urlscan.io logo urlscan.io
SecurityTrails logo

www.choose-to-win.com Open in urlscan Pro
185.3.185.94  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ca.semtatr.com/index.php/campaigns/lf721gmjh530d/track-url/ad0189300sad8/2020965573a510921a05a32616571c9d64111e09
Effective URL: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postbac...
Submission Tags: falconsandbox
Submission: On May 10 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 28 HTTP transactions. The main IP is 185.3.185.94, located in Germany and belongs to CLARANET-AS ClaraNET LTD, GB. The main domain is www.choose-to-win.com.
TLS certificate: Issued by R3 on April 3rd 2021. Valid for: 3 months.
This is the only time www.choose-to-win.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 93.113.36.194 41011 (CH-NET-AS)
1 2 2a05:d018:483... 16509 (AMAZON-02)
1 2 2a05:d018:483... 16509 (AMAZON-02)
2 5 52.213.100.209 16509 (AMAZON-02)
20 185.3.185.94 8426 (CLARANET-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
28 7
1    93.113.36.194 (Romania)

ASN41011 (CH-NET-AS, RO)
PTR: mx6.usnmail.com
ca.semtatr.com
2    2a05:d018:483:6120:97d8:afe1:e21b:e9ef (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
gdmtrck.com
gdmconvtrck.com
2    2a05:d018:483:6110:4be6:fd5f:a447:83e0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
gfstrck.com
5    52.213.100.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-100-209.eu-west-1.compute.amazonaws.com
trck.easytrck123.com
20    185.3.185.94 (Germany)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)
www.choose-to-win.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:20::681a:f1f (United States)

ASN13335 (CLOUDFLARENET, US)
static.cleverpush.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
20 www.choose-to-win.com trck.easytrck123.com
www.choose-to-win.com
5 trck.easytrck123.com 2 redirects gdmconvtrck.com
2 gfstrck.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 static.cleverpush.com www.choose-to-win.com
1 fonts.googleapis.com www.choose-to-win.com
1 gdmconvtrck.com gfstrck.com
1 gdmtrck.com 1 redirects
1 ca.semtatr.com 1 redirects
28 9

This site contains links to these domains. Also see Links.

Domain
trk.adstrck123.com
Subject Issuer Validity Valid
clfstrk.com
Amazon		 2020-06-09 -
2021-07-09		 a year crt.sh
gdmconvtrck.com
Amazon		 2021-02-21 -
2022-03-22		 a year crt.sh
trck.easytrck123.com
Amazon		 2021-02-01 -
2022-03-02		 a year crt.sh
www.choose-to-win.com
R3		 2021-04-03 -
2021-07-02		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-12 -
2021-08-12		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Frame ID: 97D16A01B30752535FF287FD1A32712D
Requests: 24 HTTP requests in this frame

Frame: https://www.choose-to-win.com/sc/klWnzvgilyIgikpGjgwnoqJKkPimwIykkhqkoPLzqmwxMlRiwKgLKggiRkgwthiKgmihyvlGoxgxykkIqMjlwlRwpMkthvKGpnhiryjvhjxXrmRjgspyjpKjhmHwuosjmmkLzqLpyszyImtNnshxzmspImjwuqLwJotgwxsLiRxpGogLqGOhyuqLtjszymiLjhsLGkImggKoyiQtpgxkrKngzgjiGRLGgkhjjsNLikmggKoxirwmvnojNlLIMQgopyMqrlMNjyOtwhwxKq
Frame ID: 9486429186D881D80DF1914A6D3AD9F3
Requests: 2 HTTP requests in this frame

Frame: https://www.choose-to-win.com/sc/nlWgzmwyKKggjhjorKNOshxmotngskMIhLhwsKKXtrlmpyuqKLJsPwmmsLxmKKuhLrmsMxGkuxvKGMgmughMiHQhnoxGlGxhgqxijKiRkgwthiKgmikuHnQtghgopPnotgxgGQoiRKkPimwJOqkHRqGOhyuqLtjszymiLjikJkmQiljmQgkrlskozMyhioJwuhmgmkpugLOPgvsJmNrKhhmrppsJrsurxIgmimyLJwhiLrhilMhwojhuwMhhiLylRiygwhwQroxihjkopsysmrgl
Frame ID: 7EF90123C0D77D9AB2D94A0BD235B65F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ca.semtatr.com/index.php/campaigns/lf721gmjh530d/track-url/ad0189300sad8/2020965573a510921a... HTTP 301
    https://gdmtrck.com/?a=69141&c=245929&s2=1750kok HTTP 302
    https://gfstrck.com/?a=69141&c=245929&oc=129113&sr=t&s2=1750kok&vt=1620639802189&h=1ca1fb748595c... Page URL
  2. https://gfstrck.com/?a=69141&c=245929&oc=129113&sr=t&s2=1750kok&vt=1620639802304&h=68e8973dde674... HTTP 302
    https://trck.easytrck123.com/aff_c?offer_id=2991&aff_id=9095&url_id=16973&aff_sub=69141&aff_sub2=40ba46d8... HTTP 302
    https://trck.easytrck123.com/aff_r?offer_id=2991&aff_id=9095&url=https%3A%2F%2Fwww.choose-to-win.com%2Fcg... Page URL
  3. https://trck.easytrck123.com/aff_r?offer_id=2991&aff_id=9095&redirect_pass=2&url=https%3A%2F%2Fwww.choose... Page URL
  4. https://trck.easytrck123.com/aff_r?offer_id=2991&aff_id=9095&redirect_pass=3&url=https%3A%2F%2Fwww.choose... HTTP 302
    https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

28
Requests

100 %
HTTPS

63 %
IPv6

9
Domains

9
Subdomains

7
IPs

4
Countries

467 kB
Transfer

1059 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ca.semtatr.com/index.php/campaigns/lf721gmjh530d/track-url/ad0189300sad8/2020965573a510921a05a32616571c9d64111e09 HTTP 301
    https://gdmtrck.com/?a=69141&c=245929&s2=1750kok HTTP 302
    https://gfstrck.com/?a=69141&c=245929&oc=129113&sr=t&s2=1750kok&vt=1620639802189&h=1ca1fb748595c248ef75e0d2c21f80ce061e8c58&req=https%3A%2F%2Fgdmtrck.com%2F%3Fa%3D69141%26c%3D245929%26s2%3D1750kok&mt=3&sip=2a01:4f8:192:5414::2 Page URL
  2. https://gfstrck.com/?a=69141&c=245929&oc=129113&sr=t&s2=1750kok&vt=1620639802304&h=68e8973dde6747fdc69f32d293d484bd1e7fc744&req=https%3A%2F%2Fgdmtrck.com%2F%3Fa%3D69141%26c%3D245929%26s2%3D1750kok&mt=3&sip=2a01:4f8:192:5414::2&us=d26e73bc1af548b980a843b7dd77f868 HTTP 302
    https://trck.easytrck123.com/aff_c?offer_id=2991&aff_id=9095&url_id=16973&aff_sub=69141&aff_sub2=40ba46d84b284793868589410571704316d06 HTTP 302
    https://trck.easytrck123.com/aff_r?offer_id=2991&aff_id=9095&url=https%3A%2F%2Fwww.choose-to-win.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D524%26wingame_pk%3D61%26freetest_pk%3D211%26sub_id%3D9095-69141%26sub_id_postback%3D102a90d58a0cdf5e295f770ffdc885&urlauth=421165263359492590866751153223 Page URL
  3. https://trck.easytrck123.com/aff_r?offer_id=2991&aff_id=9095&redirect_pass=2&url=https%3A%2F%2Fwww.choose-to-win.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D524%26wingame_pk%3D61%26freetest_pk%3D211%26sub_id%3D9095-69141%26sub_id_postback%3D102a90d58a0cdf5e295f770ffdc885&urlauth=421165263359492590866751153223 Page URL
  4. https://trck.easytrck123.com/aff_r?offer_id=2991&aff_id=9095&redirect_pass=3&url=https%3A%2F%2Fwww.choose-to-win.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D524%26wingame_pk%3D61%26freetest_pk%3D211%26sub_id%3D9095-69141%26sub_id_postback%3D102a90d58a0cdf5e295f770ffdc885&urlauth=421165263359492590866751153223 HTTP 302
    https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ca.semtatr.com/index.php/campaigns/lf721gmjh530d/track-url/ad0189300sad8/2020965573a510921a05a32616571c9d64111e09 HTTP 301
  • https://gdmtrck.com/?a=69141&c=245929&s2=1750kok HTTP 302
  • https://gfstrck.com/?a=69141&c=245929&oc=129113&sr=t&s2=1750kok&vt=1620639802189&h=1ca1fb748595c248ef75e0d2c21f80ce061e8c58&req=https%3A%2F%2Fgdmtrck.com%2F%3Fa%3D69141%26c%3D245929%26s2%3D1750kok&mt=3&sip=2a01:4f8:192:5414::2
Request Chain 2
  • https://gfstrck.com/?a=69141&c=245929&oc=129113&sr=t&s2=1750kok&vt=1620639802304&h=68e8973dde6747fdc69f32d293d484bd1e7fc744&req=https%3A%2F%2Fgdmtrck.com%2F%3Fa%3D69141%26c%3D245929%26s2%3D1750kok&mt=3&sip=2a01:4f8:192:5414::2&us=d26e73bc1af548b980a843b7dd77f868 HTTP 302
  • https://trck.easytrck123.com/aff_c?offer_id=2991&aff_id=9095&url_id=16973&aff_sub=69141&aff_sub2=40ba46d84b284793868589410571704316d06 HTTP 302
  • https://trck.easytrck123.com/aff_r?offer_id=2991&aff_id=9095&url=https%3A%2F%2Fwww.choose-to-win.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D524%26wingame_pk%3D61%26freetest_pk%3D211%26sub_id%3D9095-69141%26sub_id_postback%3D102a90d58a0cdf5e295f770ffdc885&urlauth=421165263359492590866751153223

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
gfstrck.com/
Redirect Chain
  • http://ca.semtatr.com/index.php/campaigns/lf721gmjh530d/track-url/ad0189300sad8/2020965573a510921a05a32616571c9d64111e09
  • https://gdmtrck.com/?a=69141&c=245929&s2=1750kok
  • https://gfstrck.com/?a=69141&c=245929&oc=129113&sr=t&s2=1750kok&vt=1620639802189&h=1ca1fb748595c248ef75e0d2c21f80ce061e8c58&req=https%3A%2F%2Fgdmtrck.com%2F%3Fa%3D69141%26c%3D245929%26s2%3D1750kok&...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gfstrck.com/?a=69141&c=245929&oc=129113&sr=t&s2=1750kok&vt=1620639802189&h=1ca1fb748595c248ef75e0d2c21f80ce061e8c58&req=https%3A%2F%2Fgdmtrck.com%2F%3Fa%3D69141%26c%3D245929%26s2%3D1750kok&mt=3&sip=2a01:4f8:192:5414::2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:483:6110:4be6:fd5f:a447:83e0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8e354f88a55e143fe559c00455a11d25b39ee27afcdeb6ea6981e2a0731d61f2

Request headers

:method
GET
:authority
gfstrck.com
:scheme
https
:path
/?a=69141&c=245929&oc=129113&sr=t&s2=1750kok&vt=1620639802189&h=1ca1fb748595c248ef75e0d2c21f80ce061e8c58&req=https%3A%2F%2Fgdmtrck.com%2F%3Fa%3D69141%26c%3D245929%26s2%3D1750kok&mt=3&sip=2a01:4f8:192:5414::2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 09:43:22 GMT
content-type
text/html;charset=utf-8
server
nginx
vary
Accept-Encoding
cache-control
no-cache, must-revalidate
pragma
no-cache
expires
Sat, 1 May 2020 12:00:00 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
content-encoding
gzip

Redirect headers

date
Mon, 10 May 2021 09:43:22 GMT
content-type
text/html;charset=ISO-8859-1
location
https://gfstrck.com?a=69141&c=245929&oc=129113&sr=t&s2=1750kok&vt=1620639802189&h=1ca1fb748595c248ef75e0d2c21f80ce061e8c58&req=https%3A%2F%2Fgdmtrck.com%2F%3Fa%3D69141%26c%3D245929%26s2%3D1750kok&mt=3&sip=2a01:4f8:192:5414::2
server
nginx
content-language
en-US
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
user
gdmconvtrck.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdmconvtrck.com/user?a=69141&c=245929
Requested by
Host: gfstrck.com
URL: https://gfstrck.com/?a=69141&c=245929&oc=129113&sr=t&s2=1750kok&vt=1620639802189&h=1ca1fb748595c248ef75e0d2c21f80ce061e8c58&req=https%3A%2F%2Fgdmtrck.com%2F%3Fa%3D69141%26c%3D245929%26s2%3D1750kok&mt=3&sip=2a01:4f8:192:5414::2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:483:6120:97d8:afe1:e21b:e9ef Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9067348690c298b40379f05020c6b1b60c35561318ffed18d0a560450ebb6b2a

Request headers

Referer
https://gfstrck.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 May 2021 09:43:22 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*, *
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
expires
Sat, 1 May 2020 12:00:00 GMT
aff_r
trck.easytrck123.com/
Redirect Chain
  • https://gfstrck.com/?a=69141&c=245929&oc=129113&sr=t&s2=1750kok&vt=1620639802304&h=68e8973dde6747fdc69f32d293d484bd1e7fc744&req=https%3A%2F%2Fgdmtrck.com%2F%3Fa%3D69141%26c%3D245929%26s2%3D1750kok&...
  • https://trck.easytrck123.com/aff_c?offer_id=2991&aff_id=9095&url_id=16973&aff_sub=69141&aff_sub2=40ba46d84b284793868589410571704316d06
  • https://trck.easytrck123.com/aff_r?offer_id=2991&aff_id=9095&url=https%3A%2F%2Fwww.choose-to-win.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D524%26wingame_pk%3D61%26freetest_pk%3D211%26sub_id%3D9095-...
350 B
729 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trck.easytrck123.com/aff_r?offer_id=2991&aff_id=9095&url=https%3A%2F%2Fwww.choose-to-win.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D524%26wingame_pk%3D61%26freetest_pk%3D211%26sub_id%3D9095-69141%26sub_id_postback%3D102a90d58a0cdf5e295f770ffdc885&urlauth=421165263359492590866751153223
Requested by
Host: gdmconvtrck.com
URL: https://gdmconvtrck.com/user?a=69141&c=245929
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.100.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-100-209.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Host
trck.easytrck123.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://gfstrck.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
aff_ran_url_2991=16973; enc_aff_session_2991=ENC0392b2e0e0e9c3127cb3d440f6defe5a0807964b6355b33f1ed61ac39641f3fbc85adb01857b04a948ed4b122124b585f76030b151c9b62509d738a709dff4ec01d486fa254adc5c194af7d5e15423d1f327d1c144bee8e3bc02c70e9f48cc67de4c9f3dc71b69e2b7a00c3a700a11b0f5ec3f94d38c4acbf7613924a6b0f565f4553b6b9a9f09110689a150194611ed048bde4189942cd59b9a1dc46377156fe48e89a89cbcd08e6abe85b97221be1997c138c939b1b5efbfb803e94a300b54c527ab9f6e; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4OS4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gfstrck.com/?a=69141&c=245929&oc=129113&sr=t&s2=1750kok&vt=1620639802189&h=1ca1fb748595c248ef75e0d2c21f80ce061e8c58&req=https%3A%2F%2Fgdmtrck.com%2F%3Fa%3D69141%26c%3D245929%26s2%3D1750kok&mt=3&sip=2a01:4f8:192:5414::2

Response headers

Server
nginx
Date
Mon, 10 May 2021 09:43:22 GMT
Content-Type
text/html
Content-Length
350
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Access-Control-Allow-Origin
*
X-Request-Id
99a9c8b122286efadb0b88ef5197b51f
Access-Control-Allow-Headers
Tune-SDK-Version

Redirect headers

Server
nginx
Date
Mon, 10 May 2021 09:43:22 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
/aff_r?offer_id=2991&aff_id=9095&url=https%3A%2F%2Fwww.choose-to-win.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D524%26wingame_pk%3D61%26freetest_pk%3D211%26sub_id%3D9095-69141%26sub_id_postback%3D102a90d58a0cdf5e295f770ffdc885&urlauth=421165263359492590866751153223
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Set-Cookie
aff_ran_url_2991=16973; expires=Tue, 11 May 2021 09:43:22 GMT; path=/; SameSite=None; Secure enc_aff_session_2991=ENC0392b2e0e0e9c3127cb3d440f6defe5a0807964b6355b33f1ed61ac39641f3fbc85adb01857b04a948ed4b122124b585f76030b151c9b62509d738a709dff4ec01d486fa254adc5c194af7d5e15423d1f327d1c144bee8e3bc02c70e9f48cc67de4c9f3dc71b69e2b7a00c3a700a11b0f5ec3f94d38c4acbf7613924a6b0f565f4553b6b9a9f09110689a150194611ed048bde4189942cd59b9a1dc46377156fe48e89a89cbcd08e6abe85b97221be1997c138c939b1b5efbfb803e94a300b54c527ab9f6e; expires=Thu, 10 Jun 2021 09:43:22 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4OS4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Wed, 03 Apr 2024 20:23:22 GMT; path=/; SameSite=None; Secure
Tracking_id
102a90d58a0cdf5e295f770ffdc885
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Origin
*
X-Request-Id
e111ffa26a6634d61cb2277f341def8b
Access-Control-Allow-Headers
Tune-SDK-Version
aff_r
trck.easytrck123.com/ 		0
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trck.easytrck123.com/aff_r?offer_id=2991&aff_id=9095&redirect_pass=1&url=https%3A%2F%2Fwww.choose-to-win.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D524%26wingame_pk%3D61%26freetest_pk%3D211%26sub_id%3D9095-69141%26sub_id_postback%3D102a90d58a0cdf5e295f770ffdc885&urlauth=421165263359492590866751153223
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.100.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-100-209.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Host
trck.easytrck123.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://trck.easytrck123.com/aff_r?offer_id=2991&aff_id=9095&url=https%3A%2F%2Fwww.choose-to-win.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D524%26wingame_pk%3D61%26freetest_pk%3D211%26sub_id%3D9095-69141%26sub_id_postback%3D102a90d58a0cdf5e295f770ffdc885&urlauth=421165263359492590866751153223
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
aff_ran_url_2991=16973; enc_aff_session_2991=ENC0392b2e0e0e9c3127cb3d440f6defe5a0807964b6355b33f1ed61ac39641f3fbc85adb01857b04a948ed4b122124b585f76030b151c9b62509d738a709dff4ec01d486fa254adc5c194af7d5e15423d1f327d1c144bee8e3bc02c70e9f48cc67de4c9f3dc71b69e2b7a00c3a700a11b0f5ec3f94d38c4acbf7613924a6b0f565f4553b6b9a9f09110689a150194611ed048bde4189942cd59b9a1dc46377156fe48e89a89cbcd08e6abe85b97221be1997c138c939b1b5efbfb803e94a300b54c527ab9f6e; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4OS4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://trck.easytrck123.com/aff_r?offer_id=2991&aff_id=9095&url=https%3A%2F%2Fwww.choose-to-win.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D524%26wingame_pk%3D61%26freetest_pk%3D211%26sub_id%3D9095-69141%26sub_id_postback%3D102a90d58a0cdf5e295f770ffdc885&urlauth=421165263359492590866751153223

Response headers

Server
nginx
Date
Mon, 10 May 2021 09:43:22 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Refresh
0;url=/aff_r?offer_id=2991&aff_id=9095&redirect_pass=2&url=https%3A%2F%2Fwww.choose-to-win.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D524%26wingame_pk%3D61%26freetest_pk%3D211%26sub_id%3D9095-69141%26sub_id_postback%3D102a90d58a0cdf5e295f770ffdc885&urlauth=421165263359492590866751153223
Access-Control-Allow-Origin
*
X-Request-Id
e0ae39cd0b74c5ccfe994ade9d75029a
Access-Control-Allow-Headers
Tune-SDK-Version
aff_r
trck.easytrck123.com/ 		737 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trck.easytrck123.com/aff_r?offer_id=2991&aff_id=9095&redirect_pass=2&url=https%3A%2F%2Fwww.choose-to-win.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D524%26wingame_pk%3D61%26freetest_pk%3D211%26sub_id%3D9095-69141%26sub_id_postback%3D102a90d58a0cdf5e295f770ffdc885&urlauth=421165263359492590866751153223
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.100.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-100-209.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Host
trck.easytrck123.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://trck.easytrck123.com/aff_r?offer_id=2991&aff_id=9095&redirect_pass=1&url=https%3A%2F%2Fwww.choose-to-win.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D524%26wingame_pk%3D61%26freetest_pk%3D211%26sub_id%3D9095-69141%26sub_id_postback%3D102a90d58a0cdf5e295f770ffdc885&urlauth=421165263359492590866751153223
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
aff_ran_url_2991=16973; enc_aff_session_2991=ENC0392b2e0e0e9c3127cb3d440f6defe5a0807964b6355b33f1ed61ac39641f3fbc85adb01857b04a948ed4b122124b585f76030b151c9b62509d738a709dff4ec01d486fa254adc5c194af7d5e15423d1f327d1c144bee8e3bc02c70e9f48cc67de4c9f3dc71b69e2b7a00c3a700a11b0f5ec3f94d38c4acbf7613924a6b0f565f4553b6b9a9f09110689a150194611ed048bde4189942cd59b9a1dc46377156fe48e89a89cbcd08e6abe85b97221be1997c138c939b1b5efbfb803e94a300b54c527ab9f6e; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4OS4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://trck.easytrck123.com/aff_r?offer_id=2991&aff_id=9095&redirect_pass=1&url=https%3A%2F%2Fwww.choose-to-win.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D524%26wingame_pk%3D61%26freetest_pk%3D211%26sub_id%3D9095-69141%26sub_id_postback%3D102a90d58a0cdf5e295f770ffdc885&urlauth=421165263359492590866751153223

Response headers

Server
nginx
Date
Mon, 10 May 2021 09:43:22 GMT
Content-Type
text/html
Content-Length
737
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Access-Control-Allow-Origin
*
X-Request-Id
d2d1d3f68c712ab86db44b1b6ee83c5d
Access-Control-Allow-Headers
Tune-SDK-Version
Primary Request wingame.pl
www.choose-to-win.com/cgi-bin/
Redirect Chain
  • https://trck.easytrck123.com/aff_r?offer_id=2991&aff_id=9095&redirect_pass=3&url=https%3A%2F%2Fwww.choose-to-win.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D524%26wingame_pk%3D61%26freetest_pk%3D211%...
  • https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
42 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Requested by
Host: trck.easytrck123.com
URL: https://trck.easytrck123.com/aff_r?offer_id=2991&aff_id=9095&redirect_pass=2&url=https%3A%2F%2Fwww.choose-to-win.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D524%26wingame_pk%3D61%26freetest_pk%3D211%26sub_id%3D9095-69141%26sub_id_postback%3D102a90d58a0cdf5e295f770ffdc885&urlauth=421165263359492590866751153223
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
142db468773dd1ddb32c51c128993f57213e023b2407ddcf71bf8b7147b56d1d

Request headers

:method
GET
:authority
www.choose-to-win.com
:scheme
https
:path
/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://trck.easytrck123.com/aff_r?offer_id=2991&aff_id=9095&redirect_pass=2&url=https%3A%2F%2Fwww.choose-to-win.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D524%26wingame_pk%3D61%26freetest_pk%3D211%26sub_id%3D9095-69141%26sub_id_postback%3D102a90d58a0cdf5e295f770ffdc885&urlauth=421165263359492590866751153223

Response headers

server
nginx
date
Mon, 10 May 2021 09:43:23 GMT
content-type
text/html;charset=ISO-8859-1
x-firstpage
1
x-page
pregame
x-map-context
uk
x-served-by
c-04
content-encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 10 May 2021 09:43:22 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
358
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Pragma
no-cache
Access-Control-Allow-Origin
*
X-Request-Id
31f231197df8f86dcf7d7e4a6d74ef49
Access-Control-Allow-Headers
Tune-SDK-Version
default.css
www.choose-to-win.com/_global/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.choose-to-win.com/_global/css/default.css?2021-05-10.1
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
a211fa8cfb82dcb3b146a1b52b658cb54aab0e8643753a2ee4e91bbab7cea84d

Request headers

:path
/_global/css/default.css?2021-05-10.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.choose-to-win.com
referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 09:43:23 GMT
content-encoding
gzip
last-modified
Mon, 18 Feb 2019 07:52:24 GMT
server
nginx
x-map-context
uk
etag
W/"5c6a6438-10e7"
x-served-by
c-03
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
expires
Tue, 11 May 2021 09:43:23 GMT
font-awesome.min.css
www.choose-to-win.com/_global/fonts/font-awesome-4.6.3/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.choose-to-win.com/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2021-05-10.1
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
2915756289e00f26ea66d2cfbdddb890bf2eaed1823e2d4b5855f49eea567064

Request headers

:path
/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2021-05-10.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.choose-to-win.com
referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 09:43:23 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2016 09:52:51 GMT
server
nginx
x-map-context
uk
etag
W/"57b58573-71c7"
x-served-by
c-03
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
expires
Tue, 11 May 2021 09:43:23 GMT
series.css
www.choose-to-win.com/_global/wingame/54/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.choose-to-win.com/_global/wingame/54/css/series.css?2021-05-10.1
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
1fc039c2300388350621456e0164b8e42bb0018b43ad1631462529cf91cd9826

Request headers

:path
/_global/wingame/54/css/series.css?2021-05-10.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.choose-to-win.com
referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 09:43:23 GMT
content-encoding
gzip
last-modified
Fri, 12 Mar 2021 08:51:37 GMT
server
nginx
x-map-context
uk
etag
W/"604b2b99-6635"
x-served-by
c-02
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
expires
Tue, 11 May 2021 09:43:23 GMT
sweepstake.css
www.choose-to-win.com/wingame/61/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.choose-to-win.com/wingame/61/css/sweepstake.css?2021-05-10.1
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
91272cc27254d43d206ce899e2b5aac60bdd04e5460a5d7677b130e0d016ea6c

Request headers

:path
/wingame/61/css/sweepstake.css?2021-05-10.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.choose-to-win.com
referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 09:43:23 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 11:18:02 GMT
server
nginx
x-map-context
uk
etag
W/"608009ea-3ae5"
x-served-by
c-01
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
expires
Tue, 11 May 2021 09:43:23 GMT
theme.css
www.choose-to-win.com/_global/wingame/54/themes/default/css/ 		2 KB
847 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.choose-to-win.com/_global/wingame/54/themes/default/css/theme.css?2021-05-10.1
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
b660eb9b6e0d543df513566804f4812e40e4ac135a114cfeec54b6a3ee8b5745

Request headers

:path
/_global/wingame/54/themes/default/css/theme.css?2021-05-10.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.choose-to-win.com
referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 09:43:23 GMT
content-encoding
gzip
last-modified
Fri, 19 Dec 2014 13:54:34 GMT
server
nginx
x-map-context
uk
etag
W/"54942e1a-891"
x-served-by
c-03
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
expires
Tue, 11 May 2021 09:43:23 GMT
MooTools-Core-1.6.0-compressed.js
www.choose-to-win.com/_global/js/framework/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.choose-to-win.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2021-05-10.1
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36

Request headers

:path
/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2021-05-10.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.choose-to-win.com
referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 09:43:23 GMT
content-encoding
gzip
last-modified
Fri, 10 Nov 2017 11:48:17 GMT
server
nginx
x-map-context
uk
etag
W/"5a059201-15e64"
x-served-by
c-01
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Tue, 11 May 2021 09:43:23 GMT
scripts.js
www.choose-to-win.com/_global/js/ 		55 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.choose-to-win.com/_global/js/scripts.js?2021-05-10.1
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
e41eab570cc8a5a6f7a4d824b3bc2ffdfc10900ffef68b1aeb85fa0101fb65ac

Request headers

:path
/_global/js/scripts.js?2021-05-10.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.choose-to-win.com
referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 09:43:23 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 08:20:13 GMT
server
nginx
x-map-context
uk
etag
W/"6093a6bd-dd05"
x-served-by
c-01
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Tue, 11 May 2021 09:43:23 GMT
global.js
www.choose-to-win.com/wingame/global/js/ 		1 KB
740 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.choose-to-win.com/wingame/global/js/global.js?2021-05-10.1
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
d69bc33ef00b49876d2aea0ee404da63ca835ebc3db537e775b3c6fe7f44ffd9

Request headers

:path
/wingame/global/js/global.js?2021-05-10.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.choose-to-win.com
referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 09:43:23 GMT
content-encoding
gzip
last-modified
Fri, 23 Apr 2021 14:38:53 GMT
server
nginx
x-map-context
uk
etag
W/"6082dbfd-48a"
x-served-by
c-02
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Tue, 11 May 2021 09:43:23 GMT
series.js
www.choose-to-win.com/_global/wingame/54/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.choose-to-win.com/_global/wingame/54/js/series.js?2021-05-10.1
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
aae9e708f3e08e24d14030f3902a198f4c466b9202c48c0dc5d31df097fc285c

Request headers

:path
/_global/wingame/54/js/series.js?2021-05-10.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.choose-to-win.com
referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 09:43:23 GMT
content-encoding
gzip
last-modified
Mon, 23 Nov 2020 08:42:43 GMT
server
nginx
x-map-context
uk
etag
W/"5fbb7603-3474"
x-served-by
c-02
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Tue, 11 May 2021 09:43:23 GMT
sweepstake.js
www.choose-to-win.com/wingame/61/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.choose-to-win.com/wingame/61/js/sweepstake.js?2021-05-10.1
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
e670308468281a3af1b6899bb7df8b2632156e796d5f6a415dfa1aa136c5f8e4

Request headers

:path
/wingame/61/js/sweepstake.js?2021-05-10.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.choose-to-win.com
referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 09:43:23 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 11:18:02 GMT
server
nginx
x-map-context
uk
etag
W/"608009ea-ed2"
x-served-by
c-03
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Tue, 11 May 2021 09:43:23 GMT
css
fonts.googleapis.com/ 		2 KB
606 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
546c9cf28ee399e9811641e9a676a11fa382881a3cc3c5c4dadab2ec9b847c59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 May 2021 08:27:25 GMT
server
ESF
date
Mon, 10 May 2021 09:43:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 May 2021 09:43:23 GMT
close_icon.svg
www.choose-to-win.com/wingame/global/images/ 		841 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.choose-to-win.com/wingame/global/images/close_icon.svg
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
d6625aafc5018f0230c6c78dc48379d86ae4ea03dbe7674ace540bf27dd87976

Request headers

:path
/wingame/global/images/close_icon.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.choose-to-win.com
referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 09:43:23 GMT
last-modified
Mon, 04 May 2020 09:08:58 GMT
server
nginx
x-map-context
uk
etag
"5eafdbaa-349"
x-served-by
c-04
content-type
image/svg+xml
cache-control
max-age=86400
accept-ranges
bytes
content-length
841
expires
Tue, 11 May 2021 09:43:23 GMT
image_211_2_1552572543.png
www.choose-to-win.com/files/web/freetest/_images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.choose-to-win.com/files/web/freetest/_images/image_211_2_1552572543.png
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
189b87de6dd5eba8882b3311ac40e090e14783799a4c04fca7e544b69ebf7b2a

Request headers

:path
/files/web/freetest/_images/image_211_2_1552572543.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.choose-to-win.com
referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 09:43:23 GMT
last-modified
Thu, 14 Mar 2019 14:09:03 GMT
server
nginx
x-map-context
uk
etag
"5c8a607f-457c"
x-served-by
c-04
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
17788
expires
Tue, 11 May 2021 09:43:23 GMT
sign.png
www.choose-to-win.com/wingame/61/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.choose-to-win.com/wingame/61/images/sign.png
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
ccae8983b42be63515d7461ace3f5dca165c4df83531650eaf713869644c741a

Request headers

:path
/wingame/61/images/sign.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.choose-to-win.com
referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 09:43:23 GMT
last-modified
Mon, 04 May 2020 09:08:58 GMT
server
nginx
x-map-context
uk
etag
"5eafdbaa-3a52"
x-served-by
c-01
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
14930
expires
Tue, 11 May 2021 09:43:23 GMT
image_211_8_1551705226.png
www.choose-to-win.com/files/web/freetest/_images/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.choose-to-win.com/files/web/freetest/_images/image_211_8_1551705226.png
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
ac25c665f6c2b9d7b7a5d6d65daf8f11f3d9548de95af69ad1e4f737043f4fe1

Request headers

:path
/files/web/freetest/_images/image_211_8_1551705226.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.choose-to-win.com
referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 09:43:23 GMT
last-modified
Mon, 04 Mar 2019 13:13:46 GMT
server
nginx
x-map-context
uk
etag
"5c7d248a-9189"
x-served-by
c-01
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
37257
expires
Tue, 11 May 2021 09:43:23 GMT
4HaP9FzAbSyxxcfsf.js
static.cleverpush.com/channel/loader/ 		492 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cleverpush.com/channel/loader/4HaP9FzAbSyxxcfsf.js
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
420d0ab5956bd3dfd7493dcdd99716a9f0332141fc01cf6d84066f08d10901b1

Request headers

Referer
https://www.choose-to-win.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 09:43:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
9676
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
N16A5B301NTWDE8Y
x-amz-id-2
BGCPo8QHOF8yJ9OJe9Be0YraO3b1lrAWoZnZeCtGnrQHyvs0Z0AKprVeIyPfYZ95bLAfiVz/LFg=
last-modified
Mon, 10 May 2021 00:37:22 GMT
server
cloudflare
etag
W/"3b134f807bb3d0fe77d3aa7c6edaab2e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sapODWTeu6%2Fp%2FAg5rra1PEwrPc8RUZCUl7OuUTYl%2F%2FqFeBZN5Au5eUPe8BJGUSAQ9aNgYhyETfXn1IsJAbfIva7qlQD03YGUjIfqi8uL4B0FP3ncnV1V%2BQhLGVgDTisGPZI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=5356800
cf-request-id
09f741ffe50000dfbf8d1ca000000001
cf-ray
64d239130e28dfbf-FRA
bg-tesco2019-sr-UK.jpg
www.choose-to-win.com/_static/_global/_supload/images/ 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.choose-to-win.com/_static/_global/_supload/images/bg-tesco2019-sr-UK.jpg
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
ccec0d676d2e8c10a1c678d4e363a460b48194faf0d49b430946ea253d786086

Request headers

:path
/_static/_global/_supload/images/bg-tesco2019-sr-UK.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.choose-to-win.com
referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 09:43:23 GMT
last-modified
Tue, 08 Oct 2019 08:20:12 GMT
server
nginx
etag
"3928521192"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
198586
expires
Tue, 11 May 2021 09:43:23 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.choose-to-win.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 22:04:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:52 GMT
server
sffe
age
473951
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19172
x-xss-protection
0
expires
Wed, 04 May 2022 22:04:12 GMT
klWnzvgilyIgikpGjgwnoqJKkPimwIykkhqkoPLzqmwxMlRiwKgLKggiRkgwthiKgmihyvlGoxgxykkIqMjlwlRwpMkthvKGpnhiryjvhjxXrmRjgspyjpKjhmHwuosjmmkLzqLpyszyImtNnshxzmspImjwuqLwJotgwxsLiRxpGogLqGOhyuqLtjszymiLjhsLG...
www.choose-to-win.com/sc/ Frame 9486 		243 B
335 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.choose-to-win.com/sc/klWnzvgilyIgikpGjgwnoqJKkPimwIykkhqkoPLzqmwxMlRiwKgLKggiRkgwthiKgmihyvlGoxgxykkIqMjlwlRwpMkthvKGpnhiryjvhjxXrmRjgspyjpKjhmHwuosjmmkLzqLpyszyImtNnshxzmspImjwuqLwJotgwxsLiRxpGogLqGOhyuqLtjszymiLjhsLGkImggKoyiQtpgxkrKngzgjiGRLGgkhjjsNLikmggKoxirwmvnojNlLIMQgopyMqrlMNjyOtwhwxKq
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
77d94cf6017f427c288d6ef1041ff2b0a19d01dd774bdf2da46c7828617e7140

Request headers

:method
GET
:authority
www.choose-to-win.com
:scheme
https
:path
/sc/klWnzvgilyIgikpGjgwnoqJKkPimwIykkhqkoPLzqmwxMlRiwKgLKggiRkgwthiKgmihyvlGoxgxykkIqMjlwlRwpMkthvKGpnhiryjvhjxXrmRjgspyjpKjhmHwuosjmmkLzqLpyszyImtNnshxzmspImjwuqLwJotgwxsLiRxpGogLqGOhyuqLtjszymiLjhsLGkImggKoyiQtpgxkrKngzgjiGRLGgkhjjsNLikmggKoxirwmvnojNlLIMQgopyMqrlMNjyOtwhwxKq
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885

Response headers

server
nginx
date
Mon, 10 May 2021 09:43:23 GMT
content-type
text/html;charset=ISO-8859-1
x-map-context
uk
x-served-by
c-02
content-encoding
gzip
nlWgzmwyKKggjhjorKNOshxmotngskMIhLhwsKKXtrlmpyuqKLJsPwmmsLxmKKuhLrmsMxGkuxvKGMgmughMiHQhnoxGlGxhgqxijKiRkgwthiKgmikuHnQtghgopPnotgxgGQoiRKkPimwJOqkHRqGOhyuqLtjszymiLjikJkmQiljmQgkrlskozMyhioJwuhmgm...
www.choose-to-win.com/sc/ Frame 7EF9 		241 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.choose-to-win.com/sc/nlWgzmwyKKggjhjorKNOshxmotngskMIhLhwsKKXtrlmpyuqKLJsPwmmsLxmKKuhLrmsMxGkuxvKGMgmughMiHQhnoxGlGxhgqxijKiRkgwthiKgmikuHnQtghgopPnotgxgGQoiRKkPimwJOqkHRqGOhyuqLtjszymiLjikJkmQiljmQgkrlskozMyhioJwuhmgmkpugLOPgvsJmNrKhhmrppsJrsurxIgmimyLJwhiLrhilMhwojhuwMhhiLylRiygwhwQroxihjkopsysmrgl
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
ffb3c1bad861bc30eb0b21ec39523a4cab7bfe824dda970167e96ff299657147

Request headers

:method
GET
:authority
www.choose-to-win.com
:scheme
https
:path
/sc/nlWgzmwyKKggjhjorKNOshxmotngskMIhLhwsKKXtrlmpyuqKLJsPwmmsLxmKKuhLrmsMxGkuxvKGMgmughMiHQhnoxGlGxhgqxijKiRkgwthiKgmikuHnQtghgopPnotgxgGQoiRKkPimwJOqkHRqGOhyuqLtjszymiLjikJkmQiljmQgkrlskozMyhioJwuhmgmkpugLOPgvsJmNrKhhmrppsJrsurxIgmimyLJwhiLrhilMhwojhuwMhhiLylRiygwhwQroxihjkopsysmrgl
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.choose-to-win.com/cgi-bin/wingame.pl?partner_pk=524&wingame_pk=61&freetest_pk=211&sub_id=9095-69141&sub_id_postback=102a90d58a0cdf5e295f770ffdc885

Response headers

server
nginx
date
Mon, 10 May 2021 09:43:23 GMT
content-type
text/html;charset=ISO-8859-1
x-map-context
uk
x-served-by
c-03
content-encoding
gzip
xWglzmwyKKggjhhorKHnQtghgohzmQoxhwgmiioqoxgkqkkIoIkKvIrztHOgwzlGGIrHInlKNgjhjRoMRKkPimwJwwjjyKkLvkQroxihjkopsxOmrXvgilyIikpkjgwgr
www.choose-to-win.com/sc/ Frame 9486 		79 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.choose-to-win.com/sc/xWglzmwyKKggjhhorKHnQtghgohzmQoxhwgmiioqoxgkqkkIoIkKvIrztHOgwzlGGIrHInlKNgjhjRoMRKkPimwJwwjjyKkLvkQroxihjkopsxOmrXvgilyIikpkjgwgr
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/sc/klWnzvgilyIgikpGjgwnoqJKkPimwIykkhqkoPLzqmwxMlRiwKgLKggiRkgwthiKgmihyvlGoxgxykkIqMjlwlRwpMkthvKGpnhiryjvhjxXrmRjgspyjpKjhmHwuosjmmkLzqLpyszyImtNnshxzmspImjwuqLwJotgwxsLiRxpGogLqGOhyuqLtjszymiLjhsLGkImggKoyiQtpgxkrKngzgjiGRLGgkhjjsNLikmggKoxirwmvnojNlLIMQgopyMqrlMNjyOtwhwxKq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
f925565d71d0205f39767c109555e35cdbfa3a3bece71e737027114758c9d3ab

Request headers

:path
/sc/xWglzmwyKKggjhhorKHnQtghgohzmQoxhwgmiioqoxgkqkkIoIkKvIrztHOgwzlGGIrHInlKNgjhjRoMRKkPimwJwwjjyKkLvkQroxihjkopsxOmrXvgilyIikpkjgwgr
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.choose-to-win.com
referer
https://www.choose-to-win.com/sc/klWnzvgilyIgikpGjgwnoqJKkPimwIykkhqkoPLzqmwxMlRiwKgLKggiRkgwthiKgmihyvlGoxgxykkIqMjlwlRwpMkthvKGpnhiryjvhjxXrmRjgspyjpKjhmHwuosjmmkLzqLpyszyImtNnshxzmspImjwuqLwJotgwxsLiRxpGogLqGOhyuqLtjszymiLjhsLGkImggKoyiQtpgxkrKngzgjiGRLGgkhjjsNLikmggKoxirwmvnojNlLIMQgopyMqrlMNjyOtwhwxKq
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.choose-to-win.com/sc/klWnzvgilyIgikpGjgwnoqJKkPimwIykkhqkoPLzqmwxMlRiwKgLKggiRkgwthiKgmihyvlGoxgxykkIqMjlwlRwpMkthvKGpnhiryjvhjxXrmRjgspyjpKjhmHwuosjmmkLzqLpyszyImtNnshxzmspImjwuqLwJotgwxsLiRxpGogLqGOhyuqLtjszymiLjhsLGkImggKoyiQtpgxkrKngzgjiGRLGgkhjjsNLikmggKoxirwmvnojNlLIMQgopyMqrlMNjyOtwhwxKq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 09:43:23 GMT
content-type
image/gif
server
nginx
x-map-context
uk
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-length
79
x-served-by
c-01
rqzRWgmwgwkgrMzGXowqvkIsMirjggskthviiykohixhlylxmhPyONtvgkkLtllyPtxLumKgKoHMmJQhnoxGlOkgKOIhmqMlzvgilyIikrGjgwhOIxikimowyLgKsIL
www.choose-to-win.com/sc/ Frame 7EF9 		79 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.choose-to-win.com/sc/rqzRWgmwgwkgrMzGXowqvkIsMirjggskthviiykohixhlylxmhPyONtvgkkLtllyPtxLumKgKoHMmJQhnoxGlOkgKOIhmqMlzvgilyIikrGjgwhOIxikimowyLgKsIL
Requested by
Host: www.choose-to-win.com
URL: https://www.choose-to-win.com/sc/nlWgzmwyKKggjhjorKNOshxmotngskMIhLhwsKKXtrlmpyuqKLJsPwmmsLxmKKuhLrmsMxGkuxvKGMgmughMiHQhnoxGlGxhgqxijKiRkgwthiKgmikuHnQtghgopPnotgxgGQoiRKkPimwJOqkHRqGOhyuqLtjszymiLjikJkmQiljmQgkrlskozMyhioJwuhmgmkpugLOPgvsJmNrKhhmrppsJrsurxIgmimyLJwhiLrhilMhwojhuwMhhiLylRiygwhwQroxihjkopsysmrgl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.3.185.94 , Germany, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
f925565d71d0205f39767c109555e35cdbfa3a3bece71e737027114758c9d3ab

Request headers

:path
/sc/rqzRWgmwgwkgrMzGXowqvkIsMirjggskthviiykohixhlylxmhPyONtvgkkLtllyPtxLumKgKoHMmJQhnoxGlOkgKOIhmqMlzvgilyIikrGjgwhOIxikimowyLgKsIL
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.choose-to-win.com
referer
https://www.choose-to-win.com/sc/nlWgzmwyKKggjhjorKNOshxmotngskMIhLhwsKKXtrlmpyuqKLJsPwmmsLxmKKuhLrmsMxGkuxvKGMgmughMiHQhnoxGlGxhgqxijKiRkgwthiKgmikuHnQtghgopPnotgxgGQoiRKkPimwJOqkHRqGOhyuqLtjszymiLjikJkmQiljmQgkrlskozMyhioJwuhmgmkpugLOPgvsJmNrKhhmrppsJrsurxIgmimyLJwhiLrhilMhwojhuwMhhiLylRiygwhwQroxihjkopsysmrgl
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.choose-to-win.com/sc/nlWgzmwyKKggjhjorKNOshxmotngskMIhLhwsKKXtrlmpyuqKLJsPwmmsLxmKKuhLrmsMxGkuxvKGMgmughMiHQhnoxGlGxhgqxijKiRkgwthiKgmikuHnQtghgopPnotgxgGQoiRKkPimwJOqkHRqGOhyuqLtjszymiLjikJkmQiljmQgkrlskozMyhioJwuhmgmkpugLOPgvsJmNrKhhmrppsJrsurxIgmimyLJwhiLrhilMhwojhuwMhhiLylRiygwhwQroxihjkopsysmrgl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 May 2021 09:43:23 GMT
content-type
image/gif
server
nginx
x-map-context
uk
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-length
79
x-served-by
c-02

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| rS string| rI string| pI function| IFrame function| Elements function| Cookie object| MooTools function| typeOf function| instanceOf function| Type object| Browser function| $constructor function| $family function| Class function| Chain function| Events function| Options object| Slick number| uniqueNumber function| $ function| getDocument function| getWindow function| $$ function| addListener function| removeListener function| retrieve function| store function| eliminate function| DOMEvent function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| getSize function| getScroll function| getScrollSize function| getPosition function| getCoordinates function| getHeight function| getWidth function| getScrollTop function| getScrollLeft function| getScrollHeight function| getScrollWidth function| getTop function| getLeft function| Fx string| user_device_type object| Maxlength_on_number_fields function| get_parameter function| popunder_on_submit boolean| popmaster function| localStorage_is_supported function| openWindow function| enableFields function| log_misc function| get_enc_type function| isIE object| scroll_into_view function| field_jumper function| backwards_button undefined| trackEvent function| goToNextPageByGoButton function| appendScript function| checkPerformanceEntries object| ab object| log function| set_optout boolean| page_submitted undefined| field_validator string| current_page undefined| mooli undefined| scroll_position_x function| do_countdown function| bigger_checkbox function| iframe_selector function| open_iframe function| open_layer function| clean_links object| virtual_pages function| initialize_quiz function| add_pop_iframe_closer_events function| show_next_page function| show_previous_page function| show_page_by_index function| fireClick object| POPUNDER string| sponsor_switch string| sponsor_switch_wingame string| sponsorlimit string| context object| CP object| CleverPush function| cleverPushInitCallback undefined| dccBts function| setImmediate function| clearImmediate number| __cleverPushSdkLoadCount number| c2 number| c1

0 Cookies

1 Console Messages

Source Level URL
Text
console-api error URL: https://static.cleverpush.com/channel/loader/4HaP9FzAbSyxxcfsf.js(Line 2)
Message:
TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ca.semtatr.com
fonts.googleapis.com
fonts.gstatic.com
gdmconvtrck.com
gdmtrck.com
gfstrck.com
static.cleverpush.com
trck.easytrck123.com
www.choose-to-win.com
185.3.185.94
2606:4700:20::681a:f1f
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a05:d018:483:6110:4be6:fd5f:a447:83e0
2a05:d018:483:6120:97d8:afe1:e21b:e9ef
52.213.100.209
93.113.36.194
142db468773dd1ddb32c51c128993f57213e023b2407ddcf71bf8b7147b56d1d
189b87de6dd5eba8882b3311ac40e090e14783799a4c04fca7e544b69ebf7b2a
1fc039c2300388350621456e0164b8e42bb0018b43ad1631462529cf91cd9826
2915756289e00f26ea66d2cfbdddb890bf2eaed1823e2d4b5855f49eea567064
420d0ab5956bd3dfd7493dcdd99716a9f0332141fc01cf6d84066f08d10901b1
546c9cf28ee399e9811641e9a676a11fa382881a3cc3c5c4dadab2ec9b847c59
77d94cf6017f427c288d6ef1041ff2b0a19d01dd774bdf2da46c7828617e7140
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8e354f88a55e143fe559c00455a11d25b39ee27afcdeb6ea6981e2a0731d61f2
9067348690c298b40379f05020c6b1b60c35561318ffed18d0a560450ebb6b2a
91272cc27254d43d206ce899e2b5aac60bdd04e5460a5d7677b130e0d016ea6c
a211fa8cfb82dcb3b146a1b52b658cb54aab0e8643753a2ee4e91bbab7cea84d
aae9e708f3e08e24d14030f3902a198f4c466b9202c48c0dc5d31df097fc285c
ac25c665f6c2b9d7b7a5d6d65daf8f11f3d9548de95af69ad1e4f737043f4fe1
b660eb9b6e0d543df513566804f4812e40e4ac135a114cfeec54b6a3ee8b5745
be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36
ccae8983b42be63515d7461ace3f5dca165c4df83531650eaf713869644c741a
ccec0d676d2e8c10a1c678d4e363a460b48194faf0d49b430946ea253d786086
d6625aafc5018f0230c6c78dc48379d86ae4ea03dbe7674ace540bf27dd87976
d69bc33ef00b49876d2aea0ee404da63ca835ebc3db537e775b3c6fe7f44ffd9
e41eab570cc8a5a6f7a4d824b3bc2ffdfc10900ffef68b1aeb85fa0101fb65ac
e670308468281a3af1b6899bb7df8b2632156e796d5f6a415dfa1aa136c5f8e4
f925565d71d0205f39767c109555e35cdbfa3a3bece71e737027114758c9d3ab
ffb3c1bad861bc30eb0b21ec39523a4cab7bfe824dda970167e96ff299657147