hereisyourwinner.com Open in urlscan Pro
2606:4700:3037::ac43:d308 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://poker369.asia/
Effective URL:
https://hereisyourwinner.com/
Submission Tags: phishingrod
Submission: On May 17 via api (May 17th 2023, 3:07:27 pm UTC) from DE — Scanned from DE

Summary HTTP 27 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3037::ac43:d308, located in United States and belongs to CLOUDFLARENET, US. The main domain is hereisyourwinner.com.
TLS certificate: Issued by GTS CA 1P5 on March 27th 2023. Valid for: 3 months.

This is the only time hereisyourwinner.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::ac43:8776	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2606:4700:303... 2606:4700:3037::ac43:d308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
27	5

1 2606:4700:3031::ac43:8776 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

poker369.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.doughnutdolly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:3037::ac43:d308 (United States)

ASN13335 (CLOUDFLARENET, US)

hereisyourwinner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	hereisyourwinner.com hereisyourwinner.com	1005 KB
2	gstatic.com fonts.gstatic.com	25 KB
2	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 373	67 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
1	doughnutdolly.com 1 redirects www.doughnutdolly.com	508 B
1	poker369.asia 1 redirects poker369.asia	467 B
27	6

	Domain	Requested by
22	hereisyourwinner.com	hereisyourwinner.com
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn.ampproject.org	hereisyourwinner.com cdn.ampproject.org
1	fonts.googleapis.com	hereisyourwinner.com
1	www.doughnutdolly.com	1 redirects
1	poker369.asia	1 redirects
27	6

This site contains links to these domains. Also see Links.

Domain
poker369.live
vpn88.co
poker369.group
t.me
en.wikipedia.org
www.planet-science.com
www.open-iscsi.org
www.givedadnothing.com

Subject Issuer	Validity	Valid
*.hereisyourwinner.com GTS CA 1P5	`2023-03-27` - `2023-06-25`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hereisyourwinner.com/
Frame ID: D7339924DF0B16527BF4E330AE40F740
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

POKER369: Situs IDN Poker Online, Bandar Ceme & Judi DominoQQ

Page URL History Show full URLs

https://poker369.asia/ HTTP 301
https://www.doughnutdolly.com/ HTTP 301
https://hereisyourwinner.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*elementor/assets

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

27
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

1098 kB
Transfer

1666 kB
Size

0
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://poker369.live/idnliverule
Title: IDNLIVE

Search URL Search Domain Scan URL

URL: https://poker369.live/togelrule
Title: Togel

Search URL Search Domain Scan URL

URL: https://poker369.live/sportbooksrule
Title: Sportsbook

Search URL Search Domain Scan URL

URL: https://vpn88.co/pkdaftar/
Title: DAFTAR

Search URL Search Domain Scan URL

URL: https://poker369.group/
Title: LOGIN

Search URL Search Domain Scan URL

URL: https://t.me/POKER369
Title: Telegram

Search URL Search Domain Scan URL

URL: https://vpn88.co/pkwhatsapp/
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://vpn88.co/pkchat/
Title: Livechat

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/The_Lying_Game
Title: The Lying Game

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Joseph_T._Crowell
Title: Joseph Crowell

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Stud_poker
Title: Stud poker

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/World_Series_of_Poker
Title: World Poker Series

Search URL Search Domain Scan URL

URL: https://www.planet-science.com/
Title: Slot Gacor

Search URL Search Domain Scan URL

URL: https://www.open-iscsi.org/
Title: SLOT88

Search URL Search Domain Scan URL

URL: https://www.givedadnothing.com/
Title: Judi Bola

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://poker369.asia/ HTTP 301
https://www.doughnutdolly.com/ HTTP 301
https://hereisyourwinner.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hereisyourwinner.com/
Redirect Chain

https://poker369.asia/
https://www.doughnutdolly.com/
https://hereisyourwinner.com/

155 KB
27 KB

459ms
349ms

Document
text/html

2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hereisyourwinner.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e76070700b0fbd793143ef3f246480356f4e3872a5187b9b2305efce32d82cd6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7c8cc502882118f7-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 17 May 2023 15:07:21 GMT
expires: Wed, 17 May 2023 15:07:21 GMT
last-modified: Wed, 17 May 2023 09:03:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9%2B7IAEQc%2Fz6tECqbZABGpY%2F8TsxPkoB7GaMGwOqFFtBYqVKXOyKCejJvks6aGHtLBQG4904OMLhZUkWjnZ9VyFHA51tzC8FDRFmWFxFv5uSJmA58dZlFyAHyeCDGhEblnbbYKykpks1T1BB2R6KQ8B6jA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7c8cc4ffbad9383c-FRA
content-type: text/html; charset=iso-8859-1
date: Wed, 17 May 2023 15:07:21 GMT
expires: Wed, 17 May 2023 15:07:21 GMT
location: https://hereisyourwinner.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhPTOJtB2vTNJRVhWX3neVqIX5%2B0kgQ1l1DMEaXJOBcHX%2FbjTvUFb8RUL3hXZ3uMyE7hUr84469b8HcwpQEHsdGkylDf11bYIZ6%2FvTO0kHJscsTUC29whF8w9PvGf5dL3FAeydZYIh72zL%2BIrhckg7YLPk8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 eicons.eot
hereisyourwinner.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/ 209 KB
113 KB 34ms
32ms Font
application/vnd.ms-fontobject 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hereisyourwinner.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.eot?5.20.0
Requested by: Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38c23a83690a703bcdb23c5c83a8c5764b688960c2095e15cda9d4a9d6c62963

Request headers

Referer: https://hereisyourwinner.com/
Origin: https://hereisyourwinner.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 08 May 2023 19:04:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 750123
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kskAOShfXUThAuUEOzr1f5bjqF2sdVv3FIFzzB96vgVCVbIuN2ptWUKRCy7nfJReE%2F3QV1vZmDFa%2FIv%2F%2FXCZc4JhB9qElZvqk3s3kxX2YCagMR1CSLdgDFdA94ULFzyb8CImN9TfDS2rATL6kNGU1ipp6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/vnd.ms-fontobject
cache-control: public, max-age=2592000
cf-ray: 7c8cc504cb0f18f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 07 Jun 2023 22:45:17 GMT

GET
H2 200 fa-solid-900.eot
hereisyourwinner.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 198 KB
100 KB 62ms
61ms Font
application/vnd.ms-fontobject 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hereisyourwinner.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.eot
Requested by: Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75a761159ae266c5332a4f266e07a5543712ffb76ee0260b07782195c04dc364

Request headers

Referer: https://hereisyourwinner.com/
Origin: https://hereisyourwinner.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 23 Apr 2023 19:04:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1549950
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tp236QqeFBgZY5%2Bg6K0bUQ8FZ%2FVBa1kKF4CBQPm%2BVFRhKpeiwW18LUgFiECe4mHsTp0wV84muUJSCOb2%2FXzU%2BoJj7YPP1wPvkyNOJwUkTaIaQ1bQQ72WLo1hwXmOIaP1Gm%2BntDizx4P3WY2Blsi2DAbxPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/vnd.ms-fontobject
cache-control: public, max-age=2592000
cf-ray: 7c8cc504cb1318f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 29 May 2023 16:34:50 GMT

GET
H2 200 fa-brands-400.eot
hereisyourwinner.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 131 KB
89 KB 62ms
61ms Font
application/vnd.ms-fontobject 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hereisyourwinner.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.eot
Requested by: Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 407a9723fc717c94e287496080d773e18e29c3cac49e2630172343c65c0864a8

Request headers

Referer: https://hereisyourwinner.com/
Origin: https://hereisyourwinner.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 23 Apr 2023 19:04:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1549950
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w77i9COqpsoFHQrQDsSIVb4gnz64YrkJROE1rxdIFPwNK9tdtGfJ5EXg5WxbeG6Zx7QW5iHMq7pbzCuoeGy7GwmpCCRRpANfgk2y1D3wGIhnA2g5Djs6mzKjSha%2BXePAlZ%2F%2FAfNFy4y0MlJrhSfkv0RJVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/vnd.ms-fontobject
cache-control: public, max-age=2592000
cf-ray: 7c8cc504cb1418f7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 29 May 2023 16:34:50 GMT

GET
H2 200 v0.mjs Show response
cdn.ampproject.org/ 222 KB
63 KB 100ms
29ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.mjs

Requested by

Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64ab3b6f8d20cd30e0968978741e3570febeb46411054f9fbf1d647a487243f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hereisyourwinner.com/
Origin: https://hereisyourwinner.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 17 May 2023 15:07:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63331
x-xss-protection: 0
server: sffe
etag: "3c3355b81166c15d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 17 May 2023 15:07:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 48 KB
2 KB 87ms
37ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CBalthazar%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.2.1

Requested by

Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b6255ff311a0e2821c5836ee92752c343b4c15d7bf09d0383cefb1fc31ae0c49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hereisyourwinner.com/
Origin: https://hereisyourwinner.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 May 2023 15:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 May 2023 15:07:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 May 2023 15:07:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 71ms
20ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CBalthazar%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.2.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hereisyourwinner.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 377826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 06:10:15 GMT

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 702d0c216704ef66640df8dcda9aa6482049c68e2803c0b7c392630cad4f10fc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 d6lKkaajS8Gm4CVQjFEfzh7p.woff2
fonts.gstatic.com/s/balthazar/v17/ 9 KB
9 KB 71ms
26ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/balthazar/v17/d6lKkaajS8Gm4CVQjFEfzh7p.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71e99f4792c8e6744d6e5c29b6c94f872790616c83ec84bfb9f01dee97f24483

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hereisyourwinner.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 22:41:45 GMT
x-content-type-options: nosniff
age: 318336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9224
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:09:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 22:41:45 GMT

GET
H3 200 logo.png
hereisyourwinner.com/wp-content/uploads/ 10 KB
10 KB 31ms
30ms Image
image/png 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hereisyourwinner.com/wp-content/uploads/logo.png
Requested by: Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfd3a7a70698362d30246e3faccb03077c36654091f0e1563ff6228ded8ad5de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hereisyourwinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:21 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 09:27:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1318270
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wy2IVxcWOvB6vONWXMgmE0x1%2FJA0b7X8LWAjEW7j04cdlMGoSV9Peghp5Xx2LvIeOs07QhtGu4gKJ8FXyf%2BWNEydsP23elIJ0OklSarXS0opkUWlDsKN4IGsIJXhYYbCLzxylVpc9MNqsir%2BTHDz5cr%2B%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7c8cc505ecaa8fdc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10181
expires: Wed, 30 Aug 2023 08:56:11 GMT

GET
DATA 200
OK truncated
/ 81 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7c5aca566fd8f9a930e25744207795e6baf6f1aded2024cb94d5eed264b3db5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f166142bfe28e9f23c74eaa13eb535d8841014d5efd82e0a3bbd7b340fc0c6fd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5cd67d738bc7b768e1c1d8c4c52ce7f6526c4fddd9f3f3cd5e461417e135b6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2fc6bb8377ddc0b66962d38f2fdf818849ee0b6a7b4149f44813612489abdaa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6d5ecbcf81171c6ca0d1a77f7d62ede1fb22dd962c2cce22ecf8bd2fa15b1e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 fa-brands-400.woff2
hereisyourwinner.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 75 KB
76 KB 31ms
28ms Font
font/woff2 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hereisyourwinner.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer: https://hereisyourwinner.com/
Origin: https://hereisyourwinner.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:21 GMT
cf-cache-status: HIT
last-modified: Thu, 11 May 2023 19:04:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 22780
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCX%2BPNDl6p4yY2ljCVuHtGFT7zk0%2Fc9Y2ozgfWN%2FWlaN6L4ys6F51%2BJM7I%2BiYgaRFXfvt%2F31ToVsQ1SLnJHLMEEbPmlndodRrCegRaq8OFN0VPpCtu6fln3UaWU0b5J13lVotDiz1CeY4aQAIu5yfph%2BJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=10368000
cf-ray: 7c8cc5061cd68fdc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 14 Sep 2023 08:47:41 GMT

GET
H3 200 fa-solid-900.woff2
hereisyourwinner.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 90ms
87ms Font
font/woff2 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hereisyourwinner.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://hereisyourwinner.com/
Origin: https://hereisyourwinner.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:21 GMT
cf-cache-status: HIT
last-modified: Tue, 09 May 2023 19:04:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 610114
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cbTDRgFXK5xaCobVtKpdAEsI53KHNxvxflk8u1R8VTChA9LEtkpRDBFbNmv%2FeVnqU%2BG4%2B4Cj%2B7M2JoRPef5Y4NytIuJzKXpJEMyFEW4OyRvLtVplw%2BLVixLJfSVjuImp6gAWkJ7BvPASYRjiCanM4RjoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=10368000
cf-ray: 7c8cc5061cd88fdc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 07 Sep 2023 13:38:47 GMT

GET
H2 200 amp-loader-0.1.mjs Show response
cdn.ampproject.org/rtv/012305051745000/v0/ 12 KB
4 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305051745000/v0/amp-loader-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41491189031aede2972810245ad39efa1b97748836c66e404572766305e1e317

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hereisyourwinner.com/
Origin: https://hereisyourwinner.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 May 2023 18:03:28 GMT
age: 75833
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3911
x-xss-protection: 0
server: sffe
etag: "1be8b7cabe2dc21f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 May 2024 18:03:28 GMT

GET
H3 200 IDNPOKERONLINE.jpg
hereisyourwinner.com/wp-content/uploads/ 49 KB
49 KB 84ms
84ms Image
image/jpeg 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hereisyourwinner.com/wp-content/uploads/IDNPOKERONLINE.jpg
Requested by: Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 589a8d6681112752e93bb9d34f490a26dab015d5d67a31b47cefd65d2613bcc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hereisyourwinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:21 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 09:25:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 416057
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ud5YuzYcCV%2BryuScuE%2BDt7Dyk5ozqePASIwYYNfQ8MbEh4FLJG%2FYlgf8KPn%2FnK9C9BtaYp%2FQEofceWmu7GEOItQhWDA1q5PAVpN17YkDR3svNJpnxGCJtR%2BWttrMBxe3Mh6QQhpfS5nz34xP08Do3UyQVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7c8cc5063cf98fdc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50078
expires: Sat, 09 Sep 2023 19:33:04 GMT

GET
H3 200 idnslot.jpg
hereisyourwinner.com/wp-content/uploads/ 37 KB
38 KB 43ms
40ms Image
image/jpeg 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hereisyourwinner.com/wp-content/uploads/idnslot.jpg
Requested by: Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4b968a8c145ce83826d41c03a024187ba1f48654fdb62bdd6b479f9832057d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hereisyourwinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:21 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 09:25:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 100070
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LNWlEzIewR2cA%2B7RgWWnLioaYqGKsubj%2BVgzgKpy5ZqZtTEARVcuNN9N93UQJ8GF69fSafFLAgr6kCU7yp7e1j5Fwwu1s%2BkpGHdZuqqaqeMac71dacVyydkG3X4BiReRKax3g93wsyBprLUJGIpC8bSx%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7c8cc5063cff8fdc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38356
expires: Wed, 13 Sep 2023 11:19:31 GMT

GET
H3 200 turnamenpoker.jpg
hereisyourwinner.com/wp-content/uploads/ 54 KB
55 KB 43ms
40ms Image
image/jpeg 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hereisyourwinner.com/wp-content/uploads/turnamenpoker.jpg
Requested by: Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8385571fe93cda83e10c9b5491717a314c17f916ad42c35c6fad2bb9870e86c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hereisyourwinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:21 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 09:25:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 416057
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LjY9EJUMS68JWMqmJABaANwLjUlUmSK8GMsU3NABZEnNDcLmSfMK%2FCLwKzbIxnmXQAsBG7PogtsZtpntifS6AEoYX4zrAwJ32AEMkP47AfTvbWvOQxRO17jtvsMcCg4rVtqItZesm75%2F5qWq0u2qqqvDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7c8cc5063d008fdc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55720
expires: Sat, 09 Sep 2023 19:33:04 GMT

GET
H3 200 idnpoker_poker.png
hereisyourwinner.com/wp-content/uploads/ 17 KB
18 KB 87ms
84ms Image
image/png 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hereisyourwinner.com/wp-content/uploads/idnpoker_poker.png
Requested by: Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b5058e5f57190212c5719e7a7b602c789a60228a6577b2a8dc5190877d7dbac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hereisyourwinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:21 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 09:27:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1523910
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2Fz7KDNhAji4XeUy54nykY%2FTzNdbICl%2FDr0V%2FaIEa4xbL3JY70Wbk7PIj4tdjG70z79XKZUcfzYaI9ZPx39FIorHNGH5jF4ttVIzuDOmxZFiDV483%2FsWbO0tIzz1FQm3SAscQQIqo9WQvfDLVACSRsWyzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7c8cc5063d028fdc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17404
expires: Sun, 27 Aug 2023 23:48:51 GMT

GET
H3 200 idnpoker_domino.png
hereisyourwinner.com/wp-content/uploads/ 17 KB
17 KB 103ms
99ms Image
image/png 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hereisyourwinner.com/wp-content/uploads/idnpoker_domino.png
Requested by: Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aa0468960b50c562236b6ec148bbfe7bfe7d5ce157c31c4342826c45b4ea33b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hereisyourwinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:21 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 09:26:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1523910
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MAjOd3iPvWW%2Bg61yILSX63OTnhxO9053jLpj3vx5mvjzjtWeltbtC%2Fq0rdtbOzuuSkTOkzmhbVKCSWovT4trNimhl1DidSpKq7HfBToEEOBSm5Yx6borJOAR1VECBtVivVdXNbRqPi7DNxl6rkbEDEf1QA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7c8cc5063d038fdc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16995
expires: Sun, 27 Aug 2023 23:48:51 GMT

GET
H3 200 idnpoker_capsasusun.png
hereisyourwinner.com/wp-content/uploads/ 17 KB
17 KB 103ms
100ms Image
image/png 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hereisyourwinner.com/wp-content/uploads/idnpoker_capsasusun.png
Requested by: Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a674ee0af9c472d2354d5c0c7d6cb78df6577279bade1613791cb14e6e09b76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hereisyourwinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:21 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 09:26:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 19894
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWHbPVmly8V1lluYgfN2PXCurFmfzLM32wjrhTwI46hGmYwGu9uRW%2FuJ2ScNNe%2FOqDRe%2BySgumxaztTbn1Fk5Qwsb0jqFtFrrc5aPjIXqmVCWoIZpLAzuMXq1JtURv09KQZj%2BneI1ynM9hMnGzz1zsAZew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7c8cc5063d048fdc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17380
expires: Thu, 14 Sep 2023 09:35:47 GMT

GET
H3 200 idnpoker_ceme_keliling.png
hereisyourwinner.com/wp-content/uploads/ 14 KB
15 KB 105ms
101ms Image
image/png 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hereisyourwinner.com/wp-content/uploads/idnpoker_ceme_keliling.png
Requested by: Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffbb2870e736ea4c16e9c73d4a318412eb499e2e6c34c756dbedfaebef907a7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hereisyourwinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:21 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 09:26:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 416057
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCFeTsxMO6breadYNjfY9%2FxcXpEC8O0ThkaRuZNld6N1pQjT9iFWdB7UCUt1O6Ue6n7o9%2FAtlLtDTtkT%2FkHukKlP0L7nHplFZ9Xewg19uDCrOuPqSeO2OT0shHJhL9eFCT5Xh9vEHW99dYPTk%2FlW2EsneQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7c8cc5063d058fdc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14713
expires: Sat, 09 Sep 2023 19:33:04 GMT

GET
H3 200 idnpoker_qqspirit.png
hereisyourwinner.com/wp-content/uploads/ 17 KB
17 KB 105ms
102ms Image
image/png 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hereisyourwinner.com/wp-content/uploads/idnpoker_qqspirit.png
Requested by: Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c68a9fe58a22874d5c898aa49515394e2141dc218367588fadd3dcf4d348c446

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hereisyourwinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:21 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 09:26:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 416057
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgvh38GCBOdRFawkKEq9vu9tThaFNk0z3Xgi8brYkkUaIFajan5skpkmRajwnM5TZ7Zg7i83lgK451sIet7t1kQP1WqI4sxfPhGw1EqGKty8kIBw6zcu0RgQFH6Ea0FzJLR3Ufaflmw3MTyF3%2FesYlMJlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7c8cc5063d068fdc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17095
expires: Sat, 09 Sep 2023 19:33:04 GMT

GET
H3 200 idnpoker_ceme.png
hereisyourwinner.com/wp-content/uploads/ 14 KB
14 KB 105ms
102ms Image
image/png 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hereisyourwinner.com/wp-content/uploads/idnpoker_ceme.png
Requested by: Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3e2c70b07ab377e25da90df04a3bd7a7ea5c7ec06594ce491fc471be260b6b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hereisyourwinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:21 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 09:26:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1523910
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkAHwuakZIw8m0o0IjPh2rZC1igyZ46G%2F0nCPLSQCiVbyGPVnRc3D4XcS0BfIzCeo85iBMS5GHsJFS8yLixWdSGmWgtMPacednvesEHJ%2BnKvnxyhtBr%2F6oZlqZ5SUdf8f14wDDjwL1ZTIpfsRaIwe9D9XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7c8cc5063d078fdc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14133
expires: Sun, 27 Aug 2023 23:48:51 GMT

GET
H3 200 idnpoker_blackjack.png
hereisyourwinner.com/wp-content/uploads/ 16 KB
16 KB 106ms
103ms Image
image/png 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hereisyourwinner.com/wp-content/uploads/idnpoker_blackjack.png
Requested by: Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69800f3c19c81e10320987fffc285e46e6f9f2c5376a473b3aefca3e680501e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hereisyourwinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:21 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 09:26:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 416057
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yT3b6AEfkF7KVWLe2TTkQ1ZPofPbLjYmjIX%2BSuCvaryzwZUV1u9mOhAKD5VxTmCp%2Fg6ZO74%2Bosaou4Hd224cvV0apiwcyrmk%2BD8lizh41BnMYrkhsxPPLICojk0gA9fakXBTzpOQTgiyHifigMuyCeWdEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7c8cc5063d088fdc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16066
expires: Sat, 09 Sep 2023 19:33:04 GMT

GET
H3 200 idnpoker_superten.png
hereisyourwinner.com/wp-content/uploads/ 17 KB
18 KB 106ms
103ms Image
image/png 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hereisyourwinner.com/wp-content/uploads/idnpoker_superten.png
Requested by: Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4778913e13e68b1ba95c141f06a9f0ea97ea00d727c26d9257ae514270e658e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hereisyourwinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:21 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 09:26:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 100070
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXJ7ad9lrcnvlIziLgHI8HpSl1mLOuUNd8Lexj8K2EJctrq5MZFCIOk1jEub4fqA5NCI2qtw8eH42V%2FkRzQBFcxx7w1j6ALZG0zVzss%2BvCBfDdk74F86xSPXNlKIyCdvVdvoAUisUKfUjPV71msBfRg5bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7c8cc5063d098fdc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17678
expires: Wed, 13 Sep 2023 11:19:31 GMT

GET
H3 200 idnpoker_superbull.png
hereisyourwinner.com/wp-content/uploads/ 17 KB
17 KB 107ms
103ms Image
image/png 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hereisyourwinner.com/wp-content/uploads/idnpoker_superbull.png
Requested by: Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b399ec7eb242948e2e3434c6e8bfb9f1fd85c8f8c3d6c54fadf8526db316da4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hereisyourwinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:21 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 09:27:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1318263
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZRfmLw65S5%2FlIOzFIQsfWm8SKZjczPPCnBZFtD%2FjrA3pMfhqktAgw17asqjgghxU759vgsh1UjnzEwpNMIDLwi1i6HZFCrR1BukIaTczKHmKQUDIyQCmHc%2B%2FvNLbZ9hxoy5YKOoLrYb7zFlTiN9%2Fu%2BCaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7c8cc5063d0b8fdc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17343
expires: Wed, 30 Aug 2023 08:56:18 GMT

GET
H3 200 idnpoker_omaha.png
hereisyourwinner.com/wp-content/uploads/ 15 KB
16 KB 107ms
104ms Image
image/png 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hereisyourwinner.com/wp-content/uploads/idnpoker_omaha.png
Requested by: Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28a0c5785634e1d9a2ffbc3e0ca217cd2e6bd36b5814ac0e57f0ba8aef75a9c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hereisyourwinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:21 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 09:26:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 416057
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igvO6fLxzf7F5xN%2FnRTLGFPJAUK6JKj0AoPOn9P3yYTxAEVPcugXfPL6phXk2%2FMXMCF7Rp5vIha4Kuw2SCCRYLy8u8cVN57u39%2BaeRMWva4dAj9NKd9inVcl3O5%2BAy5iDrKT5dbqSw9BbpVoPg9dEBhNEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7c8cc5063d0d8fdc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15748
expires: Sat, 09 Sep 2023 19:33:04 GMT

GET
H3 200 situsidnpoker.jpg
hereisyourwinner.com/wp-content/uploads/ 130 KB
130 KB 103ms
103ms Image
image/jpeg 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hereisyourwinner.com/wp-content/uploads/situsidnpoker.jpg
Requested by: Host: hereisyourwinner.com
URL: https://hereisyourwinner.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27e27bd2af9c5b201bda015b1f4225db59e0870c477157f13bbbf3def1cb309c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hereisyourwinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:21 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 07:23:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 416057
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmQDA4P9kP5pqMU9mNaNYtzW7bfSRLUC9tlyQ1SGW3445s4HbYI47e%2BClSEDrFYR6aQd4aX%2FdDLf0aN5V%2F4T7r3kK5FPFx7zsoaI55VW9FjoDxYBxMSOPqZBFjCmBHLiIcrZVCNNkrQlvqI7PkwFVrXSVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7c8cc5064d138fdc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 132650
expires: Sat, 09 Sep 2023 19:33:04 GMT

GET
H3 200 urutankartupoker.jpg
hereisyourwinner.com/wp-content/uploads/ 73 KB
73 KB 31ms
30ms Image
image/jpeg 2606:4700:3037::ac43:d308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hereisyourwinner.com/wp-content/uploads/urutankartupoker.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2d59ea67f048627283174638b99ca4453f649663a6351ef94485f77cd47e20d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hereisyourwinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 15:07:22 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 09:24:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 100066
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrzR%2BsxtrLHpyRNQ995tx89KZhQj9B5rZXgxVTWRv7Z6x2sisLWD7dPraI2YHv0cykCHHxQS5FbucjodIi0SE0rB%2F2ci2XLyBl5lqygMl0V5Nh9PTdzLP%2B6QUuiBvPX1fM0fhP09BlF5Kh5YLcFFY3nGLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7c8cc50c1ad78fdc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74626
expires: Wed, 13 Sep 2023 11:19:36 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://hereisyourwinner.com/ Message: Mixed Content: The page at 'https://hereisyourwinner.com/' was loaded over HTTPS, but requested an insecure element 'http://hereisyourwinner.com/wp-content/uploads/urutankartupoker.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	warning	URL: https://hereisyourwinner.com/ Message: The resource https://hereisyourwinner.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.eot#iefix was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://hereisyourwinner.com/ Message: The resource https://hereisyourwinner.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.eot#iefix was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://hereisyourwinner.com/ Message: The resource https://hereisyourwinner.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.eot?5.20.0#iefix was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
hereisyourwinner.com
poker369.asia
www.doughnutdolly.com
2606:4700:3031::ac43:8776
2606:4700:3037::ac43:d308
2a00:1450:4001:828::2001
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a06:98c1:3121::3
1b5058e5f57190212c5719e7a7b602c789a60228a6577b2a8dc5190877d7dbac
27e27bd2af9c5b201bda015b1f4225db59e0870c477157f13bbbf3def1cb309c
28a0c5785634e1d9a2ffbc3e0ca217cd2e6bd36b5814ac0e57f0ba8aef75a9c0
38c23a83690a703bcdb23c5c83a8c5764b688960c2095e15cda9d4a9d6c62963
3a674ee0af9c472d2354d5c0c7d6cb78df6577279bade1613791cb14e6e09b76
3aa0468960b50c562236b6ec148bbfe7bfe7d5ce157c31c4342826c45b4ea33b
407a9723fc717c94e287496080d773e18e29c3cac49e2630172343c65c0864a8
41491189031aede2972810245ad39efa1b97748836c66e404572766305e1e317
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
589a8d6681112752e93bb9d34f490a26dab015d5d67a31b47cefd65d2613bcc2
5b399ec7eb242948e2e3434c6e8bfb9f1fd85c8f8c3d6c54fadf8526db316da4
69800f3c19c81e10320987fffc285e46e6f9f2c5376a473b3aefca3e680501e3
702d0c216704ef66640df8dcda9aa6482049c68e2803c0b7c392630cad4f10fc
71e99f4792c8e6744d6e5c29b6c94f872790616c83ec84bfb9f01dee97f24483
75a761159ae266c5332a4f266e07a5543712ffb76ee0260b07782195c04dc364
a5cd67d738bc7b768e1c1d8c4c52ce7f6526c4fddd9f3f3cd5e461417e135b6f
a64ab3b6f8d20cd30e0968978741e3570febeb46411054f9fbf1d647a487243f
b2fc6bb8377ddc0b66962d38f2fdf818849ee0b6a7b4149f44813612489abdaa
b6255ff311a0e2821c5836ee92752c343b4c15d7bf09d0383cefb1fc31ae0c49
c2d59ea67f048627283174638b99ca4453f649663a6351ef94485f77cd47e20d
c4b968a8c145ce83826d41c03a024187ba1f48654fdb62bdd6b479f9832057d8
c68a9fe58a22874d5c898aa49515394e2141dc218367588fadd3dcf4d348c446
c8385571fe93cda83e10c9b5491717a314c17f916ad42c35c6fad2bb9870e86c
cfd3a7a70698362d30246e3faccb03077c36654091f0e1563ff6228ded8ad5de
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d3e2c70b07ab377e25da90df04a3bd7a7ea5c7ec06594ce491fc471be260b6b6
d6d5ecbcf81171c6ca0d1a77f7d62ede1fb22dd962c2cce22ecf8bd2fa15b1e8
e4778913e13e68b1ba95c141f06a9f0ea97ea00d727c26d9257ae514270e658e
e76070700b0fbd793143ef3f246480356f4e3872a5187b9b2305efce32d82cd6
f166142bfe28e9f23c74eaa13eb535d8841014d5efd82e0a3bbd7b340fc0c6fd
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7c5aca566fd8f9a930e25744207795e6baf6f1aded2024cb94d5eed264b3db5
ffbb2870e736ea4c16e9c73d4a318412eb499e2e6c34c756dbedfaebef907a7a

hereisyourwinner.com Open in urlscan Pro 2606:4700:3037::ac43:d308 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

100 %IPv6

6 Domains

6 Subdomains

5 IPs

2 Countries

1098 kBTransfer

1666 kBSize

0 Cookies

15 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hereisyourwinner.com Open in urlscan Pro
2606:4700:3037::ac43:d308 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

1098 kB
Transfer

1666 kB
Size

0
Cookies

27 HTTP transactions
6 data transactions