjlSL2tIMW9xN3JyWHlkLzJNYlhLdVZiM1JtYkE9PQ%3D%3D

Response headers

content-encoding
gzip
etag
"85c0-6250852d63500-gzip"
connection
close
accept-ranges
bytes
content-length
14345
date
Fri, 06 Dec 2024 08:01:05 GMT
last-modified
Tue, 22 Oct 2024 03:25:40 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
favicon.ico
dyetui.com/
0
0

f.php
dyetui.com/
Redirect Chain
  • http://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjV...
  • https://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdj...
2 KB
2 KB
Document
General
Full URL
https://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjVZNGdqYUxmQ1I4U0IzcWZ1RHRYWjdUbEYrZzIrbXVNekVCa3hldnJ5VjZleTVpSGNFSWVBZ25IUUZLTmlGWldobkN4M0trUTRhT1hWYTcrbDV5QXN2RFpYZzZzV3ZnSm1Xai9nMnh2dFVkdS9YemJXYkYxR04xY1RkeHJiV3dweXhUZURWdU5pQnRpS3VFWW9UUHRCNU4rdUNyR3BPMHVYejFicDc1K3Q1Q2dvSEczVWFpaFJXUkRQMk1ndWQxSkx5ZmlzVmxraUxOaWlIYzc4RjZGQ0dIc1pWcTlRQlZ5UFF5ZVR2N2lubWRNcTVGemRoeUZubFhTUXRvNUwrMUtYUENYMzRud3RpZE12NnVqMDFIM2VOelZmd0lVU09QOUpDYmtzS1lVekRhd1p4dG5KSnlBRFhpNVZQeEN5ekVHT3ZITktDY0oyOVFZSXBlbWYzZ21aeE1mK1R0NlcxOEdmN0VoYjR1SE9zeVJZYmVCWW80MmJWV3R6MXIrUkpwOUxKek81MkxmZDJvNWdSaGx5YWc5WWRUcVRVUHBMU0NmVm05ZVZ5MXNOUWsxYm05NXJtSzhWMHpWNlp3WC9YYmxCVmtDVWlCM293aXlXOXBWbGVGZHY3Mlc0T3BKSlNTYXR1U2poUkhnT3pzZzl6T0Jvc2sxZzA1QmlSSlNvaVRuVXRsT0I5c3BXeld2dzRDL0hLeTVUODJxamV4d0VsNE5LVElRZlluUHVlVDZQdzJhRVVOTGhuRzNtVytTTU8rNTRnandWRW1Bbm05cE9IZGVmSDh3TUJFT2o1L3psY21wNUFvTG80RklUTFVNZzdmd3hWZTl0SDk3eE1sdHhkbjJBYmlDaXk1bzJ1SCs5YlBGRys1aDJRUWt5RTFNZlZvNjFCQTV1KzRCZlY1WUg5ZWRZN2kwV2MyeXBjd0hxSy8rOXB3eGMybDJIQjVrNXZFQitBR0hrd1FLSVhra3NPdldoZ0FTYXE3SCtEM3NmaXp1THB1elBzK3A4QzNUMnNIcjZweFo0MUczTUo4K01XQ25NQTZLRDJ4eCtyWFJHSUFEMUFBcUhqWFd0Vm5TQ3RoQXp4UXYwWTQ4dmJ0LzMwcldxWlg3VnNNZUlteE1qQjlSL2tIMW9xN3JyWHlkLzJNYlhLdVZiM1JtYkE9PQ%3D%3D&fp=f23f236e65060067df470cea123fee21
Requested by
Host: dyetui.com
URL: https://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjVZNGdqYUxmQ1I4U0IzcWZ1RHRYWjdUbEYrZzIrbXVNekVCa3hldnJ5VjZleTVpSGNFSWVBZ25IUUZLTmlGWldobkN4M0trUTRhT1hWYTcrbDV5QXN2RFpYZzZzV3ZnSm1Xai9nMnh2dFVkdS9YemJXYkYxR04xY1RkeHJiV3dweXhUZURWdU5pQnRpS3VFWW9UUHRCNU4rdUNyR3BPMHVYejFicDc1K3Q1Q2dvSEczVWFpaFJXUkRQMk1ndWQxSkx5ZmlzVmxraUxOaWlIYzc4RjZGQ0dIc1pWcTlRQlZ5UFF5ZVR2N2lubWRNcTVGemRoeUZubFhTUXRvNUwrMUtYUENYMzRud3RpZE12NnVqMDFIM2VOelZmd0lVU09QOUpDYmtzS1lVekRhd1p4dG5KSnlBRFhpNVZQeEN5ekVHT3ZITktDY0oyOVFZSXBlbWYzZ21aeE1mK1R0NlcxOEdmN0VoYjR1SE9zeVJZYmVCWW80MmJWV3R6MXIrUkpwOUxKek81MkxmZDJvNWdSaGx5YWc5WWRUcVRVUHBMU0NmVm05ZVZ5MXNOUWsxYm05NXJtSzhWMHpWNlp3WC9YYmxCVmtDVWlCM293aXlXOXBWbGVGZHY3Mlc0T3BKSlNTYXR1U2poUkhnT3pzZzl6T0Jvc2sxZzA1QmlSSlNvaVRuVXRsT0I5c3BXeld2dzRDL0hLeTVUODJxamV4d0VsNE5LVElRZlluUHVlVDZQdzJhRVVOTGhuRzNtVytTTU8rNTRnandWRW1Bbm05cE9IZGVmSDh3TUJFT2o1L3psY21wNUFvTG80RklUTFVNZzdmd3hWZTl0SDk3eE1sdHhkbjJBYmlDaXk1bzJ1SCs5YlBGRys1aDJRUWt5RTFNZlZvNjFCQTV1KzRCZlY1WUg5ZWRZN2kwV2MyeXBjd0hxSy8rOXB3eGMybDJIQjVrNXZFQitBR0hrd1FLSVhra3NPdldoZ0FTYXE3SCtEM3NmaXp1THB1elBzK3A4QzNUMnNIcjZweFo0MUczTUo4K01XQ25NQTZLRDJ4eCtyWFJHSUFEMUFBcUhqWFd0Vm5TQ3RoQXp4UXYwWTQ4dmJ0LzMwcldxWlg3VnNNZUlteE1qQjlSL2tIMW9xN3JyWHlkLzJNYlhLdVZiM1JtYkE9PQ%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash

Request headers

Referer
https://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjVZNGdqYUxmQ1I4U0IzcWZ1RHRYWjdUbEYrZzIrbXVNekVCa3hldnJ5VjZleTVpSGNFSWVBZ25IUUZLTmlGWldobkN4M0trUTRhT1hWYTcrbDV5QXN2RFpYZzZzV3ZnSm1Xai9nMnh2dFVkdS9YemJXYkYxR04xY1RkeHJiV3dweXhUZURWdU5pQnRpS3VFWW9UUHRCNU4rdUNyR3BPMHVYejFicDc1K3Q1Q2dvSEczVWFpaFJXUkRQMk1ndWQxSkx5ZmlzVmxraUxOaWlIYzc4RjZGQ0dIc1pWcTlRQlZ5UFF5ZVR2N2lubWRNcTVGemRoeUZubFhTUXRvNUwrMUtYUENYMzRud3RpZE12NnVqMDFIM2VOelZmd0lVU09QOUpDYmtzS1lVekRhd1p4dG5KSnlBRFhpNVZQeEN5ekVHT3ZITktDY0oyOVFZSXBlbWYzZ21aeE1mK1R0NlcxOEdmN0VoYjR1SE9zeVJZYmVCWW80MmJWV3R6MXIrUkpwOUxKek81MkxmZDJvNWdSaGx5YWc5WWRUcVRVUHBMU0NmVm05ZVZ5MXNOUWsxYm05NXJtSzhWMHpWNlp3WC9YYmxCVmtDVWlCM293aXlXOXBWbGVGZHY3Mlc0T3BKSlNTYXR1U2poUkhnT3pzZzl6T0Jvc2sxZzA1QmlSSlNvaVRuVXRsT0I5c3BXeld2dzRDL0hLeTVUODJxamV4d0VsNE5LVElRZlluUHVlVDZQdzJhRVVOTGhuRzNtVytTTU8rNTRnandWRW1Bbm05cE9IZGVmSDh3TUJFT2o1L3psY21wNUFvTG80RklUTFVNZzdmd3hWZTl0SDk3eE1sdHhkbjJBYmlDaXk1bzJ1SCs5YlBGRys1aDJRUWt5RTFNZlZvNjFCQTV1KzRCZlY1WUg5ZWRZN2kwV2MyeXBjd0hxSy8rOXB3eGMybDJIQjVrNXZFQitBR0hrd1FLSVhra3NPdldoZ0FTYXE3SCtEM3NmaXp1THB1elBzK3A4QzNUMnNIcjZweFo0MUczTUo4K01XQ25NQTZLRDJ4eCtyWFJHSUFEMUFBcUhqWFd0Vm5TQ3RoQXp4UXYwWTQ4dmJ0LzMwcldxWlg3VnNNZUlteE1qQjlSL2tIMW9xN3JyWHlkLzJNYlhLdVZiM1JtYkE9PQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

connection
close
content-encoding
gzip
content-length
1539
content-type
text/html; charset=UTF-8
date
Fri, 06 Dec 2024 08:01:05 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Location
https://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjVZNGdqYUxmQ1I4U0IzcWZ1RHRYWjdUbEYrZzIrbXVNekVCa3hldnJ5VjZleTVpSGNFSWVBZ25IUUZLTmlGWldobkN4M0trUTRhT1hWYTcrbDV5QXN2RFpYZzZzV3ZnSm1Xai9nMnh2dFVkdS9YemJXYkYxR04xY1RkeHJiV3dweXhUZURWdU5pQnRpS3VFWW9UUHRCNU4rdUNyR3BPMHVYejFicDc1K3Q1Q2dvSEczVWFpaFJXUkRQMk1ndWQxSkx5ZmlzVmxraUxOaWlIYzc4RjZGQ0dIc1pWcTlRQlZ5UFF5ZVR2N2lubWRNcTVGemRoeUZubFhTUXRvNUwrMUtYUENYMzRud3RpZE12NnVqMDFIM2VOelZmd0lVU09QOUpDYmtzS1lVekRhd1p4dG5KSnlBRFhpNVZQeEN5ekVHT3ZITktDY0oyOVFZSXBlbWYzZ21aeE1mK1R0NlcxOEdmN0VoYjR1SE9zeVJZYmVCWW80MmJWV3R6MXIrUkpwOUxKek81MkxmZDJvNWdSaGx5YWc5WWRUcVRVUHBMU0NmVm05ZVZ5MXNOUWsxYm05NXJtSzhWMHpWNlp3WC9YYmxCVmtDVWlCM293aXlXOXBWbGVGZHY3Mlc0T3BKSlNTYXR1U2poUkhnT3pzZzl6T0Jvc2sxZzA1QmlSSlNvaVRuVXRsT0I5c3BXeld2dzRDL0hLeTVUODJxamV4d0VsNE5LVElRZlluUHVlVDZQdzJhRVVOTGhuRzNtVytTTU8rNTRnandWRW1Bbm05cE9IZGVmSDh3TUJFT2o1L3psY21wNUFvTG80RklUTFVNZzdmd3hWZTl0SDk3eE1sdHhkbjJBYmlDaXk1bzJ1SCs5YlBGRys1aDJRUWt5RTFNZlZvNjFCQTV1KzRCZlY1WUg5ZWRZN2kwV2MyeXBjd0hxSy8rOXB3eGMybDJIQjVrNXZFQitBR0hrd1FLSVhra3NPdldoZ0FTYXE3SCtEM3NmaXp1THB1elBzK3A4QzNUMnNIcjZweFo0MUczTUo4K01XQ25NQTZLRDJ4eCtyWFJHSUFEMUFBcUhqWFd0Vm5TQ3RoQXp4UXYwWTQ4dmJ0LzMwcldxWlg3VnNNZUlteE1qQjlSL2tIMW9xN3JyWHlkLzJNYlhLdVZiM1JtYkE9PQ%3D%3D&fp=f23f236e65060067df470cea123fee21
Non-Authoritative-Reason
HttpsUpgrades
Primary Request /
thewinnertips.com/trill_casinodays_5t_ca/
Redirect Chain
  • http://dyetui.com/f2.php?e=GoqwP1j9zGgL%2BF9JXhK0fX49flBkaGs5ek9kT0xXSGI2WVF2cHlRUkVpa1Z2UDlnN1MydkQ1dXp3SjdYL0dXMnFicHM4RmdhL1Y0N0l2Y091dVJSNGhiYmM0TFhxaU9aK3oxZGxTY1k0UE9iWEYwVHhVZHY5OEV2YkVEdUM0...
  • https://dyetui.com/f2.php?e=GoqwP1j9zGgL%2BF9JXhK0fX49flBkaGs5ek9kT0xXSGI2WVF2cHlRUkVpa1Z2UDlnN1MydkQ1dXp3SjdYL0dXMnFicHM4RmdhL1Y0N0l2Y091dVJSNGhiYmM0TFhxaU9aK3oxZGxTY1k0UE9iWEYwVHhVZHY5OEV2YkVEdUM...
  • https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6
27 KB
8 KB
Document
General
Full URL
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6
Requested by
Host: dyetui.com
URL: https://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjVZNGdqYUxmQ1I4U0IzcWZ1RHRYWjdUbEYrZzIrbXVNekVCa3hldnJ5VjZleTVpSGNFSWVBZ25IUUZLTmlGWldobkN4M0trUTRhT1hWYTcrbDV5QXN2RFpYZzZzV3ZnSm1Xai9nMnh2dFVkdS9YemJXYkYxR04xY1RkeHJiV3dweXhUZURWdU5pQnRpS3VFWW9UUHRCNU4rdUNyR3BPMHVYejFicDc1K3Q1Q2dvSEczVWFpaFJXUkRQMk1ndWQxSkx5ZmlzVmxraUxOaWlIYzc4RjZGQ0dIc1pWcTlRQlZ5UFF5ZVR2N2lubWRNcTVGemRoeUZubFhTUXRvNUwrMUtYUENYMzRud3RpZE12NnVqMDFIM2VOelZmd0lVU09QOUpDYmtzS1lVekRhd1p4dG5KSnlBRFhpNVZQeEN5ekVHT3ZITktDY0oyOVFZSXBlbWYzZ21aeE1mK1R0NlcxOEdmN0VoYjR1SE9zeVJZYmVCWW80MmJWV3R6MXIrUkpwOUxKek81MkxmZDJvNWdSaGx5YWc5WWRUcVRVUHBMU0NmVm05ZVZ5MXNOUWsxYm05NXJtSzhWMHpWNlp3WC9YYmxCVmtDVWlCM293aXlXOXBWbGVGZHY3Mlc0T3BKSlNTYXR1U2poUkhnT3pzZzl6T0Jvc2sxZzA1QmlSSlNvaVRuVXRsT0I5c3BXeld2dzRDL0hLeTVUODJxamV4d0VsNE5LVElRZlluUHVlVDZQdzJhRVVOTGhuRzNtVytTTU8rNTRnandWRW1Bbm05cE9IZGVmSDh3TUJFT2o1L3psY21wNUFvTG80RklUTFVNZzdmd3hWZTl0SDk3eE1sdHhkbjJBYmlDaXk1bzJ1SCs5YlBGRys1aDJRUWt5RTFNZlZvNjFCQTV1KzRCZlY1WUg5ZWRZN2kwV2MyeXBjd0hxSy8rOXB3eGMybDJIQjVrNXZFQitBR0hrd1FLSVhra3NPdldoZ0FTYXE3SCtEM3NmaXp1THB1elBzK3A4QzNUMnNIcjZweFo0MUczTUo4K01XQ25NQTZLRDJ4eCtyWFJHSUFEMUFBcUhqWFd0Vm5TQ3RoQXp4UXYwWTQ4dmJ0LzMwcldxWlg3VnNNZUlteE1qQjlSL2tIMW9xN3JyWHlkLzJNYlhLdVZiM1JtYkE9PQ%3D%3D&fp=f23f236e65060067df470cea123fee21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cb6822503c576ee9eb3e63f681109657a2e099a1b25cdf80c0f2713d63ea32a

Request headers

Referer
https://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjVZNGdqYUxmQ1I4U0IzcWZ1RHRYWjdUbEYrZzIrbXVNekVCa3hldnJ5VjZleTVpSGNFSWVBZ25IUUZLTmlGWldobkN4M0trUTRhT1hWYTcrbDV5QXN2RFpYZzZzV3ZnSm1Xai9nMnh2dFVkdS9YemJXYkYxR04xY1RkeHJiV3dweXhUZURWdU5pQnRpS3VFWW9UUHRCNU4rdUNyR3BPMHVYejFicDc1K3Q1Q2dvSEczVWFpaFJXUkRQMk1ndWQxSkx5ZmlzVmxraUxOaWlIYzc4RjZGQ0dIc1pWcTlRQlZ5UFF5ZVR2N2lubWRNcTVGemRoeUZubFhTUXRvNUwrMUtYUENYMzRud3RpZE12NnVqMDFIM2VOelZmd0lVU09QOUpDYmtzS1lVekRhd1p4dG5KSnlBRFhpNVZQeEN5ekVHT3ZITktDY0oyOVFZSXBlbWYzZ21aeE1mK1R0NlcxOEdmN0VoYjR1SE9zeVJZYmVCWW80MmJWV3R6MXIrUkpwOUxKek81MkxmZDJvNWdSaGx5YWc5WWRUcVRVUHBMU0NmVm05ZVZ5MXNOUWsxYm05NXJtSzhWMHpWNlp3WC9YYmxCVmtDVWlCM293aXlXOXBWbGVGZHY3Mlc0T3BKSlNTYXR1U2poUkhnT3pzZzl6T0Jvc2sxZzA1QmlSSlNvaVRuVXRsT0I5c3BXeld2dzRDL0hLeTVUODJxamV4d0VsNE5LVElRZlluUHVlVDZQdzJhRVVOTGhuRzNtVytTTU8rNTRnandWRW1Bbm05cE9IZGVmSDh3TUJFT2o1L3psY21wNUFvTG80RklUTFVNZzdmd3hWZTl0SDk3eE1sdHhkbjJBYmlDaXk1bzJ1SCs5YlBGRys1aDJRUWt5RTFNZlZvNjFCQTV1KzRCZlY1WUg5ZWRZN2kwV2MyeXBjd0hxSy8rOXB3eGMybDJIQjVrNXZFQitBR0hrd1FLSVhra3NPdldoZ0FTYXE3SCtEM3NmaXp1THB1elBzK3A4QzNUMnNIcjZweFo0MUczTUo4K01XQ25NQTZLRDJ4eCtyWFJHSUFEMUFBcUhqWFd0Vm5TQ3RoQXp4UXYwWTQ4dmJ0LzMwcldxWlg3VnNNZUlteE1qQjlSL2tIMW9xN3JyWHlkLzJNYlhLdVZiM1JtYkE9PQ%3D%3D&fp=f23f236e65060067df470cea123fee21
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8edabefd0bf041a1-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Fri, 06 Dec 2024 08:01:06 GMT
link
<https://thewinnertips.com/wp-json/>; rel="https://api.w.org/", <https://thewinnertips.com/wp-json/wp/v2/pages/539>; rel="alternate"; title="JSON"; type="application/json", <https://thewinnertips.com/?p=539>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2FoW8QMH2cx95yvgpll3Q4vW7HMWY2EEJOYIDFvbXEIhKwxmZrsjs%2B0AyZtlOiyklGMRpmbYytRWCb3eNH%2BhcMftD8tg8sQd2EBsM6Y5LFa4rpCcXVqgSqn8RVHtxRNzwOVdXykuDk9Ebpe8IqrUrg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=38780&min_rtt=38536&rtt_var=6364&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4183&recv_bytes=4474&delivery_rate=437&cwnd=12000&unsent_bytes=0&cid=1a14d04e81f5bc64&ts=788&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding Accept-Encoding
x-cache
MISS

Redirect headers

connection
close
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 06 Dec 2024 08:01:05 GMT
location
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6
server
Apache
all.min.css
thewinnertips.com/wp-content/themes/WinnersTips2/assets/fa/css/
58 KB
13 KB
Stylesheet
General
Full URL
https://thewinnertips.com/wp-content/themes/WinnersTips2/assets/fa/css/all.min.css
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"63089813-e7a9"
age
2147735
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ePXbzK%2Ft5kb2q%2BM2zb%2FX%2F%2FjdMwBS8uOSlTOo1SbGfnX%2B2YmlE4W3iBqVkdc8TIfuirP6%2Bk0CDJd45xPIKjEfzMeVugU0suBhYYPlnJeMDlbTsi47bvhNqmzX%2FX57eq4Q%2B7OF2%2B7fQAHV2xPmJzDn0g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=38748&min_rtt=38536&rtt_var=2733&sent=31&recv=16&lost=0&retrans=0&sent_bytes=17810&recv_bytes=6190&delivery_rate=64879&cwnd=12000&unsent_bytes=0&cid=1a14d04e81f5bc64&ts=893&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 08:01:06 GMT
content-type
text/css
last-modified
Fri, 26 Aug 2022 09:53:23 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8edabf024f5e41a1-EWR
server
cloudflare
main.bundle.css
thewinnertips.com/wp-content/themes/WinnersTips2/dist/
21 KB
5 KB
Stylesheet
General
Full URL
https://thewinnertips.com/wp-content/themes/WinnersTips2/dist/main.bundle.css?ver=1663664398
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1553287e594bf32732724a2364a23c60770f30a8250d24303a6630df32e8b3c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6329810e-5462"
age
5076753
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pDq69R%2FXv2Dt3FBowbugTITWRPEWCUnZ2tTvD5Lw3qkAwl8vF%2BPrTsSsNs0sTnMxpSLNK4Mbx20rLux5AiDfg8vD6aeRromMNLRiqUrLNquvYWiuuYm6zAO9ll5ofLWh4DPlqR6VCEIdiOyq57yDxg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=38748&min_rtt=38536&rtt_var=2733&sent=26&recv=16&lost=0&retrans=0&sent_bytes=12683&recv_bytes=6190&delivery_rate=64879&cwnd=12000&unsent_bytes=0&cid=1a14d04e81f5bc64&ts=892&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 08:01:06 GMT
content-type
text/css
last-modified
Tue, 20 Sep 2022 08:59:58 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8edabf024f6041a1-EWR
server
cloudflare
front.min.css
thewinnertips.com/wp-content/plugins/cookie-notice/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://thewinnertips.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.7.1
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"630774f2-14d6"
age
1241658
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GVqCGKQn9iB27QYkALLvJia9Cj%2FKdUU%2F0t%2BR05N0Av5oFbxBxq6eCBkykNaay67KbgMf754PjNl7KLEAAlKV0pwxMYRMof%2F57WtC8IxxZPYXFZKM8wZRFRynJA8YmBz83qFPVnDhvsMhbr95db2Q5A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=38748&min_rtt=38536&rtt_var=2733&sent=34&recv=16&lost=0&retrans=0&sent_bytes=20500&recv_bytes=6190&delivery_rate=64879&cwnd=12000&unsent_bytes=0&cid=1a14d04e81f5bc64&ts=893&x=1", cfExtPri, cfHdrFlush;dur=6
date
Fri, 06 Dec 2024 08:01:06 GMT
content-type
text/css
last-modified
Thu, 25 Aug 2022 13:11:14 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8edabf024f6241a1-EWR
server
cloudflare
front.min.js
thewinnertips.com/wp-content/plugins/cookie-notice/js/
9 KB
3 KB
Script
General
Full URL
https://thewinnertips.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.0
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af735813266cdf52a38a6e1583a86066db357469ceded2d7ea8335b298d73d65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"630774f2-222e"
age
257023
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4vUnSwyrQ8dBgZKHgg8Qz3%2FSIA83z9LWQ9R8LsFscyEyVwRvgWjZEFUleHtQy8HJ37b9Z3HpFG8yr8nXkz0NOnML60EJuYz%2ByFIG8GEj3CfkcTGZvq%2BSPIoVo4nFUx6Qvc%2Fr50ukm%2BM7qyNurCQtXg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=55670&min_rtt=38400&rtt_var=6174&sent=58&recv=41&lost=0&retrans=0&sent_bytes=40969&recv_bytes=10225&delivery_rate=535266&cwnd=22800&unsent_bytes=0&cid=1a14d04e81f5bc64&ts=999&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 08:01:07 GMT
content-type
application/javascript
last-modified
Thu, 25 Aug 2022 13:11:14 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8edabf02ffc041a1-EWR
server
cloudflare
Group-3230.png
thewinnertips.com/wp-content/uploads/2022/08/
6 KB
7 KB
Image
General
Full URL
https://thewinnertips.com/wp-content/uploads/2022/08/Group-3230.png
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
466e5fee3a89203aa23b3feaebfbe34da6160d09b444763e9b40fed3d9bc755b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6

Response headers

cf-cache-status
HIT
etag
"63077a6a-194f"
age
2147735
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HVxjdWj6zSe29ZjgQ%2B8iCVo9nOvl81uCCD2rUmmDVQG5Us3Nb2xYRtqJbvQ2T0j0k82LbYaW%2BxzB5FCqfCwWvmiV%2FkzQC%2FBawYSlBOsr9tVDsApAbeuXJljhI0ZjmuX2cUAo%2F3%2BP3k4GKU3K9imtcg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=38748&min_rtt=38536&rtt_var=2733&sent=34&recv=16&lost=0&retrans=0&sent_bytes=20500&recv_bytes=6190&delivery_rate=64879&cwnd=12000&unsent_bytes=0&cid=1a14d04e81f5bc64&ts=894&x=1", cfExtPri, cfHdrFlush;dur=5
date
Fri, 06 Dec 2024 08:01:06 GMT
content-type
image/png
last-modified
Thu, 25 Aug 2022 13:34:34 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8edabf024f6341a1-EWR
accept-ranges
bytes
content-length
6479
server
cloudflare
topgame-01.png
thewinnertips.com/wp-content/uploads/2022/08/
1 KB
2 KB
Image
General
Full URL
https://thewinnertips.com/wp-content/uploads/2022/08/topgame-01.png
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f41f1f66c491d58e9c86c76883f768838016bdac0d6e75fde8078f74ace198a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6

Response headers

cf-cache-status
HIT
etag
"63077caf-479"
age
876521
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q12vvZ5e5yiALkeGyi6jcDld8R%2BN%2BFOUjr76M5b9SX62qHvERnqnV%2BOxqNpDItdxUq7pHlsnVWL6qC1BG3zrnoAKcU%2BjBXd3QZ3ltacukkh%2BfZs8VnPu0ERThs9Jl2w9PWsqEwef46yiXZkE4dTTHA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=55670&min_rtt=38400&rtt_var=6174&sent=61&recv=41&lost=0&retrans=0&sent_bytes=43856&recv_bytes=10225&delivery_rate=535266&cwnd=22800&unsent_bytes=0&cid=1a14d04e81f5bc64&ts=1000&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 08:01:07 GMT
content-type
image/png
last-modified
Thu, 25 Aug 2022 13:44:15 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8edabf02ffc241a1-EWR
accept-ranges
bytes
content-length
1145
server
cloudflare
twitter.png
thewinnertips.com/wp-content/themes/WinnersTips2/assets/img/
3 KB
4 KB
Image
General
Full URL
https://thewinnertips.com/wp-content/themes/WinnersTips2/assets/img/twitter.png
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81507b4cda28450b2a9c638fbb2bed8fde9b0de69891399ab94467efd77a4557

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6

Response headers

cf-cache-status
HIT
etag
"63078f8c-dba"
age
5076753
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ESg89YNTEzw9T%2FIWy3KGgqIGWGmFmTimBsnCztpXh9T%2BtolaBD6pm8rXDywGiMAY67rjHz0NZIG2OQl5eJhEaOdjBdRrcNsXO5Rq3j6P1nwyv72aEiQlrW38adf7wu%2Fv%2FQlLs22WQ2cJ4Ooyw5UJzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=55670&min_rtt=38400&rtt_var=6174&sent=63&recv=41&lost=0&retrans=0&sent_bytes=45733&recv_bytes=10225&delivery_rate=535266&cwnd=22800&unsent_bytes=0&cid=1a14d04e81f5bc64&ts=1001&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 08:01:07 GMT
content-type
image/png
last-modified
Thu, 25 Aug 2022 15:04:44 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8edabf02ffc341a1-EWR
accept-ranges
bytes
content-length
3514
server
cloudflare
facebook.png
thewinnertips.com/wp-content/themes/WinnersTips2/assets/img/
1 KB
2 KB
Image
General
Full URL
https://thewinnertips.com/wp-content/themes/WinnersTips2/assets/img/facebook.png
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87bb462c06cc85dba44601dbbcd84f3d769d9bf84580777849b39597ea8be7cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6

Response headers

cf-cache-status
HIT
etag
"63078f88-422"
age
2147736
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=snaI5fXa3isD6SAE7NMXe33gYeWfSYFH7h6xFqPl9HPxao0NZ8AsHdUgf9PDMAmN1bKWC4hnToaMJJNd1sMg9eZOorhPK1U63L7yzW%2FejWfctZvQ87PpnQcH8pJkxN8%2F3vbTyjDAJLJfC%2BIC%2Bx%2B7nw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=55670&min_rtt=38400&rtt_var=6174&sent=67&recv=41&lost=0&retrans=0&sent_bytes=50027&recv_bytes=10225&delivery_rate=535266&cwnd=22800&unsent_bytes=0&cid=1a14d04e81f5bc64&ts=1003&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 08:01:07 GMT
content-type
image/png
last-modified
Thu, 25 Aug 2022 15:04:40 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8edabf02ffc741a1-EWR
accept-ranges
bytes
content-length
1058
server
cloudflare
facebook.png
thewinnertips.com/wp-content/uploads/2022/08/
1 KB
2 KB
Image
General
Full URL
https://thewinnertips.com/wp-content/uploads/2022/08/facebook.png
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87bb462c06cc85dba44601dbbcd84f3d769d9bf84580777849b39597ea8be7cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6

Response headers

cf-cache-status
HIT
etag
"63079e93-422"
age
2147736
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WKJLV2L7%2FBY0VQ5EvNacUNQWxZ99TF8Myqkl%2FZFQ5cN1U8%2BsqOs1gSMwx2zgEpWUdlIHh%2FG%2FEr%2FQp09OwEKQdbBZWlLw7zpnZaIR859So013VpLaDCz7R0VEnMHP3z9ZbG%2BodhSNcO2bVZQ8akCiVA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=55670&min_rtt=38400&rtt_var=6174&sent=75&recv=41&lost=0&retrans=0&sent_bytes=58654&recv_bytes=10225&delivery_rate=535266&cwnd=22800&unsent_bytes=0&cid=1a14d04e81f5bc64&ts=1005&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 08:01:07 GMT
content-type
image/png
last-modified
Thu, 25 Aug 2022 16:08:51 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8edabf02ffcc41a1-EWR
accept-ranges
bytes
content-length
1058
server
cloudflare
twitter.png
thewinnertips.com/wp-content/uploads/2022/08/
3 KB
4 KB
Image
General
Full URL
https://thewinnertips.com/wp-content/uploads/2022/08/twitter.png
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1f8026421e9a62a53734161746e439080236703a6fe2705e2140cfe14888751

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6

Response headers

cf-cache-status
HIT
etag
"63079e94-cb8"
age
2147736
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h1yjYEte2fDo4%2FxEUTxSyDDArArC2MAnD2QKqdNr3LuX6VmTAecU%2BmbvAjAJgVhtdtuUtekGSxbvp6AurAE%2BD9eU28s1p3l8tU05NvdAvIOZaRN9rTTlxJjxCY14qlK2RmzXlwXLFPGr%2FG213t4JxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=55670&min_rtt=38400&rtt_var=6174&sent=80&recv=41&lost=0&retrans=0&sent_bytes=63769&recv_bytes=10225&delivery_rate=535266&cwnd=22800&unsent_bytes=0&cid=1a14d04e81f5bc64&ts=1010&x=1", cfExtPri, cfHdrFlush;dur=28
date
Fri, 06 Dec 2024 08:01:07 GMT
content-type
image/png
last-modified
Thu, 25 Aug 2022 16:08:52 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8edabf02ffcd41a1-EWR
accept-ranges
bytes
content-length
3256
server
cloudflare
main.bundle.js
thewinnertips.com/wp-content/themes/WinnersTips2/dist/
16 KB
7 KB
Script
General
Full URL
https://thewinnertips.com/wp-content/themes/WinnersTips2/dist/main.bundle.js?ver=1732621522
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98db1f6ac67e8db40b3b0404df5a39fa60941b0b80d13e235f5714d845ce6d1b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6745b4d2-40c0"
age
849554
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iM1gcBIhRUH0f%2FyOqcYG0HBip5BsI5JuEd1dyee%2BZ6tVeWgfmWGCzhY7tYZrGrcOj8Y8SVY2Wvgx9Bprypx3wbNMmfUG1UZSM6MmbDHFAxdHTtGISO29GfCGxshKY36%2FB7NfBiEFQd00%2B3i8tcgMuA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=55670&min_rtt=38400&rtt_var=6174&sent=69&recv=41&lost=0&retrans=0&sent_bytes=51816&recv_bytes=10225&delivery_rate=535266&cwnd=22800&unsent_bytes=0&cid=1a14d04e81f5bc64&ts=1004&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 08:01:07 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 11:45:22 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8edabf02ffcb41a1-EWR
server
cloudflare
gtm.js
www.googletagmanager.com/
443 KB
120 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-58QS7KV
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0295a9054198aca23b9e0bb169178e4f7aa6381487a279e58c31f5c9255d5d46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 06 Dec 2024 08:01:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 08:01:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 06 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
122216
x-xss-protection
0
server
Google Tag Manager
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5dbe802e02c90654f902e69208eb5c1ce9b12a56850ed17f752f3ca68b1378cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
574x_545_-_Welcome_Banner_2-min-1.jpg
thewinnertips.com/wp-content/uploads/2023/04/
102 KB
103 KB
Image
General
Full URL
https://thewinnertips.com/wp-content/uploads/2023/04/574x_545_-_Welcome_Banner_2-min-1.jpg
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
623fb399226bc3560edd8dbd9ea680fc99eba6419a7186fae83d504854b3e086

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6

Response headers

cf-cache-status
HIT
etag
"6436eb93-19806"
age
2019985
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ip0v%2BNKAbQOH33wnLUwlb3Kp6J3mSOCYksWYKLISoleY8ToCghdH2wPulCpNb75vx%2FkGbrVBWU9kp93wuQo7SLRt9YudwwmRCy35669zC4ZgYOTW1rTg0elvSwLY97UxOaWuxYU56CvApFt6psDEhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=55670&min_rtt=38400&rtt_var=6174&sent=77&recv=41&lost=0&retrans=0&sent_bytes=60448&recv_bytes=10225&delivery_rate=535266&cwnd=22800&unsent_bytes=0&cid=1a14d04e81f5bc64&ts=1006&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 08:01:07 GMT
content-type
image/jpeg
last-modified
Wed, 12 Apr 2023 17:34:11 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8edabf02ffce41a1-EWR
accept-ranges
bytes
content-length
104454
server
cloudflare
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v21/
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thewinnertips.com
Referer
https://thewinnertips.com/

Response headers

age
542175
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 30 Nov 2025 01:24:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 30 Nov 2024 01:24:52 GMT
last-modified
Mon, 18 Jul 2022 19:32:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
33580
x-xss-protection
0
server
sffe
fa-solid-900.woff2
thewinnertips.com/wp-content/themes/WinnersTips2/assets/fa/webfonts/
76 KB
77 KB
Font
General
Full URL
https://thewinnertips.com/wp-content/themes/WinnersTips2/assets/fa/webfonts/fa-solid-900.woff2
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/wp-content/themes/WinnersTips2/assets/fa/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thewinnertips.com
Referer
https://thewinnertips.com/wp-content/themes/WinnersTips2/assets/fa/css/all.min.css

Response headers

cf-cache-status
HIT
etag
"61129b24-131bc"
age
2147736
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=84kKqMA6C97g%2F8b0HsV2dyxxkmtSCr%2Fe%2B3Wcuup9MQPBQqPS6JtRLWAaSIVpSkVsIIMJAiF%2BNl0T5Loji2kb3NE8vMEPM%2Bs7G4kbwhunmhhQEqk5YIPdXsdjzo5SyJagBp%2BpX2acHVqvmBYBhWm2Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=53215&min_rtt=38400&rtt_var=2045&sent=117&recv=53&lost=0&retrans=0&sent_bytes=100393&recv_bytes=11090&delivery_rate=484138&cwnd=36600&unsent_bytes=0&cid=1a14d04e81f5bc64&ts=1060&x=1", cfExtPri, cfHdrFlush;dur=17
date
Fri, 06 Dec 2024 08:01:07 GMT
content-type
application/font-woff2
last-modified
Tue, 10 Aug 2021 15:28:36 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8edabf03580941a1-EWR
accept-ranges
bytes
content-length
78268
server
cloudflare
truncated
/
44 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
truncated
/
82 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
truncated
/
38 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
c5f37193-f19d-4b64-82e2-f71b83858c2c.jpg
thewinnertips.com/wp-content/uploads/2023/04/
78 KB
78 KB
Image
General
Full URL
https://thewinnertips.com/wp-content/uploads/2023/04/c5f37193-f19d-4b64-82e2-f71b83858c2c.jpg
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
730c04a8235fa609d19013c04c75be34b1107971c3d89e9bc2ff1f35580952be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6

Response headers

cf-cache-status
HIT
etag
"643d89cc-1362f"
age
2019985
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xXQ5MTR06YfiDCVr5Xsne%2FA2AM%2BWAkta5ZTPbJCAOL0FgJmrlWLLxRqHQPon%2BbvjCzUaOrIWS0qj3Sq%2FWXfRZdQA7FAOg6Cu9Xdl8mFTBYwjplLYjni0DfJ%2BSZvaBqS%2BcNOsN3RzaIwC%2FGPEVhOSpg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=44388&min_rtt=38400&rtt_var=2198&sent=176&recv=68&lost=0&retrans=0&sent_bytes=166117&recv_bytes=12142&delivery_rate=774192&cwnd=65700&unsent_bytes=0&cid=1a14d04e81f5bc64&ts=1093&x=1", cfExtPri, cfHdrFlush;dur=23
date
Fri, 06 Dec 2024 08:01:07 GMT
content-type
image/jpeg
last-modified
Mon, 17 Apr 2023 18:02:52 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8edabf03781b41a1-EWR
accept-ranges
bytes
content-length
79407
server
cloudflare
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fthewinnertips.com%2Ftrill_casinodays_5t_ca%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=955122306.1733472067&auid=1513490211.1733472067&npa=0&gtm=45He4c40v830784315za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&tft=1733472067353&tfd=1720&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58QS7KV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::67 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/

Response headers

analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58QS7KV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/

Response headers

content-encoding
gzip
age
3746
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 06 Dec 2024 08:58:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 06:58:41 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
sw_iframe.html
www.googletagmanager.com/static/service_worker/4c30/ Frame 6F64
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fthewinnertips.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58QS7KV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Dec 2024 08:01:07 GMT
expires
Sat, 06 Dec 2025 08:01:07 GMT
last-modified
Tue, 03 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
3 B
422 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1498237979&t=pageview&_s=1&dl=https%3A%2F%2Fthewinnertips.com%2Ftrill_casinodays_5t_ca%2F%3Futm_campaign%3D1224938907%26sid%3D2024120619010324a3ef480dec93bee6&ul=en-ca&de=UTF-8&dt=The%20Winners%20Tips&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=6702671&gjid=1806910308&cid=550574023.1733472068&tid=UA-159864570-1&_gid=1950831503.1733472068&_r=1&_slc=1&gtm=45He4c40n8158QS7KVv830784315za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&z=559671311
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://thewinnertips.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 08:01:07 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://thewinnertips.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
cropped-Group-3230-32x32.png
thewinnertips.com/wp-content/uploads/2022/08/
1 KB
2 KB
Other
General
Full URL
https://thewinnertips.com/wp-content/uploads/2022/08/cropped-Group-3230-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ebfaf8ab158192acd1cc3a91e34a8cb81305fe7a2bf2e9e131ae7166e0e077e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1224938907&sid=2024120619010324a3ef480dec93bee6

Response headers

cf-cache-status
HIT
etag
"63078114-506"
age
2133957
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BKkegltmulJSh7fd3aUCYtRTYSUxJtuzv%2BPKCPWDeTADQjUFGUE8Msu2KKBCklNq1fz9%2F1R%2BevDQFsqpd1MFzlqOyotJupVuEVrS97sa9Ww36k%2Fu5L5jED1BFqkNzC22UDVp436KLEsB9V0aZYXIhw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=45370&min_rtt=38223&rtt_var=5664&sent=323&recv=90&lost=0&retrans=0&sent_bytes=335022&recv_bytes=13622&delivery_rate=2225082&cwnd=157200&unsent_bytes=0&cid=1a14d04e81f5bc64&ts=1736&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 06 Dec 2024 08:01:07 GMT
content-type
image/png
last-modified
Thu, 25 Aug 2022 14:03:00 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8edabf078ac541a1-EWR
accept-ranges
bytes
content-length
1286
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dyetui.com
URL
https://dyetui.com/favicon.ico

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| cnArgs object| dataLayer function| checkForm object| Modernizr object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.thewinnertips.com/ Name: _gcl_au
Value: 1.1.1513490211.1733472067
.thewinnertips.com/ Name: _ga
Value: GA1.2.550574023.1733472068
.thewinnertips.com/ Name: _gid
Value: GA1.2.1950831503.1733472068
.thewinnertips.com/ Name: _gat_UA-159864570-1
Value: 1

1 Console Messages

Source Level URL
Text
rendering warning URL: https://dyetui.com/f.php?e=Ov2EEEc6SSSUmt1vCsR7n349fnFSUTE3UklkaE1UaUt5UXR5VFc4NFA4ZWFzVzFKSzltSjIyK3JqTUNSMk16WlhnV3VkRC9LNXRzTmpTMVpJVDBvREhLUGQ2REh1c0l0Nmg1M1lxTUR2MjFRcTNGbGF0YTBRcXFoL0RqYkFLdjVZNGdqYUxmQ1I4U0IzcWZ1RHRYWjdUbEYrZzIrbXVNekVCa3hldnJ5VjZleTVpSGNFSWVBZ25IUUZLTmlGWldobkN4M0trUTRhT1hWYTcrbDV5QXN2RFpYZzZzV3ZnSm1Xai9nMnh2dFVkdS9YemJXYkYxR04xY1RkeHJiV3dweXhUZURWdU5pQnRpS3VFWW9UUHRCNU4rdUNyR3BPMHVYejFicDc1K3Q1Q2dvSEczVWFpaFJXUkRQMk1ndWQxSkx5ZmlzVmxraUxOaWlIYzc4RjZGQ0dIc1pWcTlRQlZ5UFF5ZVR2N2lubWRNcTVGemRoeUZubFhTUXRvNUwrMUtYUENYMzRud3RpZE12NnVqMDFIM2VOelZmd0lVU09QOUpDYmtzS1lVekRhd1p4dG5KSnlBRFhpNVZQeEN5ekVHT3ZITktDY0oyOVFZSXBlbWYzZ21aeE1mK1R0NlcxOEdmN0VoYjR1SE9zeVJZYmVCWW80MmJWV3R6MXIrUkpwOUxKek81MkxmZDJvNWdSaGx5YWc5WWRUcVRVUHBMU0NmVm05ZVZ5MXNOUWsxYm05NXJtSzhWMHpWNlp3WC9YYmxCVmtDVWlCM293aXlXOXBWbGVGZHY3Mlc0T3BKSlNTYXR1U2poUkhnT3pzZzl6T0Jvc2sxZzA1QmlSSlNvaVRuVXRsT0I5c3BXeld2dzRDL0hLeTVUODJxamV4d0VsNE5LVElRZlluUHVlVDZQdzJhRVVOTGhuRzNtVytTTU8rNTRnandWRW1Bbm05cE9IZGVmSDh3TUJFT2o1L3psY21wNUFvTG80RklUTFVNZzdmd3hWZTl0SDk3eE1sdHhkbjJBYmlDaXk1bzJ1SCs5YlBGRys1aDJRUWt5RTFNZlZvNjFCQTV1KzRCZlY1WUg5ZWRZN2kwV2MyeXBjd0hxSy8rOXB3eGMybDJIQjVrNXZFQitBR0hrd1FLSVhra3NPdldoZ0FTYXE3SCtEM3NmaXp1THB1elBzK3A4QzNUMnNIcjZweFo0MUczTUo4K01XQ25NQTZLRDJ4eCtyWFJHSUFEMUFBcUhqWFd0Vm5TQ3RoQXp4UXYwWTQ4dmJ0LzMwcldxWlg3VnNNZUlteE1qQjlSL2tIMW9xN3JyWHlkLzJNYlhLdVZiM1JtYkE9PQ%3D%3D
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0301D001C2E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dyetui.com
fonts.gstatic.com
thewinnertips.com
ww99.toonova.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.www.059879e5-b2e8-4f58-aa46-95f69d92aa34.random.toonova.net
dyetui.com
103.224.182.206
172.232.31.180
2606:4700:3032::6815:1253
2607:f8b0:4004:c19::61
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::67
2607:f8b0:4004:c1b::8b
69.16.230.228
0295a9054198aca23b9e0bb169178e4f7aa6381487a279e58c31f5c9255d5d46
1553287e594bf32732724a2364a23c60770f30a8250d24303a6630df32e8b3c4
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
466e5fee3a89203aa23b3feaebfbe34da6160d09b444763e9b40fed3d9bc755b
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
5dbe802e02c90654f902e69208eb5c1ce9b12a56850ed17f752f3ca68b1378cd
5ebfaf8ab158192acd1cc3a91e34a8cb81305fe7a2bf2e9e131ae7166e0e077e
623fb399226bc3560edd8dbd9ea680fc99eba6419a7186fae83d504854b3e086
730c04a8235fa609d19013c04c75be34b1107971c3d89e9bc2ff1f35580952be
75b323a0bbe1ae496293e0a4584869e25741e02cdc2920601acadb16c41f4ce4
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
81507b4cda28450b2a9c638fbb2bed8fde9b0de69891399ab94467efd77a4557
87bb462c06cc85dba44601dbbcd84f3d769d9bf84580777849b39597ea8be7cc
8cb6822503c576ee9eb3e63f681109657a2e099a1b25cdf80c0f2713d63ea32a
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
98db1f6ac67e8db40b3b0404df5a39fa60941b0b80d13e235f5714d845ce6d1b
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
af735813266cdf52a38a6e1583a86066db357469ceded2d7ea8335b298d73d65
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089
d4067b6c1c1b795a532c5c84bcdd2b76e07e13e65fde5b419b2a6d660e91f047
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea75d217f7e0ce5a50d63fda4ffd83f1d91230143c3ae7960196167f85b45b7f
f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789
f1f8026421e9a62a53734161746e439080236703a6fe2705e2140cfe14888751
f41f1f66c491d58e9c86c76883f768838016bdac0d6e75fde8078f74ace198a3