Submitted URL: https://ffffffffffff.skillclient.com/
Effective URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8
Submission: On November 25 via automatic, source certstream-suspicious — Scanned from CA

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3031::ac43:b540, located in United States and belongs to CLOUDFLARENET, US. The main domain is thewinnertips.com.
TLS certificate: Issued by WE1 on November 11th 2024. Valid for: 3 months.
This is the only time thewinnertips.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.232.25.148 63949 (AKAMAI-LI...)
2 69.16.230.228 32244 (LIQUIDWEB)
1 4 103.224.182.206 133618 (TRELLIAN-...)
16 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
28 8
Apex Domain
Subdomains
Transfer
16 thewinnertips.com
thewinnertips.com
317 KB
4 dyetui.com
dyetui.com
18 KB
3 skillclient.com
ffffffffffff.skillclient.com
ww99.skillclient.com
4 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
120 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 gstatic.com
fonts.gstatic.com
33 KB
28 7
Domain Requested by
16 thewinnertips.com dyetui.com
thewinnertips.com
4 dyetui.com 1 redirects ww99.skillclient.com
dyetui.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com thewinnertips.com
www.googletagmanager.com
2 ww99.skillclient.com ww99.skillclient.com
1 www.google.com www.googletagmanager.com
1 fonts.gstatic.com thewinnertips.com
1 ffffffffffff.skillclient.com 1 redirects
28 8

This site contains links to these domains. Also see Links.

Domain
clk-ca.com
Subject Issuer Validity Valid
airpods.today
R10
2024-09-27 -
2024-12-26
3 months crt.sh
thewinnertips.com
WE1
2024-11-11 -
2025-02-09
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh

This page contains 2 frames:

Primary Page: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8
Frame ID: 05B98A9E048C9BB201AE30ED0308D5C2
Requests: 32 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fthewinnertips.com
Frame ID: 058BDD60EA8DEF39564F3594CF42B658
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

The Winners Tips

Page URL History Show full URLs

  1. https://ffffffffffff.skillclient.com/ HTTP 302
    http://ww99.skillclient.com/ HTTP 307
    https://ww99.skillclient.com/ HTTP 307
    http://ww99.skillclient.com/ Page URL
  2. http://ww99.skillclient.com/page/bouncy.php?&bpae=GbhGc70aytR5jnMVBvGOjcXHEwkC7XZ%2Bv1ixGIlUNhUURkx4rYTg... Page URL
  3. http://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1... HTTP 307
    https://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1... Page URL
  4. http://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1... HTTP 307
    https://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1... Page URL
  5. http://dyetui.com/f2.php?e=p482mKf2%2BmpiYeo6GaLCjn49fllseFVrNmpmVDFoWFpsdG1FaVVaU2dVSksxelRqd... HTTP 307
    https://dyetui.com/f2.php?e=p482mKf2%2BmpiYeo6GaLCjn49fllseFVrNmpmVDFoWFpsdG1FaVVaU2dVSksxelRqd... HTTP 302
    https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

28
Requests

79 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

513 kB
Transfer

987 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ffffffffffff.skillclient.com/ HTTP 302
    http://ww99.skillclient.com/ HTTP 307
    https://ww99.skillclient.com/ HTTP 307
    http://ww99.skillclient.com/ Page URL
  2. http://ww99.skillclient.com/page/bouncy.php?&bpae=GbhGc70aytR5jnMVBvGOjcXHEwkC7XZ%2Bv1ixGIlUNhUURkx4rYTgycj0od8QEIvUZ4s4OtQ6HNyq%2FDb5tuMTxFQEVVDEppSBr8v1LJa%2BCdwXh9MRwsSCGoxzsMx367VDvKj5zntdA8CqwDfbQYHO%2BhUJDTOlh18uk4b5bp07Qa6oEeUrTEkORjaNBt3kMDOu6pPF8g%2Bs0X7xudGNIvr%2By90UiyQxcIpgtHIG4YimiTUayZMELbA%2BLr5SKRx773MC52RPcGMVv6rovlppsfTYbm7dPw%2FsYivUXMpXoBZEJWedwZZqP8NG6zoquuA3V62nXglpMXaCEeyYVKkTshsyLwWSbRR4lvmeQaU4jqFgQbIh0LQ3fy4IQ9P944510ISmyLoSGCg8HhThpL96UtSSqpYSsj7GtXd2x2LHz0iUC2fhggTm2rBrfX7Z%2FmlSQ1U%2Br4%2BYLNQ5mW%2BJ6pjqlrAlO03sLYQ0NUmEoJtS1HCEk%2B72vYfhrhE2TxLk1Ah%2FAGtX50E1f%2Bz1iGhL9wwEgyVDo5Mnbit1dQGfSgHkY1W0%2FbzKIzUeoxJWlU8ea2%2FkoG2SoUKamq%2BP43Cajv7%2B4vrMdeXFce1SD5nuydvHONqTb9UFAM0Bgkg9bCiRHLR2q6micwipN3BK2Z0JVBooh6%2FZYd2ndV49jx81aONg%2FCvXBIynwbbzhEZc2Sj39uliuiqYT1XOfb%2Feu7beYDs06nLNg%2Fap1zOeZStY5valkoOzAR3lOoKzrYUan04su2VA44P8ER%2B4ZIGFasX35A97TZro8qipIX7nlGif2uKKtqg4Wn%2FEf2ASD1Mo7cIJWrbOO2jlbz3LIlYQfAByab%2FjxwOiG3fuUoyYDRjUKzBmDYPJs%2Fg0DMuhMklw6%2B4ZiUOs95%2F86YFlAp7hNaOwAdShL5gqE19oSTVB59GGeyZKWlNoVdwgXVW5LLxJYfGFH8C9pfjWL8Hei%2F8SOM7KL0ndvy8JunrglQ1TWGe75%2FRzYCgG1Pwq29P9W97MJ7lYNX9McatT2eInBfg1ZzyqeU84F2Ea5609nHBgF6Nakj%2FF%2Bh54d2bNBUeq93VG%2FLjsIW5OH2ZqF3uYUxGyR%2BeAWxsyxioMTROh3IZmnGPxyIJ%2FW4zaxt9b91sbGFrsohYoKJ6kiUo4RsMGPFsfNBtu53fK4TdNdeZ8ulvNtDUmeU1KQFHyrUoE%2FTcQrO2m71xGgbF7FrHx1P247F8EtqgEDx7rb9MuMitCp3FomzGMTskc1ackkiADXdgdOflq1X5vxBwF1%2Fb7cTZuwqLT9aXMsjP%2FGcn5oyRkLRkF7GW2NMOuesplBuojFdaHsR9a%2F5llLLIdzdgIWMNFaCJ0WZSj5W2OL%2B4c%2BRjvEZDOmW1W0QgzMFyuul7bfmKzXejyUtk2AycXeF7vIRSpDsd6wm94ZzosQYViVkFnI1yHAuQ5YK4kUkIQ3BNYrD1xHEdxXFwx6HIPRX9a8QMx4qbVLdauSmnwyhBNpG5irpbKNqGvb0PqW2aYKeJujmBuC4zUSc0xrD8DRaAz2BEr3aYAtA%2B9Fvk7%2Bmg0hrUcr9df6OACncFzdAwuQaaMikqy%2F1r94tPUhrY9GLhVlpR8gNgQw6HpGktuhCC22cf8T61MW7mYFG5p3KnSsASV8CLq1MIPWJXlhlbVFTmqjlihKDN8Be4CMWXhPysF5FlJOS7FyasS55glWGePhknM4lQLnGiflZiflPHEAK6hm%2Bbil5aGsh4l6NqoZtzAy8Yb%2B8IzYMopyEyi%2Fo%2Fm%2BM%2BFzOypk4OG%2B9wn9RY89w%3D%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
  3. http://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05OSVd4eVBVR2gxZjc4YUk4Y0cySFJuUmszcTF3Q3pvb2t2Y1JHYVVCVFVrSWlNbmRJaGsyclV1dWRHeXVVOUthVzl4Y25ReXZwVmY5dUhDUnlsNGhKQnRtNlBpdDNySmtzYTI1cE1EcGdGa3RsNFBKdzRKZ1hUbVFMVzhyTXBFUEowcGtuQ2hndnZ3VWdFR2FEY2h6Qzk1ZnB6R3YvNTUrNHkzbDFwcTNhTjJsUjQ5azEvTXlDVGprdENpM1daRXA3YzdxKzBYWlExalVmM2I5ZHBaa0x4OWgrTzBNOWZIcUFHSHdJb25ZcVh5ZFJSZjllV0pON09Za01nWW82b2xoL0JuWnVYNHhyRkF5WFUzbUsrZWQvakFnWUdTdlp1a1c3Uk40UkdFZFBTTnRoeCt4VVNRaG5Ic2dwc1htL0lTVHp4RDlFY1d6V0o0U0JZU1J5VHNLbVRlRWlsRUxHR3pKR3Q3N014MXhhTnF5elhnbHRUN01DTklWRG10Z1o1ZktFTGFuOXZETFpmSHVramVLMkJMMEEweTV4d0NLb3JJRlN1bHNsb1hha09qNVZBMlR1QjJBeVFDU0RVQWFXWW9VOEI1ZWZTV2J3N3dDQ2tEcGttYmxaMGRBaTI3cUI1c1pDL2swMGFCRjk0VnFUODdtUU1IUVMvT0xJbXo3clhsVVEvOWdRL0RYZXQxQVltQzY4K3dWZXc4Y0loSGtPV2lmQ05tbTNHdnNGYWU5MzllUCt3Nzdjb2k2M21zOFVJUXFwZTRjY0JZcnVMT2Y1ekdvbGhCNit5TzcwaW02THZyVVpXYUcxaGRBUXAyNFlJSnQ0eXJTYWt1Z2lYcE9BWDlSM1FTQXhKbW5Ud0tTZTVaMzYyaW1RaEszUTdESGduUmRqcVFGSUxPU1JEUDlDUnUyVzJTNUNLVWEyQUJ3eU5HN2NER0JBeHd0M3V0YXFMcDJheW5aM20wNjBhd2NyTUhvSDdXM2FBUnArRnc3aWFnVTFidkNOczVqVmpIWno3eVJqWVAyQnNLQWtJeGZoNnZJSXdrVnYvTEc5WVNDT3VjYXJGalVQZEZFM1hYSGx1QlpzRFZ3N2xMV2ZhMVVWYjZSWWkwZVpZRW9GbnZPaUU2WG16c3puRktueEhWcmpIRStTQ1o2M21PV0F0bXZ0S0EvbW5SbTJnaVhjNEF1Mkk9 HTTP 307
    https://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05OSVd4eVBVR2gxZjc4YUk4Y0cySFJuUmszcTF3Q3pvb2t2Y1JHYVVCVFVrSWlNbmRJaGsyclV1dWRHeXVVOUthVzl4Y25ReXZwVmY5dUhDUnlsNGhKQnRtNlBpdDNySmtzYTI1cE1EcGdGa3RsNFBKdzRKZ1hUbVFMVzhyTXBFUEowcGtuQ2hndnZ3VWdFR2FEY2h6Qzk1ZnB6R3YvNTUrNHkzbDFwcTNhTjJsUjQ5azEvTXlDVGprdENpM1daRXA3YzdxKzBYWlExalVmM2I5ZHBaa0x4OWgrTzBNOWZIcUFHSHdJb25ZcVh5ZFJSZjllV0pON09Za01nWW82b2xoL0JuWnVYNHhyRkF5WFUzbUsrZWQvakFnWUdTdlp1a1c3Uk40UkdFZFBTTnRoeCt4VVNRaG5Ic2dwc1htL0lTVHp4RDlFY1d6V0o0U0JZU1J5VHNLbVRlRWlsRUxHR3pKR3Q3N014MXhhTnF5elhnbHRUN01DTklWRG10Z1o1ZktFTGFuOXZETFpmSHVramVLMkJMMEEweTV4d0NLb3JJRlN1bHNsb1hha09qNVZBMlR1QjJBeVFDU0RVQWFXWW9VOEI1ZWZTV2J3N3dDQ2tEcGttYmxaMGRBaTI3cUI1c1pDL2swMGFCRjk0VnFUODdtUU1IUVMvT0xJbXo3clhsVVEvOWdRL0RYZXQxQVltQzY4K3dWZXc4Y0loSGtPV2lmQ05tbTNHdnNGYWU5MzllUCt3Nzdjb2k2M21zOFVJUXFwZTRjY0JZcnVMT2Y1ekdvbGhCNit5TzcwaW02THZyVVpXYUcxaGRBUXAyNFlJSnQ0eXJTYWt1Z2lYcE9BWDlSM1FTQXhKbW5Ud0tTZTVaMzYyaW1RaEszUTdESGduUmRqcVFGSUxPU1JEUDlDUnUyVzJTNUNLVWEyQUJ3eU5HN2NER0JBeHd0M3V0YXFMcDJheW5aM20wNjBhd2NyTUhvSDdXM2FBUnArRnc3aWFnVTFidkNOczVqVmpIWno3eVJqWVAyQnNLQWtJeGZoNnZJSXdrVnYvTEc5WVNDT3VjYXJGalVQZEZFM1hYSGx1QlpzRFZ3N2xMV2ZhMVVWYjZSWWkwZVpZRW9GbnZPaUU2WG16c3puRktueEhWcmpIRStTQ1o2M21PV0F0bXZ0S0EvbW5SbTJnaVhjNEF1Mkk9 Page URL
  4. http://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05OSVd4eVBVR2gxZjc4YUk4Y0cySFJuUmszcTF3Q3pvb2t2Y1JHYVVCVFVrSWlNbmRJaGsyclV1dWRHeXVVOUthVzl4Y25ReXZwVmY5dUhDUnlsNGhKQnRtNlBpdDNySmtzYTI1cE1EcGdGa3RsNFBKdzRKZ1hUbVFMVzhyTXBFUEowcGtuQ2hndnZ3VWdFR2FEY2h6Qzk1ZnB6R3YvNTUrNHkzbDFwcTNhTjJsUjQ5azEvTXlDVGprdENpM1daRXA3YzdxKzBYWlExalVmM2I5ZHBaa0x4OWgrTzBNOWZIcUFHSHdJb25ZcVh5ZFJSZjllV0pON09Za01nWW82b2xoL0JuWnVYNHhyRkF5WFUzbUsrZWQvakFnWUdTdlp1a1c3Uk40UkdFZFBTTnRoeCt4VVNRaG5Ic2dwc1htL0lTVHp4RDlFY1d6V0o0U0JZU1J5VHNLbVRlRWlsRUxHR3pKR3Q3N014MXhhTnF5elhnbHRUN01DTklWRG10Z1o1ZktFTGFuOXZETFpmSHVramVLMkJMMEEweTV4d0NLb3JJRlN1bHNsb1hha09qNVZBMlR1QjJBeVFDU0RVQWFXWW9VOEI1ZWZTV2J3N3dDQ2tEcGttYmxaMGRBaTI3cUI1c1pDL2swMGFCRjk0VnFUODdtUU1IUVMvT0xJbXo3clhsVVEvOWdRL0RYZXQxQVltQzY4K3dWZXc4Y0loSGtPV2lmQ05tbTNHdnNGYWU5MzllUCt3Nzdjb2k2M21zOFVJUXFwZTRjY0JZcnVMT2Y1ekdvbGhCNit5TzcwaW02THZyVVpXYUcxaGRBUXAyNFlJSnQ0eXJTYWt1Z2lYcE9BWDlSM1FTQXhKbW5Ud0tTZTVaMzYyaW1RaEszUTdESGduUmRqcVFGSUxPU1JEUDlDUnUyVzJTNUNLVWEyQUJ3eU5HN2NER0JBeHd0M3V0YXFMcDJheW5aM20wNjBhd2NyTUhvSDdXM2FBUnArRnc3aWFnVTFidkNOczVqVmpIWno3eVJqWVAyQnNLQWtJeGZoNnZJSXdrVnYvTEc5WVNDT3VjYXJGalVQZEZFM1hYSGx1QlpzRFZ3N2xMV2ZhMVVWYjZSWWkwZVpZRW9GbnZPaUU2WG16c3puRktueEhWcmpIRStTQ1o2M21PV0F0bXZ0S0EvbW5SbTJnaVhjNEF1Mkk9&fp=7fe7f2e16dd7f48c00a4ea8141734fea HTTP 307
    https://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05OSVd4eVBVR2gxZjc4YUk4Y0cySFJuUmszcTF3Q3pvb2t2Y1JHYVVCVFVrSWlNbmRJaGsyclV1dWRHeXVVOUthVzl4Y25ReXZwVmY5dUhDUnlsNGhKQnRtNlBpdDNySmtzYTI1cE1EcGdGa3RsNFBKdzRKZ1hUbVFMVzhyTXBFUEowcGtuQ2hndnZ3VWdFR2FEY2h6Qzk1ZnB6R3YvNTUrNHkzbDFwcTNhTjJsUjQ5azEvTXlDVGprdENpM1daRXA3YzdxKzBYWlExalVmM2I5ZHBaa0x4OWgrTzBNOWZIcUFHSHdJb25ZcVh5ZFJSZjllV0pON09Za01nWW82b2xoL0JuWnVYNHhyRkF5WFUzbUsrZWQvakFnWUdTdlp1a1c3Uk40UkdFZFBTTnRoeCt4VVNRaG5Ic2dwc1htL0lTVHp4RDlFY1d6V0o0U0JZU1J5VHNLbVRlRWlsRUxHR3pKR3Q3N014MXhhTnF5elhnbHRUN01DTklWRG10Z1o1ZktFTGFuOXZETFpmSHVramVLMkJMMEEweTV4d0NLb3JJRlN1bHNsb1hha09qNVZBMlR1QjJBeVFDU0RVQWFXWW9VOEI1ZWZTV2J3N3dDQ2tEcGttYmxaMGRBaTI3cUI1c1pDL2swMGFCRjk0VnFUODdtUU1IUVMvT0xJbXo3clhsVVEvOWdRL0RYZXQxQVltQzY4K3dWZXc4Y0loSGtPV2lmQ05tbTNHdnNGYWU5MzllUCt3Nzdjb2k2M21zOFVJUXFwZTRjY0JZcnVMT2Y1ekdvbGhCNit5TzcwaW02THZyVVpXYUcxaGRBUXAyNFlJSnQ0eXJTYWt1Z2lYcE9BWDlSM1FTQXhKbW5Ud0tTZTVaMzYyaW1RaEszUTdESGduUmRqcVFGSUxPU1JEUDlDUnUyVzJTNUNLVWEyQUJ3eU5HN2NER0JBeHd0M3V0YXFMcDJheW5aM20wNjBhd2NyTUhvSDdXM2FBUnArRnc3aWFnVTFidkNOczVqVmpIWno3eVJqWVAyQnNLQWtJeGZoNnZJSXdrVnYvTEc5WVNDT3VjYXJGalVQZEZFM1hYSGx1QlpzRFZ3N2xMV2ZhMVVWYjZSWWkwZVpZRW9GbnZPaUU2WG16c3puRktueEhWcmpIRStTQ1o2M21PV0F0bXZ0S0EvbW5SbTJnaVhjNEF1Mkk9&fp=7fe7f2e16dd7f48c00a4ea8141734fea Page URL
  5. http://dyetui.com/f2.php?e=p482mKf2%2BmpiYeo6GaLCjn49fllseFVrNmpmVDFoWFpsdG1FaVVaU2dVSksxelRqdFI0eGNxUU4xbDlmSmRPS0hTMWZEajBxYk9INkpmZytiZk5IaTgzSmVMMmZoRnpnd1YvV2lvTzYxS1AyQU5YMjFBMGpSVkEyV3lkYk5NRHlxOTNhZUs2QnlWZmlVSlpMWm1ZUzdCQmVLcGxQWTJNeXZyNC90MjNPcTlUMWpwdE41WTNBUkpjR2E0a28rdmYwYVBWTDZtSldHQ0dxSjFkWDFOd1VEOGRiUGlzLzZFMTVrU2pGT2N5Tjkvc0lFZStPNU1HVldPQ2RqWTJURGRCK1JKT0dKQ2dKNStYNTNUa2lOR1d6TGdwWGUybit1QVY4MlFWMHdNNkZRZ1hZSm9jRnQ5eXVpaDB6WHllS2VheDk1UUNBbjhwdXVaOWdnbmVpcWFIdkFlQWovU01TUWoxaVZjMS96c0Y1dVNkYlVDZFBkNnhTcmZrYVdTTGxKUVpLdS9ZWGZITlBRL1YveWNrTUZrM1dyUzMxdjdOYjBrS1J3RGpHN25ST0tCU2gxaldKbGpkNUZRb1BSbU9ZQ04yU1M4TWVITnRjSkEreVlSdEQxa0NxcWRjRkR4cUhnTzJzUXRYNHIzQ2R6S3o0Zzg2Ymxnb2dxdUJIaG1EOFowdUxaZklmRGUzZ0d0cU94U0dmTzhsNEhVeFRPOE04cXNqL0xLUEZVOStFbktoaEMwYnF1WHJrblMxcmQzTG9qMmt5MGppZy90eGxzanhoVStmTXBDTUZsRXlFMTg4WjhzSitHRWxwUm1zQ01yeGhYRWNCdlVaT3hSdUFHQ2JkbmNhUXBINHlhWmt4elBQYkpVOU1tR0wyWUJ6Y1VrOEF4d2lKMkpsZFJKVFhUSjBQOHY0VFdrNkhTYnh1RlFIOEtzVjF5T3dsOWhCSG94b1VxczExc2RKbDJkMTM0TFBJNzRvWDMyMmFobWRHN3VuMXlIeU9VbHJjWGhFNnh6Y2wyNVdodHdFb2Z2TG1VYmNLNUNJY2phVGwwM3hRL0k2K2dnUjRMMjM4SFY3TEdOeGVFWms3WlZRWWQ4alZQZG55RWhJaVhWWTFvR3huTWRjWkhvTTRzcXpVSDdrYjJLVSt3MkNxWGI4dktkN00xb01NQTFpTlUzSFdJeFZpajI3VEtxWlJUd1NTL3AwNGtnTzJieGI1WkF4Vys0cWc2bit0MFo5Tm41NEk4Zm15NUhnb0tZTmhqd3NxeDJ1YzIzU2VSQjc4c3RnaFdYZUxnR2h5OGdoQ0d1S1RsbGlVQ3VsTm5pL1JhTjJ3bGdRTGw1TnNsMmxueE5NVzVGemJDMTBsVWIxK2srendaZGJhRkdScGtRdHNHVEFzd29lWWxQcC9xL2d2KzE5aXBLYmU1bWJxQzRxR2RZejR0WEVkQ1YvYkZYSnRHU29QMS9ZYWM0bGZZSVlCNW1rSGFoT3dTRXNWdEVyUUtCREpUZ1haZz09&vs=1600:1200&ds=1600:1200&sl=1570:1170&os=f&nos=t HTTP 307
    https://dyetui.com/f2.php?e=p482mKf2%2BmpiYeo6GaLCjn49fllseFVrNmpmVDFoWFpsdG1FaVVaU2dVSksxelRqdFI0eGNxUU4xbDlmSmRPS0hTMWZEajBxYk9INkpmZytiZk5IaTgzSmVMMmZoRnpnd1YvV2lvTzYxS1AyQU5YMjFBMGpSVkEyV3lkYk5NRHlxOTNhZUs2QnlWZmlVSlpMWm1ZUzdCQmVLcGxQWTJNeXZyNC90MjNPcTlUMWpwdE41WTNBUkpjR2E0a28rdmYwYVBWTDZtSldHQ0dxSjFkWDFOd1VEOGRiUGlzLzZFMTVrU2pGT2N5Tjkvc0lFZStPNU1HVldPQ2RqWTJURGRCK1JKT0dKQ2dKNStYNTNUa2lOR1d6TGdwWGUybit1QVY4MlFWMHdNNkZRZ1hZSm9jRnQ5eXVpaDB6WHllS2VheDk1UUNBbjhwdXVaOWdnbmVpcWFIdkFlQWovU01TUWoxaVZjMS96c0Y1dVNkYlVDZFBkNnhTcmZrYVdTTGxKUVpLdS9ZWGZITlBRL1YveWNrTUZrM1dyUzMxdjdOYjBrS1J3RGpHN25ST0tCU2gxaldKbGpkNUZRb1BSbU9ZQ04yU1M4TWVITnRjSkEreVlSdEQxa0NxcWRjRkR4cUhnTzJzUXRYNHIzQ2R6S3o0Zzg2Ymxnb2dxdUJIaG1EOFowdUxaZklmRGUzZ0d0cU94U0dmTzhsNEhVeFRPOE04cXNqL0xLUEZVOStFbktoaEMwYnF1WHJrblMxcmQzTG9qMmt5MGppZy90eGxzanhoVStmTXBDTUZsRXlFMTg4WjhzSitHRWxwUm1zQ01yeGhYRWNCdlVaT3hSdUFHQ2JkbmNhUXBINHlhWmt4elBQYkpVOU1tR0wyWUJ6Y1VrOEF4d2lKMkpsZFJKVFhUSjBQOHY0VFdrNkhTYnh1RlFIOEtzVjF5T3dsOWhCSG94b1VxczExc2RKbDJkMTM0TFBJNzRvWDMyMmFobWRHN3VuMXlIeU9VbHJjWGhFNnh6Y2wyNVdodHdFb2Z2TG1VYmNLNUNJY2phVGwwM3hRL0k2K2dnUjRMMjM4SFY3TEdOeGVFWms3WlZRWWQ4alZQZG55RWhJaVhWWTFvR3huTWRjWkhvTTRzcXpVSDdrYjJLVSt3MkNxWGI4dktkN00xb01NQTFpTlUzSFdJeFZpajI3VEtxWlJUd1NTL3AwNGtnTzJieGI1WkF4Vys0cWc2bit0MFo5Tm41NEk4Zm15NUhnb0tZTmhqd3NxeDJ1YzIzU2VSQjc4c3RnaFdYZUxnR2h5OGdoQ0d1S1RsbGlVQ3VsTm5pL1JhTjJ3bGdRTGw1TnNsMmxueE5NVzVGemJDMTBsVWIxK2srendaZGJhRkdScGtRdHNHVEFzd29lWWxQcC9xL2d2KzE5aXBLYmU1bWJxQzRxR2RZejR0WEVkQ1YvYkZYSnRHU29QMS9ZYWM0bGZZSVlCNW1rSGFoT3dTRXNWdEVyUUtCREpUZ1haZz09&vs=1600:1200&ds=1600:1200&sl=1570:1170&os=f&nos=t HTTP 302
    https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ffffffffffff.skillclient.com/ HTTP 302
  • http://ww99.skillclient.com/ HTTP 307
  • https://ww99.skillclient.com/ HTTP 307
  • http://ww99.skillclient.com/
Request Chain 2
  • http://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05OSVd4eVBVR2gxZjc4YUk4Y0cySFJuUmszcTF3Q3pvb2t2Y1JHYVVCVFVrSWlNbmRJaGsyclV1dWRHeXVVOUthVzl4Y25ReXZwVmY5dUhDUnlsNGhKQnRtNlBpdDNySmtzYTI1cE1EcGdGa3RsNFBKdzRKZ1hUbVFMVzhyTXBFUEowcGtuQ2hndnZ3VWdFR2FEY2h6Qzk1ZnB6R3YvNTUrNHkzbDFwcTNhTjJsUjQ5azEvTXlDVGprdENpM1daRXA3YzdxKzBYWlExalVmM2I5ZHBaa0x4OWgrTzBNOWZIcUFHSHdJb25ZcVh5ZFJSZjllV0pON09Za01nWW82b2xoL0JuWnVYNHhyRkF5WFUzbUsrZWQvakFnWUdTdlp1a1c3Uk40UkdFZFBTTnRoeCt4VVNRaG5Ic2dwc1htL0lTVHp4RDlFY1d6V0o0U0JZU1J5VHNLbVRlRWlsRUxHR3pKR3Q3N014MXhhTnF5elhnbHRUN01DTklWRG10Z1o1ZktFTGFuOXZETFpmSHVramVLMkJMMEEweTV4d0NLb3JJRlN1bHNsb1hha09qNVZBMlR1QjJBeVFDU0RVQWFXWW9VOEI1ZWZTV2J3N3dDQ2tEcGttYmxaMGRBaTI3cUI1c1pDL2swMGFCRjk0VnFUODdtUU1IUVMvT0xJbXo3clhsVVEvOWdRL0RYZXQxQVltQzY4K3dWZXc4Y0loSGtPV2lmQ05tbTNHdnNGYWU5MzllUCt3Nzdjb2k2M21zOFVJUXFwZTRjY0JZcnVMT2Y1ekdvbGhCNit5TzcwaW02THZyVVpXYUcxaGRBUXAyNFlJSnQ0eXJTYWt1Z2lYcE9BWDlSM1FTQXhKbW5Ud0tTZTVaMzYyaW1RaEszUTdESGduUmRqcVFGSUxPU1JEUDlDUnUyVzJTNUNLVWEyQUJ3eU5HN2NER0JBeHd0M3V0YXFMcDJheW5aM20wNjBhd2NyTUhvSDdXM2FBUnArRnc3aWFnVTFidkNOczVqVmpIWno3eVJqWVAyQnNLQWtJeGZoNnZJSXdrVnYvTEc5WVNDT3VjYXJGalVQZEZFM1hYSGx1QlpzRFZ3N2xMV2ZhMVVWYjZSWWkwZVpZRW9GbnZPaUU2WG16c3puRktueEhWcmpIRStTQ1o2M21PV0F0bXZ0S0EvbW5SbTJnaVhjNEF1Mkk9 HTTP 307
  • https://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05OSVd4eVBVR2gxZjc4YUk4Y0cySFJuUmszcTF3Q3pvb2t2Y1JHYVVCVFVrSWlNbmRJaGsyclV1dWRHeXVVOUthVzl4Y25ReXZwVmY5dUhDUnlsNGhKQnRtNlBpdDNySmtzYTI1cE1EcGdGa3RsNFBKdzRKZ1hUbVFMVzhyTXBFUEowcGtuQ2hndnZ3VWdFR2FEY2h6Qzk1ZnB6R3YvNTUrNHkzbDFwcTNhTjJsUjQ5azEvTXlDVGprdENpM1daRXA3YzdxKzBYWlExalVmM2I5ZHBaa0x4OWgrTzBNOWZIcUFHSHdJb25ZcVh5ZFJSZjllV0pON09Za01nWW82b2xoL0JuWnVYNHhyRkF5WFUzbUsrZWQvakFnWUdTdlp1a1c3Uk40UkdFZFBTTnRoeCt4VVNRaG5Ic2dwc1htL0lTVHp4RDlFY1d6V0o0U0JZU1J5VHNLbVRlRWlsRUxHR3pKR3Q3N014MXhhTnF5elhnbHRUN01DTklWRG10Z1o1ZktFTGFuOXZETFpmSHVramVLMkJMMEEweTV4d0NLb3JJRlN1bHNsb1hha09qNVZBMlR1QjJBeVFDU0RVQWFXWW9VOEI1ZWZTV2J3N3dDQ2tEcGttYmxaMGRBaTI3cUI1c1pDL2swMGFCRjk0VnFUODdtUU1IUVMvT0xJbXo3clhsVVEvOWdRL0RYZXQxQVltQzY4K3dWZXc4Y0loSGtPV2lmQ05tbTNHdnNGYWU5MzllUCt3Nzdjb2k2M21zOFVJUXFwZTRjY0JZcnVMT2Y1ekdvbGhCNit5TzcwaW02THZyVVpXYUcxaGRBUXAyNFlJSnQ0eXJTYWt1Z2lYcE9BWDlSM1FTQXhKbW5Ud0tTZTVaMzYyaW1RaEszUTdESGduUmRqcVFGSUxPU1JEUDlDUnUyVzJTNUNLVWEyQUJ3eU5HN2NER0JBeHd0M3V0YXFMcDJheW5aM20wNjBhd2NyTUhvSDdXM2FBUnArRnc3aWFnVTFidkNOczVqVmpIWno3eVJqWVAyQnNLQWtJeGZoNnZJSXdrVnYvTEc5WVNDT3VjYXJGalVQZEZFM1hYSGx1QlpzRFZ3N2xMV2ZhMVVWYjZSWWkwZVpZRW9GbnZPaUU2WG16c3puRktueEhWcmpIRStTQ1o2M21PV0F0bXZ0S0EvbW5SbTJnaVhjNEF1Mkk9
Request Chain 5
  • http://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05OSVd4eVBVR2gxZjc4YUk4Y0cySFJuUmszcTF3Q3pvb2t2Y1JHYVVCVFVrSWlNbmRJaGsyclV1dWRHeXVVOUthVzl4Y25ReXZwVmY5dUhDUnlsNGhKQnRtNlBpdDNySmtzYTI1cE1EcGdGa3RsNFBKdzRKZ1hUbVFMVzhyTXBFUEowcGtuQ2hndnZ3VWdFR2FEY2h6Qzk1ZnB6R3YvNTUrNHkzbDFwcTNhTjJsUjQ5azEvTXlDVGprdENpM1daRXA3YzdxKzBYWlExalVmM2I5ZHBaa0x4OWgrTzBNOWZIcUFHSHdJb25ZcVh5ZFJSZjllV0pON09Za01nWW82b2xoL0JuWnVYNHhyRkF5WFUzbUsrZWQvakFnWUdTdlp1a1c3Uk40UkdFZFBTTnRoeCt4VVNRaG5Ic2dwc1htL0lTVHp4RDlFY1d6V0o0U0JZU1J5VHNLbVRlRWlsRUxHR3pKR3Q3N014MXhhTnF5elhnbHRUN01DTklWRG10Z1o1ZktFTGFuOXZETFpmSHVramVLMkJMMEEweTV4d0NLb3JJRlN1bHNsb1hha09qNVZBMlR1QjJBeVFDU0RVQWFXWW9VOEI1ZWZTV2J3N3dDQ2tEcGttYmxaMGRBaTI3cUI1c1pDL2swMGFCRjk0VnFUODdtUU1IUVMvT0xJbXo3clhsVVEvOWdRL0RYZXQxQVltQzY4K3dWZXc4Y0loSGtPV2lmQ05tbTNHdnNGYWU5MzllUCt3Nzdjb2k2M21zOFVJUXFwZTRjY0JZcnVMT2Y1ekdvbGhCNit5TzcwaW02THZyVVpXYUcxaGRBUXAyNFlJSnQ0eXJTYWt1Z2lYcE9BWDlSM1FTQXhKbW5Ud0tTZTVaMzYyaW1RaEszUTdESGduUmRqcVFGSUxPU1JEUDlDUnUyVzJTNUNLVWEyQUJ3eU5HN2NER0JBeHd0M3V0YXFMcDJheW5aM20wNjBhd2NyTUhvSDdXM2FBUnArRnc3aWFnVTFidkNOczVqVmpIWno3eVJqWVAyQnNLQWtJeGZoNnZJSXdrVnYvTEc5WVNDT3VjYXJGalVQZEZFM1hYSGx1QlpzRFZ3N2xMV2ZhMVVWYjZSWWkwZVpZRW9GbnZPaUU2WG16c3puRktueEhWcmpIRStTQ1o2M21PV0F0bXZ0S0EvbW5SbTJnaVhjNEF1Mkk9&fp=7fe7f2e16dd7f48c00a4ea8141734fea HTTP 307
  • https://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05OSVd4eVBVR2gxZjc4YUk4Y0cySFJuUmszcTF3Q3pvb2t2Y1JHYVVCVFVrSWlNbmRJaGsyclV1dWRHeXVVOUthVzl4Y25ReXZwVmY5dUhDUnlsNGhKQnRtNlBpdDNySmtzYTI1cE1EcGdGa3RsNFBKdzRKZ1hUbVFMVzhyTXBFUEowcGtuQ2hndnZ3VWdFR2FEY2h6Qzk1ZnB6R3YvNTUrNHkzbDFwcTNhTjJsUjQ5azEvTXlDVGprdENpM1daRXA3YzdxKzBYWlExalVmM2I5ZHBaa0x4OWgrTzBNOWZIcUFHSHdJb25ZcVh5ZFJSZjllV0pON09Za01nWW82b2xoL0JuWnVYNHhyRkF5WFUzbUsrZWQvakFnWUdTdlp1a1c3Uk40UkdFZFBTTnRoeCt4VVNRaG5Ic2dwc1htL0lTVHp4RDlFY1d6V0o0U0JZU1J5VHNLbVRlRWlsRUxHR3pKR3Q3N014MXhhTnF5elhnbHRUN01DTklWRG10Z1o1ZktFTGFuOXZETFpmSHVramVLMkJMMEEweTV4d0NLb3JJRlN1bHNsb1hha09qNVZBMlR1QjJBeVFDU0RVQWFXWW9VOEI1ZWZTV2J3N3dDQ2tEcGttYmxaMGRBaTI3cUI1c1pDL2swMGFCRjk0VnFUODdtUU1IUVMvT0xJbXo3clhsVVEvOWdRL0RYZXQxQVltQzY4K3dWZXc4Y0loSGtPV2lmQ05tbTNHdnNGYWU5MzllUCt3Nzdjb2k2M21zOFVJUXFwZTRjY0JZcnVMT2Y1ekdvbGhCNit5TzcwaW02THZyVVpXYUcxaGRBUXAyNFlJSnQ0eXJTYWt1Z2lYcE9BWDlSM1FTQXhKbW5Ud0tTZTVaMzYyaW1RaEszUTdESGduUmRqcVFGSUxPU1JEUDlDUnUyVzJTNUNLVWEyQUJ3eU5HN2NER0JBeHd0M3V0YXFMcDJheW5aM20wNjBhd2NyTUhvSDdXM2FBUnArRnc3aWFnVTFidkNOczVqVmpIWno3eVJqWVAyQnNLQWtJeGZoNnZJSXdrVnYvTEc5WVNDT3VjYXJGalVQZEZFM1hYSGx1QlpzRFZ3N2xMV2ZhMVVWYjZSWWkwZVpZRW9GbnZPaUU2WG16c3puRktueEhWcmpIRStTQ1o2M21PV0F0bXZ0S0EvbW5SbTJnaVhjNEF1Mkk9&fp=7fe7f2e16dd7f48c00a4ea8141734fea

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
ww99.skillclient.com/
Redirect Chain
  • https://ffffffffffff.skillclient.com/
  • http://ww99.skillclient.com/
  • https://ww99.skillclient.com/
  • http://ww99.skillclient.com/
6 KB
2 KB
Document
General
Full URL
http://ww99.skillclient.com/
Protocol
HTTP/1.1
Server
69.16.230.228 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb05.parklogic.com
Software
openresty / PHP/5.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 25 Nov 2024 19:20:57 GMT
Server
openresty
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16

Redirect headers

Location
http://ww99.skillclient.com/
Non-Authoritative-Reason
HttpsUpgrades
bouncy.php
ww99.skillclient.com/page/
5 KB
2 KB
Document
General
Full URL
http://ww99.skillclient.com/page/bouncy.php?&bpae=GbhGc70aytR5jnMVBvGOjcXHEwkC7XZ%2Bv1ixGIlUNhUURkx4rYTgycj0od8QEIvUZ4s4OtQ6HNyq%2FDb5tuMTxFQEVVDEppSBr8v1LJa%2BCdwXh9MRwsSCGoxzsMx367VDvKj5zntdA8CqwDfbQYHO%2BhUJDTOlh18uk4b5bp07Qa6oEeUrTEkORjaNBt3kMDOu6pPF8g%2Bs0X7xudGNIvr%2By90UiyQxcIpgtHIG4YimiTUayZMELbA%2BLr5SKRx773MC52RPcGMVv6rovlppsfTYbm7dPw%2FsYivUXMpXoBZEJWedwZZqP8NG6zoquuA3V62nXglpMXaCEeyYVKkTshsyLwWSbRR4lvmeQaU4jqFgQbIh0LQ3fy4IQ9P944510ISmyLoSGCg8HhThpL96UtSSqpYSsj7GtXd2x2LHz0iUC2fhggTm2rBrfX7Z%2FmlSQ1U%2Br4%2BYLNQ5mW%2BJ6pjqlrAlO03sLYQ0NUmEoJtS1HCEk%2B72vYfhrhE2TxLk1Ah%2FAGtX50E1f%2Bz1iGhL9wwEgyVDo5Mnbit1dQGfSgHkY1W0%2FbzKIzUeoxJWlU8ea2%2FkoG2SoUKamq%2BP43Cajv7%2B4vrMdeXFce1SD5nuydvHONqTb9UFAM0Bgkg9bCiRHLR2q6micwipN3BK2Z0JVBooh6%2FZYd2ndV49jx81aONg%2FCvXBIynwbbzhEZc2Sj39uliuiqYT1XOfb%2Feu7beYDs06nLNg%2Fap1zOeZStY5valkoOzAR3lOoKzrYUan04su2VA44P8ER%2B4ZIGFasX35A97TZro8qipIX7nlGif2uKKtqg4Wn%2FEf2ASD1Mo7cIJWrbOO2jlbz3LIlYQfAByab%2FjxwOiG3fuUoyYDRjUKzBmDYPJs%2Fg0DMuhMklw6%2B4ZiUOs95%2F86YFlAp7hNaOwAdShL5gqE19oSTVB59GGeyZKWlNoVdwgXVW5LLxJYfGFH8C9pfjWL8Hei%2F8SOM7KL0ndvy8JunrglQ1TWGe75%2FRzYCgG1Pwq29P9W97MJ7lYNX9McatT2eInBfg1ZzyqeU84F2Ea5609nHBgF6Nakj%2FF%2Bh54d2bNBUeq93VG%2FLjsIW5OH2ZqF3uYUxGyR%2BeAWxsyxioMTROh3IZmnGPxyIJ%2FW4zaxt9b91sbGFrsohYoKJ6kiUo4RsMGPFsfNBtu53fK4TdNdeZ8ulvNtDUmeU1KQFHyrUoE%2FTcQrO2m71xGgbF7FrHx1P247F8EtqgEDx7rb9MuMitCp3FomzGMTskc1ackkiADXdgdOflq1X5vxBwF1%2Fb7cTZuwqLT9aXMsjP%2FGcn5oyRkLRkF7GW2NMOuesplBuojFdaHsR9a%2F5llLLIdzdgIWMNFaCJ0WZSj5W2OL%2B4c%2BRjvEZDOmW1W0QgzMFyuul7bfmKzXejyUtk2AycXeF7vIRSpDsd6wm94ZzosQYViVkFnI1yHAuQ5YK4kUkIQ3BNYrD1xHEdxXFwx6HIPRX9a8QMx4qbVLdauSmnwyhBNpG5irpbKNqGvb0PqW2aYKeJujmBuC4zUSc0xrD8DRaAz2BEr3aYAtA%2B9Fvk7%2Bmg0hrUcr9df6OACncFzdAwuQaaMikqy%2F1r94tPUhrY9GLhVlpR8gNgQw6HpGktuhCC22cf8T61MW7mYFG5p3KnSsASV8CLq1MIPWJXlhlbVFTmqjlihKDN8Be4CMWXhPysF5FlJOS7FyasS55glWGePhknM4lQLnGiflZiflPHEAK6hm%2Bbil5aGsh4l6NqoZtzAy8Yb%2B8IzYMopyEyi%2Fo%2Fm%2BM%2BFzOypk4OG%2B9wn9RY89w%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: ww99.skillclient.com
URL: http://ww99.skillclient.com/
Protocol
HTTP/1.1
Server
69.16.230.228 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
lb05.parklogic.com
Software
openresty / PHP/5.4.16
Resource Hash

Request headers

Referer
http://ww99.skillclient.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 25 Nov 2024 19:20:57 GMT
Server
openresty
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
f.php
dyetui.com/
Redirect Chain
  • http://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05...
  • https://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK0...
5 KB
2 KB
Document
General
Full URL
https://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05OSVd4eVBVR2gxZjc4YUk4Y0cySFJuUmszcTF3Q3pvb2t2Y1JHYVVCVFVrSWlNbmRJaGsyclV1dWRHeXVVOUthVzl4Y25ReXZwVmY5dUhDUnlsNGhKQnRtNlBpdDNySmtzYTI1cE1EcGdGa3RsNFBKdzRKZ1hUbVFMVzhyTXBFUEowcGtuQ2hndnZ3VWdFR2FEY2h6Qzk1ZnB6R3YvNTUrNHkzbDFwcTNhTjJsUjQ5azEvTXlDVGprdENpM1daRXA3YzdxKzBYWlExalVmM2I5ZHBaa0x4OWgrTzBNOWZIcUFHSHdJb25ZcVh5ZFJSZjllV0pON09Za01nWW82b2xoL0JuWnVYNHhyRkF5WFUzbUsrZWQvakFnWUdTdlp1a1c3Uk40UkdFZFBTTnRoeCt4VVNRaG5Ic2dwc1htL0lTVHp4RDlFY1d6V0o0U0JZU1J5VHNLbVRlRWlsRUxHR3pKR3Q3N014MXhhTnF5elhnbHRUN01DTklWRG10Z1o1ZktFTGFuOXZETFpmSHVramVLMkJMMEEweTV4d0NLb3JJRlN1bHNsb1hha09qNVZBMlR1QjJBeVFDU0RVQWFXWW9VOEI1ZWZTV2J3N3dDQ2tEcGttYmxaMGRBaTI3cUI1c1pDL2swMGFCRjk0VnFUODdtUU1IUVMvT0xJbXo3clhsVVEvOWdRL0RYZXQxQVltQzY4K3dWZXc4Y0loSGtPV2lmQ05tbTNHdnNGYWU5MzllUCt3Nzdjb2k2M21zOFVJUXFwZTRjY0JZcnVMT2Y1ekdvbGhCNit5TzcwaW02THZyVVpXYUcxaGRBUXAyNFlJSnQ0eXJTYWt1Z2lYcE9BWDlSM1FTQXhKbW5Ud0tTZTVaMzYyaW1RaEszUTdESGduUmRqcVFGSUxPU1JEUDlDUnUyVzJTNUNLVWEyQUJ3eU5HN2NER0JBeHd0M3V0YXFMcDJheW5aM20wNjBhd2NyTUhvSDdXM2FBUnArRnc3aWFnVTFidkNOczVqVmpIWno3eVJqWVAyQnNLQWtJeGZoNnZJSXdrVnYvTEc5WVNDT3VjYXJGalVQZEZFM1hYSGx1QlpzRFZ3N2xMV2ZhMVVWYjZSWWkwZVpZRW9GbnZPaUU2WG16c3puRktueEhWcmpIRStTQ1o2M21PV0F0bXZ0S0EvbW5SbTJnaVhjNEF1Mkk9
Requested by
Host: ww99.skillclient.com
URL: http://ww99.skillclient.com/page/bouncy.php?&bpae=GbhGc70aytR5jnMVBvGOjcXHEwkC7XZ%2Bv1ixGIlUNhUURkx4rYTgycj0od8QEIvUZ4s4OtQ6HNyq%2FDb5tuMTxFQEVVDEppSBr8v1LJa%2BCdwXh9MRwsSCGoxzsMx367VDvKj5zntdA8CqwDfbQYHO%2BhUJDTOlh18uk4b5bp07Qa6oEeUrTEkORjaNBt3kMDOu6pPF8g%2Bs0X7xudGNIvr%2By90UiyQxcIpgtHIG4YimiTUayZMELbA%2BLr5SKRx773MC52RPcGMVv6rovlppsfTYbm7dPw%2FsYivUXMpXoBZEJWedwZZqP8NG6zoquuA3V62nXglpMXaCEeyYVKkTshsyLwWSbRR4lvmeQaU4jqFgQbIh0LQ3fy4IQ9P944510ISmyLoSGCg8HhThpL96UtSSqpYSsj7GtXd2x2LHz0iUC2fhggTm2rBrfX7Z%2FmlSQ1U%2Br4%2BYLNQ5mW%2BJ6pjqlrAlO03sLYQ0NUmEoJtS1HCEk%2B72vYfhrhE2TxLk1Ah%2FAGtX50E1f%2Bz1iGhL9wwEgyVDo5Mnbit1dQGfSgHkY1W0%2FbzKIzUeoxJWlU8ea2%2FkoG2SoUKamq%2BP43Cajv7%2B4vrMdeXFce1SD5nuydvHONqTb9UFAM0Bgkg9bCiRHLR2q6micwipN3BK2Z0JVBooh6%2FZYd2ndV49jx81aONg%2FCvXBIynwbbzhEZc2Sj39uliuiqYT1XOfb%2Feu7beYDs06nLNg%2Fap1zOeZStY5valkoOzAR3lOoKzrYUan04su2VA44P8ER%2B4ZIGFasX35A97TZro8qipIX7nlGif2uKKtqg4Wn%2FEf2ASD1Mo7cIJWrbOO2jlbz3LIlYQfAByab%2FjxwOiG3fuUoyYDRjUKzBmDYPJs%2Fg0DMuhMklw6%2B4ZiUOs95%2F86YFlAp7hNaOwAdShL5gqE19oSTVB59GGeyZKWlNoVdwgXVW5LLxJYfGFH8C9pfjWL8Hei%2F8SOM7KL0ndvy8JunrglQ1TWGe75%2FRzYCgG1Pwq29P9W97MJ7lYNX9McatT2eInBfg1ZzyqeU84F2Ea5609nHBgF6Nakj%2FF%2Bh54d2bNBUeq93VG%2FLjsIW5OH2ZqF3uYUxGyR%2BeAWxsyxioMTROh3IZmnGPxyIJ%2FW4zaxt9b91sbGFrsohYoKJ6kiUo4RsMGPFsfNBtu53fK4TdNdeZ8ulvNtDUmeU1KQFHyrUoE%2FTcQrO2m71xGgbF7FrHx1P247F8EtqgEDx7rb9MuMitCp3FomzGMTskc1ackkiADXdgdOflq1X5vxBwF1%2Fb7cTZuwqLT9aXMsjP%2FGcn5oyRkLRkF7GW2NMOuesplBuojFdaHsR9a%2F5llLLIdzdgIWMNFaCJ0WZSj5W2OL%2B4c%2BRjvEZDOmW1W0QgzMFyuul7bfmKzXejyUtk2AycXeF7vIRSpDsd6wm94ZzosQYViVkFnI1yHAuQ5YK4kUkIQ3BNYrD1xHEdxXFwx6HIPRX9a8QMx4qbVLdauSmnwyhBNpG5irpbKNqGvb0PqW2aYKeJujmBuC4zUSc0xrD8DRaAz2BEr3aYAtA%2B9Fvk7%2Bmg0hrUcr9df6OACncFzdAwuQaaMikqy%2F1r94tPUhrY9GLhVlpR8gNgQw6HpGktuhCC22cf8T61MW7mYFG5p3KnSsASV8CLq1MIPWJXlhlbVFTmqjlihKDN8Be4CMWXhPysF5FlJOS7FyasS55glWGePhknM4lQLnGiflZiflPHEAK6hm%2Bbil5aGsh4l6NqoZtzAy8Yb%2B8IzYMopyEyi%2Fo%2Fm%2BM%2BFzOypk4OG%2B9wn9RY89w%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash
1aaba4957b0b38d1e50f4d40547215dab68f15174783fc694d89f608c1846eeb

Request headers

Referer
http://ww99.skillclient.com/page/bouncy.php?&bpae=GbhGc70aytR5jnMVBvGOjcXHEwkC7XZ%2Bv1ixGIlUNhUURkx4rYTgycj0od8QEIvUZ4s4OtQ6HNyq%2FDb5tuMTxFQEVVDEppSBr8v1LJa%2BCdwXh9MRwsSCGoxzsMx367VDvKj5zntdA8CqwDfbQYHO%2BhUJDTOlh18uk4b5bp07Qa6oEeUrTEkORjaNBt3kMDOu6pPF8g%2Bs0X7xudGNIvr%2By90UiyQxcIpgtHIG4YimiTUayZMELbA%2BLr5SKRx773MC52RPcGMVv6rovlppsfTYbm7dPw%2FsYivUXMpXoBZEJWedwZZqP8NG6zoquuA3V62nXglpMXaCEeyYVKkTshsyLwWSbRR4lvmeQaU4jqFgQbIh0LQ3fy4IQ9P944510ISmyLoSGCg8HhThpL96UtSSqpYSsj7GtXd2x2LHz0iUC2fhggTm2rBrfX7Z%2FmlSQ1U%2Br4%2BYLNQ5mW%2BJ6pjqlrAlO03sLYQ0NUmEoJtS1HCEk%2B72vYfhrhE2TxLk1Ah%2FAGtX50E1f%2Bz1iGhL9wwEgyVDo5Mnbit1dQGfSgHkY1W0%2FbzKIzUeoxJWlU8ea2%2FkoG2SoUKamq%2BP43Cajv7%2B4vrMdeXFce1SD5nuydvHONqTb9UFAM0Bgkg9bCiRHLR2q6micwipN3BK2Z0JVBooh6%2FZYd2ndV49jx81aONg%2FCvXBIynwbbzhEZc2Sj39uliuiqYT1XOfb%2Feu7beYDs06nLNg%2Fap1zOeZStY5valkoOzAR3lOoKzrYUan04su2VA44P8ER%2B4ZIGFasX35A97TZro8qipIX7nlGif2uKKtqg4Wn%2FEf2ASD1Mo7cIJWrbOO2jlbz3LIlYQfAByab%2FjxwOiG3fuUoyYDRjUKzBmDYPJs%2Fg0DMuhMklw6%2B4ZiUOs95%2F86YFlAp7hNaOwAdShL5gqE19oSTVB59GGeyZKWlNoVdwgXVW5LLxJYfGFH8C9pfjWL8Hei%2F8SOM7KL0ndvy8JunrglQ1TWGe75%2FRzYCgG1Pwq29P9W97MJ7lYNX9McatT2eInBfg1ZzyqeU84F2Ea5609nHBgF6Nakj%2FF%2Bh54d2bNBUeq93VG%2FLjsIW5OH2ZqF3uYUxGyR%2BeAWxsyxioMTROh3IZmnGPxyIJ%2FW4zaxt9b91sbGFrsohYoKJ6kiUo4RsMGPFsfNBtu53fK4TdNdeZ8ulvNtDUmeU1KQFHyrUoE%2FTcQrO2m71xGgbF7FrHx1P247F8EtqgEDx7rb9MuMitCp3FomzGMTskc1ackkiADXdgdOflq1X5vxBwF1%2Fb7cTZuwqLT9aXMsjP%2FGcn5oyRkLRkF7GW2NMOuesplBuojFdaHsR9a%2F5llLLIdzdgIWMNFaCJ0WZSj5W2OL%2B4c%2BRjvEZDOmW1W0QgzMFyuul7bfmKzXejyUtk2AycXeF7vIRSpDsd6wm94ZzosQYViVkFnI1yHAuQ5YK4kUkIQ3BNYrD1xHEdxXFwx6HIPRX9a8QMx4qbVLdauSmnwyhBNpG5irpbKNqGvb0PqW2aYKeJujmBuC4zUSc0xrD8DRaAz2BEr3aYAtA%2B9Fvk7%2Bmg0hrUcr9df6OACncFzdAwuQaaMikqy%2F1r94tPUhrY9GLhVlpR8gNgQw6HpGktuhCC22cf8T61MW7mYFG5p3KnSsASV8CLq1MIPWJXlhlbVFTmqjlihKDN8Be4CMWXhPysF5FlJOS7FyasS55glWGePhknM4lQLnGiflZiflPHEAK6hm%2Bbil5aGsh4l6NqoZtzAy8Yb%2B8IzYMopyEyi%2Fo%2Fm%2BM%2BFzOypk4OG%2B9wn9RY89w%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

connection
close
content-encoding
gzip
content-length
1724
content-type
text/html; charset=UTF-8
date
Mon, 25 Nov 2024 19:20:58 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Location
https://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05OSVd4eVBVR2gxZjc4YUk4Y0cySFJuUmszcTF3Q3pvb2t2Y1JHYVVCVFVrSWlNbmRJaGsyclV1dWRHeXVVOUthVzl4Y25ReXZwVmY5dUhDUnlsNGhKQnRtNlBpdDNySmtzYTI1cE1EcGdGa3RsNFBKdzRKZ1hUbVFMVzhyTXBFUEowcGtuQ2hndnZ3VWdFR2FEY2h6Qzk1ZnB6R3YvNTUrNHkzbDFwcTNhTjJsUjQ5azEvTXlDVGprdENpM1daRXA3YzdxKzBYWlExalVmM2I5ZHBaa0x4OWgrTzBNOWZIcUFHSHdJb25ZcVh5ZFJSZjllV0pON09Za01nWW82b2xoL0JuWnVYNHhyRkF5WFUzbUsrZWQvakFnWUdTdlp1a1c3Uk40UkdFZFBTTnRoeCt4VVNRaG5Ic2dwc1htL0lTVHp4RDlFY1d6V0o0U0JZU1J5VHNLbVRlRWlsRUxHR3pKR3Q3N014MXhhTnF5elhnbHRUN01DTklWRG10Z1o1ZktFTGFuOXZETFpmSHVramVLMkJMMEEweTV4d0NLb3JJRlN1bHNsb1hha09qNVZBMlR1QjJBeVFDU0RVQWFXWW9VOEI1ZWZTV2J3N3dDQ2tEcGttYmxaMGRBaTI3cUI1c1pDL2swMGFCRjk0VnFUODdtUU1IUVMvT0xJbXo3clhsVVEvOWdRL0RYZXQxQVltQzY4K3dWZXc4Y0loSGtPV2lmQ05tbTNHdnNGYWU5MzllUCt3Nzdjb2k2M21zOFVJUXFwZTRjY0JZcnVMT2Y1ekdvbGhCNit5TzcwaW02THZyVVpXYUcxaGRBUXAyNFlJSnQ0eXJTYWt1Z2lYcE9BWDlSM1FTQXhKbW5Ud0tTZTVaMzYyaW1RaEszUTdESGduUmRqcVFGSUxPU1JEUDlDUnUyVzJTNUNLVWEyQUJ3eU5HN2NER0JBeHd0M3V0YXFMcDJheW5aM20wNjBhd2NyTUhvSDdXM2FBUnArRnc3aWFnVTFidkNOczVqVmpIWno3eVJqWVAyQnNLQWtJeGZoNnZJSXdrVnYvTEc5WVNDT3VjYXJGalVQZEZFM1hYSGx1QlpzRFZ3N2xMV2ZhMVVWYjZSWWkwZVpZRW9GbnZPaUU2WG16c3puRktueEhWcmpIRStTQ1o2M21PV0F0bXZ0S0EvbW5SbTJnaVhjNEF1Mkk9
Non-Authoritative-Reason
HttpsUpgrades
iife.min.js
dyetui.com/js/fingerprint/
33 KB
14 KB
Script
General
Full URL
https://dyetui.com/js/fingerprint/iife.min.js
Requested by
Host: dyetui.com
URL: https://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05OSVd4eVBVR2gxZjc4YUk4Y0cySFJuUmszcTF3Q3pvb2t2Y1JHYVVCVFVrSWlNbmRJaGsyclV1dWRHeXVVOUthVzl4Y25ReXZwVmY5dUhDUnlsNGhKQnRtNlBpdDNySmtzYTI1cE1EcGdGa3RsNFBKdzRKZ1hUbVFMVzhyTXBFUEowcGtuQ2hndnZ3VWdFR2FEY2h6Qzk1ZnB6R3YvNTUrNHkzbDFwcTNhTjJsUjQ5azEvTXlDVGprdENpM1daRXA3YzdxKzBYWlExalVmM2I5ZHBaa0x4OWgrTzBNOWZIcUFHSHdJb25ZcVh5ZFJSZjllV0pON09Za01nWW82b2xoL0JuWnVYNHhyRkF5WFUzbUsrZWQvakFnWUdTdlp1a1c3Uk40UkdFZFBTTnRoeCt4VVNRaG5Ic2dwc1htL0lTVHp4RDlFY1d6V0o0U0JZU1J5VHNLbVRlRWlsRUxHR3pKR3Q3N014MXhhTnF5elhnbHRUN01DTklWRG10Z1o1ZktFTGFuOXZETFpmSHVramVLMkJMMEEweTV4d0NLb3JJRlN1bHNsb1hha09qNVZBMlR1QjJBeVFDU0RVQWFXWW9VOEI1ZWZTV2J3N3dDQ2tEcGttYmxaMGRBaTI3cUI1c1pDL2swMGFCRjk0VnFUODdtUU1IUVMvT0xJbXo3clhsVVEvOWdRL0RYZXQxQVltQzY4K3dWZXc4Y0loSGtPV2lmQ05tbTNHdnNGYWU5MzllUCt3Nzdjb2k2M21zOFVJUXFwZTRjY0JZcnVMT2Y1ekdvbGhCNit5TzcwaW02THZyVVpXYUcxaGRBUXAyNFlJSnQ0eXJTYWt1Z2lYcE9BWDlSM1FTQXhKbW5Ud0tTZTVaMzYyaW1RaEszUTdESGduUmRqcVFGSUxPU1JEUDlDUnUyVzJTNUNLVWEyQUJ3eU5HN2NER0JBeHd0M3V0YXFMcDJheW5aM20wNjBhd2NyTUhvSDdXM2FBUnArRnc3aWFnVTFidkNOczVqVmpIWno3eVJqWVAyQnNLQWtJeGZoNnZJSXdrVnYvTEc5WVNDT3VjYXJGalVQZEZFM1hYSGx1QlpzRFZ3N2xMV2ZhMVVWYjZSWWkwZVpZRW9GbnZPaUU2WG16c3puRktueEhWcmpIRStTQ1o2M21PV0F0bXZ0S0EvbW5SbTJnaVhjNEF1Mkk9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash
c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05OSVd4eVBVR2gxZjc4YUk4Y0cySFJuUmszcTF3Q3pvb2t2Y1JHYVVCVFVrSWlNbmRJaGsyclV1dWRHeXVVOUthVzl4Y25ReXZwVmY5dUhDUnlsNGhKQnRtNlBpdDNySmtzYTI1cE1EcGdGa3RsNFBKdzRKZ1hUbVFMVzhyTXBFUEowcGtuQ2hndnZ3VWdFR2FEY2h6Qzk1ZnB6R3YvNTUrNHkzbDFwcTNhTjJsUjQ5azEvTXlDVGprdENpM1daRXA3YzdxKzBYWlExalVmM2I5ZHBaa0x4OWgrTzBNOWZIcUFHSHdJb25ZcVh5ZFJSZjllV0pON09Za01nWW82b2xoL0JuWnVYNHhyRkF5WFUzbUsrZWQvakFnWUdTdlp1a1c3Uk40UkdFZFBTTnRoeCt4VVNRaG5Ic2dwc1htL0lTVHp4RDlFY1d6V0o0U0JZU1J5VHNLbVRlRWlsRUxHR3pKR3Q3N014MXhhTnF5elhnbHRUN01DTklWRG10Z1o1ZktFTGFuOXZETFpmSHVramVLMkJMMEEweTV4d0NLb3JJRlN1bHNsb1hha09qNVZBMlR1QjJBeVFDU0RVQWFXWW9VOEI1ZWZTV2J3N3dDQ2tEcGttYmxaMGRBaTI3cUI1c1pDL2swMGFCRjk0VnFUODdtUU1IUVMvT0xJbXo3clhsVVEvOWdRL0RYZXQxQVltQzY4K3dWZXc4Y0loSGtPV2lmQ05tbTNHdnNGYWU5MzllUCt3Nzdjb2k2M21zOFVJUXFwZTRjY0JZcnVMT2Y1ekdvbGhCNit5TzcwaW02THZyVVpXYUcxaGRBUXAyNFlJSnQ0eXJTYWt1Z2lYcE9BWDlSM1FTQXhKbW5Ud0tTZTVaMzYyaW1RaEszUTdESGduUmRqcVFGSUxPU1JEUDlDUnUyVzJTNUNLVWEyQUJ3eU5HN2NER0JBeHd0M3V0YXFMcDJheW5aM20wNjBhd2NyTUhvSDdXM2FBUnArRnc3aWFnVTFidkNOczVqVmpIWno3eVJqWVAyQnNLQWtJeGZoNnZJSXdrVnYvTEc5WVNDT3VjYXJGalVQZEZFM1hYSGx1QlpzRFZ3N2xMV2ZhMVVWYjZSWWkwZVpZRW9GbnZPaUU2WG16c3puRktueEhWcmpIRStTQ1o2M21PV0F0bXZ0S0EvbW5SbTJnaVhjNEF1Mkk9

Response headers

content-encoding
gzip
etag
"85c0-6250852f4b980-gzip"
connection
close
accept-ranges
bytes
content-length
14345
date
Mon, 25 Nov 2024 19:20:58 GMT
last-modified
Tue, 22 Oct 2024 03:25:42 GMT
vary
Accept-Encoding
server
Apache
content-type
application/javascript
favicon.ico
dyetui.com/
0
0

f.php
dyetui.com/
Redirect Chain
  • http://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05...
  • https://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK0...
2 KB
2 KB
Document
General
Full URL
https://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05OSVd4eVBVR2gxZjc4YUk4Y0cySFJuUmszcTF3Q3pvb2t2Y1JHYVVCVFVrSWlNbmRJaGsyclV1dWRHeXVVOUthVzl4Y25ReXZwVmY5dUhDUnlsNGhKQnRtNlBpdDNySmtzYTI1cE1EcGdGa3RsNFBKdzRKZ1hUbVFMVzhyTXBFUEowcGtuQ2hndnZ3VWdFR2FEY2h6Qzk1ZnB6R3YvNTUrNHkzbDFwcTNhTjJsUjQ5azEvTXlDVGprdENpM1daRXA3YzdxKzBYWlExalVmM2I5ZHBaa0x4OWgrTzBNOWZIcUFHSHdJb25ZcVh5ZFJSZjllV0pON09Za01nWW82b2xoL0JuWnVYNHhyRkF5WFUzbUsrZWQvakFnWUdTdlp1a1c3Uk40UkdFZFBTTnRoeCt4VVNRaG5Ic2dwc1htL0lTVHp4RDlFY1d6V0o0U0JZU1J5VHNLbVRlRWlsRUxHR3pKR3Q3N014MXhhTnF5elhnbHRUN01DTklWRG10Z1o1ZktFTGFuOXZETFpmSHVramVLMkJMMEEweTV4d0NLb3JJRlN1bHNsb1hha09qNVZBMlR1QjJBeVFDU0RVQWFXWW9VOEI1ZWZTV2J3N3dDQ2tEcGttYmxaMGRBaTI3cUI1c1pDL2swMGFCRjk0VnFUODdtUU1IUVMvT0xJbXo3clhsVVEvOWdRL0RYZXQxQVltQzY4K3dWZXc4Y0loSGtPV2lmQ05tbTNHdnNGYWU5MzllUCt3Nzdjb2k2M21zOFVJUXFwZTRjY0JZcnVMT2Y1ekdvbGhCNit5TzcwaW02THZyVVpXYUcxaGRBUXAyNFlJSnQ0eXJTYWt1Z2lYcE9BWDlSM1FTQXhKbW5Ud0tTZTVaMzYyaW1RaEszUTdESGduUmRqcVFGSUxPU1JEUDlDUnUyVzJTNUNLVWEyQUJ3eU5HN2NER0JBeHd0M3V0YXFMcDJheW5aM20wNjBhd2NyTUhvSDdXM2FBUnArRnc3aWFnVTFidkNOczVqVmpIWno3eVJqWVAyQnNLQWtJeGZoNnZJSXdrVnYvTEc5WVNDT3VjYXJGalVQZEZFM1hYSGx1QlpzRFZ3N2xMV2ZhMVVWYjZSWWkwZVpZRW9GbnZPaUU2WG16c3puRktueEhWcmpIRStTQ1o2M21PV0F0bXZ0S0EvbW5SbTJnaVhjNEF1Mkk9&fp=7fe7f2e16dd7f48c00a4ea8141734fea
Requested by
Host: dyetui.com
URL: https://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05OSVd4eVBVR2gxZjc4YUk4Y0cySFJuUmszcTF3Q3pvb2t2Y1JHYVVCVFVrSWlNbmRJaGsyclV1dWRHeXVVOUthVzl4Y25ReXZwVmY5dUhDUnlsNGhKQnRtNlBpdDNySmtzYTI1cE1EcGdGa3RsNFBKdzRKZ1hUbVFMVzhyTXBFUEowcGtuQ2hndnZ3VWdFR2FEY2h6Qzk1ZnB6R3YvNTUrNHkzbDFwcTNhTjJsUjQ5azEvTXlDVGprdENpM1daRXA3YzdxKzBYWlExalVmM2I5ZHBaa0x4OWgrTzBNOWZIcUFHSHdJb25ZcVh5ZFJSZjllV0pON09Za01nWW82b2xoL0JuWnVYNHhyRkF5WFUzbUsrZWQvakFnWUdTdlp1a1c3Uk40UkdFZFBTTnRoeCt4VVNRaG5Ic2dwc1htL0lTVHp4RDlFY1d6V0o0U0JZU1J5VHNLbVRlRWlsRUxHR3pKR3Q3N014MXhhTnF5elhnbHRUN01DTklWRG10Z1o1ZktFTGFuOXZETFpmSHVramVLMkJMMEEweTV4d0NLb3JJRlN1bHNsb1hha09qNVZBMlR1QjJBeVFDU0RVQWFXWW9VOEI1ZWZTV2J3N3dDQ2tEcGttYmxaMGRBaTI3cUI1c1pDL2swMGFCRjk0VnFUODdtUU1IUVMvT0xJbXo3clhsVVEvOWdRL0RYZXQxQVltQzY4K3dWZXc4Y0loSGtPV2lmQ05tbTNHdnNGYWU5MzllUCt3Nzdjb2k2M21zOFVJUXFwZTRjY0JZcnVMT2Y1ekdvbGhCNit5TzcwaW02THZyVVpXYUcxaGRBUXAyNFlJSnQ0eXJTYWt1Z2lYcE9BWDlSM1FTQXhKbW5Ud0tTZTVaMzYyaW1RaEszUTdESGduUmRqcVFGSUxPU1JEUDlDUnUyVzJTNUNLVWEyQUJ3eU5HN2NER0JBeHd0M3V0YXFMcDJheW5aM20wNjBhd2NyTUhvSDdXM2FBUnArRnc3aWFnVTFidkNOczVqVmpIWno3eVJqWVAyQnNLQWtJeGZoNnZJSXdrVnYvTEc5WVNDT3VjYXJGalVQZEZFM1hYSGx1QlpzRFZ3N2xMV2ZhMVVWYjZSWWkwZVpZRW9GbnZPaUU2WG16c3puRktueEhWcmpIRStTQ1o2M21PV0F0bXZ0S0EvbW5SbTJnaVhjNEF1Mkk9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash

Request headers

Referer
https://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05OSVd4eVBVR2gxZjc4YUk4Y0cySFJuUmszcTF3Q3pvb2t2Y1JHYVVCVFVrSWlNbmRJaGsyclV1dWRHeXVVOUthVzl4Y25ReXZwVmY5dUhDUnlsNGhKQnRtNlBpdDNySmtzYTI1cE1EcGdGa3RsNFBKdzRKZ1hUbVFMVzhyTXBFUEowcGtuQ2hndnZ3VWdFR2FEY2h6Qzk1ZnB6R3YvNTUrNHkzbDFwcTNhTjJsUjQ5azEvTXlDVGprdENpM1daRXA3YzdxKzBYWlExalVmM2I5ZHBaa0x4OWgrTzBNOWZIcUFHSHdJb25ZcVh5ZFJSZjllV0pON09Za01nWW82b2xoL0JuWnVYNHhyRkF5WFUzbUsrZWQvakFnWUdTdlp1a1c3Uk40UkdFZFBTTnRoeCt4VVNRaG5Ic2dwc1htL0lTVHp4RDlFY1d6V0o0U0JZU1J5VHNLbVRlRWlsRUxHR3pKR3Q3N014MXhhTnF5elhnbHRUN01DTklWRG10Z1o1ZktFTGFuOXZETFpmSHVramVLMkJMMEEweTV4d0NLb3JJRlN1bHNsb1hha09qNVZBMlR1QjJBeVFDU0RVQWFXWW9VOEI1ZWZTV2J3N3dDQ2tEcGttYmxaMGRBaTI3cUI1c1pDL2swMGFCRjk0VnFUODdtUU1IUVMvT0xJbXo3clhsVVEvOWdRL0RYZXQxQVltQzY4K3dWZXc4Y0loSGtPV2lmQ05tbTNHdnNGYWU5MzllUCt3Nzdjb2k2M21zOFVJUXFwZTRjY0JZcnVMT2Y1ekdvbGhCNit5TzcwaW02THZyVVpXYUcxaGRBUXAyNFlJSnQ0eXJTYWt1Z2lYcE9BWDlSM1FTQXhKbW5Ud0tTZTVaMzYyaW1RaEszUTdESGduUmRqcVFGSUxPU1JEUDlDUnUyVzJTNUNLVWEyQUJ3eU5HN2NER0JBeHd0M3V0YXFMcDJheW5aM20wNjBhd2NyTUhvSDdXM2FBUnArRnc3aWFnVTFidkNOczVqVmpIWno3eVJqWVAyQnNLQWtJeGZoNnZJSXdrVnYvTEc5WVNDT3VjYXJGalVQZEZFM1hYSGx1QlpzRFZ3N2xMV2ZhMVVWYjZSWWkwZVpZRW9GbnZPaUU2WG16c3puRktueEhWcmpIRStTQ1o2M21PV0F0bXZ0S0EvbW5SbTJnaVhjNEF1Mkk9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

connection
close
content-encoding
gzip
content-length
1544
content-type
text/html; charset=UTF-8
date
Mon, 25 Nov 2024 19:20:58 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Location
https://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05OSVd4eVBVR2gxZjc4YUk4Y0cySFJuUmszcTF3Q3pvb2t2Y1JHYVVCVFVrSWlNbmRJaGsyclV1dWRHeXVVOUthVzl4Y25ReXZwVmY5dUhDUnlsNGhKQnRtNlBpdDNySmtzYTI1cE1EcGdGa3RsNFBKdzRKZ1hUbVFMVzhyTXBFUEowcGtuQ2hndnZ3VWdFR2FEY2h6Qzk1ZnB6R3YvNTUrNHkzbDFwcTNhTjJsUjQ5azEvTXlDVGprdENpM1daRXA3YzdxKzBYWlExalVmM2I5ZHBaa0x4OWgrTzBNOWZIcUFHSHdJb25ZcVh5ZFJSZjllV0pON09Za01nWW82b2xoL0JuWnVYNHhyRkF5WFUzbUsrZWQvakFnWUdTdlp1a1c3Uk40UkdFZFBTTnRoeCt4VVNRaG5Ic2dwc1htL0lTVHp4RDlFY1d6V0o0U0JZU1J5VHNLbVRlRWlsRUxHR3pKR3Q3N014MXhhTnF5elhnbHRUN01DTklWRG10Z1o1ZktFTGFuOXZETFpmSHVramVLMkJMMEEweTV4d0NLb3JJRlN1bHNsb1hha09qNVZBMlR1QjJBeVFDU0RVQWFXWW9VOEI1ZWZTV2J3N3dDQ2tEcGttYmxaMGRBaTI3cUI1c1pDL2swMGFCRjk0VnFUODdtUU1IUVMvT0xJbXo3clhsVVEvOWdRL0RYZXQxQVltQzY4K3dWZXc4Y0loSGtPV2lmQ05tbTNHdnNGYWU5MzllUCt3Nzdjb2k2M21zOFVJUXFwZTRjY0JZcnVMT2Y1ekdvbGhCNit5TzcwaW02THZyVVpXYUcxaGRBUXAyNFlJSnQ0eXJTYWt1Z2lYcE9BWDlSM1FTQXhKbW5Ud0tTZTVaMzYyaW1RaEszUTdESGduUmRqcVFGSUxPU1JEUDlDUnUyVzJTNUNLVWEyQUJ3eU5HN2NER0JBeHd0M3V0YXFMcDJheW5aM20wNjBhd2NyTUhvSDdXM2FBUnArRnc3aWFnVTFidkNOczVqVmpIWno3eVJqWVAyQnNLQWtJeGZoNnZJSXdrVnYvTEc5WVNDT3VjYXJGalVQZEZFM1hYSGx1QlpzRFZ3N2xMV2ZhMVVWYjZSWWkwZVpZRW9GbnZPaUU2WG16c3puRktueEhWcmpIRStTQ1o2M21PV0F0bXZ0S0EvbW5SbTJnaVhjNEF1Mkk9&fp=7fe7f2e16dd7f48c00a4ea8141734fea
Non-Authoritative-Reason
HttpsUpgrades
Primary Request /
thewinnertips.com/trill_casinodays_5t_ca/
Redirect Chain
  • http://dyetui.com/f2.php?e=p482mKf2%2BmpiYeo6GaLCjn49fllseFVrNmpmVDFoWFpsdG1FaVVaU2dVSksxelRqdFI0eGNxUU4xbDlmSmRPS0hTMWZEajBxYk9INkpmZytiZk5IaTgzSmVMMmZoRnpnd1YvV2lvTzYxS1AyQU5YMjFBMGpSVkEyV3lkYk5N...
  • https://dyetui.com/f2.php?e=p482mKf2%2BmpiYeo6GaLCjn49fllseFVrNmpmVDFoWFpsdG1FaVVaU2dVSksxelRqdFI0eGNxUU4xbDlmSmRPS0hTMWZEajBxYk9INkpmZytiZk5IaTgzSmVMMmZoRnpnd1YvV2lvTzYxS1AyQU5YMjFBMGpSVkEyV3lkYk5...
  • https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8
27 KB
8 KB
Document
General
Full URL
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8
Requested by
Host: dyetui.com
URL: https://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05OSVd4eVBVR2gxZjc4YUk4Y0cySFJuUmszcTF3Q3pvb2t2Y1JHYVVCVFVrSWlNbmRJaGsyclV1dWRHeXVVOUthVzl4Y25ReXZwVmY5dUhDUnlsNGhKQnRtNlBpdDNySmtzYTI1cE1EcGdGa3RsNFBKdzRKZ1hUbVFMVzhyTXBFUEowcGtuQ2hndnZ3VWdFR2FEY2h6Qzk1ZnB6R3YvNTUrNHkzbDFwcTNhTjJsUjQ5azEvTXlDVGprdENpM1daRXA3YzdxKzBYWlExalVmM2I5ZHBaa0x4OWgrTzBNOWZIcUFHSHdJb25ZcVh5ZFJSZjllV0pON09Za01nWW82b2xoL0JuWnVYNHhyRkF5WFUzbUsrZWQvakFnWUdTdlp1a1c3Uk40UkdFZFBTTnRoeCt4VVNRaG5Ic2dwc1htL0lTVHp4RDlFY1d6V0o0U0JZU1J5VHNLbVRlRWlsRUxHR3pKR3Q3N014MXhhTnF5elhnbHRUN01DTklWRG10Z1o1ZktFTGFuOXZETFpmSHVramVLMkJMMEEweTV4d0NLb3JJRlN1bHNsb1hha09qNVZBMlR1QjJBeVFDU0RVQWFXWW9VOEI1ZWZTV2J3N3dDQ2tEcGttYmxaMGRBaTI3cUI1c1pDL2swMGFCRjk0VnFUODdtUU1IUVMvT0xJbXo3clhsVVEvOWdRL0RYZXQxQVltQzY4K3dWZXc4Y0loSGtPV2lmQ05tbTNHdnNGYWU5MzllUCt3Nzdjb2k2M21zOFVJUXFwZTRjY0JZcnVMT2Y1ekdvbGhCNit5TzcwaW02THZyVVpXYUcxaGRBUXAyNFlJSnQ0eXJTYWt1Z2lYcE9BWDlSM1FTQXhKbW5Ud0tTZTVaMzYyaW1RaEszUTdESGduUmRqcVFGSUxPU1JEUDlDUnUyVzJTNUNLVWEyQUJ3eU5HN2NER0JBeHd0M3V0YXFMcDJheW5aM20wNjBhd2NyTUhvSDdXM2FBUnArRnc3aWFnVTFidkNOczVqVmpIWno3eVJqWVAyQnNLQWtJeGZoNnZJSXdrVnYvTEc5WVNDT3VjYXJGalVQZEZFM1hYSGx1QlpzRFZ3N2xMV2ZhMVVWYjZSWWkwZVpZRW9GbnZPaUU2WG16c3puRktueEhWcmpIRStTQ1o2M21PV0F0bXZ0S0EvbW5SbTJnaVhjNEF1Mkk9&fp=7fe7f2e16dd7f48c00a4ea8141734fea
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad1cb1283f407456a8ca2257f0f4a6974e0679ac824a869a7bc5420fcd2a8a37

Request headers

Referer
https://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05OSVd4eVBVR2gxZjc4YUk4Y0cySFJuUmszcTF3Q3pvb2t2Y1JHYVVCVFVrSWlNbmRJaGsyclV1dWRHeXVVOUthVzl4Y25ReXZwVmY5dUhDUnlsNGhKQnRtNlBpdDNySmtzYTI1cE1EcGdGa3RsNFBKdzRKZ1hUbVFMVzhyTXBFUEowcGtuQ2hndnZ3VWdFR2FEY2h6Qzk1ZnB6R3YvNTUrNHkzbDFwcTNhTjJsUjQ5azEvTXlDVGprdENpM1daRXA3YzdxKzBYWlExalVmM2I5ZHBaa0x4OWgrTzBNOWZIcUFHSHdJb25ZcVh5ZFJSZjllV0pON09Za01nWW82b2xoL0JuWnVYNHhyRkF5WFUzbUsrZWQvakFnWUdTdlp1a1c3Uk40UkdFZFBTTnRoeCt4VVNRaG5Ic2dwc1htL0lTVHp4RDlFY1d6V0o0U0JZU1J5VHNLbVRlRWlsRUxHR3pKR3Q3N014MXhhTnF5elhnbHRUN01DTklWRG10Z1o1ZktFTGFuOXZETFpmSHVramVLMkJMMEEweTV4d0NLb3JJRlN1bHNsb1hha09qNVZBMlR1QjJBeVFDU0RVQWFXWW9VOEI1ZWZTV2J3N3dDQ2tEcGttYmxaMGRBaTI3cUI1c1pDL2swMGFCRjk0VnFUODdtUU1IUVMvT0xJbXo3clhsVVEvOWdRL0RYZXQxQVltQzY4K3dWZXc4Y0loSGtPV2lmQ05tbTNHdnNGYWU5MzllUCt3Nzdjb2k2M21zOFVJUXFwZTRjY0JZcnVMT2Y1ekdvbGhCNit5TzcwaW02THZyVVpXYUcxaGRBUXAyNFlJSnQ0eXJTYWt1Z2lYcE9BWDlSM1FTQXhKbW5Ud0tTZTVaMzYyaW1RaEszUTdESGduUmRqcVFGSUxPU1JEUDlDUnUyVzJTNUNLVWEyQUJ3eU5HN2NER0JBeHd0M3V0YXFMcDJheW5aM20wNjBhd2NyTUhvSDdXM2FBUnArRnc3aWFnVTFidkNOczVqVmpIWno3eVJqWVAyQnNLQWtJeGZoNnZJSXdrVnYvTEc5WVNDT3VjYXJGalVQZEZFM1hYSGx1QlpzRFZ3N2xMV2ZhMVVWYjZSWWkwZVpZRW9GbnZPaUU2WG16c3puRktueEhWcmpIRStTQ1o2M21PV0F0bXZ0S0EvbW5SbTJnaVhjNEF1Mkk9&fp=7fe7f2e16dd7f48c00a4ea8141734fea
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e83ffcc3ae20c76-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Mon, 25 Nov 2024 19:21:00 GMT
link
<https://thewinnertips.com/wp-json/>; rel="https://api.w.org/", <https://thewinnertips.com/wp-json/wp/v2/pages/539>; rel="alternate"; title="JSON"; type="application/json", <https://thewinnertips.com/?p=539>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R9UjfdJmo7FxxJLKouDTQUDaJGjG1eqo50Ou0t%2BEzEJbMEFOxaA%2F5yiYAEQcxBNYGqlD6t2v4e%2FvN%2FpBDPQuD3by1AOPBhN9sEFDvCN9yvPk5tpNkNiNi1WCxOWDzjSr1zS%2BIO%2BLJ9KZfbF3qU3SNA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=56945&sent=11&recv=12&lost=0&retrans=0&sent_bytes=4142&recv_bytes=5760&delivery_rate=440&cwnd=12000&unsent_bytes=0&cid=f9a44b9c5b9d0864&ts=981&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding Accept-Encoding
x-cache
MISS

Redirect headers

connection
close
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 25 Nov 2024 19:20:59 GMT
location
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8
server
Apache
all.min.css
thewinnertips.com/wp-content/themes/WinnersTips2/assets/fa/css/
58 KB
13 KB
Stylesheet
General
Full URL
https://thewinnertips.com/wp-content/themes/WinnersTips2/assets/fa/css/all.min.css
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"63089813-e7a9"
age
1238129
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sHOXpLiN21vWlA71SvT2U9lJMH2P%2BCcJvjK8plQ1aQExKkI2sS27qdEohcEEJ25StKk99aYhxA3YI%2FICT69OiH7wPBDMdkhgfUit4rUeXHjG2B511s%2BlllzJCI%2B5F%2BONyqfGB4%2FgQKg97RC4SnphAw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=51282&sent=22&recv=18&lost=0&retrans=0&sent_bytes=12546&recv_bytes=7481&delivery_rate=62796&cwnd=12000&unsent_bytes=0&cid=f9a44b9c5b9d0864&ts=1129&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 25 Nov 2024 19:21:00 GMT
content-type
text/css
last-modified
Fri, 26 Aug 2022 09:53:23 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e83ffd2ca2d0c76-EWR
server
cloudflare
main.bundle.css
thewinnertips.com/wp-content/themes/WinnersTips2/dist/
21 KB
5 KB
Stylesheet
General
Full URL
https://thewinnertips.com/wp-content/themes/WinnersTips2/dist/main.bundle.css?ver=1663664398
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1553287e594bf32732724a2364a23c60770f30a8250d24303a6630df32e8b3c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6329810e-5462"
age
4167147
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qqvKQ1WYthnS%2BM3PLGR1SstKXj7UlLxNcrIqK9xkVoipCGcQc2AIlTLOt4c1hYpD231pbKCEch%2BK3tRB500cRYVXm4OljSJ6zLWXovpgJrjZXba5VdbZiWYhMSLNeqWoL7KVQ%2F5nZw1Y1Wh7eoK6Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=51282&sent=29&recv=18&lost=0&retrans=0&sent_bytes=20443&recv_bytes=7481&delivery_rate=62796&cwnd=12000&unsent_bytes=0&cid=f9a44b9c5b9d0864&ts=1133&x=1", cfExtPri, cfHdrFlush;dur=3
date
Mon, 25 Nov 2024 19:21:00 GMT
content-type
text/css
last-modified
Tue, 20 Sep 2022 08:59:58 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e83ffd2ca300c76-EWR
server
cloudflare
front.min.css
thewinnertips.com/wp-content/plugins/cookie-notice/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://thewinnertips.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.7.1
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"630774f2-14d6"
age
332052
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZP4C9Ok8HerQZPYP5JcThSQlY05Xza70sRLYHGiBQLALps1iy%2FXf6A47FIMDH70rinLf0mSpNnO%2FGXeoWTwiEl9DcE0vie0VhWf8BgEl%2BY4UjNpppyuUwNrhVHUmRmHnizdtXIwMohBVXe%2FqUmIkZw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=51282&sent=29&recv=18&lost=0&retrans=0&sent_bytes=20443&recv_bytes=7481&delivery_rate=62796&cwnd=12000&unsent_bytes=0&cid=f9a44b9c5b9d0864&ts=1131&x=1", cfExtPri, cfHdrFlush;dur=29
date
Mon, 25 Nov 2024 19:21:00 GMT
content-type
text/css
last-modified
Thu, 25 Aug 2022 13:11:14 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e83ffd2ca310c76-EWR
server
cloudflare
front.min.js
thewinnertips.com/wp-content/plugins/cookie-notice/js/
9 KB
3 KB
Script
General
Full URL
https://thewinnertips.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.0
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af735813266cdf52a38a6e1583a86066db357469ceded2d7ea8335b298d73d65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"630774f2-222e"
age
400641
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DjzcWI2PJb09yVO4O3T87xksL9UjvcbcTJRBD2kORhnzRGjlWds5ocHx1bqO7Q2OgDincDgEg9FuhQGGmcBAZ73WfxUJnVmiYYCxWmGAgxjRp91E%2B2r3xYDzF%2FObCWxLxYvWnFFMU1XaFp4zr5KZGA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=50486&sent=69&recv=41&lost=0&retrans=0&sent_bytes=55448&recv_bytes=11445&delivery_rate=494307&cwnd=31200&unsent_bytes=0&cid=f9a44b9c5b9d0864&ts=1240&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 25 Nov 2024 19:21:00 GMT
content-type
application/javascript
last-modified
Thu, 25 Aug 2022 13:11:14 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e83ffd37afc0c76-EWR
server
cloudflare
Group-3230.png
thewinnertips.com/wp-content/uploads/2022/08/
6 KB
7 KB
Image
General
Full URL
https://thewinnertips.com/wp-content/uploads/2022/08/Group-3230.png
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
466e5fee3a89203aa23b3feaebfbe34da6160d09b444763e9b40fed3d9bc755b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8

Response headers

cf-cache-status
HIT
etag
"63077a6a-194f"
age
1238129
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nU8Epd29RiijY0DK1njrhtZWGSIewVF%2B52UGO%2BevhMtf%2BF3Bhtl0D5%2B6ktOc5Oq5gB3mXHs5GCpcvRm2JXIptgu1cPBA%2BIXHL8mRZiHWYsO34S7xgL0HsxeOjJBulHabPBSsKroW9BWgeMB0CVQVtA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=51282&sent=29&recv=18&lost=0&retrans=0&sent_bytes=20443&recv_bytes=7481&delivery_rate=62796&cwnd=12000&unsent_bytes=0&cid=f9a44b9c5b9d0864&ts=1135&x=1", cfExtPri, cfHdrFlush;dur=25
date
Mon, 25 Nov 2024 19:21:00 GMT
content-type
image/png
last-modified
Thu, 25 Aug 2022 13:34:34 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e83ffd2ca330c76-EWR
accept-ranges
bytes
content-length
6479
server
cloudflare
topgame-01.png
thewinnertips.com/wp-content/uploads/2022/08/
1 KB
2 KB
Image
General
Full URL
https://thewinnertips.com/wp-content/uploads/2022/08/topgame-01.png
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f41f1f66c491d58e9c86c76883f768838016bdac0d6e75fde8078f74ace198a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8

Response headers

cf-cache-status
HIT
etag
"63077caf-479"
age
1238129
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1OtF6EVwMtHAoKIH7h6UJwLcNtbRAcgRVx%2BNzfKCWmXh7lWLjHho%2BTJMjC%2BT%2Fs7rA1C%2BYOQcf3BMnmoOveEtzpg4I3XFdcBoUfYuYOz3g9haulOhQwadht4kTZaV6r5o1PjP4X6eu8joiQ%2FCpDpXKA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=55484&sent=35&recv=20&lost=0&retrans=0&sent_bytes=25708&recv_bytes=7957&delivery_rate=134361&cwnd=14400&unsent_bytes=0&cid=f9a44b9c5b9d0864&ts=1155&x=1", cfExtPri, cfHdrFlush;dur=15
date
Mon, 25 Nov 2024 19:21:00 GMT
content-type
image/png
last-modified
Thu, 25 Aug 2022 13:44:15 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e83ffd2fa570c76-EWR
accept-ranges
bytes
content-length
1145
server
cloudflare
twitter.png
thewinnertips.com/wp-content/themes/WinnersTips2/assets/img/
3 KB
4 KB
Image
General
Full URL
https://thewinnertips.com/wp-content/themes/WinnersTips2/assets/img/twitter.png
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81507b4cda28450b2a9c638fbb2bed8fde9b0de69891399ab94467efd77a4557

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8

Response headers

cf-cache-status
HIT
etag
"63078f8c-dba"
age
4167146
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a1E%2B%2BixwqMcdmZRzL6ji9NVR7kiH3o8IaunY2vj2YfNWSx5dWl7e7go%2Fi%2B3sJLyR2rXb1Ln%2F4nlwKrBQJvKrKX73YtWplGrDzKoXz8GT3Iyj3EoqjGuHB9Oua%2FyOC2O6xY4XDkWUBUn4XMyFdfla%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=50486&sent=57&recv=41&lost=0&retrans=0&sent_bytes=42643&recv_bytes=11445&delivery_rate=494307&cwnd=31200&unsent_bytes=0&cid=f9a44b9c5b9d0864&ts=1235&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 25 Nov 2024 19:21:00 GMT
content-type
image/png
last-modified
Thu, 25 Aug 2022 15:04:44 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e83ffd36aee0c76-EWR
accept-ranges
bytes
content-length
3514
server
cloudflare
facebook.png
thewinnertips.com/wp-content/themes/WinnersTips2/assets/img/
1 KB
2 KB
Image
General
Full URL
https://thewinnertips.com/wp-content/themes/WinnersTips2/assets/img/facebook.png
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87bb462c06cc85dba44601dbbcd84f3d769d9bf84580777849b39597ea8be7cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8

Response headers

cf-cache-status
HIT
etag
"63078f88-422"
age
1238129
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rc8elQ7RW8ocAYO8W%2B70oMJr9jIPj7%2FEiOE5vjiqexJlY5F9AF4dltL%2Fs8P45DaJMnWGaIH7JMCsBy3FBG42PbyabiDw7NxzolpDEKDwdm5kqQQ5dYx8llaXcrS8IDPl7JVgFtvr%2FxoaDdnhZ5ETiw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=50486&sent=72&recv=41&lost=0&retrans=0&sent_bytes=58311&recv_bytes=11445&delivery_rate=494307&cwnd=31200&unsent_bytes=0&cid=f9a44b9c5b9d0864&ts=1246&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 25 Nov 2024 19:21:00 GMT
content-type
image/png
last-modified
Thu, 25 Aug 2022 15:04:40 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e83ffd37af80c76-EWR
accept-ranges
bytes
content-length
1058
server
cloudflare
facebook.png
thewinnertips.com/wp-content/uploads/2022/08/
1 KB
2 KB
Image
General
Full URL
https://thewinnertips.com/wp-content/uploads/2022/08/facebook.png
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87bb462c06cc85dba44601dbbcd84f3d769d9bf84580777849b39597ea8be7cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8

Response headers

cf-cache-status
HIT
etag
"63079e93-422"
age
1238129
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CtL%2Fyh5KwLoAHqX25YnEuGJJ6QR7OwvQ2KP7kQMuvccs36tekGuO15hhqPBkyCPgQ1pG8BW6T0inddmWMtUpzTEmWENlIykVlu68FMCbRTnnE6j9nhXJ2Q1hSUwvqFxSViPMO89sm12eVX%2FDJZvU7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=50486&sent=67&recv=41&lost=0&retrans=0&sent_bytes=53680&recv_bytes=11445&delivery_rate=494307&cwnd=31200&unsent_bytes=0&cid=f9a44b9c5b9d0864&ts=1240&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 25 Nov 2024 19:21:00 GMT
content-type
image/png
last-modified
Thu, 25 Aug 2022 16:08:51 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e83ffd37afd0c76-EWR
accept-ranges
bytes
content-length
1058
server
cloudflare
twitter.png
thewinnertips.com/wp-content/uploads/2022/08/
3 KB
4 KB
Image
General
Full URL
https://thewinnertips.com/wp-content/uploads/2022/08/twitter.png
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1f8026421e9a62a53734161746e439080236703a6fe2705e2140cfe14888751

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8

Response headers

cf-cache-status
HIT
etag
"63079e94-cb8"
age
1238129
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2FoKGnHMDl1zoB9F4avtLLP9qDkEVWqKxXVFLCVMQiCfITtE79UaFXoWQFNNwnKAYWi%2F3PaSaUdwB8%2BcSChqfwtVLbDuBzwQ6uI8gXN2OGvRXeAOhXSdbwxSys5ZgbTJC1OlJLkSK01I4tLbmUQgeA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=50486&sent=74&recv=41&lost=0&retrans=0&sent_bytes=60080&recv_bytes=11445&delivery_rate=494307&cwnd=31200&unsent_bytes=0&cid=f9a44b9c5b9d0864&ts=1250&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 25 Nov 2024 19:21:00 GMT
content-type
image/png
last-modified
Thu, 25 Aug 2022 16:08:52 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e83ffd37afe0c76-EWR
accept-ranges
bytes
content-length
3256
server
cloudflare
main.bundle.js
thewinnertips.com/wp-content/themes/WinnersTips2/dist/
16 KB
6 KB
Script
General
Full URL
https://thewinnertips.com/wp-content/themes/WinnersTips2/dist/main.bundle.js?ver=1683814445
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6e55de23b6cf9fe95b7c2c086fe24fb56256f03860844a8e7f7bbfd507b8645

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"645cf82d-3fe0"
age
1238129
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UCJIkzVAy0uY0FGnAdkxDwwZkhoBJwUTV3zLQX8y46dNpX8udTH2rJjKSc4vS%2BPfNDLYErTT6IzXtXRMLoA3q5l6zgarxACyqIGgZJ32D1ZqEGhqXXhXsh8PAsJ0rpnVyqJcGvBxsfjf%2BRAjHw215g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=50486&sent=61&recv=41&lost=0&retrans=0&sent_bytes=46922&recv_bytes=11445&delivery_rate=494307&cwnd=31200&unsent_bytes=0&cid=f9a44b9c5b9d0864&ts=1239&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 25 Nov 2024 19:21:00 GMT
content-type
application/javascript
last-modified
Thu, 11 May 2023 14:14:05 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e83ffd37afa0c76-EWR
server
cloudflare
gtm.js
www.googletagmanager.com/
442 KB
120 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-58QS7KV
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c8c0b2b0ef5f37d1fe8e6ca5b45a5cca0339a8b68a1beaa4912fb5eb4ab2a509
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 25 Nov 2024 19:21:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 19:21:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
121888
x-xss-protection
0
server
Google Tag Manager
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5dbe802e02c90654f902e69208eb5c1ce9b12a56850ed17f752f3ca68b1378cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
574x_545_-_Welcome_Banner_2-min-1.jpg
thewinnertips.com/wp-content/uploads/2023/04/
102 KB
103 KB
Image
General
Full URL
https://thewinnertips.com/wp-content/uploads/2023/04/574x_545_-_Welcome_Banner_2-min-1.jpg
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
623fb399226bc3560edd8dbd9ea680fc99eba6419a7186fae83d504854b3e086

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8

Response headers

cf-cache-status
HIT
etag
"6436eb93-19806"
age
1110378
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GwbRp8va%2B%2F6CQizz2ZSNMBdCADwvb%2BUAuRYQhQ%2BI%2BkIB0ranwxfgzqR6EQpjMs3lAFbgsf1wyPD22wrkp1sQ%2FIpQiwY%2FssX%2BOUPEfkEtufCGVM%2FBDltoR97n4SHlSSzjwQ2GuRd8OZgbKgeFEL5%2FNA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=50486&sent=78&recv=41&lost=0&retrans=0&sent_bytes=64096&recv_bytes=11445&delivery_rate=494307&cwnd=31200&unsent_bytes=0&cid=f9a44b9c5b9d0864&ts=1259&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 25 Nov 2024 19:21:00 GMT
content-type
image/jpeg
last-modified
Wed, 12 Apr 2023 17:34:11 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e83ffd37aff0c76-EWR
accept-ranges
bytes
content-length
104454
server
cloudflare
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v21/
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thewinnertips.com
Referer
https://thewinnertips.com/

Response headers

age
341498
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 20:29:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 20:29:22 GMT
last-modified
Mon, 18 Jul 2022 19:32:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
33580
x-xss-protection
0
server
sffe
fa-solid-900.woff2
thewinnertips.com/wp-content/themes/WinnersTips2/assets/fa/webfonts/
76 KB
77 KB
Font
General
Full URL
https://thewinnertips.com/wp-content/themes/WinnersTips2/assets/fa/webfonts/fa-solid-900.woff2
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/wp-content/themes/WinnersTips2/assets/fa/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://thewinnertips.com
Referer
https://thewinnertips.com/wp-content/themes/WinnersTips2/assets/fa/css/all.min.css

Response headers

cf-cache-status
HIT
etag
"61129b24-131bc"
age
1238129
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ml%2BU4%2FmHZP%2BYHr4lPEfNNxW10erU%2B7ZKYGMHPSZwPEL%2BwAJPFhJ51KNfImt%2BCJF3eGhR7697Hi8a0hFCXZHfpUaixUZaw4kYmEU5nrqQRklOkot5yQkS8J5qpbB5oC%2FtOrUt%2FNap3VT3xx2fZu2A0g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=45018&sent=118&recv=50&lost=0&retrans=0&sent_bytes=107511&recv_bytes=12184&delivery_rate=301681&cwnd=48000&unsent_bytes=0&cid=f9a44b9c5b9d0864&ts=1286&x=1", cfExtPri, cfHdrFlush;dur=2
date
Mon, 25 Nov 2024 19:21:00 GMT
content-type
application/font-woff2
last-modified
Tue, 10 Aug 2021 15:28:36 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e83ffd3bb3b0c76-EWR
accept-ranges
bytes
content-length
78268
server
cloudflare
truncated
/
44 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
truncated
/
82 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
truncated
/
90 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
truncated
/
38 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
c5f37193-f19d-4b64-82e2-f71b83858c2c.jpg
thewinnertips.com/wp-content/uploads/2023/04/
78 KB
78 KB
Image
General
Full URL
https://thewinnertips.com/wp-content/uploads/2023/04/c5f37193-f19d-4b64-82e2-f71b83858c2c.jpg
Requested by
Host: thewinnertips.com
URL: https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
730c04a8235fa609d19013c04c75be34b1107971c3d89e9bc2ff1f35580952be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8

Response headers

cf-cache-status
HIT
etag
"643d89cc-1362f"
age
1110378
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZkGV858NTah4yqRBmq8nNIULWrSdGIDj1CUoOyQ6UcGN7hllagSKO5SbikHK4aUlhBc7%2FA9gtu6FJDxDcKwXMaFVqU0JQSYyCX6CBTTXJ1Aoj4QfmN2d%2BX7S99qyryS1VCCSLlOBbU0idELrCPVV6A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=39912&sent=199&recv=68&lost=0&retrans=0&sent_bytes=198272&recv_bytes=13369&delivery_rate=801008&cwnd=93600&unsent_bytes=0&cid=f9a44b9c5b9d0864&ts=1320&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 25 Nov 2024 19:21:00 GMT
content-type
image/jpeg
last-modified
Mon, 17 Apr 2023 18:02:52 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e83ffd3fb720c76-EWR
accept-ranges
bytes
content-length
79407
server
cloudflare
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fthewinnertips.com%2Ftrill_casinodays_5t_ca%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1577972205.1732562461&auid=1184877233.1732562461&npa=0&gtm=45He4bk0v830784315za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732562461035&tfd=2050&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58QS7KV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/

Response headers

analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58QS7KV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/

Response headers

content-encoding
gzip
age
4333
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 20:08:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 18:08:48 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 058B
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fthewinnertips.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58QS7KV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
285397
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Nov 2024 12:04:24 GMT
expires
Sat, 22 Nov 2025 12:04:24 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
3 B
422 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=515778603&t=pageview&_s=1&dl=https%3A%2F%2Fthewinnertips.com%2Ftrill_casinodays_5t_ca%2F%3Futm_campaign%3D1469945303%26sid%3D2024112606205747bba292ba09c57aa8&ul=en-ca&de=UTF-8&dt=The%20Winners%20Tips&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1372351293&gjid=1807751497&cid=1392061791.1732562461&tid=UA-159864570-1&_gid=1509923441.1732562461&_r=1&_slc=1&gtm=45He4bk0n8158QS7KVv830784315za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1287552274
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://thewinnertips.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 19:21:01 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://thewinnertips.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
cropped-Group-3230-32x32.png
thewinnertips.com/wp-content/uploads/2022/08/
1 KB
2 KB
Other
General
Full URL
https://thewinnertips.com/wp-content/uploads/2022/08/cropped-Group-3230-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ebfaf8ab158192acd1cc3a91e34a8cb81305fe7a2bf2e9e131ae7166e0e077e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://thewinnertips.com/trill_casinodays_5t_ca/?utm_campaign=1469945303&sid=2024112606205747bba292ba09c57aa8

Response headers

cf-cache-status
HIT
etag
"63078114-506"
age
1224351
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VvvqhqqGudJf5GtAkSSE7eAep0aEyt3COHFXPhU0CJJeYJoqjeIsfbEUSiH28%2FLQ8N4t9NUR9KwJCt2MX2bE8l3FI6LtJVHHkz80ssnM0JJ9Lts%2FZE%2BP5ulLceex9nxARnDfiEe7PqxOnJIEpNmPiA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=41457&sent=318&recv=90&lost=0&retrans=0&sent_bytes=334527&recv_bytes=14850&delivery_rate=2768716&cwnd=171600&unsent_bytes=0&cid=f9a44b9c5b9d0864&ts=1829&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 25 Nov 2024 19:21:01 GMT
content-type
image/png
last-modified
Thu, 25 Aug 2022 14:03:00 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e83ffd72f010c76-EWR
accept-ranges
bytes
content-length
1286
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dyetui.com
URL
https://dyetui.com/favicon.ico

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| cnArgs object| dataLayer function| checkForm object| Modernizr object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.thewinnertips.com/ Name: _gcl_au
Value: 1.1.1184877233.1732562461
.thewinnertips.com/ Name: _ga
Value: GA1.2.1392061791.1732562461
.thewinnertips.com/ Name: _gid
Value: GA1.2.1509923441.1732562461
.thewinnertips.com/ Name: _gat_UA-159864570-1
Value: 1

1 Console Messages

Source Level URL
Text
rendering warning URL: https://dyetui.com/f.php?e=OFh28HKl0E3Sv6UxVPGAh349fkRNcWR1QzB0MjRBWGVyVHBvVjlNVzJPQkxPd1BpV1Z1L284QzZFdk9rdW9QMU5oYVdwTDFBcjFwZEZwNFlja1FFdEZGZ3cwVGZua1JEQThPUUdIaU85SzZPaXNCWFpNVTR0L0tYRlpBVVBEK05OSVd4eVBVR2gxZjc4YUk4Y0cySFJuUmszcTF3Q3pvb2t2Y1JHYVVCVFVrSWlNbmRJaGsyclV1dWRHeXVVOUthVzl4Y25ReXZwVmY5dUhDUnlsNGhKQnRtNlBpdDNySmtzYTI1cE1EcGdGa3RsNFBKdzRKZ1hUbVFMVzhyTXBFUEowcGtuQ2hndnZ3VWdFR2FEY2h6Qzk1ZnB6R3YvNTUrNHkzbDFwcTNhTjJsUjQ5azEvTXlDVGprdENpM1daRXA3YzdxKzBYWlExalVmM2I5ZHBaa0x4OWgrTzBNOWZIcUFHSHdJb25ZcVh5ZFJSZjllV0pON09Za01nWW82b2xoL0JuWnVYNHhyRkF5WFUzbUsrZWQvakFnWUdTdlp1a1c3Uk40UkdFZFBTTnRoeCt4VVNRaG5Ic2dwc1htL0lTVHp4RDlFY1d6V0o0U0JZU1J5VHNLbVRlRWlsRUxHR3pKR3Q3N014MXhhTnF5elhnbHRUN01DTklWRG10Z1o1ZktFTGFuOXZETFpmSHVramVLMkJMMEEweTV4d0NLb3JJRlN1bHNsb1hha09qNVZBMlR1QjJBeVFDU0RVQWFXWW9VOEI1ZWZTV2J3N3dDQ2tEcGttYmxaMGRBaTI3cUI1c1pDL2swMGFCRjk0VnFUODdtUU1IUVMvT0xJbXo3clhsVVEvOWdRL0RYZXQxQVltQzY4K3dWZXc4Y0loSGtPV2lmQ05tbTNHdnNGYWU5MzllUCt3Nzdjb2k2M21zOFVJUXFwZTRjY0JZcnVMT2Y1ekdvbGhCNit5TzcwaW02THZyVVpXYUcxaGRBUXAyNFlJSnQ0eXJTYWt1Z2lYcE9BWDlSM1FTQXhKbW5Ud0tTZTVaMzYyaW1RaEszUTdESGduUmRqcVFGSUxPU1JEUDlDUnUyVzJTNUNLVWEyQUJ3eU5HN2NER0JBeHd0M3V0YXFMcDJheW5aM20wNjBhd2NyTUhvSDdXM2FBUnArRnc3aWFnVTFidkNOczVqVmpIWno3eVJqWVAyQnNLQWtJeGZoNnZJSXdrVnYvTEc5WVNDT3VjYXJGalVQZEZFM1hYSGx1QlpzRFZ3N2xMV2ZhMVVWYjZSWWkwZVpZRW9GbnZPaUU2WG16c3puRktueEhWcmpIRStTQ1o2M21PV0F0bXZ0S0EvbW5SbTJnaVhjNEF1Mkk9
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0805C1424030000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dyetui.com
ffffffffffff.skillclient.com
fonts.gstatic.com
thewinnertips.com
ww99.skillclient.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
dyetui.com
103.224.182.206
172.232.25.148
2606:4700:3031::ac43:b540
2607:f8b0:4006:808::2004
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80e::200e
2607:f8b0:4006:824::2008
69.16.230.228
1553287e594bf32732724a2364a23c60770f30a8250d24303a6630df32e8b3c4
1aaba4957b0b38d1e50f4d40547215dab68f15174783fc694d89f608c1846eeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
466e5fee3a89203aa23b3feaebfbe34da6160d09b444763e9b40fed3d9bc755b
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
5dbe802e02c90654f902e69208eb5c1ce9b12a56850ed17f752f3ca68b1378cd
5ebfaf8ab158192acd1cc3a91e34a8cb81305fe7a2bf2e9e131ae7166e0e077e
623fb399226bc3560edd8dbd9ea680fc99eba6419a7186fae83d504854b3e086
730c04a8235fa609d19013c04c75be34b1107971c3d89e9bc2ff1f35580952be
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
81507b4cda28450b2a9c638fbb2bed8fde9b0de69891399ab94467efd77a4557
87bb462c06cc85dba44601dbbcd84f3d769d9bf84580777849b39597ea8be7cc
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
ad1cb1283f407456a8ca2257f0f4a6974e0679ac824a869a7bc5420fcd2a8a37
af735813266cdf52a38a6e1583a86066db357469ceded2d7ea8335b298d73d65
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089
c8c0b2b0ef5f37d1fe8e6ca5b45a5cca0339a8b68a1beaa4912fb5eb4ab2a509
d6e55de23b6cf9fe95b7c2c086fe24fb56256f03860844a8e7f7bbfd507b8645
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789
f1f8026421e9a62a53734161746e439080236703a6fe2705e2140cfe14888751
f41f1f66c491d58e9c86c76883f768838016bdac0d6e75fde8078f74ace198a3