urlscan.io logo urlscan.io
SecurityTrails logo

thewinnertips.com Open in urlscan Pro
2606:4700:3031::ac43:b540  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://delivery.freshjuiceuk.com/s/qhfmb
Effective URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974
Submission: On November 24 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3031::ac43:b540, located in United States and belongs to CLOUDFLARENET, US. The main domain is thewinnertips.com.
TLS certificate: Issued by WE1 on November 11th 2024. Valid for: 3 months.
This is the only time thewinnertips.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 170.178.183.18 46844 (SHARKTECH)
1 4 103.224.182.206 133618 (TRELLIAN-...)
15 2606:4700:303... 13335 (CLOUDFLAR...)
20 3
Apex Domain
Subdomains		 Transfer
15 thewinnertips.com
thewinnertips.com
134 KB
4 cibago.com
cibago.com — Cisco Umbrella Rank: 350584
3 KB
1 freshjuiceuk.com
delivery.freshjuiceuk.com
2 KB
0 gstatic.com Failed
fonts.gstatic.com Failed
0 googletagmanager.com Failed
www.googletagmanager.com Failed
20 5
Domain Requested by
15 thewinnertips.com cibago.com
thewinnertips.com
4 cibago.com 1 redirects cibago.com
1 delivery.freshjuiceuk.com 1 redirects
0 fonts.gstatic.com Failed thewinnertips.com
0 www.googletagmanager.com Failed thewinnertips.com
20 5

This site contains links to these domains. Also see Links.

Domain
clk-ca.com
Subject Issuer Validity Valid
aljassmi.store
R11		 2024-09-26 -
2024-12-25		 3 months crt.sh
thewinnertips.com
WE1		 2024-11-11 -
2025-02-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974
Frame ID: 547BC50124BB264193368BE07323E3FF
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Winners Tips

Page URL History Show full URLs

  1. https://delivery.freshjuiceuk.com/s/qhfmb HTTP 302
    http://cibago.com/xr.php?e=kh%2Beo97vDR54NVe6LF82lX49fkI1NmpiYTk1YnhQbDR5eUlHcU10Yng2TnJZOGtWN... HTTP 307
    https://cibago.com/xr.php?e=kh%2Beo97vDR54NVe6LF82lX49fkI1NmpiYTk1YnhQbDR5eUlHcU10Yng2TnJZOGtWN... Page URL
  2. https://cibago.com/r.php?u=https%3A%2F%2Fthewinnertips.com%2Ftrill_casinodays_5t_ca%2F%3Futm_ca... HTTP 302
    https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecf... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->

Page Statistics

20
Requests

75 %
HTTPS

33 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

137 kB
Transfer

359 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://delivery.freshjuiceuk.com/s/qhfmb HTTP 302
    http://cibago.com/xr.php?e=kh%2Beo97vDR54NVe6LF82lX49fkI1NmpiYTk1YnhQbDR5eUlHcU10Yng2TnJZOGtWNEFJNjZNaUJuRElyc0NrMUtOb3VESzl6RSswdk1oMDNPZXZVb2ZxNGUvdlZWOVUwa2FmR1BQelNsTStUaEZxVVhKMVBSS3h5endTQmRkTS81U2xzK3RMVTFGZ3ZRNzA0TWZOak5KakJtNTRLOGdOak55OGYxUnRNcFVRTVZiQll2WDRVTHJPTFAyMVIvR3p6dTNxNXNqLzNCWHczaElnWDIzUE1FN3Y1aWdzMngyVFVGbkV4S3BuUzl6eHdadEIwc200cFNpYW9mMjJ4Ui8zOVBqOSsycWRDQXZtdzRZeDlvSWI1bUZ1eUxKampMU1E0eHBqNXB2cHYvb3FJUVpaRVlpZXI4UkxseEdlZU1OUGpHRjJtaVl4VGFna05zN1pZZjlSRzV2Vm9zOEtrOUVBejVWc3ZENGk2a2hob0t0QTd2dWs0N2dlaUx4TitaeEY1SzVXKzJtck9sV0grVzBEb0dsRmZKQUJEckRaMk1LZVk5VmRacVNrY2FtaVJkbDR0Y1dFbDBhSk5ZYitCMDF6b1RmMHlOSnE4dGZjZjNJSUlleGFBbEY3aHVHRlN4Nk9zUWNWUHdDUHlnNm51REpUNUVtVEZoYUxodkgybTlzc3o2bGxXYWJKTVFwamhIaTUxUmh5d2x6a21LcmdTbmVnb3hXazNwRWtuYmlJZUhCeFpVSndsZXJXazVGR0E2NjlPS3pqajhsVkJwbE5BeTdJNHAxenpVWFluNDRveVQvRFNWNWtFSWJiY0lXa0dwU05WbkNpOHArT2NRVWpRNWRJb0s5OFlGZTh4RUtNMDgwa0llM29PQUJ4Q1oxTFdhWThJYVZkUnZrZmczdjRVaGwzZW5RVDdXRFNNdnNIUGpmckYxcXRUWVl5Wk85b05YS1d1SE5VSFk5R0Vyd3kyY3R3SjdrYlR2RGYxYkhwR0JsblorVFkyNElGVjJUMENNVHB1d1NnTXpyV09raFJpMmdtcGdaMTdrT250YkU0UzZCZTkweFQ3bDVIb3NWaDFsZlhpSUZHVjR5eGNMRGdoTWwxbkRmczRqSXpJR3E3dnVlNjRwMXJTc1N5WWZVbVkwdlVBTFIrNmRNRXFVbjFKZDh3SHBSUWp3YzBzZ2R0WDNQdDJtQmdZM1I4TUtZT0VhOXA0bG9IbmpIUktmbCs5b1ZubE9ZZkJzcmszZz09 HTTP 307
    https://cibago.com/xr.php?e=kh%2Beo97vDR54NVe6LF82lX49fkI1NmpiYTk1YnhQbDR5eUlHcU10Yng2TnJZOGtWNEFJNjZNaUJuRElyc0NrMUtOb3VESzl6RSswdk1oMDNPZXZVb2ZxNGUvdlZWOVUwa2FmR1BQelNsTStUaEZxVVhKMVBSS3h5endTQmRkTS81U2xzK3RMVTFGZ3ZRNzA0TWZOak5KakJtNTRLOGdOak55OGYxUnRNcFVRTVZiQll2WDRVTHJPTFAyMVIvR3p6dTNxNXNqLzNCWHczaElnWDIzUE1FN3Y1aWdzMngyVFVGbkV4S3BuUzl6eHdadEIwc200cFNpYW9mMjJ4Ui8zOVBqOSsycWRDQXZtdzRZeDlvSWI1bUZ1eUxKampMU1E0eHBqNXB2cHYvb3FJUVpaRVlpZXI4UkxseEdlZU1OUGpHRjJtaVl4VGFna05zN1pZZjlSRzV2Vm9zOEtrOUVBejVWc3ZENGk2a2hob0t0QTd2dWs0N2dlaUx4TitaeEY1SzVXKzJtck9sV0grVzBEb0dsRmZKQUJEckRaMk1LZVk5VmRacVNrY2FtaVJkbDR0Y1dFbDBhSk5ZYitCMDF6b1RmMHlOSnE4dGZjZjNJSUlleGFBbEY3aHVHRlN4Nk9zUWNWUHdDUHlnNm51REpUNUVtVEZoYUxodkgybTlzc3o2bGxXYWJKTVFwamhIaTUxUmh5d2x6a21LcmdTbmVnb3hXazNwRWtuYmlJZUhCeFpVSndsZXJXazVGR0E2NjlPS3pqajhsVkJwbE5BeTdJNHAxenpVWFluNDRveVQvRFNWNWtFSWJiY0lXa0dwU05WbkNpOHArT2NRVWpRNWRJb0s5OFlGZTh4RUtNMDgwa0llM29PQUJ4Q1oxTFdhWThJYVZkUnZrZmczdjRVaGwzZW5RVDdXRFNNdnNIUGpmckYxcXRUWVl5Wk85b05YS1d1SE5VSFk5R0Vyd3kyY3R3SjdrYlR2RGYxYkhwR0JsblorVFkyNElGVjJUMENNVHB1d1NnTXpyV09raFJpMmdtcGdaMTdrT250YkU0UzZCZTkweFQ3bDVIb3NWaDFsZlhpSUZHVjR5eGNMRGdoTWwxbkRmczRqSXpJR3E3dnVlNjRwMXJTc1N5WWZVbVkwdlVBTFIrNmRNRXFVbjFKZDh3SHBSUWp3YzBzZ2R0WDNQdDJtQmdZM1I4TUtZT0VhOXA0bG9IbmpIUktmbCs5b1ZubE9ZZkJzcmszZz09 Page URL
  2. https://cibago.com/r.php?u=https%3A%2F%2Fthewinnertips.com%2Ftrill_casinodays_5t_ca%2F%3Futm_campaign%3D759338483%26sid%3D20241125080044139600daecfc251974&s=j&enc=9XaFOj2fhfO6Q3BIGn7gb349flNwaHV0M3pnekY0a3pFZ05ZejluNmRPbWh1WmJvYzlKYTRkckRWTTJuaWxtTnRyTWdzN3U0L1kwM20vY3FYT3FRdGQrTG1kbm1JU2NMbmJ0SnZGQzc3U0k3WWZrUjFJdE1Rckt3aFBnUEEwelNncnVyUGZxYkNuWVAzenkxOGFUQ3FGc3R1MDJtVnZLNWFIbWE0bVV1dlRaUG9zUlJ1VVJuWmFtRWt0cjl4QVBIckNUTWVCRkNONGtzbXVSTWhEdld6K0xSVWtZWnViWnZGeUNIMnRtdklWMWJzaldoWGIranFkYjVQZXpyaFJKUFV3R1dhdEJqZFFCQVRyQ0MwZlY2TGc5QVAvRXZad1VXd0MwdXRnaEZNUERrU2lPd0QzcHVjc3EvWTZqU1grTkp0bEJ3Si9qTmhpNWM4Sm9lc3B4VmhVL0kvREpraGlqeTVzL2tYWTI5SU5VeEhFdU1zTWdSQlpDSnlqSVJTQUtadUJkYzNlZTlyRkljc0xySitqOGpCbUtiTms0U1lhOG5mZS9PbGZkdml1emlURktuOVYyWURFVnl5RGUwWVNyZ01XZW9xNkljZTU3eEdOZXp1dHpWNmxWUjh4K1V1YWdUWVU3cG85Qmw1cWJSR1lKOWUreUNmSVFRU2t0R0lZbW5Eeml1SmNUM0tzLzBsZGRFZ3A0MVlGUzdsWGsySnJDZFZkeXh0bHVHeXhrUFhMR2g5Y0hlMUFhQ3FpbitwVStjUU1ZSW5SUjJKLzBUczY4MmxadmVsL01Pc3ZybHlLUW5kVDF2MVZabFcza0sxZW9tTVEvZXMwR1ArZDFrZXoxSDJrRmE2YVBTN08xS2R0TUczZFAwdEpVL3I5ZUY3V1FNSERVdlYrWFFRMGt6dTlEK3lHRUpMb0tkS21kTG5LdDdEVklXSnUwUXIyQVRuT0lmVGJQSzVQbSswM0ZIdnNrcE52eFdPb0Z6Y1ZWTWNYMkt2cWRORU4rQVRVTXh5TDgxQW8zd1ZsbTJrQndHMHV6RmVLK2NSdmtNS2dSTHNzK3dTSjNGd3FUUlBEdXl5S2FtSndJMmVmT0dvUGV6ZnkvbDllMEhaMDVaM0pJbjdXK3Rqc1VMaElnTnF0VXY4ZmFKV2hSdUYyalduaVlFSlYwbGRsaldyZFJoeit1U2RrWHQ2Vm54blc1dzAxaUsvYVpnYmpITlhQZXpySHZvdnUzMWZEeXFsandJbDFhbDFYN01TMnNpaWplTStYMnN2U0RLUEhySnZpam1lc2Jxc1hBWmYzYXBVWWF0cFVIOEdMc0RvcmVXc2dWRlM0L1Q5cFNPS0hVZ0tiYXVGMjlzckpzUlppWkdmQkgvRUQ5eHFrdi9uN0E%3D&vs=1600:1200&ds=1600:1200&sl=160:160&os=f&nos=f&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&fp=-1 HTTP 302
    https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://delivery.freshjuiceuk.com/s/qhfmb HTTP 302
  • http://cibago.com/xr.php?e=kh%2Beo97vDR54NVe6LF82lX49fkI1NmpiYTk1YnhQbDR5eUlHcU10Yng2TnJZOGtWNEFJNjZNaUJuRElyc0NrMUtOb3VESzl6RSswdk1oMDNPZXZVb2ZxNGUvdlZWOVUwa2FmR1BQelNsTStUaEZxVVhKMVBSS3h5endTQmRkTS81U2xzK3RMVTFGZ3ZRNzA0TWZOak5KakJtNTRLOGdOak55OGYxUnRNcFVRTVZiQll2WDRVTHJPTFAyMVIvR3p6dTNxNXNqLzNCWHczaElnWDIzUE1FN3Y1aWdzMngyVFVGbkV4S3BuUzl6eHdadEIwc200cFNpYW9mMjJ4Ui8zOVBqOSsycWRDQXZtdzRZeDlvSWI1bUZ1eUxKampMU1E0eHBqNXB2cHYvb3FJUVpaRVlpZXI4UkxseEdlZU1OUGpHRjJtaVl4VGFna05zN1pZZjlSRzV2Vm9zOEtrOUVBejVWc3ZENGk2a2hob0t0QTd2dWs0N2dlaUx4TitaeEY1SzVXKzJtck9sV0grVzBEb0dsRmZKQUJEckRaMk1LZVk5VmRacVNrY2FtaVJkbDR0Y1dFbDBhSk5ZYitCMDF6b1RmMHlOSnE4dGZjZjNJSUlleGFBbEY3aHVHRlN4Nk9zUWNWUHdDUHlnNm51REpUNUVtVEZoYUxodkgybTlzc3o2bGxXYWJKTVFwamhIaTUxUmh5d2x6a21LcmdTbmVnb3hXazNwRWtuYmlJZUhCeFpVSndsZXJXazVGR0E2NjlPS3pqajhsVkJwbE5BeTdJNHAxenpVWFluNDRveVQvRFNWNWtFSWJiY0lXa0dwU05WbkNpOHArT2NRVWpRNWRJb0s5OFlGZTh4RUtNMDgwa0llM29PQUJ4Q1oxTFdhWThJYVZkUnZrZmczdjRVaGwzZW5RVDdXRFNNdnNIUGpmckYxcXRUWVl5Wk85b05YS1d1SE5VSFk5R0Vyd3kyY3R3SjdrYlR2RGYxYkhwR0JsblorVFkyNElGVjJUMENNVHB1d1NnTXpyV09raFJpMmdtcGdaMTdrT250YkU0UzZCZTkweFQ3bDVIb3NWaDFsZlhpSUZHVjR5eGNMRGdoTWwxbkRmczRqSXpJR3E3dnVlNjRwMXJTc1N5WWZVbVkwdlVBTFIrNmRNRXFVbjFKZDh3SHBSUWp3YzBzZ2R0WDNQdDJtQmdZM1I4TUtZT0VhOXA0bG9IbmpIUktmbCs5b1ZubE9ZZkJzcmszZz09 HTTP 307
  • https://cibago.com/xr.php?e=kh%2Beo97vDR54NVe6LF82lX49fkI1NmpiYTk1YnhQbDR5eUlHcU10Yng2TnJZOGtWNEFJNjZNaUJuRElyc0NrMUtOb3VESzl6RSswdk1oMDNPZXZVb2ZxNGUvdlZWOVUwa2FmR1BQelNsTStUaEZxVVhKMVBSS3h5endTQmRkTS81U2xzK3RMVTFGZ3ZRNzA0TWZOak5KakJtNTRLOGdOak55OGYxUnRNcFVRTVZiQll2WDRVTHJPTFAyMVIvR3p6dTNxNXNqLzNCWHczaElnWDIzUE1FN3Y1aWdzMngyVFVGbkV4S3BuUzl6eHdadEIwc200cFNpYW9mMjJ4Ui8zOVBqOSsycWRDQXZtdzRZeDlvSWI1bUZ1eUxKampMU1E0eHBqNXB2cHYvb3FJUVpaRVlpZXI4UkxseEdlZU1OUGpHRjJtaVl4VGFna05zN1pZZjlSRzV2Vm9zOEtrOUVBejVWc3ZENGk2a2hob0t0QTd2dWs0N2dlaUx4TitaeEY1SzVXKzJtck9sV0grVzBEb0dsRmZKQUJEckRaMk1LZVk5VmRacVNrY2FtaVJkbDR0Y1dFbDBhSk5ZYitCMDF6b1RmMHlOSnE4dGZjZjNJSUlleGFBbEY3aHVHRlN4Nk9zUWNWUHdDUHlnNm51REpUNUVtVEZoYUxodkgybTlzc3o2bGxXYWJKTVFwamhIaTUxUmh5d2x6a21LcmdTbmVnb3hXazNwRWtuYmlJZUhCeFpVSndsZXJXazVGR0E2NjlPS3pqajhsVkJwbE5BeTdJNHAxenpVWFluNDRveVQvRFNWNWtFSWJiY0lXa0dwU05WbkNpOHArT2NRVWpRNWRJb0s5OFlGZTh4RUtNMDgwa0llM29PQUJ4Q1oxTFdhWThJYVZkUnZrZmczdjRVaGwzZW5RVDdXRFNNdnNIUGpmckYxcXRUWVl5Wk85b05YS1d1SE5VSFk5R0Vyd3kyY3R3SjdrYlR2RGYxYkhwR0JsblorVFkyNElGVjJUMENNVHB1d1NnTXpyV09raFJpMmdtcGdaMTdrT250YkU0UzZCZTkweFQ3bDVIb3NWaDFsZlhpSUZHVjR5eGNMRGdoTWwxbkRmczRqSXpJR3E3dnVlNjRwMXJTc1N5WWZVbVkwdlVBTFIrNmRNRXFVbjFKZDh3SHBSUWp3YzBzZ2R0WDNQdDJtQmdZM1I4TUtZT0VhOXA0bG9IbmpIUktmbCs5b1ZubE9ZZkJzcmszZz09

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
xr.php
cibago.com/
Redirect Chain
  • https://delivery.freshjuiceuk.com/s/qhfmb
  • http://cibago.com/xr.php?e=kh%2Beo97vDR54NVe6LF82lX49fkI1NmpiYTk1YnhQbDR5eUlHcU10Yng2TnJZOGtWNEFJNjZNaUJuRElyc0NrMUtOb3VESzl6RSswdk1oMDNPZXZVb2ZxNGUvdlZWOVUwa2FmR1BQelNsTStUaEZxVVhKMVBSS3h5endTQmRk...
  • https://cibago.com/xr.php?e=kh%2Beo97vDR54NVe6LF82lX49fkI1NmpiYTk1YnhQbDR5eUlHcU10Yng2TnJZOGtWNEFJNjZNaUJuRElyc0NrMUtOb3VESzl6RSswdk1oMDNPZXZVb2ZxNGUvdlZWOVUwa2FmR1BQelNsTStUaEZxVVhKMVBSS3h5endTQmR...
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cibago.com/xr.php?e=kh%2Beo97vDR54NVe6LF82lX49fkI1NmpiYTk1YnhQbDR5eUlHcU10Yng2TnJZOGtWNEFJNjZNaUJuRElyc0NrMUtOb3VESzl6RSswdk1oMDNPZXZVb2ZxNGUvdlZWOVUwa2FmR1BQelNsTStUaEZxVVhKMVBSS3h5endTQmRkTS81U2xzK3RMVTFGZ3ZRNzA0TWZOak5KakJtNTRLOGdOak55OGYxUnRNcFVRTVZiQll2WDRVTHJPTFAyMVIvR3p6dTNxNXNqLzNCWHczaElnWDIzUE1FN3Y1aWdzMngyVFVGbkV4S3BuUzl6eHdadEIwc200cFNpYW9mMjJ4Ui8zOVBqOSsycWRDQXZtdzRZeDlvSWI1bUZ1eUxKampMU1E0eHBqNXB2cHYvb3FJUVpaRVlpZXI4UkxseEdlZU1OUGpHRjJtaVl4VGFna05zN1pZZjlSRzV2Vm9zOEtrOUVBejVWc3ZENGk2a2hob0t0QTd2dWs0N2dlaUx4TitaeEY1SzVXKzJtck9sV0grVzBEb0dsRmZKQUJEckRaMk1LZVk5VmRacVNrY2FtaVJkbDR0Y1dFbDBhSk5ZYitCMDF6b1RmMHlOSnE4dGZjZjNJSUlleGFBbEY3aHVHRlN4Nk9zUWNWUHdDUHlnNm51REpUNUVtVEZoYUxodkgybTlzc3o2bGxXYWJKTVFwamhIaTUxUmh5d2x6a21LcmdTbmVnb3hXazNwRWtuYmlJZUhCeFpVSndsZXJXazVGR0E2NjlPS3pqajhsVkJwbE5BeTdJNHAxenpVWFluNDRveVQvRFNWNWtFSWJiY0lXa0dwU05WbkNpOHArT2NRVWpRNWRJb0s5OFlGZTh4RUtNMDgwa0llM29PQUJ4Q1oxTFdhWThJYVZkUnZrZmczdjRVaGwzZW5RVDdXRFNNdnNIUGpmckYxcXRUWVl5Wk85b05YS1d1SE5VSFk5R0Vyd3kyY3R3SjdrYlR2RGYxYkhwR0JsblorVFkyNElGVjJUMENNVHB1d1NnTXpyV09raFJpMmdtcGdaMTdrT250YkU0UzZCZTkweFQ3bDVIb3NWaDFsZlhpSUZHVjR5eGNMRGdoTWwxbkRmczRqSXpJR3E3dnVlNjRwMXJTc1N5WWZVbVkwdlVBTFIrNmRNRXFVbjFKZDh3SHBSUWp3YzBzZ2R0WDNQdDJtQmdZM1I4TUtZT0VhOXA0bG9IbmpIUktmbCs5b1ZubE9ZZkJzcmszZz09
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash
51b78c17f71940eb5d53d1d3e0e9ac17d61b9128a7d7b7c3d857734ba2d1cfdd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

connection
close
content-encoding
gzip
content-length
2440
content-type
text/html; charset=UTF-8
date
Sun, 24 Nov 2024 21:00:46 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Location
https://cibago.com/xr.php?e=kh%2Beo97vDR54NVe6LF82lX49fkI1NmpiYTk1YnhQbDR5eUlHcU10Yng2TnJZOGtWNEFJNjZNaUJuRElyc0NrMUtOb3VESzl6RSswdk1oMDNPZXZVb2ZxNGUvdlZWOVUwa2FmR1BQelNsTStUaEZxVVhKMVBSS3h5endTQmRkTS81U2xzK3RMVTFGZ3ZRNzA0TWZOak5KakJtNTRLOGdOak55OGYxUnRNcFVRTVZiQll2WDRVTHJPTFAyMVIvR3p6dTNxNXNqLzNCWHczaElnWDIzUE1FN3Y1aWdzMngyVFVGbkV4S3BuUzl6eHdadEIwc200cFNpYW9mMjJ4Ui8zOVBqOSsycWRDQXZtdzRZeDlvSWI1bUZ1eUxKampMU1E0eHBqNXB2cHYvb3FJUVpaRVlpZXI4UkxseEdlZU1OUGpHRjJtaVl4VGFna05zN1pZZjlSRzV2Vm9zOEtrOUVBejVWc3ZENGk2a2hob0t0QTd2dWs0N2dlaUx4TitaeEY1SzVXKzJtck9sV0grVzBEb0dsRmZKQUJEckRaMk1LZVk5VmRacVNrY2FtaVJkbDR0Y1dFbDBhSk5ZYitCMDF6b1RmMHlOSnE4dGZjZjNJSUlleGFBbEY3aHVHRlN4Nk9zUWNWUHdDUHlnNm51REpUNUVtVEZoYUxodkgybTlzc3o2bGxXYWJKTVFwamhIaTUxUmh5d2x6a21LcmdTbmVnb3hXazNwRWtuYmlJZUhCeFpVSndsZXJXazVGR0E2NjlPS3pqajhsVkJwbE5BeTdJNHAxenpVWFluNDRveVQvRFNWNWtFSWJiY0lXa0dwU05WbkNpOHArT2NRVWpRNWRJb0s5OFlGZTh4RUtNMDgwa0llM29PQUJ4Q1oxTFdhWThJYVZkUnZrZmczdjRVaGwzZW5RVDdXRFNNdnNIUGpmckYxcXRUWVl5Wk85b05YS1d1SE5VSFk5R0Vyd3kyY3R3SjdrYlR2RGYxYkhwR0JsblorVFkyNElGVjJUMENNVHB1d1NnTXpyV09raFJpMmdtcGdaMTdrT250YkU0UzZCZTkweFQ3bDVIb3NWaDFsZlhpSUZHVjR5eGNMRGdoTWwxbkRmczRqSXpJR3E3dnVlNjRwMXJTc1N5WWZVbVkwdlVBTFIrNmRNRXFVbjFKZDh3SHBSUWp3YzBzZ2R0WDNQdDJtQmdZM1I4TUtZT0VhOXA0bG9IbmpIUktmbCs5b1ZubE9ZZkJzcmszZz09
Non-Authoritative-Reason
HttpsUpgrades
jscheck.php
cibago.com/ 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cibago.com/jscheck.php?enc=9XaFOj2fhfO6Q3BIGn7gb349flNwaHV0M3pnekY0a3pFZ05ZejluNmRPbWh1WmJvYzlKYTRkckRWTTJuaWxtTnRyTWdzN3U0L1kwM20vY3FYT3FRdGQrTG1kbm1JU2NMbmJ0SnZGQzc3U0k3WWZrUjFJdE1Rckt3aFBnUEEwelNncnVyUGZxYkNuWVAzenkxOGFUQ3FGc3R1MDJtVnZLNWFIbWE0bVV1dlRaUG9zUlJ1VVJuWmFtRWt0cjl4QVBIckNUTWVCRkNONGtzbXVSTWhEdld6K0xSVWtZWnViWnZGeUNIMnRtdklWMWJzaldoWGIranFkYjVQZXpyaFJKUFV3R1dhdEJqZFFCQVRyQ0MwZlY2TGc5QVAvRXZad1VXd0MwdXRnaEZNUERrU2lPd0QzcHVjc3EvWTZqU1grTkp0bEJ3Si9qTmhpNWM4Sm9lc3B4VmhVL0kvREpraGlqeTVzL2tYWTI5SU5VeEhFdU1zTWdSQlpDSnlqSVJTQUtadUJkYzNlZTlyRkljc0xySitqOGpCbUtiTms0U1lhOG5mZS9PbGZkdml1emlURktuOVYyWURFVnl5RGUwWVNyZ01XZW9xNkljZTU3eEdOZXp1dHpWNmxWUjh4K1V1YWdUWVU3cG85Qmw1cWJSR1lKOWUreUNmSVFRU2t0R0lZbW5Eeml1SmNUM0tzLzBsZGRFZ3A0MVlGUzdsWGsySnJDZFZkeXh0bHVHeXhrUFhMR2g5Y0hlMUFhQ3FpbitwVStjUU1ZSW5SUjJKLzBUczY4MmxadmVsL01Pc3ZybHlLUW5kVDF2MVZabFcza0sxZW9tTVEvZXMwR1ArZDFrZXoxSDJrRmE2YVBTN08xS2R0TUczZFAwdEpVL3I5ZUY3V1FNSERVdlYrWFFRMGt6dTlEK3lHRUpMb0tkS21kTG5LdDdEVklXSnUwUXIyQVRuT0lmVGJQSzVQbSswM0ZIdnNrcE52eFdPb0Z6Y1ZWTWNYMkt2cWRORU4rQVRVTXh5TDgxQW8zd1ZsbTJrQndHMHV6RmVLK2NSdmtNS2dSTHNzK3dTSjNGd3FUUlBEdXl5S2FtSndJMmVmT0dvUGV6ZnkvbDllMEhaMDVaM0pJbjdXK3Rqc1VMaElnTnF0VXY4ZmFKV2hSdUYyalduaVlFSlYwbGRsaldyZFJoeit1U2RrWHQ2Vm54blc1dzAxaUsvYVpnYmpITlhQZXpySHZvdnUzMWZEeXFsandJbDFhbDFYN01TMnNpaWplTStYMnN2U0RLUEhySnZpam1lc2Jxc1hBWmYzYXBVWWF0cFVIOEdMc0RvcmVXc2dWRlM0L1Q5cFNPS0hVZ0tiYXVGMjlzckpzUlppWkdmQkgvRUQ5eHFrdi9uN0E%3D&rand=0.8728337052004993&vs=1600:1200&ds=1600:1200&sl=160:160&os=f&nos=f&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&fp=-1
Requested by
Host: cibago.com
URL: https://cibago.com/xr.php?e=kh%2Beo97vDR54NVe6LF82lX49fkI1NmpiYTk1YnhQbDR5eUlHcU10Yng2TnJZOGtWNEFJNjZNaUJuRElyc0NrMUtOb3VESzl6RSswdk1oMDNPZXZVb2ZxNGUvdlZWOVUwa2FmR1BQelNsTStUaEZxVVhKMVBSS3h5endTQmRkTS81U2xzK3RMVTFGZ3ZRNzA0TWZOak5KakJtNTRLOGdOak55OGYxUnRNcFVRTVZiQll2WDRVTHJPTFAyMVIvR3p6dTNxNXNqLzNCWHczaElnWDIzUE1FN3Y1aWdzMngyVFVGbkV4S3BuUzl6eHdadEIwc200cFNpYW9mMjJ4Ui8zOVBqOSsycWRDQXZtdzRZeDlvSWI1bUZ1eUxKampMU1E0eHBqNXB2cHYvb3FJUVpaRVlpZXI4UkxseEdlZU1OUGpHRjJtaVl4VGFna05zN1pZZjlSRzV2Vm9zOEtrOUVBejVWc3ZENGk2a2hob0t0QTd2dWs0N2dlaUx4TitaeEY1SzVXKzJtck9sV0grVzBEb0dsRmZKQUJEckRaMk1LZVk5VmRacVNrY2FtaVJkbDR0Y1dFbDBhSk5ZYitCMDF6b1RmMHlOSnE4dGZjZjNJSUlleGFBbEY3aHVHRlN4Nk9zUWNWUHdDUHlnNm51REpUNUVtVEZoYUxodkgybTlzc3o2bGxXYWJKTVFwamhIaTUxUmh5d2x6a21LcmdTbmVnb3hXazNwRWtuYmlJZUhCeFpVSndsZXJXazVGR0E2NjlPS3pqajhsVkJwbE5BeTdJNHAxenpVWFluNDRveVQvRFNWNWtFSWJiY0lXa0dwU05WbkNpOHArT2NRVWpRNWRJb0s5OFlGZTh4RUtNMDgwa0llM29PQUJ4Q1oxTFdhWThJYVZkUnZrZmczdjRVaGwzZW5RVDdXRFNNdnNIUGpmckYxcXRUWVl5Wk85b05YS1d1SE5VSFk5R0Vyd3kyY3R3SjdrYlR2RGYxYkhwR0JsblorVFkyNElGVjJUMENNVHB1d1NnTXpyV09raFJpMmdtcGdaMTdrT250YkU0UzZCZTkweFQ3bDVIb3NWaDFsZlhpSUZHVjR5eGNMRGdoTWwxbkRmczRqSXpJR3E3dnVlNjRwMXJTc1N5WWZVbVkwdlVBTFIrNmRNRXFVbjFKZDh3SHBSUWp3YzBzZ2R0WDNQdDJtQmdZM1I4TUtZT0VhOXA0bG9IbmpIUktmbCs5b1ZubE9ZZkJzcmszZz09
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cibago.com/xr.php?e=kh%2Beo97vDR54NVe6LF82lX49fkI1NmpiYTk1YnhQbDR5eUlHcU10Yng2TnJZOGtWNEFJNjZNaUJuRElyc0NrMUtOb3VESzl6RSswdk1oMDNPZXZVb2ZxNGUvdlZWOVUwa2FmR1BQelNsTStUaEZxVVhKMVBSS3h5endTQmRkTS81U2xzK3RMVTFGZ3ZRNzA0TWZOak5KakJtNTRLOGdOak55OGYxUnRNcFVRTVZiQll2WDRVTHJPTFAyMVIvR3p6dTNxNXNqLzNCWHczaElnWDIzUE1FN3Y1aWdzMngyVFVGbkV4S3BuUzl6eHdadEIwc200cFNpYW9mMjJ4Ui8zOVBqOSsycWRDQXZtdzRZeDlvSWI1bUZ1eUxKampMU1E0eHBqNXB2cHYvb3FJUVpaRVlpZXI4UkxseEdlZU1OUGpHRjJtaVl4VGFna05zN1pZZjlSRzV2Vm9zOEtrOUVBejVWc3ZENGk2a2hob0t0QTd2dWs0N2dlaUx4TitaeEY1SzVXKzJtck9sV0grVzBEb0dsRmZKQUJEckRaMk1LZVk5VmRacVNrY2FtaVJkbDR0Y1dFbDBhSk5ZYitCMDF6b1RmMHlOSnE4dGZjZjNJSUlleGFBbEY3aHVHRlN4Nk9zUWNWUHdDUHlnNm51REpUNUVtVEZoYUxodkgybTlzc3o2bGxXYWJKTVFwamhIaTUxUmh5d2x6a21LcmdTbmVnb3hXazNwRWtuYmlJZUhCeFpVSndsZXJXazVGR0E2NjlPS3pqajhsVkJwbE5BeTdJNHAxenpVWFluNDRveVQvRFNWNWtFSWJiY0lXa0dwU05WbkNpOHArT2NRVWpRNWRJb0s5OFlGZTh4RUtNMDgwa0llM29PQUJ4Q1oxTFdhWThJYVZkUnZrZmczdjRVaGwzZW5RVDdXRFNNdnNIUGpmckYxcXRUWVl5Wk85b05YS1d1SE5VSFk5R0Vyd3kyY3R3SjdrYlR2RGYxYkhwR0JsblorVFkyNElGVjJUMENNVHB1d1NnTXpyV09raFJpMmdtcGdaMTdrT250YkU0UzZCZTkweFQ3bDVIb3NWaDFsZlhpSUZHVjR5eGNMRGdoTWwxbkRmczRqSXpJR3E3dnVlNjRwMXJTc1N5WWZVbVkwdlVBTFIrNmRNRXFVbjFKZDh3SHBSUWp3YzBzZ2R0WDNQdDJtQmdZM1I4TUtZT0VhOXA0bG9IbmpIUktmbCs5b1ZubE9ZZkJzcmszZz09

Response headers

content-length
0
date
Sun, 24 Nov 2024 21:00:48 GMT
content-type
text/html; charset=UTF-8
server
Apache
connection
close
favicon.ico
cibago.com/ 		94 B
170 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cibago.com/favicon.ico
Protocol
HTTP/1.0
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cibago.com/xr.php?e=kh%2Beo97vDR54NVe6LF82lX49fkI1NmpiYTk1YnhQbDR5eUlHcU10Yng2TnJZOGtWNEFJNjZNaUJuRElyc0NrMUtOb3VESzl6RSswdk1oMDNPZXZVb2ZxNGUvdlZWOVUwa2FmR1BQelNsTStUaEZxVVhKMVBSS3h5endTQmRkTS81U2xzK3RMVTFGZ3ZRNzA0TWZOak5KakJtNTRLOGdOak55OGYxUnRNcFVRTVZiQll2WDRVTHJPTFAyMVIvR3p6dTNxNXNqLzNCWHczaElnWDIzUE1FN3Y1aWdzMngyVFVGbkV4S3BuUzl6eHdadEIwc200cFNpYW9mMjJ4Ui8zOVBqOSsycWRDQXZtdzRZeDlvSWI1bUZ1eUxKampMU1E0eHBqNXB2cHYvb3FJUVpaRVlpZXI4UkxseEdlZU1OUGpHRjJtaVl4VGFna05zN1pZZjlSRzV2Vm9zOEtrOUVBejVWc3ZENGk2a2hob0t0QTd2dWs0N2dlaUx4TitaeEY1SzVXKzJtck9sV0grVzBEb0dsRmZKQUJEckRaMk1LZVk5VmRacVNrY2FtaVJkbDR0Y1dFbDBhSk5ZYitCMDF6b1RmMHlOSnE4dGZjZjNJSUlleGFBbEY3aHVHRlN4Nk9zUWNWUHdDUHlnNm51REpUNUVtVEZoYUxodkgybTlzc3o2bGxXYWJKTVFwamhIaTUxUmh5d2x6a21LcmdTbmVnb3hXazNwRWtuYmlJZUhCeFpVSndsZXJXazVGR0E2NjlPS3pqajhsVkJwbE5BeTdJNHAxenpVWFluNDRveVQvRFNWNWtFSWJiY0lXa0dwU05WbkNpOHArT2NRVWpRNWRJb0s5OFlGZTh4RUtNMDgwa0llM29PQUJ4Q1oxTFdhWThJYVZkUnZrZmczdjRVaGwzZW5RVDdXRFNNdnNIUGpmckYxcXRUWVl5Wk85b05YS1d1SE5VSFk5R0Vyd3kyY3R3SjdrYlR2RGYxYkhwR0JsblorVFkyNElGVjJUMENNVHB1d1NnTXpyV09raFJpMmdtcGdaMTdrT250YkU0UzZCZTkweFQ3bDVIb3NWaDFsZlhpSUZHVjR5eGNMRGdoTWwxbkRmczRqSXpJR3E3dnVlNjRwMXJTc1N5WWZVbVkwdlVBTFIrNmRNRXFVbjFKZDh3SHBSUWp3YzBzZ2R0WDNQdDJtQmdZM1I4TUtZT0VhOXA0bG9IbmpIUktmbCs5b1ZubE9ZZkJzcmszZz09

Response headers

content-type
text/html
cache-control
no-cache
Primary Request /
thewinnertips.com/trill_casinodays_5t_ca/
Redirect Chain
  • https://cibago.com/r.php?u=https%3A%2F%2Fthewinnertips.com%2Ftrill_casinodays_5t_ca%2F%3Futm_campaign%3D759338483%26sid%3D20241125080044139600daecfc251974&s=j&enc=9XaFOj2fhfO6Q3BIGn7gb349flNwaHV0M3...
  • https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974
27 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974
Requested by
Host: cibago.com
URL: https://cibago.com/xr.php?e=kh%2Beo97vDR54NVe6LF82lX49fkI1NmpiYTk1YnhQbDR5eUlHcU10Yng2TnJZOGtWNEFJNjZNaUJuRElyc0NrMUtOb3VESzl6RSswdk1oMDNPZXZVb2ZxNGUvdlZWOVUwa2FmR1BQelNsTStUaEZxVVhKMVBSS3h5endTQmRkTS81U2xzK3RMVTFGZ3ZRNzA0TWZOak5KakJtNTRLOGdOak55OGYxUnRNcFVRTVZiQll2WDRVTHJPTFAyMVIvR3p6dTNxNXNqLzNCWHczaElnWDIzUE1FN3Y1aWdzMngyVFVGbkV4S3BuUzl6eHdadEIwc200cFNpYW9mMjJ4Ui8zOVBqOSsycWRDQXZtdzRZeDlvSWI1bUZ1eUxKampMU1E0eHBqNXB2cHYvb3FJUVpaRVlpZXI4UkxseEdlZU1OUGpHRjJtaVl4VGFna05zN1pZZjlSRzV2Vm9zOEtrOUVBejVWc3ZENGk2a2hob0t0QTd2dWs0N2dlaUx4TitaeEY1SzVXKzJtck9sV0grVzBEb0dsRmZKQUJEckRaMk1LZVk5VmRacVNrY2FtaVJkbDR0Y1dFbDBhSk5ZYitCMDF6b1RmMHlOSnE4dGZjZjNJSUlleGFBbEY3aHVHRlN4Nk9zUWNWUHdDUHlnNm51REpUNUVtVEZoYUxodkgybTlzc3o2bGxXYWJKTVFwamhIaTUxUmh5d2x6a21LcmdTbmVnb3hXazNwRWtuYmlJZUhCeFpVSndsZXJXazVGR0E2NjlPS3pqajhsVkJwbE5BeTdJNHAxenpVWFluNDRveVQvRFNWNWtFSWJiY0lXa0dwU05WbkNpOHArT2NRVWpRNWRJb0s5OFlGZTh4RUtNMDgwa0llM29PQUJ4Q1oxTFdhWThJYVZkUnZrZmczdjRVaGwzZW5RVDdXRFNNdnNIUGpmckYxcXRUWVl5Wk85b05YS1d1SE5VSFk5R0Vyd3kyY3R3SjdrYlR2RGYxYkhwR0JsblorVFkyNElGVjJUMENNVHB1d1NnTXpyV09raFJpMmdtcGdaMTdrT250YkU0UzZCZTkweFQ3bDVIb3NWaDFsZlhpSUZHVjR5eGNMRGdoTWwxbkRmczRqSXpJR3E3dnVlNjRwMXJTc1N5WWZVbVkwdlVBTFIrNmRNRXFVbjFKZDh3SHBSUWp3YzBzZ2R0WDNQdDJtQmdZM1I4TUtZT0VhOXA0bG9IbmpIUktmbCs5b1ZubE9ZZkJzcmszZz09
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13496db1aaf94a2866a964e2d8e3e1c1352838de3c93e063425c5096403fb014

Request headers

Referer
https://cibago.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e7c54a91c7fc3f8-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sun, 24 Nov 2024 21:00:50 GMT
link
<https://thewinnertips.com/wp-json/>; rel="https://api.w.org/", <https://thewinnertips.com/wp-json/wp/v2/pages/539>; rel="alternate"; title="JSON"; type="application/json", <https://thewinnertips.com/?p=539>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cZc%2B7vdFtHEhuKMAbyMmoDR8D5BeynQW1OFxPm4fFS%2B1znZgfyod4Dh2wIieVHtcI2OP4ZAqOov3ZsCfc9clssIl0qFDhcEWeUiVVULbeYMC3kUZ5X1vHfgDInLP4F6M3SoDBYU52uzY%2F2oNDpIzEA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=168246&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4218&recv_bytes=4540&delivery_rate=189&cwnd=12000&unsent_bytes=0&cid=c605ef1b4967a453&ts=1197&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding Accept-Encoding
x-cache
MISS

Redirect headers

connection
close
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 24 Nov 2024 21:00:48 GMT
location
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974
server
Apache
all.min.css
thewinnertips.com/wp-content/themes/WinnersTips2/assets/fa/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thewinnertips.com/wp-content/themes/WinnersTips2/assets/fa/css/all.min.css
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"63089813-e7a9"
age
1157719
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SVyFBbA72EoZlgeckUd1lLOcU3zxdwDfyP83BW8XfR6%2FTVcQapDlS1NGVMn0hzu3Ql8r8bjB%2FckNA1YWQ79v%2FUGOaj2vz8HmKAkEt3%2FhCg7BfTb5w7EDxqYNRF2tNPov7jmvkIa3Fe0uU8vf1DHqDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=184892&sent=25&recv=21&lost=0&retrans=0&sent_bytes=12635&recv_bytes=6806&delivery_rate=57495&cwnd=12000&unsent_bytes=0&cid=c605ef1b4967a453&ts=1539&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 24 Nov 2024 21:00:50 GMT
content-type
text/css
last-modified
Fri, 26 Aug 2022 09:53:23 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e7c54b0bdfdc3f8-EWR
server
cloudflare
main.bundle.css
thewinnertips.com/wp-content/themes/WinnersTips2/dist/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thewinnertips.com/wp-content/themes/WinnersTips2/dist/main.bundle.css?ver=1663664398
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1553287e594bf32732724a2364a23c60770f30a8250d24303a6630df32e8b3c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6329810e-5462"
age
4086737
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KwJrrfcSInxx%2FUwtbiFOyG%2BzWhFtIqI58d3JGnM9bzOBIjWJUIuROHGZFrtwDqdoLK1Dl%2Bp3TdgfwAVyyVufEnSdETIzff%2BZkhjf%2FVzN9iFSUmJ6VeNGL%2F7YV0HCTZ63Y0lxosvjp%2Bk8YvdfSm%2F5ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=184892&sent=35&recv=21&lost=0&retrans=0&sent_bytes=24635&recv_bytes=6806&delivery_rate=57495&cwnd=12000&unsent_bytes=0&cid=c605ef1b4967a453&ts=1540&x=1", cfExtPri, cfHdrFlush;dur=123
date
Sun, 24 Nov 2024 21:00:50 GMT
content-type
text/css
last-modified
Tue, 20 Sep 2022 08:59:58 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e7c54b0ce18c3f8-EWR
server
cloudflare
front.min.css
thewinnertips.com/wp-content/plugins/cookie-notice/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thewinnertips.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.7.1
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"630774f2-14d6"
age
251642
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BKgqq1G2K3HIw7%2FVMgqek61DVZX%2FGUrC1zI2Q0ZAMoQaJtokQqB0b6pAGkOuhDpuUKbRm%2FCnP%2FIAasH66fxp3YvQdFKhDCAzAIy2SDQzRMrM7JuUOoO%2BSQ2yj6Pda%2FeWDqDXj2d%2Bo1078UvYZ7DKEg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=184892&sent=35&recv=21&lost=0&retrans=0&sent_bytes=24635&recv_bytes=6806&delivery_rate=57495&cwnd=12000&unsent_bytes=0&cid=c605ef1b4967a453&ts=1545&x=1", cfExtPri, cfHdrFlush;dur=119
date
Sun, 24 Nov 2024 21:00:50 GMT
content-type
text/css
last-modified
Thu, 25 Aug 2022 13:11:14 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e7c54b0ce1ac3f8-EWR
server
cloudflare
front.min.js
thewinnertips.com/wp-content/plugins/cookie-notice/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thewinnertips.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.0
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af735813266cdf52a38a6e1583a86066db357469ceded2d7ea8335b298d73d65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"630774f2-222e"
age
320231
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QTBs%2B1u2USR7NcRCeNMLvgK%2B8OcvpJt%2B4v%2BnPC9cggH5x0L5vlBC6PA7IOuUogkE6u2uQaJPfjkA4mcPqNZIxHvpbTVUk7xcHLJPd29a6pmnhGawovuShusutdgR42zVI3Z3An9gq9Sr8xfy2%2BMNdA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=121702&sent=61&recv=40&lost=0&retrans=0&sent_bytes=46933&recv_bytes=9810&delivery_rate=94711&cwnd=16800&unsent_bytes=0&cid=c605ef1b4967a453&ts=1808&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 24 Nov 2024 21:00:50 GMT
content-type
application/javascript
last-modified
Thu, 25 Aug 2022 13:11:14 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e7c54b27ff0c3f8-EWR
server
cloudflare
Group-3230.png
thewinnertips.com/wp-content/uploads/2022/08/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thewinnertips.com/wp-content/uploads/2022/08/Group-3230.png
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
466e5fee3a89203aa23b3feaebfbe34da6160d09b444763e9b40fed3d9bc755b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974

Response headers

cf-cache-status
HIT
etag
"63077a6a-194f"
age
1157719
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=avK481cdHyc0tenRlP2uL8b0ebSNw0icwnFoOEvY4weRucdyMoUo66cA5wThd3pLOtXnhmXEyaXsEaBz8aMB7abphrzps%2BPu4KKYipsUX7M8z5MQsMabwVbyCdjhJOfmEeo2ZXoPWMdc7RAFoLDO1g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=184892&sent=35&recv=21&lost=0&retrans=0&sent_bytes=24635&recv_bytes=6806&delivery_rate=57495&cwnd=12000&unsent_bytes=0&cid=c605ef1b4967a453&ts=1560&x=1", cfExtPri, cfHdrFlush;dur=104
date
Sun, 24 Nov 2024 21:00:50 GMT
content-type
image/png
last-modified
Thu, 25 Aug 2022 13:34:34 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e7c54b0ce1cc3f8-EWR
accept-ranges
bytes
content-length
6479
server
cloudflare
topgame-01.png
thewinnertips.com/wp-content/uploads/2022/08/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thewinnertips.com/wp-content/uploads/2022/08/topgame-01.png
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f41f1f66c491d58e9c86c76883f768838016bdac0d6e75fde8078f74ace198a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974

Response headers

cf-cache-status
HIT
etag
"63077caf-479"
age
1157719
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tDXsG6%2BVKIOm7nDA62S%2F6DkYP6JoWA4%2BcTHZBy%2BSm9A0wsrIYv7DRZmSsCC1QEiB1FmdSqVE9Px%2FLeCejA29Dhg7%2FTnrN7JuYFQ2xZExTMiWDSCas2JV5HLlo5Tbmu0I2KXeSWojETg4OjQVn5tQ0w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=184892&sent=35&recv=21&lost=0&retrans=0&sent_bytes=24635&recv_bytes=6806&delivery_rate=57495&cwnd=12000&unsent_bytes=0&cid=c605ef1b4967a453&ts=1544&x=1", cfExtPri, cfHdrFlush;dur=120
date
Sun, 24 Nov 2024 21:00:50 GMT
content-type
image/png
last-modified
Thu, 25 Aug 2022 13:44:15 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e7c54b0ce1fc3f8-EWR
accept-ranges
bytes
content-length
1145
server
cloudflare
twitter.png
thewinnertips.com/wp-content/themes/WinnersTips2/assets/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thewinnertips.com/wp-content/themes/WinnersTips2/assets/img/twitter.png
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81507b4cda28450b2a9c638fbb2bed8fde9b0de69891399ab94467efd77a4557

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974

Response headers

cf-cache-status
HIT
etag
"63078f8c-dba"
age
4086736
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=brrVVAUTOv2xX2OQUAb4F7NPCGO46bU8PMOzSrvDG3TdqhkwWYSXl7vQcGJNYoPabOyS6dV1szg9YyKQNFMgBRYcEut%2FZ%2BlBT3DRkoToWLl6mW2FztP3nAhR0EX8ZRUFoN2vGzb%2FcuX0drqMg7JahQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=121702&sent=57&recv=40&lost=0&retrans=0&sent_bytes=42659&recv_bytes=9810&delivery_rate=94711&cwnd=16800&unsent_bytes=0&cid=c605ef1b4967a453&ts=1807&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 24 Nov 2024 21:00:50 GMT
content-type
image/png
last-modified
Thu, 25 Aug 2022 15:04:44 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e7c54b26fdcc3f8-EWR
accept-ranges
bytes
content-length
3514
server
cloudflare
facebook.png
thewinnertips.com/wp-content/themes/WinnersTips2/assets/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thewinnertips.com/wp-content/themes/WinnersTips2/assets/img/facebook.png
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87bb462c06cc85dba44601dbbcd84f3d769d9bf84580777849b39597ea8be7cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974

Response headers

cf-cache-status
HIT
etag
"63078f88-422"
age
1157719
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8KyPX753MwPu02xVV36jlnRnzsxPoGsBUBbCiXIGHlFVvz5GY3aPYi0fJ7aLtrQgLH96KbDLNkq2PkssupZJtvy1SCfHNP474wiHOnaSji0mcTgZn%2B%2FQ%2BhPd%2BKx3Shwbi9DFYrx3rmk%2FwBDx8o%2B0%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=121702&sent=64&recv=40&lost=0&retrans=0&sent_bytes=49795&recv_bytes=9810&delivery_rate=94711&cwnd=16800&unsent_bytes=0&cid=c605ef1b4967a453&ts=1809&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 24 Nov 2024 21:00:50 GMT
content-type
image/png
last-modified
Thu, 25 Aug 2022 15:04:40 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e7c54b27fe5c3f8-EWR
accept-ranges
bytes
content-length
1058
server
cloudflare
facebook.png
thewinnertips.com/wp-content/uploads/2022/08/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thewinnertips.com/wp-content/uploads/2022/08/facebook.png
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87bb462c06cc85dba44601dbbcd84f3d769d9bf84580777849b39597ea8be7cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974

Response headers

cf-cache-status
HIT
etag
"63079e93-422"
age
1157719
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lx9r9jyYR2nqfPYe2OxaRcAoV3gWEP%2FM9JUDXbIOe2ecrgSG0DEMIVYOovDU5ktjfWd9EvyAzLdjIc3doTagSdtIXZu6MsC7MMOQExsDL%2FsNTexyZVawtEVem97v1TvBSr%2FA1GnwY8yyaHd71EEkdw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=121702&sent=70&recv=40&lost=0&retrans=0&sent_bytes=55883&recv_bytes=9810&delivery_rate=94711&cwnd=16800&unsent_bytes=0&cid=c605ef1b4967a453&ts=1812&x=1", cfExtPri, cfHdrFlush;dur=33
date
Sun, 24 Nov 2024 21:00:50 GMT
content-type
image/png
last-modified
Thu, 25 Aug 2022 16:08:51 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e7c54b27ff3c3f8-EWR
accept-ranges
bytes
content-length
1058
server
cloudflare
twitter.png
thewinnertips.com/wp-content/uploads/2022/08/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thewinnertips.com/wp-content/uploads/2022/08/twitter.png
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1f8026421e9a62a53734161746e439080236703a6fe2705e2140cfe14888751

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974

Response headers

cf-cache-status
HIT
etag
"63079e94-cb8"
age
1157719
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FWgPavoe15AAnze34jstX05wPbUT3o4zSMtXWtTJrQGFLk2NywOtX4JGzAkRRO9Tv031EN0H%2BonJ7%2F6EsyDqhNerQUE4pJWGsnFWJYYK4seJp8itUwmqhmU%2Bno%2FNFZ4XBjQcZkDOxEpsloT03ghI%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=121702&sent=70&recv=40&lost=0&retrans=0&sent_bytes=55883&recv_bytes=9810&delivery_rate=94711&cwnd=16800&unsent_bytes=0&cid=c605ef1b4967a453&ts=1817&x=1", cfExtPri, cfHdrFlush;dur=28
date
Sun, 24 Nov 2024 21:00:50 GMT
content-type
image/png
last-modified
Thu, 25 Aug 2022 16:08:52 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e7c54b27ff6c3f8-EWR
accept-ranges
bytes
content-length
3256
server
cloudflare
main.bundle.js
thewinnertips.com/wp-content/themes/WinnersTips2/dist/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thewinnertips.com/wp-content/themes/WinnersTips2/dist/main.bundle.js?ver=1683814445
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6e55de23b6cf9fe95b7c2c086fe24fb56256f03860844a8e7f7bbfd507b8645

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"645cf82d-3fe0"
age
1157719
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q5ImKmViKoKo9y1bjFRWQycJ6XcewJaY7FgYbxj8RW%2Flv9DP%2FFVoqpY9chkuxBEQ7MuLgYivXWSXC9aj8ubW8SYQxE2rHC9yEEqwRe1IBBHFByvimlUc46eL5WxDwk7lEG%2F68XM3%2BgusENGF%2B1azRg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=121702&sent=66&recv=40&lost=0&retrans=0&sent_bytes=51568&recv_bytes=9810&delivery_rate=94711&cwnd=16800&unsent_bytes=0&cid=c605ef1b4967a453&ts=1810&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 24 Nov 2024 21:00:50 GMT
content-type
application/javascript
last-modified
Thu, 11 May 2023 14:14:05 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e7c54b27febc3f8-EWR
server
cloudflare
gtm.js
www.googletagmanager.com/ 		0
0
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5dbe802e02c90654f902e69208eb5c1ce9b12a56850ed17f752f3ca68b1378cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
574x_545_-_Welcome_Banner_2-min-1.jpg
thewinnertips.com/wp-content/uploads/2023/04/ 		95 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thewinnertips.com/wp-content/uploads/2023/04/574x_545_-_Welcome_Banner_2-min-1.jpg
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974

Response headers

cf-cache-status
HIT
etag
"6436eb93-19806"
age
1029969
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hh4MYTZbasoGSWMU3SX3aRpvKok%2BScGvt9x7Y2Kas1rNxuzjLkNqF2s8TuY2BGzz2VxeV%2Fd041DQ2VMz%2FqxbIdkWIUNzqCISGdS2c3VC57tL3YNSrRoGVzw4%2FpJ2Qan9XsgL4RMlZGXhI5I%2FWBP46w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=97814&sent=80&recv=54&lost=0&retrans=0&sent_bytes=64165&recv_bytes=10807&delivery_rate=222479&cwnd=22800&unsent_bytes=0&cid=c605ef1b4967a453&ts=1959&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 24 Nov 2024 21:00:51 GMT
content-type
image/jpeg
last-modified
Wed, 12 Apr 2023 17:34:11 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e7c54b368f1c3f8-EWR
accept-ranges
bytes
content-length
104454
server
cloudflare
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v21/ 		0
0
fa-solid-900.woff2
thewinnertips.com/wp-content/themes/WinnersTips2/assets/fa/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thewinnertips.com/wp-content/themes/WinnersTips2/assets/fa/webfonts/fa-solid-900.woff2
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/wp-content/themes/WinnersTips2/assets/fa/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thewinnertips.com
Referer
https://thewinnertips.com/wp-content/themes/WinnersTips2/assets/fa/css/all.min.css

Response headers

cf-cache-status
HIT
etag
"61129b24-131bc"
age
1157720
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wxrxOdgcELvWWEC0gmqWmspxF5LWEKZDK2SMCocoB5KCX60mIQfSxLd%2B2ouB73gzCmqBwPFD%2Bj0cT5oT%2FCwlOwt2epj94zJbqnG7S%2BEa96DaaP7X6yjPOIH31maLgEy3wpFWomzonJUBdYWsnXfwhA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=113311&sent=138&recv=65&lost=0&retrans=0&sent_bytes=132590&recv_bytes=11635&delivery_rate=193635&cwnd=45600&unsent_bytes=0&cid=c605ef1b4967a453&ts=2128&x=1", cfExtPri, cfHdrFlush;dur=65
date
Sun, 24 Nov 2024 21:00:51 GMT
content-type
application/font-woff2
last-modified
Tue, 10 Aug 2021 15:28:36 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e7c54b47a2cc3f8-EWR
accept-ranges
bytes
content-length
78268
server
cloudflare
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
c5f37193-f19d-4b64-82e2-f71b83858c2c.jpg
thewinnertips.com/wp-content/uploads/2023/04/ 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thewinnertips.com/wp-content/uploads/2023/04/c5f37193-f19d-4b64-82e2-f71b83858c2c.jpg
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=759338483&sid=20241125080044139600daecfc251974

Response headers

cf-cache-status
HIT
etag
"643d89cc-1362f"
age
1029969
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vAKVSjYuakPGDz2amUwRjTTTumH7KngTJ%2FFIrGsBmTi%2B3fcRZZKpNNgc4bLGaqlIZA0meP%2FFwSpy%2BqwEvhdv4yOWB3sOJ6nkqM2i1wDj%2FVsOTBTG%2BP2Rkhpc6QbMCufdXXP5sjsZ1iqwjN8GY4XaTg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=113311&sent=139&recv=66&lost=0&retrans=0&sent_bytes=132615&recv_bytes=12071&delivery_rate=193635&cwnd=45600&unsent_bytes=0&cid=c605ef1b4967a453&ts=2147&x=1", cfExtPri, cfHdrFlush;dur=46
date
Sun, 24 Nov 2024 21:00:51 GMT
content-type
image/jpeg
last-modified
Mon, 17 Apr 2023 18:02:52 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e7c54b49a45c3f8-EWR
accept-ranges
bytes
content-length
79407
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtm.js?id=GTM-58QS7KV
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| cnArgs object| dataLayer function| checkForm object| Modernizr

2 Cookies

Domain/Path Name / Value
delivery.freshjuiceuk.com/s Name: __tad
Value: 1732482044.8513039
.cibago.com/ Name: __dsnsid
Value: 20241125080044139600daecfc251974

2 Console Messages

Source Level URL
Text
rendering warning URL: https://cibago.com/xr.php?e=kh%2Beo97vDR54NVe6LF82lX49fkI1NmpiYTk1YnhQbDR5eUlHcU10Yng2TnJZOGtWNEFJNjZNaUJuRElyc0NrMUtOb3VESzl6RSswdk1oMDNPZXZVb2ZxNGUvdlZWOVUwa2FmR1BQelNsTStUaEZxVVhKMVBSS3h5endTQmRkTS81U2xzK3RMVTFGZ3ZRNzA0TWZOak5KakJtNTRLOGdOak55OGYxUnRNcFVRTVZiQll2WDRVTHJPTFAyMVIvR3p6dTNxNXNqLzNCWHczaElnWDIzUE1FN3Y1aWdzMngyVFVGbkV4S3BuUzl6eHdadEIwc200cFNpYW9mMjJ4Ui8zOVBqOSsycWRDQXZtdzRZeDlvSWI1bUZ1eUxKampMU1E0eHBqNXB2cHYvb3FJUVpaRVlpZXI4UkxseEdlZU1OUGpHRjJtaVl4VGFna05zN1pZZjlSRzV2Vm9zOEtrOUVBejVWc3ZENGk2a2hob0t0QTd2dWs0N2dlaUx4TitaeEY1SzVXKzJtck9sV0grVzBEb0dsRmZKQUJEckRaMk1LZVk5VmRacVNrY2FtaVJkbDR0Y1dFbDBhSk5ZYitCMDF6b1RmMHlOSnE4dGZjZjNJSUlleGFBbEY3aHVHRlN4Nk9zUWNWUHdDUHlnNm51REpUNUVtVEZoYUxodkgybTlzc3o2bGxXYWJKTVFwamhIaTUxUmh5d2x6a21LcmdTbmVnb3hXazNwRWtuYmlJZUhCeFpVSndsZXJXazVGR0E2NjlPS3pqajhsVkJwbE5BeTdJNHAxenpVWFluNDRveVQvRFNWNWtFSWJiY0lXa0dwU05WbkNpOHArT2NRVWpRNWRJb0s5OFlGZTh4RUtNMDgwa0llM29PQUJ4Q1oxTFdhWThJYVZkUnZrZmczdjRVaGwzZW5RVDdXRFNNdnNIUGpmckYxcXRUWVl5Wk85b05YS1d1SE5VSFk5R0Vyd3kyY3R3SjdrYlR2RGYxYkhwR0JsblorVFkyNElGVjJUMENNVHB1d1NnTXpyV09raFJpMmdtcGdaMTdrT250YkU0UzZCZTkweFQ3bDVIb3NWaDFsZlhpSUZHVjR5eGNMRGdoTWwxbkRmczRqSXpJR3E3dnVlNjRwMXJTc1N5WWZVbVkwdlVBTFIrNmRNRXFVbjFKZDh3SHBSUWp3YzBzZ2R0WDNQdDJtQmdZM1I4TUtZT0VhOXA0bG9IbmpIUktmbCs5b1ZubE9ZZkJzcmszZz09(Line 122)
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A09064024C0D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://cibago.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cibago.com
delivery.freshjuiceuk.com
fonts.gstatic.com
thewinnertips.com
www.googletagmanager.com
fonts.gstatic.com
www.googletagmanager.com
103.224.182.206
170.178.183.18
2606:4700:3031::ac43:b540
13496db1aaf94a2866a964e2d8e3e1c1352838de3c93e063425c5096403fb014
1553287e594bf32732724a2364a23c60770f30a8250d24303a6630df32e8b3c4
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
466e5fee3a89203aa23b3feaebfbe34da6160d09b444763e9b40fed3d9bc755b
51b78c17f71940eb5d53d1d3e0e9ac17d61b9128a7d7b7c3d857734ba2d1cfdd
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
5dbe802e02c90654f902e69208eb5c1ce9b12a56850ed17f752f3ca68b1378cd
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
81507b4cda28450b2a9c638fbb2bed8fde9b0de69891399ab94467efd77a4557
87bb462c06cc85dba44601dbbcd84f3d769d9bf84580777849b39597ea8be7cc
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
af735813266cdf52a38a6e1583a86066db357469ceded2d7ea8335b298d73d65
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
d6e55de23b6cf9fe95b7c2c086fe24fb56256f03860844a8e7f7bbfd507b8645
f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789
f1f8026421e9a62a53734161746e439080236703a6fe2705e2140cfe14888751
f41f1f66c491d58e9c86c76883f768838016bdac0d6e75fde8078f74ace198a3