Submitted URL: https://win-vip.online/
Effective URL: https://www.win-vip.online/
Submission: On November 26 via api from US — Scanned from US

Summary

This website contacted 25 IPs in 2 countries across 19 domains to perform 89 HTTP transactions. The main IP is 2606:4700:3036::ac43:adc6, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.win-vip.online.
TLS certificate: Issued by WE1 on November 22nd 2024. Valid for: 3 months.
This is the only time www.win-vip.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 41 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2620:1ec:21::14 8068 (MICROSOFT...)
8 2600:1408:c40... 20940 (AKAMAI-AS...)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 76.76.21.142 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 104.18.37.212 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 13.33.252.92 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2a03:2880:f00... 32934 (FACEBOOK)
2 2600:1408:c40... 20940 (AKAMAI-AS...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 18.164.96.87 16509 (AMAZON-02)
4 2a03:2880:f10... 32934 (FACEBOOK)
89 25
Apex Domain
Subdomains
Transfer
41 win-vip.online
win-vip.online
www.win-vip.online
2 MB
8 typekit.net
use.typekit.net — Cisco Umbrella Rank: 460
p.typekit.net — Cisco Umbrella Rank: 571
211 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
419 B
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
3 KB
4 zi-scripts.com
js.zi-scripts.com — Cisco Umbrella Rank: 5643
839 B
4 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 142
128 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
79 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 888
script.hotjar.com — Cisco Umbrella Rank: 1185
63 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
197 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 333
1 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 831
15 KB
2 hubspot.com
cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 3677
track.hubspot.com — Cisco Umbrella Rank: 2477
3 KB
2 google.com.sg
www.google.com.sg — Cisco Umbrella Rank: 15166
562 B
2 w3counter.com
www.w3counter.com — Cisco Umbrella Rank: 264236
2 KB
1 hsforms.com
perf-na1.hsforms.com — Cisco Umbrella Rank: 3819
958 B
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3690
893 B
1 hubspotonwebflow.com
hubspotonwebflow.com — Cisco Umbrella Rank: 33737
23 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2343
148 B
1 hscollectedforms.net
forms.hscollectedforms.net — Cisco Umbrella Rank: 4960
730 B
89 19
Domain Requested by
40 www.win-vip.online www.win-vip.online
7 use.typekit.net
4 www.facebook.com
4 js.zi-scripts.com www.win-vip.online
3 connect.facebook.net www.win-vip.online
connect.facebook.net
3 www.googletagmanager.com www.win-vip.online
www.googletagmanager.com
3 www.google.com www.googletagmanager.com
3 px.ads.linkedin.com www.win-vip.online
2 script.hotjar.com static.hotjar.com
script.hotjar.com
2 snap.licdn.com www.win-vip.online
snap.licdn.com
2 td.doubleclick.net www.win-vip.online
www.googletagmanager.com
2 www.google.com.sg
2 www.w3counter.com www.win-vip.online
www.w3counter.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.win-vip.online
1 analytics.google.com www.win-vip.online
1 static.hotjar.com www.win-vip.online
1 perf-na1.hsforms.com
1 api.hubapi.com www.win-vip.online
1 track.hubspot.com
1 hubspotonwebflow.com www.win-vip.online
1 cta-service-cms2.hubspot.com www.win-vip.online
1 js.hs-banner.com www.win-vip.online
1 p.typekit.net
1 forms.hscollectedforms.net www.win-vip.online
1 win-vip.online 1 redirects
89 26
Subject Issuer Validity Valid
win-vip.online
WE1
2024-11-22 -
2025-02-20
3 months crt.sh
w3counter.com
WE1
2024-11-06 -
2025-02-04
3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-10-14 -
2025-04-14
6 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-10-17 -
2025-11-17
a year crt.sh
*.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google.com.sg
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
hscollectedforms.net
WE1
2024-11-20 -
2025-02-18
3 months crt.sh
hs-banner.com
WE1
2024-11-22 -
2025-02-20
3 months crt.sh
hubspot.com
WE1
2024-10-03 -
2025-01-01
3 months crt.sh
*.hubspotonwebflow.com
R11
2024-11-21 -
2025-02-19
3 months crt.sh
zi-scripts.com
WE1
2024-11-20 -
2025-02-18
3 months crt.sh
hubapi.com
WE1
2024-11-07 -
2025-02-05
3 months crt.sh
hsforms.com
WE1
2024-10-10 -
2025-01-08
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-04 -
2024-12-03
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh

This page contains 4 frames:

Primary Page: https://www.win-vip.online/
Frame ID: 429F67FE5B9E184548E644C4E79EEBE5
Requests: 90 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-JQJW0R9K67&gacid=42638077.1732622808&gtm=45je4a90v889012187z8856447165za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686685&z=1977641071
Frame ID: 2D1D4939B2C7033C13A9410B28091F43
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/331747738?random=1732622808590&cv=11&fst=1732622808590&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200zb856447165&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.win-vip.online%2F&hn=www.googleadservices.com&frm=0&tiba=WIN%20VIP%20%26%20ogue%20com%20Dinheiro%20Real%20!WIN%20VIP%20-%20Cassino%20e%20Apostas%20Esportivas%20Online(BR)&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1322119303.1732622809&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 1E6793F8ECCABB19BB614B7A0A3C00D5
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.win-vip.online
Frame ID: BDBD16D7ABF4B72334BDB3E07F162440
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

WIN VIP & ogue com Dinheiro Real !WIN VIP - Cassino e Apostas Esportivas Online(BR)

Page URL History Show full URLs

  1. https://win-vip.online/ HTTP 301
    http://www.win-vip.online/ HTTP 307
    https://www.win-vip.online/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • tracker\.js

Overall confidence: 100%
Detected patterns
  • w3counter\.com/tracker\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

89
Requests

100 %
HTTPS

83 %
IPv6

19
Domains

26
Subdomains

25
IPs

2
Countries

2347 kB
Transfer

6104 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://win-vip.online/ HTTP 301
    http://www.win-vip.online/ HTTP 307
    https://www.win-vip.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

89 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.win-vip.online/
Redirect Chain
  • https://win-vip.online/
  • http://www.win-vip.online/
  • https://www.win-vip.online/
62 KB
15 KB
Document
General
Full URL
https://www.win-vip.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
044cb4a9d0f48b4053905ba556fbbdb3f1bb60e67c376d0919fb129441de2603

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e89c119d9cc80d0-EWR
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Tue, 26 Nov 2024 12:06:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NdcuUT%2F5sqX5WDXQ2YzaNfo0bezTTzZY27rEWCaGowrtez7z8QSl7QQV1ravnEkVG54SaLco3zegHHHxS9H8y2%2FlXqLsc20JitKIgGm1rULQuO%2BvAlrhOJ%2FMFCEtvEN0XJuTYpek5Vs%2FWljAV24ZYfw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=8436&sent=14&recv=12&lost=0&retrans=0&sent_bytes=4829&recv_bytes=4854&delivery_rate=18929&cwnd=12000&unsent_bytes=0&cid=124ecac6550c8bce&ts=795&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

Location
https://www.win-vip.online/
Non-Authoritative-Reason
HttpsUpgrades
motivity-consumer.webflow.61592560e.min.css
www.win-vip.online/template/company/game10097/index_files/
358 KB
67 KB
Stylesheet
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/motivity-consumer.webflow.61592560e.min.css
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42c7fae680748a76e74e9c9b2d20c66635bddb9817227edbf81a1f3968b1bf19

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"671a3c60-5969b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yGDgvWPWW8s0efnB9lvXMre429Tr2AdfAeJeSqr4uWVcPP6ndhQxGpFWgIP%2BkvbNt7dWpCRc0e6nEmGrWnJwwW7cc8yPQnEtJjC8uSik7CRR6EHpg1VoEt1uUYz7jd6u1XlP89OSkdwt%2FfKFBjDl0Hk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11c3ba580d0-EWR
expires
Wed, 27 Nov 2024 00:06:46 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9026&sent=45&recv=36&lost=0&retrans=0&sent_bytes=33368&recv_bytes=9076&delivery_rate=288469&cwnd=15600&unsent_bytes=0&cid=124ecac6550c8bce&ts=1179&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:46 GMT
content-type
text/css
last-modified
Thu, 24 Oct 2024 12:24:00 GMT
vary
Accept-Encoding
server
cloudflare
css
www.win-vip.online/template/company/game10097/index_files/
2 KB
3 KB
Stylesheet
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/css
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f195eade4059e1446eeeb8c16c8fdb17a540c2243ae3a37b63d55c4d93971382

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
etag
"6708913e-856"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MvwwsGwHNUyG32Zbp%2FoyipX%2FmdDm7fCMnMpLq36dvpa7eoq8tDOyCd5%2BOcT5VsWubkA2wwyn4RpgCVrKIkCmnt%2FtVtKty34aAtsoVj2y%2BbqKPhRG8hJjhVwJAx0OgfN0n8dLvkEN2a%2BGMtZQvDEkkcw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11c3ba880d0-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9281&sent=38&recv=33&lost=0&retrans=0&sent_bytes=26602&recv_bytes=8947&delivery_rate=540541&cwnd=15600&unsent_bytes=0&cid=124ecac6550c8bce&ts=1045&x=1", cfHdrFlush;dur=0
content-length
2134
date
Tue, 26 Nov 2024 12:06:46 GMT
content-type
application/octet-stream
last-modified
Fri, 11 Oct 2024 02:45:18 GMT
server
cloudflare
webflow-data.css
www.win-vip.online/template/company/game10097/index_files/
1 KB
1 KB
Stylesheet
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/webflow-data.css
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72bf4b2c4c35eb809aff7224dcb19323db8b209ed9266c3f7a764a829fc16990

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"67089142-425"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lks2T6umMtAyxBWTfwXrvd0tNccXe0T8ax5Hc%2Fni1FgDWO7FhNkU%2BvpvQKM24%2Ble2RTimrvMuQGwOV173I2d8R%2BD5DqhZ0R%2FYxsaU8PK6Lj1HQa1rv0ASDvRJubFm26jAKt1xGjgIR0utw%2BsrTZP3bo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11c3ba980d0-EWR
expires
Wed, 27 Nov 2024 00:06:46 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9281&sent=41&recv=33&lost=0&retrans=0&sent_bytes=29438&recv_bytes=8947&delivery_rate=540541&cwnd=15600&unsent_bytes=0&cid=124ecac6550c8bce&ts=1054&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:46 GMT
content-type
text/css
last-modified
Fri, 11 Oct 2024 02:45:22 GMT
vary
Accept-Encoding
server
cloudflare
win%20vip_logo.png
www.win-vip.online/imges/win%20vip/
548 B
548 B
Image
General
Full URL
https://www.win-vip.online/imges/win%20vip/win%20vip_logo.png
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Msua2haCHVqxpraHtI9eYa0TBBmccgCU2Dhevr6WSMCn2dZAJ0xPv4JWzHuf0TItkiodAMk369QFFG%2Buu82QbFa%2FBC5KND8okHFtNjKH60KvvK4K4siX%2BaqSaXk2pjdnr9IJNyeTiqURgm7egRNiLE0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11c3baa80d0-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8737&sent=74&recv=50&lost=0&retrans=0&sent_bytes=66242&recv_bytes=9684&delivery_rate=2024244&cwnd=31200&unsent_bytes=0&cid=124ecac6550c8bce&ts=1222&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:46 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
win%20vip_banner.png
www.win-vip.online/imges/win%20vip/
548 B
548 B
Image
General
Full URL
https://www.win-vip.online/imges/win%20vip/win%20vip_banner.png
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nw6FzPjklIs5sg5bmhfZVKKZJrQOBijbdOPD9UOSbSpHyrm8mpERZF7KvS3Aa%2FtBcXQ6zOj8pUyK1hASdOREFX%2BeFpPuEHKOO6aLUVnTGB3OiP8nR%2BrIWTqYnPYSsRdbTl7G0HC4FMmb60UVkodlOKU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11c3bab80d0-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9026&sent=58&recv=36&lost=0&retrans=0&sent_bytes=48638&recv_bytes=9076&delivery_rate=288469&cwnd=15600&unsent_bytes=0&cid=124ecac6550c8bce&ts=1184&x=1", cfHdrFlush;dur=4
date
Tue, 26 Nov 2024 12:06:46 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
game_video_112.mp4
www.win-vip.online/data/video/
295 KB
0
Media
General
Full URL
https://www.win-vip.online/data/video/game_video_112.mp4
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.win-vip.online/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"674598ff-24e316"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8J%2FOcXRxKLjY%2FilzS5HJgxjDSM%2FlsMlER8tCA0j9Gt36lrpZa9lGHoMMO%2BuV0Xvitk%2F8rTr4m62HFDaCa6VMpMqs9lohKC6XoTp592Yhr6iT0wRtN9pi3k3keET2sNk3NWN%2BUiSj%2FBSwR3fE068MQQM%3D"}],"group":"cf-nel","max_age":604800}
Content-Range
bytes 0-2417429/2417430
cf-ray
8e89c11c6bcb80d0-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9673&sent=152&recv=71&lost=0&retrans=0&sent_bytes=154333&recv_bytes=10616&delivery_rate=5533973&cwnd=62400&unsent_bytes=0&cid=124ecac6550c8bce&ts=1313&x=1", cfHdrFlush;dur=0
Content-Length
2417430
date
Tue, 26 Nov 2024 12:06:46 GMT
content-type
video/mp4
last-modified
Tue, 26 Nov 2024 09:46:39 GMT
vary
Accept-Encoding
server
cloudflare
game_video_54.mp4
www.win-vip.online/data/video/
129 KB
0
Media
General
Full URL
https://www.win-vip.online/data/video/game_video_54.mp4
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.win-vip.online/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"674598d1-34029a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tKRJILV4qJ23%2F9bcbvRjfzBkiFjjcFj0tHoKAQ6V%2FJvX0FeDCcuBgnZBQKH1Y%2BwPvX0DfWIn8eYvV%2BHW%2FALetzynLEYSh0PRE27f3WhEa7oG1GdCL2YX8VHgYuuMxGSxI9tpIISVJo9iVI%2B%2B%2B6Xx9Jc%3D"}],"group":"cf-nel","max_age":604800}
Content-Range
bytes 0-3408537/3408538
cf-ray
8e89c11c6bcc80d0-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8638&sent=102&recv=52&lost=0&retrans=0&sent_bytes=98250&recv_bytes=9773&delivery_rate=62803&cwnd=31200&unsent_bytes=0&cid=124ecac6550c8bce&ts=1301&x=1", cfHdrFlush;dur=0
Content-Length
3408538
date
Tue, 26 Nov 2024 12:06:46 GMT
content-type
video/mp4
last-modified
Tue, 26 Nov 2024 09:45:53 GMT
vary
Accept-Encoding
server
cloudflare
game_video_25.mp4
www.win-vip.online/data/video/
161 KB
0
Media
General
Full URL
https://www.win-vip.online/data/video/game_video_25.mp4
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.win-vip.online/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"674598b9-27007b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KtqbxdM6Ww6RQhMsSypxP5Rt0OihNOwhcVtNj435Q5CTr14KZ99heC6LNKkVnzN3FY4Trqwn3ae97c38xvQBhz2%2FWXXxz9jTuuGzt2H7Zz6vIgO6dJA%2FYN8%2FC4AlAPSydXeRcBLFqW5VbCuojtrDcuI%3D"}],"group":"cf-nel","max_age":604800}
Content-Range
bytes 0-2556026/2556027
cf-ray
8e89c11c6bcd80d0-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9810&sent=193&recv=72&lost=0&retrans=0&sent_bytes=203235&recv_bytes=10662&delivery_rate=6155337&cwnd=62400&unsent_bytes=0&cid=124ecac6550c8bce&ts=1315&x=1", cfHdrFlush;dur=0
Content-Length
2556027
date
Tue, 26 Nov 2024 12:06:46 GMT
content-type
video/mp4
last-modified
Tue, 26 Nov 2024 09:45:29 GMT
vary
Accept-Encoding
server
cloudflare
icon_close_2x.png
www.win-vip.online/image/
2 KB
3 KB
Image
General
Full URL
https://www.win-vip.online/image/icon_close_2x.png
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0415c1594203cee0f86555464a21d31ed704178d1f8546cd819e856746d40445

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"661ec0d6-7c1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yGZwIj8wCLT%2BdZ%2BNBiJxt7jHTHwP%2FbDWzLSTkPytUWjn19AYRwLCnqWDJe9iD5Oi8FFWVcqhn4iNZK8GtrgrHnnp3hOQNA71TddzdI4tgtO9hMcuzu7iU%2F1f7qe4%2BRzBwyn5WGGt5Kfcvstklbv7Khg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11cdc3380d0-EWR
expires
Thu, 26 Dec 2024 12:06:46 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9127&sent=42&recv=35&lost=0&retrans=0&sent_bytes=30638&recv_bytes=9033&delivery_rate=447222&cwnd=15600&unsent_bytes=0&cid=124ecac6550c8bce&ts=1159&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:46 GMT
content-type
image/png
last-modified
Tue, 16 Apr 2024 18:17:58 GMT
vary
Accept-Encoding
server
cloudflare
email-decode.min.js
www.win-vip.online/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://www.win-vip.online/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"673dd3d6-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BD0%2F8ZNRxbasq1tuXdPg4crUGdVnmP4MM5tH8RLTHGwt3myc4BsdDgkQxpBgU6OaQB0JK%2BDUvDMhzoPo2zhNvV0RaNNuEJhvH1LX2Ox2HdHmrwPR9HmEgK25u9HY5ltci%2B9bmeFoU423Qc48RLRz0Wc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e89c11cdc3980d0-EWR
expires
Thu, 28 Nov 2024 12:06:46 GMT
date
Tue, 26 Nov 2024 12:06:46 GMT
content-type
application/javascript
last-modified
Wed, 20 Nov 2024 12:19:34 GMT
server
cloudflare
vary
Accept-Encoding
rocket-loader.min.js
www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"673dd3d6-302c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1vnCF7GjZ35NUsfRM7aUAMBKoGxm1tQZhZ1zHWfjYuqC8JPESXOXInK83ApiV8uT8L%2F8POvtzSLfGYHbyzxbE8HGfMoS8biEgMMmHo%2Fs5aoDolqVjopEOXVScUrOXVXJF%2Ft1U7SamHyz0qh420Fp4yQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e89c11cdc3e80d0-EWR
expires
Thu, 28 Nov 2024 12:06:46 GMT
date
Tue, 26 Nov 2024 12:06:46 GMT
content-type
application/javascript
last-modified
Wed, 20 Nov 2024 12:19:34 GMT
server
cloudflare
vary
Accept-Encoding
truncated
/
547 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
552 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
380 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
177 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
351 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
242 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
zi-tag.js
www.win-vip.online/template/company/game10097/index_files/
9 KB
4 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/zi-tag.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e779904e434d50e426e79dfac680cdb8a04564e67121c257974278a02979e407

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"67089148-251c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OmfB2BLwbeJX2oTaCwMHW5zNfFsl%2BM6bOS9Qe9TvDuJWCLPBD4FbDpoDT48NBx2L6QoXd09X1%2BDUcp4cw3O%2BinqlkWpev462D%2FiHULqvrs1pvjgSx3XS9OtL3JpR4bKLayTQWnMfGR9uofsKFCBKOCY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11feeb780d0-EWR
expires
Wed, 27 Nov 2024 00:06:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10409&sent=1316&recv=197&lost=2&retrans=2&sent_bytes=1532367&recv_bytes=23373&delivery_rate=10851873&cwnd=288120&unsent_bytes=0&cid=124ecac6550c8bce&ts=1647&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 02:45:28 GMT
vary
Accept-Encoding
server
cloudflare
webflow.4335df971.js
www.win-vip.online/template/company/game10097/index_files/
1 MB
232 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/webflow.4335df971.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d2b20de495a41a61df38e4224ae0732c27e1a05015f76191df0cae0cd4fa27a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"671a3c60-10154c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xzgnwqjdxNnEZfcYEG0A4na2hq%2FtRklx2fEcy7yNYz%2BdwkrEepOKBH2jvEwhpwOeyU08NruYbaRM3yvsixdiqTbtcbzmWHSjGF2Ow6zuStZ85wNGq6wRA0VJfQKvNZXmhTDR%2FHJAPBs3X3JGA%2FFj3mo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11feeba80d0-EWR
expires
Wed, 27 Nov 2024 00:06:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9246&sent=2727&recv=368&lost=53&retrans=53&sent_bytes=3184357&recv_bytes=31351&delivery_rate=13759587&cwnd=204204&unsent_bytes=0&cid=124ecac6550c8bce&ts=1772&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/javascript
last-modified
Thu, 24 Oct 2024 12:24:00 GMT
vary
Accept-Encoding
server
cloudflare
tracker.js
www.w3counter.com/
2 KB
1 KB
Script
General
Full URL
https://www.w3counter.com/tracker.js?id=154495
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:75d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.15
Resource Hash
1f8a1a8cf7cae1d1b262d4554e8cc25789776f81689466d522b7284e4e2b6071

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BtbkV5CEsL9MGf1P6L8an4yqi6QsiM5qGGe5SHHLDr4%2Ff6%2BMOvifQHQCye0%2FBbCU5%2FN4i7uy5SEJyLBbidVQtJI0RIN78r0G8l%2FBs%2FVT3FAGBmO4xSlPhX8LbhCUG4B%2FCmzjtCjfIcsuHzIBaPGY"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c1205f444344-EWR
server-timing
cfL4;desc="?proto=TCP&rtt=8255&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3988&recv_bytes=2192&delivery_rate=483906&cwnd=253&unsent_bytes=0&cid=f13043419cca304a&ts=48&x=0"
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/javascript
vary
Accept-Encoding
x-powered-by
PHP/7.3.15
server
cloudflare
khuyen.js
www.win-vip.online/
858 B
1 KB
Script
General
Full URL
https://www.win-vip.online/khuyen.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97d97466f9e38aa0b3a3922dbe9c53fdbf029a204b172005820b51e72eb291f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67454f09-35a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vNxln4KHXxO6ypHHtwxwJOY3HvwcrrevTF11BX3kONG0td3F1cNeqQx0KlkR6SpUKBHWpyCtbXxuIvnCCcappNsKsJtVz83RxVf4a%2BwK1pXhbgShSENxrvTFGLot6%2BdVIKm3uWnWP7joWASR8CyxKQ8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffebf80d0-EWR
expires
Wed, 27 Nov 2024 00:06:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10409&sent=1316&recv=197&lost=2&retrans=2&sent_bytes=1532367&recv_bytes=23373&delivery_rate=10851873&cwnd=288120&unsent_bytes=0&cid=124ecac6550c8bce&ts=1644&x=1", cfHdrFlush;dur=3
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 04:31:05 GMT
vary
Accept-Encoding
server
cloudflare
f.txt
www.win-vip.online/template/company/game10097/index_files/
6 KB
3 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/f.txt
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b18c44bfd1324c396c9b6869220b7455dda9cd6ac266d30464c599aefeacb906

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"67089142-1750"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pgp4Tk9CRSJhND9UbMU%2BEhK8b7K%2F4rXI2lj179X%2Fj56JIfJNoxmZy5QUvYKspdMi6%2Fimuig5Duqgqj53n8vST97MFh0RlGunNDGgIwruaqMZTbUtx8ndIPx0u4NvkzOVgtdDteQBsP6tFKgkVwIArl0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffec080d0-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9848&sent=828&recv=147&lost=0&retrans=0&sent_bytes=954977&recv_bytes=20474&delivery_rate=3684461&cwnd=223200&unsent_bytes=0&cid=124ecac6550c8bce&ts=1553&x=1", cfHdrFlush;dur=1
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
text/plain
last-modified
Fri, 11 Oct 2024 02:45:22 GMT
vary
Accept-Encoding
server
cloudflare
js(2)
www.win-vip.online/template/company/game10097/index_files/
276 KB
276 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/js(2)
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
916188076d139eaab6fc8d7328c3a8b79f7505890732484567dcd089689bde34

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
etag
"671a3f89-44e2b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G1H1Z%2BK9UQCqIvhyzDDcxyedBh5uyTuDUHI5mt9nefzQRVaE1Y41cNOEe3pv00B05O4ZCsMvm0CJ09q2Lh6kNW9AkaDfNvBLaq2z%2BS3JeQk35xoDMLXlBOuDbKJ644ghcAvl48aX1sysLLyl2duGKuA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffec380d0-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12963&sent=1488&recv=227&lost=16&retrans=16&sent_bytes=1734051&recv_bytes=24785&delivery_rate=23578951&cwnd=201684&unsent_bytes=0&cid=124ecac6550c8bce&ts=1659&x=1", cfHdrFlush;dur=0
content-length
282155
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/octet-stream
last-modified
Thu, 24 Oct 2024 12:37:29 GMT
server
cloudflare
modules.720d0264984b164946ff.js
www.win-vip.online/template/company/game10097/index_files/
224 KB
77 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/modules.720d0264984b164946ff.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1eec6939693de2560a7cd2cb9bd833745efddbaa9887d4fa32464c44a3fbd33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"67089142-38040"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BPZOMPHDZzzEJ1lk1qbGXBb4%2B9NWPslUoIe7HpliNRQBTXMj%2Fw8XGBuQn9ij2%2F%2B%2Bx7VCh8kXcj3SSOJ5r3srXAurzLVtq0dSRxTLooBglBFCMJfD60HGX0eqKnQ%2BABbwPkymsnWsOKCbiyoYhiyETIA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffec480d0-EWR
expires
Wed, 27 Nov 2024 00:06:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9246&sent=2670&recv=368&lost=53&retrans=53&sent_bytes=3116586&recv_bytes=31351&delivery_rate=13759587&cwnd=204204&unsent_bytes=0&cid=124ecac6550c8bce&ts=1770&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 02:45:22 GMT
vary
Accept-Encoding
server
cloudflare
webflow-data.js
www.win-vip.online/template/company/game10097/index_files/
47 KB
13 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/webflow-data.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a4a0c7384db11d1ad97e934ee8d334461b50eb5c243bf05701ae0f46cdff46f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"67089142-bd8c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LlQd6AGbCaPdsDGwhlhRleWrMYwWxAG5jyHjjnOn3wiMMA17NN4kzNxJ%2Fsn%2F5WL%2Fs5M8oKge6KxkDsorXTOTSSlp9rfrUQ1OuHSceaT3SYO%2FoS3URtLDKVS4v4ExRrNLBytLIUbGGOTCG1%2BqNpe8QJQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffec580d0-EWR
expires
Wed, 27 Nov 2024 00:06:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12963&sent=1488&recv=227&lost=16&retrans=16&sent_bytes=1734051&recv_bytes=24785&delivery_rate=23578951&cwnd=201684&unsent_bytes=0&cid=124ecac6550c8bce&ts=1656&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 02:45:22 GMT
vary
Accept-Encoding
server
cloudflare
6658884(1).js
www.win-vip.online/template/company/game10097/index_files/
2 KB
1 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/6658884(1).js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43d6941f3967a65b294095e5e060559e8678b3422d2d82820f850ff6917ef70d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"67089140-9e1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BCQCZiNBSfUvgEsmGeyYF%2FpP32Ik3IlgGIHvZtfixhUtlcdEQpii74MN8cbP3r4SiEKxtHHvAt7lPtbpzprnkQMkJr8gbxMUbL5%2BRy3Gh5hr9d4jgNSkiWKKTYowQu8eatd53Sc84WWA%2BczUk3wEHK4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffec680d0-EWR
expires
Wed, 27 Nov 2024 00:06:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12963&sent=1488&recv=227&lost=16&retrans=16&sent_bytes=1734051&recv_bytes=24785&delivery_rate=23578951&cwnd=201684&unsent_bytes=0&cid=124ecac6550c8bce&ts=1658&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 02:45:20 GMT
vary
Accept-Encoding
server
cloudflare
js(1)
www.win-vip.online/template/company/game10097/index_files/
321 KB
322 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/js(1)
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dad3adbebb7e26e17f3d3237f4822eeb951545e32c3ace205fabe88f99014d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
etag
"67089140-5057f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mPm9Rj0rSCYOtA4nVohuYVkdNYeNceANPjb%2BZF053sIj7%2B442LlAbU35v11M2qmgm1TwaAGofkGYF7FZNN9wTuLi7gcYKrE3FccJXnTlKhXu34%2ByxJbOQxQ%2FGZoGgQjfk8oI1B56UcnFgkrTMIuxcnw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffec780d0-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10616&sent=547&recv=125&lost=0&retrans=0&sent_bytes=621147&recv_bytes=19472&delivery_rate=5292184&cwnd=134400&unsent_bytes=0&cid=124ecac6550c8bce&ts=1531&x=1", cfHdrFlush;dur=1
content-length
329087
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/octet-stream
last-modified
Fri, 11 Oct 2024 02:45:20 GMT
server
cloudflare
hdb3nkf.js
www.win-vip.online/template/company/game10097/index_files/
19 KB
8 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/hdb3nkf.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b00999ed6bc5dfa5c0950106c7584461db9514e8c9812ebb5766160437108cab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"67089140-4a1e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iScxTCh2I3snSn93JG7B%2Ft9Z8JFBWfgNR0Io8GBqmGse6llVkO8VcZAz1nbNYHINRrDI44fKWLwfUumBKtN5yShhXt9v1%2F%2FRbpzv1KzSLf75Lb3XfE%2FdfqoTgopaGGvTGdcXOoPXMF7y5WqS9vgSobM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffec880d0-EWR
expires
Wed, 27 Nov 2024 00:06:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12963&sent=1451&recv=227&lost=15&retrans=15&sent_bytes=1691733&recv_bytes=24785&delivery_rate=23578951&cwnd=201684&unsent_bytes=0&cid=124ecac6550c8bce&ts=1651&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 02:45:20 GMT
vary
Accept-Encoding
server
cloudflare
webfont.js
www.win-vip.online/template/company/game10097/index_files/
13 KB
6 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/webfont.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6708913e-3384"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ymHpdSP5ZhDf5dIOFy4bUb8xB4UjrC15eWmAMMKg0XOI2j9WVo6WrBi1%2Fv8KgMJFmq8k466xQXiZf%2BNO8dq0MJzqT5oIB8kl%2Fclf4Rdze7ZUcny1NfppGzHY1L1WbHPDp0jfW2xZR0L5DYc%2BjuLQSQE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffec980d0-EWR
expires
Wed, 27 Nov 2024 00:06:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12963&sent=1488&recv=227&lost=16&retrans=16&sent_bytes=1734051&recv_bytes=24785&delivery_rate=23578951&cwnd=201684&unsent_bytes=0&cid=124ecac6550c8bce&ts=1657&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 02:45:18 GMT
vary
Accept-Encoding
server
cloudflare
fbevents.js
www.win-vip.online/template/company/game10097/index_files/
227 KB
67 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/fbevents.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
787ed6b137dde8c9a8d2f44d7364bd4221daba7f36d2b091235c6f0608c7f5fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"671a3f89-38aef"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V1qIi89pl7R4dG3oLkJsoD04OtfIrbZ7UZy%2BcdMdis%2FHzIXNGpOpUW3%2F%2F3%2FbRvuxP8jOnWBMC%2Bydphl7kIZnrLWWODn8RGUvZ9TvHHEgNdMzlcfK4eqJcMU0V6ugzTLI7RuSZ%2Fva7qM45Ij60QUqJGs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffecc80d0-EWR
expires
Wed, 27 Nov 2024 00:06:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9358&sent=2595&recv=364&lost=53&retrans=53&sent_bytes=3028448&recv_bytes=31170&delivery_rate=9125868&cwnd=204204&unsent_bytes=0&cid=124ecac6550c8bce&ts=1765&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/javascript
last-modified
Thu, 24 Oct 2024 12:37:29 GMT
vary
Accept-Encoding
server
cloudflare
1294222291266262
www.win-vip.online/template/company/game10097/index_files/
74 KB
75 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/1294222291266262
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd456fcd1d8b88c8d9842080c6f7b2adc10b58bea99479d3a35e32ad9c28e29e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
etag
"671a3c5f-127b1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vDGUxDaVC8OJq%2B%2BkSuwp3d%2FmOe2435AOL18JKeDXRSQ7vCYpuOMuwYLXiToOXoQQaxeOAfHrAlp4nA4GUSdMwKchucBlzIcFpoUfZ2ciFeO5dOlOh7Tw1HlBEzhPKg1uxZ4j%2BL22bx6bR9rUJem4njI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffecd80d0-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10409&sent=1316&recv=197&lost=2&retrans=2&sent_bytes=1532367&recv_bytes=23373&delivery_rate=10851873&cwnd=288120&unsent_bytes=0&cid=124ecac6550c8bce&ts=1644&x=1", cfHdrFlush;dur=3
content-length
75697
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/octet-stream
last-modified
Thu, 24 Oct 2024 12:23:59 GMT
server
cloudflare
334848198989582
www.win-vip.online/template/company/game10097/index_files/
28 KB
29 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/334848198989582
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89aa799a0fed8355e96e1a4f31a13cf0516f6b61ee64315ea638ae04e9f1dc72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
etag
"6708913c-6fed"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Za0feAb1Dsy3vixO2XwomVQcxcEzKYoHAOf1df4jQR91Zi1T9mcKqA6cGKe6Ny9u2sswlNEehcHiuZSwLOq2Udv1yimzpIHnlEihxwkPYBItvolqKigSEm5xG2CcFW2iIHAqvqj%2BCLkrh1M8RzjB8P8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffece80d0-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=10409&sent=1316&recv=197&lost=2&retrans=2&sent_bytes=1532367&recv_bytes=23373&delivery_rate=10851873&cwnd=288120&unsent_bytes=0&cid=124ecac6550c8bce&ts=1646&x=1", cfHdrFlush;dur=1
content-length
28653
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/octet-stream
last-modified
Fri, 11 Oct 2024 02:45:16 GMT
server
cloudflare
gtm.js
www.win-vip.online/template/company/game10097/index_files/
243 KB
93 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/gtm.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61d874c414152b00cd5c096efccda3d81af62981aabf73fbbd9718a176d273dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6708913c-3cd18"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KpoFR3fQsNoRczeSInvzar%2FhqF61sDVIH5DFWCIQFkmuw5h8j5L9FKIhF0KL57dVqkElAOp%2Fid3F4VG93WCDMDamGtUGus5em%2FcXjzD4IWFjoA4%2Fx7HwSMv7miG2hSD19lrmK6HD4%2F3vwCwpY%2FsWYgI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffed080d0-EWR
expires
Wed, 27 Nov 2024 00:06:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9242&sent=2628&recv=367&lost=53&retrans=53&sent_bytes=3067782&recv_bytes=31305&delivery_rate=12787691&cwnd=204204&unsent_bytes=0&cid=124ecac6550c8bce&ts=1768&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 02:45:16 GMT
vary
Accept-Encoding
server
cloudflare
hotjar-3328561.js
www.win-vip.online/template/company/game10097/index_files/
13 KB
6 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/hotjar-3328561.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fcbcd802e02fcb3aed686f93c994846ef5e460e1fa176cb8efbfdb3c386dafd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6708913a-3312"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eOPTw2QZJmw5Lv%2Fb6iZ6wEfZsiJC6fxtNllUar7i37k3a8kAkelf9nrtWoPPT0DlT3FYERRz674KT3zdalhpBeuahbtJ0jQ4H3syHaex3dx4LvEQmOE1u1SeMljM6yQFKB8P0wVQyZbopup1rmt1AqM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffed180d0-EWR
expires
Wed, 27 Nov 2024 00:06:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12963&sent=1488&recv=227&lost=16&retrans=16&sent_bytes=1734051&recv_bytes=24785&delivery_rate=23578951&cwnd=201684&unsent_bytes=0&cid=124ecac6550c8bce&ts=1658&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 02:45:14 GMT
vary
Accept-Encoding
server
cloudflare
web-interactives-embed.js
www.win-vip.online/template/company/game10097/index_files/
83 KB
27 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/web-interactives-embed.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72a508ca7d8a48f5c30e886293834fd6eb41f01949450c60f6101db5b5fc9261

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.win-vip.online
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"671a3c60-14af6"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2B3%2BQc7oGB3fDrvtumQ6yL6P2O7RC7HLHdUnWxpa7mPLRXhmjXcURWc9rjzfi06SH7Kkw9hXwwnpttEH6kswkPE3FcDB6BEmDC8wdNMKrPv9QW7zHLeg8H0NDMdh01KbrzO3SXfZlaKpdmkDqe33myo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffed280d0-EWR
expires
Wed, 27 Nov 2024 00:06:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9246&sent=2683&recv=368&lost=53&retrans=53&sent_bytes=3131918&recv_bytes=31351&delivery_rate=13759587&cwnd=204204&unsent_bytes=0&cid=124ecac6550c8bce&ts=1771&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/javascript
last-modified
Thu, 24 Oct 2024 12:24:00 GMT
vary
Accept-Encoding
server
cloudflare
6658884.js
www.win-vip.online/template/company/game10097/index_files/
68 KB
24 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/6658884.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca9d024602a125c1a69d59ddf48de27e14ac99a237206bd4f40ed5c196f919a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6708913a-11112"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XSNtYMk3IrryzFIfg3G6Y3vomJpgJ%2FUCkXR7ADiBcV0lC%2FR5ppR5mSjdJGD75VY33rm8rk0FXueMPnQxQGSFvlfwqsU3Vgg2MXkjt8Z45WU44FWXLDMZ%2FXFY37iBAeS74DaHMiDDJENfRYk3zxD4YVE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffed380d0-EWR
expires
Wed, 27 Nov 2024 00:06:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9059&sent=2757&recv=370&lost=53&retrans=53&sent_bytes=3218953&recv_bytes=31441&delivery_rate=1659491&cwnd=204204&unsent_bytes=0&cid=124ecac6550c8bce&ts=1776&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 02:45:14 GMT
vary
Accept-Encoding
server
cloudflare
fb.js
www.win-vip.online/template/company/game10097/index_files/
6 KB
3 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/fb.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86687f3e5f5afdcf3625c8dde9300bb27a5715ae747f119a1a4c8f89064c254c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"67089138-189a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Decr9l5%2BgMpyxQyAiuPe8ZDF1lzrqecpuUCa5whJQAHpb0mJDaQFqSa%2F%2FoaPuIxOxHZWd2an0ULoZewJpfJa5AbU13NqlU60CI6EBQ964jsPYLyePhEkgaAybnSLl2R7FrGgBtIo7I78PH3OAuwJVjE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffed580d0-EWR
expires
Wed, 27 Nov 2024 00:06:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12963&sent=1488&recv=227&lost=16&retrans=16&sent_bytes=1734051&recv_bytes=24785&delivery_rate=23578951&cwnd=201684&unsent_bytes=0&cid=124ecac6550c8bce&ts=1654&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 02:45:12 GMT
vary
Accept-Encoding
server
cloudflare
banner.js
www.win-vip.online/template/company/game10097/index_files/
72 KB
25 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/banner.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13c1cec814dba2a87b1068d5417c462ead2271c1a2ab7127671af8918f103ea2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"67089138-121eb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oFLb%2BV6QXNk9h648MOKA95fkRAeVT8qPXvyh8dWkpZmlNB8jAixgQG7UcCKWGoe077PABt6PgwPVfDwQR0VaNHCOCKFWgdfTPVIo6KN4ywAbUuBErVvsvoDiaZPU8kB0fyGsK45W9vkwH3n6SUiaHEM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffed880d0-EWR
expires
Wed, 27 Nov 2024 00:06:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9246&sent=2693&recv=368&lost=53&retrans=53&sent_bytes=3143918&recv_bytes=31351&delivery_rate=13759587&cwnd=204204&unsent_bytes=0&cid=124ecac6550c8bce&ts=1772&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 02:45:12 GMT
vary
Accept-Encoding
server
cloudflare
collectedforms.js
www.win-vip.online/template/company/game10097/index_files/
69 KB
27 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/collectedforms.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cee5f74906b5e950e6bfc3fdbbe49fb29f547348e7dc6d1de8acde0321ed44d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.win-vip.online
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"671a3c5f-1134c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BfdnJOivKKoeFyNIt%2BefdMB%2BR7y7AkT%2BEtfGZM09OEbZESh6lUZfvpwzwKx0PbX37rg9EgWgp6xPoX7ZNDaoE%2FUjq5rpZr%2B2gDRyGKr6JiNZpEjthY2Xi7NfNqIccgqINAGN%2BsQ49g3gopbgX7OobDM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffed980d0-EWR
expires
Wed, 27 Nov 2024 00:06:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9242&sent=2628&recv=367&lost=53&retrans=53&sent_bytes=3067782&recv_bytes=31305&delivery_rate=12787691&cwnd=204204&unsent_bytes=0&cid=124ecac6550c8bce&ts=1768&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/javascript
last-modified
Thu, 24 Oct 2024 12:23:59 GMT
vary
Accept-Encoding
server
cloudflare
js
www.win-vip.online/template/company/game10097/index_files/
276 KB
276 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ed340bd6992146e07a610e3d0239b8f4a314adaa4468087f41b49ee15819127

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
etag
"671a3f89-44e4f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l7%2FJVlVLs3TnZLTIMNX1r5JlzcqcM9JN7yrOw%2Fx%2Fwou%2B1XlfX2%2F1JJ7Y%2BtJCsKyFvAPqmbec79YwETRpnCw0%2FByVPlmy3z%2BMKItH5YmZWnDB%2BNzXHlVQkYGbeP%2FT%2Fq%2BmZpKzBfRtYw0ezIPHnmmjrVM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffedb80d0-EWR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12963&sent=1319&recv=227&lost=15&retrans=15&sent_bytes=1534799&recv_bytes=24785&delivery_rate=23578951&cwnd=201684&unsent_bytes=0&cid=124ecac6550c8bce&ts=1649&x=1", cfHdrFlush;dur=0
content-length
282191
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/octet-stream
last-modified
Thu, 24 Oct 2024 12:37:29 GMT
server
cloudflare
insight.min.js
www.win-vip.online/template/company/game10097/index_files/
40 KB
16 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/insight.min.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc6b22c99298cb66098ae9c78b94dbe251bf594b3b1c7c1a29270160f16340d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"671a3c5f-a0d5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=95nbRuwdtggFCRLnG%2FXfbhKHI%2FgMwcFAO6JoOqxNKrNS4H0qXzZjNL7Uud2AA3cNrzZH6DJ0nqZcA4s4WylBM7xsYTSff8yqVcle55dPQZNubyqN5w7LskWipHXfVA0v%2Bnky4%2BQMTYwYmWc3lqV9%2FlA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c11ffedc80d0-EWR
expires
Wed, 27 Nov 2024 00:06:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9246&sent=2742&recv=368&lost=53&retrans=53&sent_bytes=3201833&recv_bytes=31351&delivery_rate=13759587&cwnd=204204&unsent_bytes=0&cid=124ecac6550c8bce&ts=1772&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/javascript
last-modified
Thu, 24 Oct 2024 12:23:59 GMT
vary
Accept-Encoding
server
cloudflare
win%20vip_logo-32x32.png
www.win-vip.online/imges/win%20vip/
548 B
773 B
Other
General
Full URL
https://www.win-vip.online/imges/win%20vip/win%20vip_logo-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XtzjFZMKf9wJddbXyf2bEpK776gLGpTZ3NfB0azyjSvrdK%2BEjrA%2Bb6CQg%2B4ZhPcnzQAW134Ux8cLcqY3PZDrytXzlB6ycg4toFKYof8Qjw%2FneAM8y8cXscJ6NM4a4W4CbkrE0cKeesUI4gApXF2599s%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c120ef9080d0-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9505&sent=3234&recv=436&lost=53&retrans=53&sent_bytes=3780796&recv_bytes=34710&delivery_rate=6707861&cwnd=292920&unsent_bytes=0&cid=124ecac6550c8bce&ts=1955&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
game_video_112.mp4
www.win-vip.online/data/video/
323 KB
0
Media
General
Full URL
https://www.win-vip.online/data/video/game_video_112.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.win-vip.online/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=294912-

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"674598ff-24e316"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8J%2FOcXRxKLjY%2FilzS5HJgxjDSM%2FlsMlER8tCA0j9Gt36lrpZa9lGHoMMO%2BuV0Xvitk%2F8rTr4m62HFDaCa6VMpMqs9lohKC6XoTp592Yhr6iT0wRtN9pi3k3keET2sNk3NWN%2BUiSj%2FBSwR3fE068MQQM%3D"}],"group":"cf-nel","max_age":604800}
Content-Range
bytes 294912-2417429/2417430
cf-ray
8e89c11c6bcb80d0-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9673&sent=152&recv=71&lost=0&retrans=0&sent_bytes=154333&recv_bytes=10616&delivery_rate=5533973&cwnd=62400&unsent_bytes=0&cid=124ecac6550c8bce&ts=1313&x=1", cfHdrFlush;dur=0
Content-Length
2122518
date
Tue, 26 Nov 2024 12:06:46 GMT
content-type
video/mp4
last-modified
Tue, 26 Nov 2024 09:46:39 GMT
vary
Accept-Encoding
server
cloudflare
attribution_trigger
px.ads.linkedin.com/
2 B
763 B
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=&time=1732622807418&url=https%3A%2F%2Fwww.win-vip.online%2F
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/template/company/game10097/index_files/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Referer
https://www.win-vip.online/

Response headers

x-li-pop
afd-prod-ltx1-x
content-encoding
gzip
x-fs-uuid
000627cfaefbb136817e3265f43e211a
x-msedge-ref
Ref A: 33E70CDA754E4EA1AFCD4DC5CBBA4564 Ref B: EWR311000104045 Ref C: 2024-11-26T12:06:47Z
x-li-fabric
prod-ltx1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYnz677sTaBfjJl9D4hGg==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 26 Nov 2024 12:06:46 GMT
content-type
application/json
access-control-allow-headers
*
collect
px.ads.linkedin.com/
0
533 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1732622807418&li_adsId=825429b8-9d0a-492e-a09a-b731e3984483&url=https%3A%2F%2Fwww.win-vip.online%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: D6B42F8FF22B46E090280EF70AD004B3 Ref B: EWR30EDGE0710 Ref C: 2024-11-26T12:06:47Z
x-li-fabric
prod-lva1
x-li-uuid
AAYnz678Djq5VfSWGbcsiQ==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Tue, 26 Nov 2024 12:06:46 GMT
content-type
application/javascript
l
use.typekit.net/af/cc7244/00000000000000007735a703/30/
40 KB
40 KB
Font
General
Full URL
https://use.typekit.net/af/cc7244/00000000000000007735a703/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
ed9035bf369685ba358a4e8b537ecc80277feb49ea2667ca8b1b0ca8a2045085

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.win-vip.online
Referer
https://www.win-vip.online/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"00d96eab915c098a6be0483ab5ce11509827a4aa"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
40900
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/fe69ed/00000000000000007735a6ee/30/
41 KB
41 KB
Font
General
Full URL
https://use.typekit.net/af/fe69ed/00000000000000007735a6ee/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
eda1bb69974073df5ff4b9c48d90f0992d5b6090d80a0e9ce8b905c1a9c373a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.win-vip.online
Referer
https://www.win-vip.online/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"1cb7c88cda2987dc508878f7c2e2251a15d03873"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
41580
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/d62f3e/00000000000000007735a6f4/30/
40 KB
40 KB
Font
General
Full URL
https://use.typekit.net/af/d62f3e/00000000000000007735a6f4/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
20ef74464efebbd27ec9f88781e7a320f73b79faaaf2cedfe40e275ae795b3f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.win-vip.online
Referer
https://www.win-vip.online/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"a3fb753fdcad6648d9b764ac857e4833b4851f72"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
40712
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/dc1f1b/00000000000000007735eeb8/30/
22 KB
22 KB
Font
General
Full URL
https://use.typekit.net/af/dc1f1b/00000000000000007735eeb8/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
1f840128c256c93e035f902b78d1670f4a594f1185e3f0fcd32e1b04aa6c63ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.win-vip.online
Referer
https://www.win-vip.online/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"612f95400a02cfbd0b01ce5991a1a4e2f84404ad"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22684
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/51a05d/00000000000000007735eebc/30/
22 KB
23 KB
Font
General
Full URL
https://use.typekit.net/af/51a05d/00000000000000007735eebc/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
156d879716aeee9adda31d4718806a9ad3d3da614fb87188863cbb5c20f1124f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.win-vip.online
Referer
https://www.win-vip.online/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"a7457533933e55fb694cbfc516902ad0be25d479"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22876
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/9e7dcb/00000000000000007735eebb/30/
21 KB
22 KB
Font
General
Full URL
https://use.typekit.net/af/9e7dcb/00000000000000007735eebb/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
0f475f9fec7d7f83a627270b13a8a9b8ced33b7a77bbb930f26210f0ec7568e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.win-vip.online
Referer
https://www.win-vip.online/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"76c7b947ff4db4ac25e6876ead9b7e0d50d64616"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22004
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/92f8dc/00000000000000007735eeb6/30/
23 KB
23 KB
Font
General
Full URL
https://use.typekit.net/af/92f8dc/00000000000000007735eeb6/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
5cd852a8dc023cd144637b7963b34678000d81df974a775d199bdf8d0ca79680

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.win-vip.online
Referer
https://www.win-vip.online/

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"b700cf2a3476ede25d207fcce24fd6b5b286a62b"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23288
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/font-woff2
server
nginx
/
www.google.com/pagead/1p-user-list/331747738/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/331747738/?random=1728614646293&cv=11&fst=1728612000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb889012187&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1920&u_h=1080&url=https%3A%2F%2Fwww.motivity.net%2Fsolutions%2Fenterprise&ref=https%3A%2F%2Fwww.motivity.net%2Fsolutions%2Fsmall-therapy-practices-startup&hn=www.googleadservices.com&frm=0&tiba=Enterprise%20Applied%20Behavior%20Analysis%20(ABA)%20Software&did=dZGVlNj%2CdZTQ1Zm&gdid=dZGVlNj.dZTQ1Zm&npa=0&pscdl=noapi&auid=1741969659.1728614630&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CMicrosoft%2520Edge%3B124.0.2478.80%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfcH-aBtBU_kRNF5NrylF-3BZjMygQMQ&random=1527551104&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 26 Nov 2024 12:06:47 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com.sg/pagead/1p-user-list/331747738/
42 B
455 B
Image
General
Full URL
https://www.google.com.sg/pagead/1p-user-list/331747738/?random=1728614646293&cv=11&fst=1728612000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb889012187&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1920&u_h=1080&url=https%3A%2F%2Fwww.motivity.net%2Fsolutions%2Fenterprise&ref=https%3A%2F%2Fwww.motivity.net%2Fsolutions%2Fsmall-therapy-practices-startup&hn=www.googleadservices.com&frm=0&tiba=Enterprise%20Applied%20Behavior%20Analysis%20(ABA)%20Software&did=dZGVlNj%2CdZTQ1Zm&gdid=dZGVlNj.dZTQ1Zm&npa=0&pscdl=noapi&auid=1741969659.1728614630&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CMicrosoft%2520Edge%3B124.0.2478.80%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfcH-aBtBU_kRNF5NrylF-3BZjMygQMQ&random=1527551104&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 26 Nov 2024 12:06:47 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
pv
www.w3counter.com/track/
0
522 B
Script
General
Full URL
https://www.w3counter.com/track/pv?id=154495&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&webpageName=WIN%20VIP%20%26%20ogue%20com%20Dinheiro%20Real%20!WIN%20VIP%20-%20Cassino%20e%20Apostas%20Esportivas%20Online(BR)&ref=&url=https%3A%2F%2Fwww.win-vip.online%2F&width=1600&height=1200&rand=999&lt=1916
Requested by
Host: www.w3counter.com
URL: https://www.w3counter.com/tracker.js?id=154495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:75d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.15
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NS62%2Fkgk%2BB9vsVcnpdjTfYi4fLr1GRuhrNvzuJgYRrus9D3KwIVuF5N4I77cKWhH%2FrH9bgtGuQ11dfl25vJUi21oEpMBLePa%2B6egGJof7c5V2WVjdjyxgZBX33gG1U6ciTO7VaGI1ysUxZ8HDvI8"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c122b9a04344-EWR
server-timing
cfL4;desc="?proto=TCP&rtt=14042&sent=11&recv=14&lost=0&retrans=0&sent_bytes=5349&recv_bytes=2529&delivery_rate=483906&cwnd=256&unsent_bytes=0&cid=f13043419cca304a&ts=442&x=0"
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/javascript
vary
Accept-Encoding
x-powered-by
PHP/7.3.15
server
cloudflare
jquery-3.5.1.min.dc5e7f18c8.js
www.win-vip.online/template/company/game10097/index_files/
87 KB
35 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/jquery-3.5.1.min.dc5e7f18c8.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.win-vip.online
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"67089148-15d84"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C7gphTSOQZ9EH03CzgYqQji0S90B%2FUYBxLOtc%2Ba31Cef6ER00MRFJc8Mm01w9sR4GbGy%2Bn6wSc9Nuuz6wfNfTPAqLGoh9eZAJVvRi3P%2FotYqJh7zdM7I1Z8xIckbLlBSaNPpvnT4jnN6keiVCTc2gh0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c122b8ec80d0-EWR
expires
Wed, 27 Nov 2024 00:06:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9020&sent=3805&recv=498&lost=70&retrans=70&sent_bytes=4451411&recv_bytes=37873&delivery_rate=14838079&cwnd=292920&unsent_bytes=0&cid=124ecac6550c8bce&ts=2209&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 02:45:28 GMT
vary
Accept-Encoding
server
cloudflare
json
forms.hscollectedforms.net/collected-forms/v1/config/
134 B
730 B
XHR
General
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=6658884&utk=
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/template/company/game10097/index_files/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
100095ec1d09b1642bbbc465650c17fb961d1660ebece0260e93edac7cd4b9f8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.win-vip.online/

Response headers

x-robots-tag
none
access-control-max-age
180
x-request-id
2d637d74-f564-472e-8f49-0ee501277b01
content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
date
Tue, 26 Nov 2024 12:06:47 GMT
x-hubspot-correlation-id
2d637d74-f564-472e-8f49-0ee501277b01
content-type
application/json;charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
*
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-qg7nx
x-envoy-upstream-service-time
9
cf-ray
8e89c1240dc941d3-EWR
access-control-allow-origin
https://www.win-vip.online
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
win%20vip_logo-192x192.png
www.win-vip.online/imges/win%20vip/
548 B
775 B
Other
General
Full URL
https://www.win-vip.online/imges/win%20vip/win%20vip_logo-192x192.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O3gN9LgRgVKkNKS1BmYAKhkpuHGu9edIPHpcdHyRvZj7SHa5KvdwRS%2FxppbUmC8ZKhxAAG0zv%2FCKQZavwDKEKp7fQ2EnsIq3KXsmawwHPY4DRhNsx6C0Qom8GPnLnNUNcnUcxyR%2FGHhu%2Fozv1mx5dco%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c123f9d880d0-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9159&sent=3838&recv=503&lost=70&retrans=70&sent_bytes=4487743&recv_bytes=38377&delivery_rate=3966776&cwnd=292920&unsent_bytes=0&cid=124ecac6550c8bce&ts=2457&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:48 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
p.gif
p.typekit.net/
35 B
205 B
Image
General
Full URL
https://p.typekit.net/p.gif?s=1&k=hdb3nkf&ht=tk&h=www.win-vip.online&f=26432.26438.26439.48821.48825.48827.48829&a=18459675&js=1.21.0&app=typekit&e=js&_=1732622807743
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
public, max-age=604800
etag
"64c3b8ff-23"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
35
date
Tue, 26 Nov 2024 12:06:47 GMT
content-type
image/gif
last-modified
Fri, 28 Jul 2023 12:47:59 GMT
server
nginx
/
px.ads.linkedin.com/wa/
0
199 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/template/company/game10097/index_files/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.win-vip.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 3B8DC00DE7B84618B830307C894F0AEB Ref B: EWR30EDGE0710 Ref C: 2024-11-26T12:06:47Z
x-li-fabric
prod-lva1
access-control-allow-credentials
true
x-li-uuid
AAYnz678utUTh0vjc/LzHA==
x-li-proto
http/2
access-control-allow-origin
https://www.win-vip.online
x-cache
CONFIG_NOCACHE
date
Tue, 26 Nov 2024 12:06:46 GMT
vary
Origin
form-124.js
www.win-vip.online/template/company/game10097/index_files/
10 KB
3 KB
Script
General
Full URL
https://www.win-vip.online/template/company/game10097/index_files/form-124.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:adc6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10ef3ba5308697292067120aee8cea7f3341a9a5e691475bc4a29805a5194939

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.win-vip.online
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"67089148-2928"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B4Ap6zYR949UAtdvGekt%2FwI%2FARU5qRIzcT4XuJmYsX%2BJcIIYnlj0YCqWbdsqEA7Gk81kMJT2KTVUqfkPXkNK3lhMMvS%2FR%2BsxzB5XAf7bUU61fPJ0YPrgW0eG1PpYKFetJwpRh8IxC63oBVgiyUWQtpQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e89c1258b3580d0-EWR
expires
Wed, 27 Nov 2024 00:06:48 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9129&sent=3840&recv=504&lost=70&retrans=70&sent_bytes=4488567&recv_bytes=38422&delivery_rate=5117&cwnd=292920&unsent_bytes=0&cid=124ecac6550c8bce&ts=2553&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 12:06:48 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 02:45:28 GMT
vary
Accept-Encoding
server
cloudflare
cf-location
js.hs-banner.com/v2/
5 B
148 B
Fetch
General
Full URL
https://js.hs-banner.com/v2/cf-location
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/template/company/game10097/index_files/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21152971983ab0f08638f7bc1619a54efd4d9f3115ffdef92c151b9b9d1a109d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
private, max-age=1500
cf-ray
8e89c127bf8e42a7-EWR
access-control-allow-origin
*
content-length
5
date
Tue, 26 Nov 2024 12:06:48 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
combinedConfigs
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/
61 B
1 KB
Fetch
General
Full URL
https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=6658884&currentUrl=https%3A%2F%2Fwww.win-vip.online%2F
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/template/company/game10097/index_files/web-interactives-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

x-robots-tag
noindex, follow
access-control-max-age
180
x-request-id
12d1e559-6486-4557-b7d8-ca18f1e6f68f
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oh0fvQNqyxQT%2BYVf%2FN3EWcMBBmxvwKZz2rH7h6oNNTtpJm%2Bu%2FNqTIFZ1Xzx4xZpVGNafKFbAj0zpad1MndQTFK8BjwcJxxo4Yv13ouBsyEsTXO0g%2FIEHeIbvUZyPhMWcTAmGXAUf9YPfps5Eam5Fehh4yIUrLzYivNk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
access-control-allow-methods
OPTIONS, GET
x-evy-trace-listener
listener_https
date
Tue, 26 Nov 2024 12:06:48 GMT
x-hubspot-correlation-id
12d1e559-6486-4557-b7d8-ca18f1e6f68f
content-type
application/json;charset=utf-8
vary
origin
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0, no-cache, no-store
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-b967ccf5d-8bdzl
x-envoy-upstream-service-time
12
access-control-allow-credentials
true
cf-ray
8e89c127cacd729f-EWR
access-control-allow-origin
https://www.win-vip.online
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
blockedDomains.json
hubspotonwebflow.com/assets/js/
98 KB
23 KB
Fetch
General
Full URL
https://hubspotonwebflow.com/assets/js/blockedDomains.json
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/template/company/game10097/index_files/form-124.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
944352d0198c673b45a699471c970aef85458ea3c58a3ed825b0f0e4f33f999c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

strict-transport-security
max-age=63072000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
HIT
etag
W/"04708d47dd194d37b8231a65de7a66f1"
age
3947811
x-matched-path
/assets/js/blockedDomains.json
access-control-allow-origin
*
date
Tue, 26 Nov 2024 12:06:48 GMT
content-disposition
inline; filename="blockedDomains.json"
content-type
application/json; charset=utf-8
server
Vercel
last-modified
Thu, 10 Oct 2024 20:46:42 GMT
x-vercel-id
iad1::mzgv9-1732622808292-569f65dcd2d7
__ptq.gif
track.hubspot.com/
45 B
1 KB
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1372317473&v=1.1&a=6658884&rcu=https%3A%2F%2Fwww.win-vip.online%2F&pu=https%3A%2F%2Fwww.win-vip.online%2F&t=WIN+VIP+%26+ogue+com+Dinheiro+Real+!WIN+VIP+-+Cassino+e+Apostas+Esportivas+Online(BR)&cts=1732622808214&vi=a5437d5bb17b35ea27f72187d9c2f635&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

x-robots-tag
none
x-request-id
bb59c8cc-0246-41d1-95b8-ec16705b7e22
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kljIMFYusbCuKHnihwlNp1wLjx5zBFd5tveC3S7uLMhdHqD1JgSAt3pAD1NrQDBwG%2FCVdilwUGmBf%2FZ4vyuS08HW8Ec5VbMgHFI7A1vxDr%2BKC13W933jZpJ6A%2BPieQcfLkepy5Ze7nEC6af5qa1D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2024 12:06:48 GMT
x-hubspot-correlation-id
bb59c8cc-0246-41d1-95b8-ec16705b7e22
content-type
image/gif
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-c658cb6d4-4vblr
x-envoy-upstream-service-time
9
access-control-allow-credentials
false
cf-ray
8e89c127dc657281-EWR
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
getSubscriptions
js.zi-scripts.com/unified/v1/master/
45 B
437 B
Fetch
General
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/template/company/game10097/index_files/zi-tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0f506efb03522062d6cf731968f1b493485e1ba0ad39379bf64aba1ab414df70

Request headers

Authorization
Bearer undefined
Referer
https://www.win-vip.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
visited_url
https://www.win-vip.online/

Response headers

cf-cache-status
DYNAMIC
etag
W/"2d-LvvsGaGXBbdmTV7TivfUPgULIQg"
apigw-requestid
B2n54gRqPHcEP2Q=
alt-svc
h3=":443"; ma=86400
x-cache
Error from cloudfront
x-amz-cf-id
kVRUfZNFbq2XQUUDAIwSyqXAf2eWRfgYKn26iLFH6AttffNSkTBCpg==
date
Tue, 26 Nov 2024 12:06:48 GMT
content-type
application/json; charset=utf-8
vary
Origin
via
1.1 11913fe47164f540bffea3dbbb63de92.cloudfront.net (CloudFront)
cf-ray
8e89c12848560f79-EWR
access-control-allow-origin
https://www.win-vip.online
content-length
45
x-amz-cf-pop
JFK52-P8
x-powered-by
Express
server
cloudflare
getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame
0
0
Preflight
General
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,visited_url
Access-Control-Request-Method
GET
Origin
https://www.win-vip.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,X-Amp-Device-Id,X-Amp-Session-Id,visited_url,_zitok,forwarded,x-ziaccesstoken
access-control-allow-methods
POST, GET, OPTIONS, PATCH, DELETE, PUT
access-control-allow-origin
https://www.win-vip.online
alt-svc
h3=":443"; ma=86400
apigw-requestid
B2n53jB6PHcEPBQ=
cf-cache-status
DYNAMIC
cf-ray
8e89c127bfa90f79-EWR
date
Tue, 26 Nov 2024 12:06:48 GMT
server
cloudflare
vary
Origin
via
1.1 faa1f1cd9e8aec6c42fd30b6d46e49f4.cloudfront.net (CloudFront)
x-amz-cf-id
K9x15dbc6-bCb1LPUkl79vub4GJSz3DwYON_Sqap2AJiSS9ilKHwpQ==
x-amz-cf-pop
JFK52-P8
x-cache
Miss from cloudfront
x-powered-by
Express
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/
314 B
893 B
XHR
General
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=6658884
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/template/company/game10097/index_files/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f46c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53a34f17d6527d87ea467b4925f63f4df3efaf66508603a0aa6cd10228f69b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

access-control-max-age
180
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L7mSqdAnAQJ%2BTf3wuOnKyh%2Fzje875HVbu0ucl7if7ZV%2FT8juHMiosD4Wnni9C0o%2FQb1qOB6%2FB00CkVdvI6IQ0R1tvNkgVAdhzbbiSu1d44viuc2ouDZcv2hhznT4srexdu0qWcVxOnfd%2FjAS"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options
nosniff
date
Tue, 26 Nov 2024 12:06:48 GMT
x-hubspot-correlation-id
dc0ff44f-688c-40d1-bb64-4e468b6256b2
content-type
application/json;charset=utf-8
vary
origin, Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
false
cf-ray
8e89c1285a5c41d3-EWR
access-control-allow-origin
https://www.win-vip.online
content-length
190
server
cloudflare
counters.gif
perf-na1.hsforms.com/embed/v3/
35 B
958 B
Image
General
Full URL
https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:50cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

x-robots-tag
none
x-request-id
0a7ec9c6-287e-450b-ad07-4177ed6f39ed
access-control-expose-headers
X-Origin-Hublet
cf-cache-status
MISS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
server-timing
cfExtPri
date
Tue, 26 Nov 2024 12:06:48 GMT
x-hubspot-correlation-id
0a7ec9c6-287e-450b-ad07-4177ed6f39ed
content-type
image/gif
vary
origin, Accept-Encoding
last-modified
Tue, 26 Nov 2024 12:06:48 GMT
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0, no-cache, no-store
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-b967ccf5d-97cpg
x-envoy-upstream-service-time
3
access-control-allow-credentials
false
cf-ray
8e89c1287c840f8b-EWR
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
35
server
cloudflare
x-evy-trace-virtual-host
all
js
www.googletagmanager.com/gtag/
285 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-331747738
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/template/company/game10097/index_files/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
11af76ba37d64750108753168bbfe0eb5cb9a03432ff3f4fceee6c8a4238ba78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 26 Nov 2024 12:06:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 12:06:48 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100308
x-xss-protection
0
server
Google Tag Manager
hotjar-3328561.js
static.hotjar.com/c/
13 KB
6 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-3328561.js?sv=7
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/template/company/game10097/index_files/gtm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.252.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-252-92.jfk50.r.cloudfront.net
Software
/
Resource Hash
59772f75ee914b069299b0ba2f07bc86cbb4acecdbd109cc46b105bd09543823
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
content-encoding
br
etag
W/9864cc7b80792fcb360836b4274c655e
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
x-cache-hit
1
via
1.1 cfc9f11ee8d72e5bdd45ea3851048d52.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
uvsTGSPlCAwbtxHpCZjIMJ_Z_dYFtVZuk8bGbkPM_bwVud1iiU0RKA==
date
Tue, 26 Nov 2024 12:06:48 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
JFK50-P10
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-JQJW0R9K67&gtm=45je4a90v889012187z8856447165za200&_p=1732622808430&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686685&cid=42638077.1732622808&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1732622808&sct=1&seg=0&dl=https%3A%2F%2Fwww.win-vip.online%2F&dt=WIN%20VIP%20%26%20ogue%20com%20Dinheiro%20Real%20!WIN%20VIP%20-%20Cassino%20e%20Apostas%20Esportivas%20Online(BR)&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_url=https%3A%2F%2Fwww.win-vip.online%2F&tfd=2914
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/template/company/game10097/index_files/js(1)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.win-vip.online
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 12:06:48 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
548 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JQJW0R9K67&cid=42638077.1732622808&gtm=45je4a90v889012187z8856447165za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101686685
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/template/company/game10097/index_files/js(1)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.win-vip.online
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 12:06:48 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 2D1D
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-JQJW0R9K67&gacid=42638077.1732622808&gtm=45je4a90v889012187z8856447165za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686685&z=1977641071
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/template/company/game10097/index_files/js(1)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.win-vip.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 26 Nov 2024 12:06:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/
285 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-331747738&l=dataLayer&cx=c
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/template/company/game10097/index_files/gtm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f1f66ae997fce2dfca15a9849a640ecfc85919b7a94cc3f89de68b68a00f0e84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 26 Nov 2024 12:06:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 12:06:48 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100260
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/template/company/game10097/index_files/fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-VQWSn2Kh' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 12:06:48 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-VQWSn2Kh' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=4469, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
K8A5+SHjy+nFAsQUdloevLv9R3GVUdXcNzF6GV9+YSw/CN7sk9tOgNJXN6enIwBDBIFHGB22SD55t6mb+IYskQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
insight.min.js
snap.licdn.com/li.lms-analytics/
1 KB
982 B
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/template/company/game10097/index_files/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:5::17c7:3719 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
ccd868c25041a564235da92e31bed53b958b6d0a80be9b74847d0690b406909a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=26237
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
771
date
Tue, 26 Nov 2024 12:06:48 GMT
last-modified
Mon, 25 Nov 2024 09:57:43 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
ga-audiences
www.google.com.sg/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JQJW0R9K67&cid=42638077.1732622808&gtm=45je4a90v889012187z8856447165za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101686685&tag_exp=101671035~101686685&z=1090141606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 26 Nov 2024 12:06:48 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
logError
js.zi-scripts.com/unified/v1/master/
13 B
402 B
Fetch
General
Full URL
https://js.zi-scripts.com/unified/v1/master/logError
Requested by
Host: www.win-vip.online
URL: https://www.win-vip.online/template/company/game10097/index_files/zi-tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3dac47acb1d3459ecf35c9e8452b03e68e68bd14c85982a69324655e41352d1c

Request headers

Authorization
Bearer undefined
Referer
https://www.win-vip.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
etag
W/"d-jjcNx+nWrD8NVIcgaqLDc/Wqpbg"
apigw-requestid
B2n56i3wvHcEQnw=
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
5nsFlcRyyvI4TV8fi0zc4HSnGgo8QOR0o8KFwA7v_5vjUHdlJzEwlA==
date
Tue, 26 Nov 2024 12:06:48 GMT
content-type
application/json; charset=utf-8
vary
Origin
via
1.1 faa1f1cd9e8aec6c42fd30b6d46e49f4.cloudfront.net (CloudFront)
cf-ray
8e89c12989a60f79-EWR
access-control-allow-origin
https://www.win-vip.online
content-length
13
x-amz-cf-pop
JFK52-P8
x-powered-by
Express
server
cloudflare
logError
js.zi-scripts.com/unified/v1/master/ Frame
0
0
Preflight
General
Full URL
https://js.zi-scripts.com/unified/v1/master/logError
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.win-vip.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,X-Amp-Device-Id,X-Amp-Session-Id,visited_url,_zitok,forwarded,x-ziaccesstoken
access-control-allow-methods
POST, GET, OPTIONS, PATCH, DELETE, PUT
access-control-allow-origin
https://www.win-vip.online
alt-svc
h3=":443"; ma=86400
apigw-requestid
B2n55jTGPHcEPEw=
cf-cache-status
DYNAMIC
cf-ray
8e89c128f9180f79-EWR
date
Tue, 26 Nov 2024 12:06:48 GMT
server
cloudflare
vary
Origin
via
1.1 92a8583818732665d61a5f5d4edba97a.cloudfront.net (CloudFront)
x-amz-cf-id
TanE6ySlFXYpNXpheCc0fWNoYjZFbO-JOY51VHEqldumOim89OcQSw==
x-amz-cf-pop
JFK52-P8
x-cache
Miss from cloudfront
x-powered-by
Express
334848198989582
connect.facebook.net/signals/config/
77 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/334848198989582?v=2.9.176&r=stable&domain=www.win-vip.online&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ec9a6b5f2a959352baa2d305907e360ab07f45d1522d2e3c0bdcfe01550bf6ce
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-I5XKXCLw' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 12:06:48 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-I5XKXCLw' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=77, mss=1232, tbw=70889, tp=67, tpl=0, uplat=107, ullat=0
pragma
public
x-fb-debug
1cxTZp8rPmOhiF79DCQi3VvpqZWbr5eqrY48lUxODUgPBJ0Afbetd64R9yRPJMEKY6IPYEEqC/2Q1UnHf7eGxw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.win-vip.online%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=907746137.1732622809&auid=1322119303.1732622809&npa=0&did=dZTQ1Zm&gdid=dZTQ1Zm&gtm=45be4bk0za200zb856447165&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732622808598&tfd=3051&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-331747738
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/331747738/
5 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/331747738/?random=1732622808590&cv=11&fst=1732622808590&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200zb856447165&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.win-vip.online%2F&hn=www.googleadservices.com&frm=0&tiba=WIN%20VIP%20%26%20ogue%20com%20Dinheiro%20Real%20!WIN%20VIP%20-%20Cassino%20e%20Apostas%20Esportivas%20Online(BR)&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1322119303.1732622809&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-331747738
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c21::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e892a6d857db6df218569b0bfebdb8786714ff39dd1970607a632dbd72cc9e21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2403
date
Tue, 26 Nov 2024 12:06:48 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
331747738
td.doubleclick.net/td/rul/ Frame 1E67
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/331747738?random=1732622808590&cv=11&fst=1732622808590&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200zb856447165&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.win-vip.online%2F&hn=www.googleadservices.com&frm=0&tiba=WIN%20VIP%20%26%20ogue%20com%20Dinheiro%20Real%20!WIN%20VIP%20-%20Cassino%20e%20Apostas%20Esportivas%20Online(BR)&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1322119303.1732622809&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-331747738
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.win-vip.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 26 Nov 2024 12:06:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
insight.old.min.js
snap.licdn.com/li.lms-analytics/
40 KB
14 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:5::17c7:3719 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

cache-control
max-age=26235
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Tue, 26 Nov 2024 12:06:48 GMT
last-modified
Mon, 25 Nov 2024 09:57:42 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
modules.86621fa4aeada5bcf025.js
script.hotjar.com/
222 KB
55 KB
Script
General
Full URL
https://script.hotjar.com/modules.86621fa4aeada5bcf025.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3328561.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
feb5c0ee05ef970a3cf34bac95d465e96ccb3a3df353b3a641d9391c168e68ad
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

x-robots-tag
none
content-encoding
br
etag
"ff8702986a1c41356391628a5f5d6f03"
age
510881
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
IwgC0ZwqVJCEaq0KSaTcWTVch-FUpoAaKvHTp0ZMUMf8XmHlm0Hm4g==
date
Wed, 20 Nov 2024 14:12:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 20 Nov 2024 14:11:55 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56243
x-amz-cf-pop
JFK50-P5
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame BDBD
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.win-vip.online
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-331747738
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Nov 2024 12:06:48 GMT
expires
Wed, 26 Nov 2025 12:06:48 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/331747738/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/331747738/?random=1732622808590&cv=11&fst=1732622400000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200zb856447165&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.win-vip.online%2F&hn=www.googleadservices.com&frm=0&tiba=WIN%20VIP%20%26%20ogue%20com%20Dinheiro%20Real%20!WIN%20VIP%20-%20Cassino%20e%20Apostas%20Esportivas%20Online(BR)&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1322119303.1732622809&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dPcP5X8AhqymoLDkwqzxzFWSaPXLhun35O_laEfo1JIxLHro9&random=1780428739&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 26 Nov 2024 12:06:48 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
1294222291266262
connect.facebook.net/signals/config/
28 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1294222291266262?v=2.9.176&r=stable&domain=www.win-vip.online&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d780096f66abcb72eda073e24afadf5b98273a40bdb794b3913ed64a74f3a489
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-YSljT2ku' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 12:06:48 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-YSljT2ku' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=90, mss=1232, tbw=87223, tp=85, tpl=0, uplat=77, ullat=0
pragma
public
x-fb-debug
KhpGy9hekx66dI8D6X/2fUUpboncC6SIqpSPkP47+wprfqKFa9HZBHywqXnK0LZ7YthEr2WfiTABT3uKPGJ2fQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
browser-perf.8417c6bba72228fa2e29.js
script.hotjar.com/
5 KB
2 KB
Script
General
Full URL
https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.86621fa4aeada5bcf025.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

x-robots-tag
none
content-encoding
br
etag
"b83b61bc5871e9a23a0434e2c539f4f3"
age
5941768
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
8I9tmR_370Y0zwxCkDJRcMCZ7Qv_qiAdtohKYAgkiweAEvflY1sZTQ==
date
Wed, 18 Sep 2024 17:37:20 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 17 Sep 2024 15:41:53 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 95708ab75ec6181aa75086df530332d6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
1782
x-amz-cf-pop
JFK50-P5
/
www.facebook.com/tr/
0
19 B
Image
General
Full URL
https://www.facebook.com/tr/?id=334848198989582&ev=PageView&dl=https%3A%2F%2Fwww.win-vip.online%2F&rl=&if=false&ts=1732622808808&sw=1600&sh=1200&ud[external_id]=a5437d5bb17b35ea27f72187d9c2f635&v=2.9.176&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1732622808802.218434133992830593&cs_est=true&ler=empty&cdl=API_unavailable&it=1732622808551&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=4712, tp=14, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 26 Nov 2024 12:06:48 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
192 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=334848198989582&ev=PageView&dl=https%3A%2F%2Fwww.win-vip.online%2F&rl=&if=false&ts=1732622808808&sw=1600&sh=1200&ud[external_id]=a5437d5bb17b35ea27f72187d9c2f635&v=2.9.176&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1732622808802.218434133992830593&cs_est=true&ler=empty&cdl=API_unavailable&it=1732622808551&coo=false&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7441558297613782723"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 12:06:48 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
MUz67TWQqF5hgusqKlanVOBotIHj8n6CuVMubsgmQmXNTIy4/WG75Sya2UDDuB1i1u7QXYWFek/51fmzui/6jQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7441558297613782723", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=16, rtx=0, c=24, mss=1232, tbw=5320, tp=20, tpl=0, uplat=68, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1294222291266262&ev=PageView&dl=https%3A%2F%2Fwww.win-vip.online%2F&rl=&if=false&ts=1732622808811&sw=1600&sh=1200&ud[external_id]=a5437d5bb17b35ea27f72187d9c2f635&v=2.9.176&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1732622808802.218434133992830593&cs_est=true&ler=empty&cdl=API_unavailable&it=1732622808551&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=5032, tp=16, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 26 Nov 2024 12:06:48 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
192 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1294222291266262&ev=PageView&dl=https%3A%2F%2Fwww.win-vip.online%2F&rl=&if=false&ts=1732622808811&sw=1600&sh=1200&ud[external_id]=a5437d5bb17b35ea27f72187d9c2f635&v=2.9.176&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1732622808802.218434133992830593&cs_est=true&ler=empty&cdl=API_unavailable&it=1732622808551&coo=false&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.win-vip.online/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7441558298236214676"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 12:06:48 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
ZUhaaay7FcCaY1ezF11S7P49Mq2S6OfwqyCCBZHKNxVlPZc3coRtEGUm5bNlA8njmTuku5sj7u71mB0T8jsX+w==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7441558298236214676", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=16, rtx=0, c=26, mss=1232, tbw=8504, tp=23, tpl=0, uplat=82, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| __cfQR function| lintrk boolean| _already_called_lintrk object| __hsCollectedFormsDebug object| _hsq object| _hsp object| hsCookieBanner boolean| PIXELS_RAN object| enabledEventSettings function| sanitizeKey boolean| _hstc_loaded object| hsCtasOnReady object| __PRIVATE__HubspotCtaClient object| hsCallsToActionsReady object| __hsWebInteractiveInstance object| hjSiteSettings function| hj object| WebFont object| Typekit object| sa5 object| Sa5 function| getRandomInt string| sotien function| myFunction1 function| myFunction2 function| myFunction3 function| wsg_inject_script function| w3counter function| w3counter_conversion number| _w3counter object| _hjSettings object| google_tag_manager object| google_tag_data object| dataLayer object| ORIBILI function| $ function| jQuery function| tram object| Webflow function| objectFitPolyfill boolean| __cfRLUnblockHandlers boolean| _hspb_loaded boolean| _hspb_ran object| hsConversationsOnReady object| HubSpotCallsToActions boolean| hubspot_web_interactives_running boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| zitag object| ZILogs function| loadZILogs function| errorHandler function| onYouTubeIframeAPIReady object| gaGlobal function| fbq function| _fbq object| _linkedin_data_partner_ids object| GooglebQhCsO object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled

19 Cookies

Domain/Path Name / Value
www.w3counter.com/ Name: SERVERID
Value: s3
.w3counter.com/ Name: 154495_visit
Value: 1
.linkedin.com/ Name: bcookie
Value: "v=2&dd28c828-21c7-4f7a-89f1-1ccd32b9a466"
.linkedin.com/ Name: lidc
Value: "b=VGST05:s=V:r=V:a=V:p=V:g=3241:u=1:x=1:i=1732622807:t=1732709207:v=2:sig=AQHROSFI5ItFbzaCwu9TEL-xhACPwUZM"
www.win-vip.online/ Name: __hstc
Value: 104991580.a5437d5bb17b35ea27f72187d9c2f635.1732622808212.1732622808212.1732622808212.1
www.win-vip.online/ Name: hubspotutk
Value: a5437d5bb17b35ea27f72187d9c2f635
www.win-vip.online/ Name: __hssrc
Value: 1
www.win-vip.online/ Name: __hssc
Value: 104991580.1.1732622808212
.hubspot.com/ Name: __cf_bm
Value: BTkrqL9B5RpIlFxMQ9IrD9BVZ9lf55X3ob1eWfQ84Nw-1732622808-1.0.1.1-iTC1oT6_7XSOgFy7uGNjlfd5I_eJkuqnbFPMvjNbRkz0kX9gGn7f9xdO69_N2iUQw.TjshojJY9L4QE7.70.Kg
.hubspot.com/ Name: _cfuvid
Value: I4d6eXW0ovBSWewC8Jq5ojgpiD54vZ61BaqMEsXck7k-1732622808338-0.0.1.1-604800000
.hsforms.com/ Name: __cf_bm
Value: IP9cVyGPUN05utRgAgEYllSY3iekAvqhTsLtct7F6eU-1732622808-1.0.1.1-Ki0nPOXAlPjConMlHDOgOnhTJrJCOuBqpvusMdpv2BXBpn9qyYwecZA8ICiwYRKCoHRsHjbsr1dVzQAV7sR_qg
.hsforms.com/ Name: _cfuvid
Value: kieSxZ4oq6zP0FgKHqB7UwVxPPovY58I5b8IOBK8A9c-1732622808427-0.0.1.1-604800000
.win-vip.online/ Name: _ga_JQJW0R9K67
Value: GS1.1.1732622808.1.0.1732622808.60.0.0
.win-vip.online/ Name: _ga
Value: GA1.1.42638077.1732622808
.win-vip.online/ Name: _gcl_au
Value: 1.1.1322119303.1732622809
.doubleclick.net/ Name: IDE
Value: AHWqTUnkg2YZKgYlfJd-d9lZHgZanaqvsFm7WN16Aij7GjkaqXcfYgFaGrk65MLU
.win-vip.online/ Name: _hjSessionUser_3328561
Value: eyJpZCI6IjZjZDM1ODJhLWIyMDUtNTM5NC1iODZlLTZmZTYxOTg0NzYyNCIsImNyZWF0ZWQiOjE3MzI2MjI4MDg3MzgsImV4aXN0aW5nIjpmYWxzZX0=
.win-vip.online/ Name: _hjSession_3328561
Value: eyJpZCI6ImUxZjVlNmYzLTMzMTUtNDIwYS1iNzNiLWQ2MjAzZThjNzIzNSIsImMiOjE3MzI2MjI4MDg3NDAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.win-vip.online/ Name: _fbp
Value: fb.1.1732622808802.218434133992830593

5 Console Messages

Source Level URL
Text
network error URL: https://www.win-vip.online/imges/win%20vip/win%20vip_banner.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.win-vip.online/imges/win%20vip/win%20vip_logo.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.win-vip.online/imges/win%20vip/win%20vip_logo-32x32.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.win-vip.online/imges/win%20vip/win%20vip_logo-192x192.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.hubapi.com
connect.facebook.net
cta-service-cms2.hubspot.com
forms.hscollectedforms.net
googleads.g.doubleclick.net
hubspotonwebflow.com
js.hs-banner.com
js.zi-scripts.com
p.typekit.net
perf-na1.hsforms.com
px.ads.linkedin.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
td.doubleclick.net
track.hubspot.com
use.typekit.net
win-vip.online
www.facebook.com
www.google.com
www.google.com.sg
www.googletagmanager.com
www.w3counter.com
www.win-vip.online
104.18.37.212
13.33.252.92
18.164.96.87
2600:1408:c400:29::17da:da44
2600:1408:c400:5::17c7:3719
2606:4700:20::681a:75d
2606:4700:3036::ac43:adc6
2606:4700:4400::ac40:9310
2606:4700::6810:6efe
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6812:50cc
2606:4700::6812:f46c
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c0b::68
2607:f8b0:4004:c17::61
2607:f8b0:4004:c17::9c
2607:f8b0:4004:c1b::8b
2607:f8b0:4004:c21::9c
2620:1ec:21::14
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
76.76.21.142
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
0415c1594203cee0f86555464a21d31ed704178d1f8546cd819e856746d40445
044cb4a9d0f48b4053905ba556fbbdb3f1bb60e67c376d0919fb129441de2603
0ed340bd6992146e07a610e3d0239b8f4a314adaa4468087f41b49ee15819127
0f475f9fec7d7f83a627270b13a8a9b8ced33b7a77bbb930f26210f0ec7568e2
0f506efb03522062d6cf731968f1b493485e1ba0ad39379bf64aba1ab414df70
100095ec1d09b1642bbbc465650c17fb961d1660ebece0260e93edac7cd4b9f8
10ef3ba5308697292067120aee8cea7f3341a9a5e691475bc4a29805a5194939
11af76ba37d64750108753168bbfe0eb5cb9a03432ff3f4fceee6c8a4238ba78
13c1cec814dba2a87b1068d5417c462ead2271c1a2ab7127671af8918f103ea2
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
156d879716aeee9adda31d4718806a9ad3d3da614fb87188863cbb5c20f1124f
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1f840128c256c93e035f902b78d1670f4a594f1185e3f0fcd32e1b04aa6c63ff
1f8a1a8cf7cae1d1b262d4554e8cc25789776f81689466d522b7284e4e2b6071
1fcbcd802e02fcb3aed686f93c994846ef5e460e1fa176cb8efbfdb3c386dafd
20ef74464efebbd27ec9f88781e7a320f73b79faaaf2cedfe40e275ae795b3f6
21152971983ab0f08638f7bc1619a54efd4d9f3115ffdef92c151b9b9d1a109d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2dad3adbebb7e26e17f3d3237f4822eeb951545e32c3ace205fabe88f99014d8
3d2b20de495a41a61df38e4224ae0732c27e1a05015f76191df0cae0cd4fa27a
3dac47acb1d3459ecf35c9e8452b03e68e68bd14c85982a69324655e41352d1c
42c7fae680748a76e74e9c9b2d20c66635bddb9817227edbf81a1f3968b1bf19
43d6941f3967a65b294095e5e060559e8678b3422d2d82820f850ff6917ef70d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
59772f75ee914b069299b0ba2f07bc86cbb4acecdbd109cc46b105bd09543823
5cc6b22c99298cb66098ae9c78b94dbe251bf594b3b1c7c1a29270160f16340d
5cd852a8dc023cd144637b7963b34678000d81df974a775d199bdf8d0ca79680
61d874c414152b00cd5c096efccda3d81af62981aabf73fbbd9718a176d273dd
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6a4a0c7384db11d1ad97e934ee8d334461b50eb5c243bf05701ae0f46cdff46f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
72a508ca7d8a48f5c30e886293834fd6eb41f01949450c60f6101db5b5fc9261
72bf4b2c4c35eb809aff7224dcb19323db8b209ed9266c3f7a764a829fc16990
787ed6b137dde8c9a8d2f44d7364bd4221daba7f36d2b091235c6f0608c7f5fc
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
86687f3e5f5afdcf3625c8dde9300bb27a5715ae747f119a1a4c8f89064c254c
89aa799a0fed8355e96e1a4f31a13cf0516f6b61ee64315ea638ae04e9f1dc72
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
916188076d139eaab6fc8d7328c3a8b79f7505890732484567dcd089689bde34
944352d0198c673b45a699471c970aef85458ea3c58a3ed825b0f0e4f33f999c
97d97466f9e38aa0b3a3922dbe9c53fdbf029a204b172005820b51e72eb291f8
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a53a34f17d6527d87ea467b4925f63f4df3efaf66508603a0aa6cd10228f69b6
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b00999ed6bc5dfa5c0950106c7584461db9514e8c9812ebb5766160437108cab
b18c44bfd1324c396c9b6869220b7455dda9cd6ac266d30464c599aefeacb906
bd456fcd1d8b88c8d9842080c6f7b2adc10b58bea99479d3a35e32ad9c28e29e
c1eec6939693de2560a7cd2cb9bd833745efddbaa9887d4fa32464c44a3fbd33
ca9d024602a125c1a69d59ddf48de27e14ac99a237206bd4f40ed5c196f919a5
ccd868c25041a564235da92e31bed53b958b6d0a80be9b74847d0690b406909a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cee5f74906b5e950e6bfc3fdbbe49fb29f547348e7dc6d1de8acde0321ed44d3
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d780096f66abcb72eda073e24afadf5b98273a40bdb794b3913ed64a74f3a489
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e779904e434d50e426e79dfac680cdb8a04564e67121c257974278a02979e407
e892a6d857db6df218569b0bfebdb8786714ff39dd1970607a632dbd72cc9e21
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ec9a6b5f2a959352baa2d305907e360ab07f45d1522d2e3c0bdcfe01550bf6ce
ed9035bf369685ba358a4e8b537ecc80277feb49ea2667ca8b1b0ca8a2045085
eda1bb69974073df5ff4b9c48d90f0992d5b6090d80a0e9ce8b905c1a9c373a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f195eade4059e1446eeeb8c16c8fdb17a540c2243ae3a37b63d55c4d93971382
f1f66ae997fce2dfca15a9849a640ecfc85919b7a94cc3f89de68b68a00f0e84
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
feb5c0ee05ef970a3cf34bac95d465e96ccb3a3df353b3a641d9391c168e68ad