urlscan.io logo urlscan.io
SecurityTrails logo

win79club.site Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://win79club.site/
Effective URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Submission: On June 15 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 3 countries across 25 domains to perform 40 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is win79club.site.
TLS certificate: Issued by GTS CA 1P5 on May 23rd 2024. Valid for: 3 months.
This is the only time win79club.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 14 188.114.97.3 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2600:9000:231... 16509 (AMAZON-02)
2 2a04:4e42:8e::84 54113 (FASTLY)
1 18.154.63.122 16509 (AMAZON-02)
1 74.204.78.26 26554 (US-SIGNAL)
1 95.101.111.151 20940 (AKAMAI-ASN1)
1 151.101.2.62 54113 (FASTLY)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:ec80:300... 14907 (WIKIMEDIA)
1 108.157.4.116 16509 (AMAZON-02)
1 23.215.23.75 16625 (AKAMAI-AS)
1 199.232.37.91 54113 (FASTLY)
1 35.244.163.220 396982 (GOOGLE-CL...)
1 2a04:4e42:400... 54113 (FASTLY)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 18.66.112.53 16509 (AMAZON-02)
1 3.164.206.8 16509 (AMAZON-02)
1 209.59.151.10 32244 (LIQUIDWEB)
1 192.232.219.84 46606 (UNIFIEDLA...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
40 24
14    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
win79club.site
1    2a02:26f0:3500:12::1730:17aa (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
m.media-amazon.com
1    2600:9000:2315:de00:6:b56f:f3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
image.pbs.org
2    2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)
i.pinimg.com
1    18.154.63.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-122.dus51.r.cloudfront.net
www.trulia.com
1    74.204.78.26 (Grand Rapids, United States)

ASN26554 (US-SIGNAL, US)
PTR: press.cfcu.org
www.genfed.com
1    95.101.111.151 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-151.deploy.static.akamaitechnologies.com
www.oneplus.com
1    151.101.2.62 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.elpasotimes.com
1    2a02:26f0:3500:589::9b6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s7d1.scene7.com
1    2a00:1450:4001:80b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play-lh.googleusercontent.com
1    2a02:ec80:300:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)
upload.wikimedia.org
1    108.157.4.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-116.dus51.r.cloudfront.net
c8.alamy.com
1    23.215.23.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-23-75.deploy.static.akamaitechnologies.com
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com
1    199.232.37.91 (New York, United States)

ASN54113 (FASTLY, US)
img.mlbstatic.com
1    35.244.163.220 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 220.163.244.35.bc.googleusercontent.com
images.booksense.com
1    2a04:4e42:400::604 (United States)

ASN54113 (FASTLY, US)
resource.rentcafe.com
1    2606:4700:4400::ac40:9736 (United States)

ASN13335 (CLOUDFLARENET, US)
i.discogs.com
2    18.66.112.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-53.fra56.r.cloudfront.net
i1.sndcdn.com
1    3.164.206.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-206-8.hel51.r.cloudfront.net
www.aplaceformom.com
1    209.59.151.10 (United States)

ASN32244 (LIQUIDWEB, US)
www.americansouthwest.net
1    192.232.219.84 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-232-219-84.unifiedlayer.com
www.cattipper.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
14 win79club.site
win79club.site
233 KB
3 gstatic.com
fonts.gstatic.com
43 KB
2 sndcdn.com
i1.sndcdn.com — Cisco Umbrella Rank: 14887
223 KB
2 pinimg.com
i.pinimg.com — Cisco Umbrella Rank: 2454
180 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
1 KB
1 cattipper.com
www.cattipper.com
22 KB
1 americansouthwest.net
www.americansouthwest.net
108 KB
1 aplaceformom.com
www.aplaceformom.com — Cisco Umbrella Rank: 228402
1 MB
1 discogs.com
i.discogs.com — Cisco Umbrella Rank: 72504
9 KB
1 rentcafe.com
resource.rentcafe.com — Cisco Umbrella Rank: 50844
37 KB
1 booksense.com
images.booksense.com — Cisco Umbrella Rank: 179922
129 KB
1 mlbstatic.com
img.mlbstatic.com — Cisco Umbrella Rank: 17378
607 KB
1 rackcdn.com
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com — Cisco Umbrella Rank: 205638
147 KB
1 alamy.com
c8.alamy.com — Cisco Umbrella Rank: 29183
172 KB
1 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 3746
55 KB
1 googleusercontent.com
play-lh.googleusercontent.com — Cisco Umbrella Rank: 526
49 KB
1 scene7.com
s7d1.scene7.com — Cisco Umbrella Rank: 15145
42 KB
1 elpasotimes.com
www.elpasotimes.com — Cisco Umbrella Rank: 406817
161 KB
1 oneplus.com
www.oneplus.com — Cisco Umbrella Rank: 305238
41 KB
1 genfed.com
www.genfed.com
16 KB
1 trulia.com
www.trulia.com — Cisco Umbrella Rank: 26049
100 KB
1 pbs.org
image.pbs.org — Cisco Umbrella Rank: 32026
16 KB
1 media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 436
154 KB
0 onews.media Failed
ontu.onews.media Failed
0 dart.org Failed
dartdaily.dart.org Failed
40 25
Domain Requested by
14 win79club.site 2 redirects win79club.site
3 fonts.gstatic.com fonts.googleapis.com
2 i1.sndcdn.com win79club.site
2 i.pinimg.com win79club.site
1 fonts.googleapis.com win79club.site
1 www.cattipper.com win79club.site
1 www.americansouthwest.net win79club.site
1 www.aplaceformom.com win79club.site
1 i.discogs.com win79club.site
1 resource.rentcafe.com win79club.site
1 images.booksense.com win79club.site
1 img.mlbstatic.com win79club.site
1 9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com win79club.site
1 c8.alamy.com win79club.site
1 upload.wikimedia.org win79club.site
1 play-lh.googleusercontent.com win79club.site
1 s7d1.scene7.com win79club.site
1 www.elpasotimes.com win79club.site
1 www.oneplus.com win79club.site
1 www.genfed.com win79club.site
1 www.trulia.com win79club.site
1 image.pbs.org win79club.site
1 m.media-amazon.com win79club.site
0 ontu.onews.media Failed win79club.site
0 dartdaily.dart.org Failed win79club.site
40 25
Subject Issuer Validity Valid
win79club.site
GTS CA 1P5		 2024-05-23 -
2024-08-21		 3 months crt.sh
m.media-amazon.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-29 -
2024-08-28		 a year crt.sh
image.pbs.org
Amazon RSA 2048 M02		 2023-09-18 -
2024-10-16		 a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-31 -
2024-08-07		 a year crt.sh
trulia.com
Amazon RSA 2048 M02		 2024-04-03 -
2025-05-02		 a year crt.sh
www.genfed.com
RapidSSL TLS RSA CA G1		 2023-10-03 -
2024-10-02		 a year crt.sh
www.oppo.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-25 -
2024-07-25		 a year crt.sh
elpasotimes.com
R3		 2024-05-13 -
2024-08-11		 3 months crt.sh
*.scene7.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-11 -
2024-11-13		 a year crt.sh
edgestatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.wikipedia.org
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-10-18 -
2024-10-16		 a year crt.sh
*.alamy.it
Amazon RSA 2048 M02		 2023-11-21 -
2024-12-20		 a year crt.sh
*.ssl.cf2.rackcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-24 -
2024-11-27		 a year crt.sh
img.mlbstatic.com
R3		 2024-05-07 -
2024-08-05		 3 months crt.sh
images.booksense.com
GTS CA 1D4		 2024-05-14 -
2024-08-12		 3 months crt.sh
resource.rentcafe.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2024-01-09 -
2025-02-09		 a year crt.sh
discogs.com
E1		 2024-05-16 -
2024-08-14		 3 months crt.sh
*.sndcdn.com
GlobalSign GCC R3 DV TLS CA 2020		 2024-02-08 -
2025-03-11		 a year crt.sh
www.aplaceformom.com
Amazon RSA 2048 M03		 2024-05-15 -
2025-06-13		 a year crt.sh
americansouthwest.net
R3		 2024-05-19 -
2024-08-17		 3 months crt.sh
www.birdtipper.cattipper.com
R3		 2024-05-11 -
2024-08-09		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Frame ID: 4352037EC3401EFF536DC338310BC7DD
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SBA willingly quit each HUBZone states protestation such remains pre-emptive, unpunctual, indefinite, trial, instead don filled in to interesting political

Page URL History Show full URLs

  1. https://win79club.site/ HTTP 301
    https://win79club.site/biodiversity-venezuela-sue-designed-traveling-cricket-trying-ease-vocabulary... HTTP 301
    https://win79club.site/photoshop/gregory-fly-ringtones-restructuring Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

95 %
HTTPS

43 %
IPv6

25
Domains

25
Subdomains

24
IPs

3
Countries

3895 kB
Transfer

4077 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://win79club.site/ HTTP 301
    https://win79club.site/biodiversity-venezuela-sue-designed-traveling-cricket-trying-ease-vocabulary-signatures HTTP 301
    https://win79club.site/photoshop/gregory-fly-ringtones-restructuring Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request gregory-fly-ringtones-restructuring
win79club.site/photoshop/
Redirect Chain
  • https://win79club.site/
  • https://win79club.site/biodiversity-venezuela-sue-designed-traveling-cricket-trying-ease-vocabulary-signatures
  • https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
30 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86ea50a9efb2bb2b076ef53a976b7b3689eaa7c3a8afe90f3db0199bd601c782

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8941a1f1b99c9171-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 15 Jun 2024 09:46:22 GMT
last-modified
Sat, 15 Jun 2024 08:26:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uYT3SN7STJHaNIZ9h0ncvY6Ws2sM8Apy5L6PENGmxr20w4ZS4%2FFnSKhV%2BUyODLIw5e7YekWnC2zoqQAUX2rOIGcsyBpGYg%2B6aWUJ8ZzL1L7ooazHgNDHvjZDsSZp1Uoq7A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8941a1f128ff9171-FRA
content-type
text/html; charset=UTF-8
date
Sat, 15 Jun 2024 09:46:22 GMT
location
/photoshop/gregory-fly-ringtones-restructuring
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cz8a3UvjQeHXq3obbhlh0bQnc5iVjXB5U5yohfuqBk8MtEWfTuX64uMRzgWIVO4rNxbK6UH1PxjkVKq1rEd81WvoddEzllAOnqgdTaaVOw2YN4Ic5QZpyuwUA9RNYoe1lg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
main.css
win79club.site/assets/css/ 		58 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win79club.site/assets/css/main.css
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e258999c36c723c22d7790d72a34dd0282588334c6f6a7b87abd1630acdf2ba

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:22 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 17:25:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e646-61a8c6ec3ef09-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=55mPtxqn3SoZL9FWdryO%2FpRENbOsY5dwWfiQSg9byKlkfrsLROXI74H6tR84DGn17Q1fKY7kko07TO8kFKUslc%2Bt%2B4IVL17xUByK5Al6Ni3gnQ41D0PKIkyHYbKiWxCXHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8941a1f2aac59171-FRA
alt-svc
h3=":443"; ma=86400
content-length
8660
71KB1-mnQFL.jpg
m.media-amazon.com/images/I/ 		153 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/71KB1-mnQFL.jpg
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17aa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Server /
Resource Hash
10440e40a314ee12c5a2841c828eda4ac84143db5c103ef829b1c50a2768fd5c
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:22 GMT
strict-transport-security
max-age=86400
akamai-cache-status
Miss from child, Miss from parent
akamai-grn
0.aa163017.1718444782.154fb539
x-cache
Miss from akamai
x-nginx-cache-status
MISS
server-timing
provider;desc="ak"
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
156859
surrogate-key
x-cache-399 /images/I/71KB1-mnQFL
last-modified
Thu, 04 May 2023 18:46:51 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
peer-cache
Hit
cache-control
public, max-age=630720000
x-amz-ir-id
edfa2ae7-819e-4120-b7da-72b79fe48783
accept-ranges
bytes
timing-allow-origin
https://win79club.site/
expires
Fri, 10 Jun 2044 09:46:22 GMT
3cc5c4bdd6_kansascitypbs_primary_blue.png
image.pbs.org/bento3-prod/kcpt/2020-kcpt-brand/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.pbs.org/bento3-prod/kcpt/2020-kcpt-brand/3cc5c4bdd6_kansascitypbs_primary_blue.png
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:de00:6:b56f:f3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a6c9c12028042e784d9c98daa726c516898836dcfe836226008bddeef315dd66

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 10:55:39 GMT
via
1.1 d45a8c6f9f33ed6e98c7762d0a4f951a.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
age
600643
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
content-length
16111
x-amz-cf-id
V55DTEgi6KsqfwwqRzX_hINMVAuS6oBQnd4FP5SsHmrXkRXhS_Lp1A==
dc9358888f7ad6fb02a3caa7e2e84378.png
i.pinimg.com/originals/dc/93/58/ 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/originals/dc/93/58/dc9358888f7ad6fb02a3caa7e2e84378.png
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8be13da535dc4494b9fbd69362cceadb00e4a1a7acea7b04d92dfcea47131012

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:22 GMT
x-cdn
fastly
etag
"8fa6a70fb6645bc37a83c3e39637042d"
vary
Origin
content-type
image/png
cache-control
max-age=31536000, immutable
accept-ranges
bytes
alt-svc
h3=":443";ma=600
content-length
165569
96924f2189a5bf764740c4ad546c83a5-f_b.jpg
www.trulia.com/pictures/thumbs_5/zillowstatic/fp/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.trulia.com/pictures/thumbs_5/zillowstatic/fp/96924f2189a5bf764740c4ad546c83a5-f_b.jpg
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-122.dus51.r.cloudfront.net
Software
gunicorn /
Resource Hash
78484b98c3f2cf19e4cfda752cdf941061f64aa2f834182573590b1afea497bb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:22 GMT
via
1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront), 1.1 4916e178488f684789738aa0c104421a.cloudfront.net (CloudFront)
server
gunicorn
x-amz-cf-pop
FRA56-P2, DUS51-P4
access-control-max-age
3600
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=1814400
access-control-allow-headers
x-requested-with
content-length
101457
x-amz-cf-id
IphH7yJFM59B0a0vBN2bALGH55j2vsvI2JT2RdzyZt5rU4CbRrlXdA==
GenFed-hz-01@2x.png
www.genfed.com/templates/genfed_2020/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.genfed.com/templates/genfed_2020/images/GenFed-hz-01@2x.png
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.204.78.26 Grand Rapids, United States, ASN26554 (US-SIGNAL, US),
Reverse DNS
press.cfcu.org
Software
CUSG_Web /
Resource Hash
d9383706987bd94457f67705fdb465bae4a2b1583ee407773a0cb63d09ce2a3b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:23 GMT
last-modified
Fri, 26 Jun 2020 19:02:11 GMT
server
CUSG_Web
accept-ranges
bytes
etag
"406d-5a90158a8fc11"
content-length
16493
content-type
image/png
c12e2fe60d545d2f86008eacb71e762b.jpg
i.pinimg.com/236x/c1/2e/2f/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/236x/c1/2e/2f/c12e2fe60d545d2f86008eacb71e762b.jpg
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
97108d45443148858ae5fe55490aa78722d4dcef8300535d9cc38e32b6c91423

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:22 GMT
x-cdn
fastly
etag
"9514e543c36c0b5504312c042ed14cdc"
vary
Origin
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443";ma=600
content-length
18628
expires
Fri, 25 Dec 2037 23:59:59 GMT
images-efficiency-img2-mo-1.jpeg.webp
www.oneplus.com/content/dam/oasis/product-asset-library/salami/aries/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.oneplus.com/content/dam/oasis/product-asset-library/salami/aries/images-efficiency-img2-mo-1.jpeg.webp
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-151.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3e6eb4abb196d96a99939ad3dd994349e53fb33a56775bfa058cecc35f64fcb4
Security Headers
Name Value
Strict-Transport-Security max-age=300;
X-Frame-Options ALLOW-FROM https://account.oneplus.com

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=300;
date
Sat, 15 Jun 2024 09:46:22 GMT
last-modified
Tue, 07 Mar 2023 14:48:12 GMT
server
nginx
x-backend-host
0563:8090
etag
"a37c-5f650803d325e"
x-frame-options
ALLOW-FROM https://account.oneplus.com
content-type
image/webp
cache-control
max-age=2592000, public
x-gateway-host
ac71ddc6820daf1045fb00e51844c79d5eb4523ceae6af616a99b7b71728704f5e00505b4736f8a02452189921fb2eaf
x-ip-source
2003863e2ff8e39f2691361927843bcd
accept-ranges
bytes
content-length
41852
e48607f0-801e-4d9b-98ea-e3ccf06f1f8c-UMC-Childrens-4.jpg
www.elpasotimes.com/gcdn/presto/2022/06/17/PTX1/ 		160 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.elpasotimes.com/gcdn/presto/2022/06/17/PTX1/e48607f0-801e-4d9b-98ea-e3ccf06f1f8c-UMC-Childrens-4.jpg?width=1200&disable=upscale&format=pjpg&auto=webp
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e7bd55327355f345fb1d14a14ac80684d004f65661a892c183f5d5f0de0e672c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:23 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000;includeSubDomains;preload
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
fastly-io-served-by
vpop-kiad7010230
age
307135
x-cache
MISS, MISS, MISS, MISS
fastly-stats
io=1
content-length
164328
etag
"3bqLpbnUcK3/tO/eI1BsU2ngizL9gma9duEYoydAAN4"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-checksum-crc32c
fokXFQ==
accept-ranges
bytes
timing-allow-origin
*
blue-view3-B140DL-black-intro
s7d1.scene7.com/is/image/tracfone/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s7d1.scene7.com/is/image/tracfone/blue-view3-B140DL-black-intro?scl=1&fmt=webp-alpha&qlt=80,0&resMode=sharp2&op_usm=1.75,0.3,2,0
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:589::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
7a48f53b79aca26c976374e0050f306c6e9dab6033fec3ec1fc43f1f14975fe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 15 Jun 2024 09:46:22 GMT
last-modified
Wed, 27 Oct 2021 13:18:34 GMT
server
Unknown
akamai-grn
0.92a02417.1718444782.b75fee9d
x-adobe-modifierlist
QlpoOTFBWSZTWcxjsK4AAAADgAAKjwb+BCAAMUNNMABTQZMmymiNA6HqCoQy7XNBfVvOPi7kinChIZjHYVw=
etag
"7ed624217d727b0265049bd6706a11c6"
x-adobe-assetlist
QlpoOTFBWSZTWWnWXUoAAAYfgAAC7AAUBAAKOy2XgCAAIiTRptMiaYMmhQAABkyPBtUBkxCR00mva2DaqjReoHA9sDF8ScF3JFOFCQadZdSg
access-control-allow-origin
*
content-type
image/webp
x-akamai-cache
RefreshHit
content-length
42334
expires
Sat, 15 Jun 2024 19:46:22 GMT
XpqSvpByzV06ZPlLYglvQP7BTRiGxYc7fGWYtepzDsNLkh82Fu3QS1jDnTDNE2rnJkA
play-lh.googleusercontent.com/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play-lh.googleusercontent.com/XpqSvpByzV06ZPlLYglvQP7BTRiGxYc7fGWYtepzDsNLkh82Fu3QS1jDnTDNE2rnJkA
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
626034bd4f2a3bf1d66a55204659c0413c2496c376e6bf552c85dd048cdd43a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:22 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49936
x-xss-protection
0
expires
Sun, 16 Jun 2024 09:46:22 GMT
christmas-bus-at-westmoreland-station.jpg
dartdaily.dart.org/images/librariesprovider3/dart-daily-article-images/ 		0
0
Escorts_Kubota_Limited.jpg
upload.wikimedia.org/wikipedia/commons/7/7f/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/7/7f/Escorts_Kubota_Limited.jpg
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
envoy /
Resource Hash
addfbde7d0eac166f2646b3a09080b11592c3cdecd850972c601a99677073748
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:22 GMT
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-content-type-options
nosniff
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age
2
x-cache-status
miss
x-cache
cp3077 miss, cp3077 miss
server-timing
cache;desc="miss", host;desc="cp3077"
content-length
55129
x-client-ip
2001:1af8:4020:a034:9876::5
x-object-meta-sha1base36
m1yksqv5frx0jyozeml0dgcfd3i6nwk
last-modified
Tue, 23 Aug 2022 12:03:01 GMT
server
envoy
etag
253cbfcfe5f4abbf427ddd22a15130ed
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges
bytes
timing-allow-origin
*
the-swatch-store-on-times-square-manhattan-new-york-EDBP5D.jpg
c8.alamy.com/comp/EDBP5D/ 		171 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c8.alamy.com/comp/EDBP5D/the-swatch-store-on-times-square-manhattan-new-york-EDBP5D.jpg
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-116.dus51.r.cloudfront.net
Software
/
Resource Hash
78d99d246495262c493235571a3f950337b85a790f36dc1e59cf1ef25d96d002

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:23 GMT
via
1.1 d45a8c6f9f33ed6e98c7762d0a4f951a.cloudfront.net (CloudFront)
last-modified
Tue Oct 19 2021 00:00:00 GMT+0000 (Coordinated Universal Time)
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-id
i3ZaEvr1tXugvNmgCISsKPpCI-4U27RNtp7zYpM9EgkyjQihhL90rg==
roommates3-2-1689963227.jpg
9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/1140x_a10-7_cTC/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com/1140x_a10-7_cTC/roommates3-2-1689963227.jpg
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.215.23.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-23-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c5585ac364d36da3069e6bceba3fe18b67cdbb85e4db0ca478a400e7f79f0a56

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 15 Jun 2024 09:46:23 GMT
Last-Modified
Fri, 21 Jul 2023 18:13:56 GMT
ETag
ef1a074ae5fa9ab86017398faee8900a
Content-Type
image/jpeg
X-Timestamp
1689963235.09159
Cache-Control
public, max-age=259194
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
150591
X-Trans-Id
tx376724520607406a97d9d-00666d62eford1
Expires
Tue, 18 Jun 2024 09:46:17 GMT
p8ekzlnyzag36lpgb06r.jpg
img.mlbstatic.com/mlb-images/image/private/t_16x9/t_w2208/mlb/ 		606 KB
607 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mlbstatic.com/mlb-images/image/private/t_16x9/t_w2208/mlb/p8ekzlnyzag36lpgb06r.jpg
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.37.91 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
24f676a217c52e8208b6c89f79d53017b39cdcda503d6bcf22fb9f02647605f2
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=604800
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sat, 15 Jun 2024 09:46:23 GMT
age
1063428
x-cache
HIT, MISS
server-timing
cld-fastly;mitm=f;dur=135;cpu=1;start=2024-06-03T02:22:34.837Z;desc=miss,rtt;dur=0,content-info;desc="width=2208,height=1242,owidth=2568,oheight=1445,obytes=1406099",cloudinary;dur=104;start=2024-06-03T02:22:34.853Z
content-length
620622
x-served-by
cache-chi-kigq8000151-CHI, cache-lga21955-LGA
last-modified
Fri, 11 Nov 2022 23:21:16 GMT
server
Cloudinary
x-timer
S1718444783.305875,VS0,VE19
etag
"d9d95657fe65ef7c1fa74783a89b3c20"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
x-tag,Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, max-age=10800
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
13, 0
9780998770369.jpg
images.booksense.com/images/369/770/ 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.booksense.com/images/369/770/9780998770369.jpg
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.163.220 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
220.163.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
448d0d819778e82daace4a77697b8c3b169f4eb61db2e673089ab8ed1987cd8e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:23 GMT
x-guploader-uploadid
ABPtcPppTvMj7tMnYawaffARO1INWjo__7ta-h4wY7IGJWDKsHAKkYrCgfFNJdkby2kpLc516O6Nr4dVSQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131606
last-modified
Mon, 27 Sep 2021 13:08:55 GMT
server
UploadServer
etag
"ba0d942c771af84e28239a02c5bca9f1"
x-goog-generation
1632748135413162
content-type
image/jpeg
x-goog-hash
crc32c=WJYQFw==, md5=ug2ULHca+E4oI5oCxbyp8Q==
cache-control
public,max-age=3600
x-goog-stored-content-length
131606
accept-ranges
bytes
mn_duluth_bluestonelofts_p1678109_01_5_thumbnail.jpg
resource.rentcafe.com/image/upload/q_auto,f_auto/s3/2/200076/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resource.rentcafe.com/image/upload/q_auto,f_auto/s3/2/200076/mn_duluth_bluestonelofts_p1678109_01_5_thumbnail.jpg
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::604 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
40502576267f5f298841530e3187c461cfeaeba7c785a40f22f79cc3c220d66c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:23 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 11 Dec 2023 00:18:52 GMT
server
Cloudinary
etag
"7f88596a78f06bc2b4a1bb99086afd37"
vary
Save-Data
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, max-age=31536000
server-timing
cld-fastly;mitm=p;dur=164;cpu=1;start=2024-06-15T09:46:23.419Z;desc=miss,rtt;dur=87,content-info;desc="width=500,height=350,bytes=37251,owidth=500,oheight=350,obytes=44028",cloudinary;dur=53;start=2024-06-15T09:46:23.477Z
accept-ranges
bytes
timing-allow-origin
*
content-length
37251
84828e0a5-1.jpg
ontu.onews.media/uploads/thumbs/ 		0
0
LTcxNzguanBlZw.jpeg
i.discogs.com/uIs7PGYNQjYXipqMY9uJ5evCiJk2Zei1Urjintfon3w/rs:fit/g:sm/q:40/h:300/w:300/czM6Ly9kaXNjb2dz/LWRhdGFiYXNlLWlt/YWdlcy9BLTg3NjYz/OC0xNTEwODUxMzk4/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.discogs.com/uIs7PGYNQjYXipqMY9uJ5evCiJk2Zei1Urjintfon3w/rs:fit/g:sm/q:40/h:300/w:300/czM6Ly9kaXNjb2dz/LWRhdGFiYXNlLWlt/YWdlcy9BLTg3NjYz/OC0xNTEwODUxMzk4/LTcxNzguanBlZw.jpeg
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9736 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fbed6dfef6553a4d646ed604ac71bdf4a5f4de79e4cddba397a4d4b4d4a8374
Security Headers
Name Value
Content-Security-Policy script-src 'none'
Strict-Transport-Security max-age=15552000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:23 GMT
content-security-policy
script-src 'none'
cf-cache-status
HIT
strict-transport-security
max-age=15552000
cf-polished
origSize=8825
content-disposition
inline; filename="A-876638-1510851398-7178.jpg"
alt-svc
h3=":443"; ma=86400
content-length
8431
x-request-id
a_y40jGcrwY1qfjoK4YnB
cf-bgj
imgq:100,h2pri
last-modified
Thu, 15 Feb 2024 22:19:55 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8941a1f85bbf1d9a-FRA
expires
Sun, 15 Jun 2025 09:46:23 GMT
artworks-vytTPUHWPSLzTIp4-FDN2zw-t500x500.jpg
i1.sndcdn.com/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.sndcdn.com/artworks-vytTPUHWPSLzTIp4-FDN2zw-t500x500.jpg
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-53.fra56.r.cloudfront.net
Software
/
Resource Hash
77a637288445b246f6dcab6946707847609b1e24c0bb6e78eb2c3377690e7a9a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public,max-age=3628800
access-control-allow-headers
Accept, Accept-Encoding, Authorization, Content-Type, Origin
x-amz-cf-id
YkfKTZmMA-cM-_0kQbM5QXodfMnBtIk179rMoUyzjMEmD7b5STYesw==
1014743
www.aplaceformom.com/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aplaceformom.com/images/1014743
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.206.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-206-8.hel51.r.cloudfront.net
Software
cloudflare / Express
Resource Hash
3e89bce1e2eeb2954bc9f7c12be74a2624b29300ea9d46e88d5f7021ebe70d93
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:23 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 fd441d5d42c4e243bf0b88902034e302.cloudfront.net (CloudFront), 1.1 b86c022dfd14ddc1f6f429b91187caaa.cloudfront.net (CloudFront)
x-amz-cf-pop
HIO52-P2, HEL51-P5
x-powered-by
Express
x-cache
Miss from cloudfront
server-timing
total;dur=121.169688
content-length
1380451
x-xss-protection
1; mode=block
x-response-time
121.169688ms
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 28 Sep 2021 19:10:01 GMT
server
cloudflare
etag
"3b64d7fe9c84e1d6bec07b5483fc0519"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=2592000
permissions-policy
geolocation=(self)
accept-ranges
bytes
cf-ray
8941a1f9fad4a3c5-SEA
timing-allow-origin
*
x-amz-cf-id
Gii69RI6Q9nsK4aFUB6ZJ8o9njehLxasP4g9azXSM4SkbZCLu1a0Fg==
yaki1.jpg
www.americansouthwest.net/arizona/photographs450/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.americansouthwest.net/arizona/photographs450/yaki1.jpg
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.59.151.10 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache/2.4.58 (AlmaLinux) /
Resource Hash
92ad5ce82630c0052262d2939a90cbedf6cce2caf889f2e368e112f496d6445a
Security Headers
Name Value
Content-Security-Policy frame-ancestors self https://beyondthedestination.com;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 15 Jun 2024 09:46:24 GMT
Content-Security-Policy
frame-ancestors self https://beyondthedestination.com;
Last-Modified
Mon, 26 Oct 2020 10:52:18 GMT
Server
Apache/2.4.58 (AlmaLinux)
ETag
"1ae0a-5b290b955dc80"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
110090
National-Black-Cat-Day-900x506.jpg.webp
www.cattipper.com/wp-content/uploads/2022/08/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cattipper.com/wp-content/uploads/2022/08/National-Black-Cat-Day-900x506.jpg.webp
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.232.219.84 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-232-219-84.unifiedlayer.com
Software
Apache /
Resource Hash
5b95fb771c9f872fd20dcc94030b98a69eb39737f346b7cca0fcab379291db0b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:25 GMT
last-modified
Mon, 08 Aug 2022 21:50:31 GMT
server
Apache
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
22352
expires
Sun, 15 Jun 2025 09:46:25 GMT
artworks-gtcoy9VeiyCIywhk-GNbQhg-t500x500.jpg
i1.sndcdn.com/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.sndcdn.com/artworks-gtcoy9VeiyCIywhk-GNbQhg-t500x500.jpg
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-53.fra56.r.cloudfront.net
Software
/
Resource Hash
f2fb40e3f9fa54ddac5d25a1db0ba83fee8b7a58a7221a59caaf70c0230f80fa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:23 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public,max-age=3628800
access-control-allow-headers
Accept, Accept-Encoding, Authorization, Content-Type, Origin
x-amz-cf-id
YubX-fuEizfmz-BLVkE2VpxSXJZw1Y8F31xn1-Ur12ospDoc0RCbDQ==
881bed.png
win79club.site/ 		68 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win79club.site/881bed.png
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:22 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 15 Jun 2024 09:46:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HVZGU0yZSffFvMkUH1V8rso4xLeweJvSqEQ75B97UoY%2BguLcrY5Q8P4XUMAuRlQvnSt0lm7lDYXNzQLlDYVLD%2FXNourMdPIf8bDEUk9Jku09cfVN6bsgTRP%2FJl59wkUSJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8941a1f2db0b9171-FRA
alt-svc
h3=":443"; ma=86400
content-length
79
jquery.min.js
win79club.site/assets/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win79club.site/assets/js/jquery.min.js
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:22 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 17:25:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"15d9d-61a8c6f3eec42-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XOCkTc1a%2FCltpjDDGX0g5UgqrwbN1U5X5yS1arewD7fuG5XSbdFPoLK2QdFA5majb4KGFF%2F2VsV%2FDRNIvvEA0MS6%2BAr8Nn6Aia69qJWxEvhdfIb1cKPyCsn3%2Fw2YQelINw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8941a1f2daf59171-FRA
alt-svc
h3=":443"; ma=86400
content-length
30902
browser.min.js
win79club.site/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win79club.site/assets/js/browser.min.js
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4217feebdd357e8a952e0ffbaa02791e5323482b8e3d80b3f714b84b1664103

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:22 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 17:25:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"803-61a8c6f6cb73a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9QbVezTMqaHTLS3k41XTU8OGmXU5Aeu%2BlDL0aOczw%2Bxe0WW2SdiVDzBjvs7X9%2F29RVYvUzsDxVK3yKpuYpCNBuF6ka8r3frP0TYcoClrzjDr6fNafxQnHmSAlsM10OmBbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8941a1f2dafc9171-FRA
alt-svc
h3=":443"; ma=86400
content-length
906
breakpoints.min.js
win79club.site/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win79club.site/assets/js/breakpoints.min.js
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
309febcd6d6e0cf092201532215f03a6a9f30b30f26203272a4861d704e7cd52

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:22 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 17:25:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"987-61a8c6fc3a1d3-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9D47Ec5T6imTK3S9C40ddI7520%2B853jxEy9Ym02eSDhVoRDLVzItjbBWCtaFxsrtTmrUtJVSPbGL9NogIPdN4K5G6rw1peXYk8RpFmrQ1j5MVwClRh8tC4saC6yeKy0J%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8941a1f2db019171-FRA
alt-svc
h3=":443"; ma=86400
content-length
829
util.js
win79club.site/assets/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win79club.site/assets/js/util.js
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:22 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 17:25:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3091-61a8c6f801464-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BVXXzKzJW3coJxH5UPTZ2WNIM5Avk31uLPAfQKyiWWvFJTK8ciP8nQCjeDvM5agOHqAPBFPhutyLEVJAHeUn7%2BC6vc60dByU4wX7SvOjGmzbyEG2SnM0mCKnP61R49dJ8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8941a1f2db069171-FRA
alt-svc
h3=":443"; ma=86400
content-length
3273
main.js
win79club.site/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win79club.site/assets/js/main.js
Requested by
Host: win79club.site
URL: https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c14fa5512a1d7f54d8572fc38ddc5ccf04bf2a16c7f2e14607bfa641f1698765

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:22 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 17:25:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"da1-61a8c6f663eef-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2FNsfhmCenNV%2FY8H7QrS3eUT2U0JEmYmmGymDRiWp3x4ws5whRyu84oqyiaGyvSQ9hkUXTMcQ1N78kJwqKgUZPUSFrYKNVdCa%2B9VdcWom7ZLDrZiw35q6Le4Dy%2Fpmfquaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8941a1f2db099171-FRA
alt-svc
h3=":443"; ma=86400
content-length
1195
fontawesome-all.min.css
win79club.site/assets/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win79club.site/assets/css/fontawesome-all.min.css
Requested by
Host: win79club.site
URL: https://win79club.site/assets/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24926431fdf5baff0c1929f104152a0726dedf19181876f04cfbc78c98ee318f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/assets/css/main.css
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:22 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 17:25:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e809-61a8c6ee1df4e-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mzSom4BjpsF8A2LeOO3EWTPJLLK9AlGiImquunApyPIWK8Hks4mjiBnZ8o85QX8AmeQgpTjaXX40V%2B66MJM2Vgbk3cznK0Q5%2BAw5%2BvOaYhEroAF0YQ%2Bfm%2FzMbjMcQf4eCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8941a1f39bd19171-FRA
alt-svc
h3=":443"; ma=86400
content-length
12863
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,700,900
Requested by
Host: win79club.site
URL: https://win79club.site/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
673681301ddcbd1be6a50e9da28ebdd266168be53aab868bb5bb2053ecd7fd76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 15 Jun 2024 09:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 15 Jun 2024 09:46:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 Jun 2024 09:46:22 GMT
truncated
/ 		299 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a914f563728290c4146b2b335fa12cfaad7039c6c74237bcb0e5089c2ad952bb

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		299 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba6f8d44c83135afec89fe41dbdaa5d3602ddcaad920bcf6d9785c627c36a306

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		262 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
61824420a34a014b68bbb5384decbefc43473df8241a0729418743f2158c564b

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aee584e3d58344a41b190bb7b6e550f98ad3bb8e28fbc7ea6ddca22f0ef97183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://win79club.site
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 00:53:22 GMT
x-content-type-options
nosniff
age
204781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14188
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:53:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 00:53:22 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://win79club.site
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 07:59:14 GMT
x-content-type-options
nosniff
age
179229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14780
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 07:59:14 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://win79club.site
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:34:15 GMT
x-content-type-options
nosniff
age
141128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 18:34:15 GMT
fa-brands-400.woff2
win79club.site/assets/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win79club.site/assets/webfonts/fa-brands-400.woff2
Requested by
Host: win79club.site
URL: https://win79club.site/assets/css/fontawesome-all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/assets/css/fontawesome-all.min.css
Origin
https://win79club.site
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:23 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 17:25:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"12bc0-61a8c70e7d0b6-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QPrN5NyfQYlkWm4FNHI79OQ6SsfOOE0CpLUT3lmctPKUfx48wJ0ty12%2FoE5eWRAQ3TEz0AmRabClJWM%2BLcIStFrYCP86nHCRtySvWb4aWVwPnd3rGOtKtpuBWMGCn38J7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
cf-ray
8941a1f57e309171-FRA
alt-svc
h3=":443"; ma=86400
fa-solid-900.woff2
win79club.site/assets/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win79club.site/assets/webfonts/fa-solid-900.woff2
Requested by
Host: win79club.site
URL: https://win79club.site/assets/css/fontawesome-all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/assets/css/fontawesome-all.min.css
Origin
https://win79club.site
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:23 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 10 Jun 2024 17:26:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"131bc-61a8c72145c47-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2BcAA91r0IVHVGNDfVuNmW999bg6VguCT1BJtSSZMNlwEQWYiLU6UBEzLTmRBF4Wr9hmcuW8caj5U9jtNSwp8SgmKYm7mSkiE7Xo2R%2F0B1OvrYjnHj68QkZ9w2%2BE0rV%2BAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
cf-ray
8941a1f57e319171-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		259 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e3510334874c23f2d6a98ca11270af7dc07f18712447aa8e803d9ca3d92f6b9

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		259 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f32614dc4a6bd89cfc03e184a93ac012f166527acd40feccc00f459158bae99

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
favicon.ico
win79club.site/ 		15 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://win79club.site/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b658f5a51a2cc169e3c16dc091bbbb7817d244de0d8559cc05182dc3fdf340d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://win79club.site/photoshop/gregory-fly-ringtones-restructuring
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 09:46:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 11 Jun 2024 16:44:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3c2e-61a9ffbf74d79-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tSRaF0lfSzEp%2FK42SyKUPx6Od8Xo6j6viuBqfvUwO7U4%2FKENPRUAuT%2FbrD5KNX8TWc%2FR2AlhBelQxU4AufShgx%2Bey1uUilyisU7gsXfQVk5qLaBdhiTJHWDvP7S0gvuNsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8941a209acc09171-FRA
alt-svc
h3=":443"; ma=86400
content-length
5268

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dartdaily.dart.org
URL
https://dartdaily.dart.org/images/librariesprovider3/dart-daily-article-images/christmas-bus-at-westmoreland-station.jpg?sfvrsn=aea066a4_2
Domain
ontu.onews.media
URL
https://ontu.onews.media/uploads/thumbs/84828e0a5-1.jpg

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery object| browser function| breakpoints

1 Cookies

Domain/Path Name / Value
.discogs.com/ Name: __cf_bm
Value: D1yu02CGbV3JfU_XIcANn5BIDWJHhHGusnF9qhuRTlo-1718444783-1.0.1.1-8hYgZ4wkKco4.e0OS.hnT88Jfk9kD7AX328gN.3lAeEjx0hdKmH4rb0djbAM7N7zhtTtl_VCdmlQtelnCuiWFA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9b16f79ca967fd0708d1-2713572fef44aa49ec323e813b06d2d9.ssl.cf2.rackcdn.com
c8.alamy.com
dartdaily.dart.org
fonts.googleapis.com
fonts.gstatic.com
i.discogs.com
i.pinimg.com
i1.sndcdn.com
image.pbs.org
images.booksense.com
img.mlbstatic.com
m.media-amazon.com
ontu.onews.media
play-lh.googleusercontent.com
resource.rentcafe.com
s7d1.scene7.com
upload.wikimedia.org
win79club.site
www.americansouthwest.net
www.aplaceformom.com
www.cattipper.com
www.elpasotimes.com
www.genfed.com
www.oneplus.com
www.trulia.com
dartdaily.dart.org
ontu.onews.media
108.157.4.116
151.101.2.62
18.154.63.122
18.66.112.53
188.114.97.3
192.232.219.84
199.232.37.91
209.59.151.10
23.215.23.75
2600:9000:2315:de00:6:b56f:f3c0:93a1
2606:4700:4400::ac40:9736
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2016
2a00:1450:4001:82f::200a
2a02:26f0:3500:12::1730:17aa
2a02:26f0:3500:589::9b6
2a02:ec80:300:ed1a::2:b
2a04:4e42:400::604
2a04:4e42:8e::84
3.164.206.8
35.244.163.220
74.204.78.26
95.101.111.151
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
10440e40a314ee12c5a2841c828eda4ac84143db5c103ef829b1c50a2768fd5c
1e3510334874c23f2d6a98ca11270af7dc07f18712447aa8e803d9ca3d92f6b9
24926431fdf5baff0c1929f104152a0726dedf19181876f04cfbc78c98ee318f
24f676a217c52e8208b6c89f79d53017b39cdcda503d6bcf22fb9f02647605f2
309febcd6d6e0cf092201532215f03a6a9f30b30f26203272a4861d704e7cd52
3e6eb4abb196d96a99939ad3dd994349e53fb33a56775bfa058cecc35f64fcb4
3e89bce1e2eeb2954bc9f7c12be74a2624b29300ea9d46e88d5f7021ebe70d93
40502576267f5f298841530e3187c461cfeaeba7c785a40f22f79cc3c220d66c
448d0d819778e82daace4a77697b8c3b169f4eb61db2e673089ab8ed1987cd8e
5b658f5a51a2cc169e3c16dc091bbbb7817d244de0d8559cc05182dc3fdf340d
5b95fb771c9f872fd20dcc94030b98a69eb39737f346b7cca0fcab379291db0b
61824420a34a014b68bbb5384decbefc43473df8241a0729418743f2158c564b
626034bd4f2a3bf1d66a55204659c0413c2496c376e6bf552c85dd048cdd43a9
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
673681301ddcbd1be6a50e9da28ebdd266168be53aab868bb5bb2053ecd7fd76
77a637288445b246f6dcab6946707847609b1e24c0bb6e78eb2c3377690e7a9a
78484b98c3f2cf19e4cfda752cdf941061f64aa2f834182573590b1afea497bb
78d99d246495262c493235571a3f950337b85a790f36dc1e59cf1ef25d96d002
7a48f53b79aca26c976374e0050f306c6e9dab6033fec3ec1fc43f1f14975fe6
86ea50a9efb2bb2b076ef53a976b7b3689eaa7c3a8afe90f3db0199bd601c782
8be13da535dc4494b9fbd69362cceadb00e4a1a7acea7b04d92dfcea47131012
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
92ad5ce82630c0052262d2939a90cbedf6cce2caf889f2e368e112f496d6445a
97108d45443148858ae5fe55490aa78722d4dcef8300535d9cc38e32b6c91423
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9e258999c36c723c22d7790d72a34dd0282588334c6f6a7b87abd1630acdf2ba
9f32614dc4a6bd89cfc03e184a93ac012f166527acd40feccc00f459158bae99
9fbed6dfef6553a4d646ed604ac71bdf4a5f4de79e4cddba397a4d4b4d4a8374
a6c9c12028042e784d9c98daa726c516898836dcfe836226008bddeef315dd66
a914f563728290c4146b2b335fa12cfaad7039c6c74237bcb0e5089c2ad952bb
addfbde7d0eac166f2646b3a09080b11592c3cdecd850972c601a99677073748
aee584e3d58344a41b190bb7b6e550f98ad3bb8e28fbc7ea6ddca22f0ef97183
ba6f8d44c83135afec89fe41dbdaa5d3602ddcaad920bcf6d9785c627c36a306
c14fa5512a1d7f54d8572fc38ddc5ccf04bf2a16c7f2e14607bfa641f1698765
c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
c4217feebdd357e8a952e0ffbaa02791e5323482b8e3d80b3f714b84b1664103
c5585ac364d36da3069e6bceba3fe18b67cdbb85e4db0ca478a400e7f79f0a56
d9383706987bd94457f67705fdb465bae4a2b1583ee407773a0cb63d09ce2a3b
e7bd55327355f345fb1d14a14ac80684d004f65661a892c183f5d5f0de0e672c
f2fb40e3f9fa54ddac5d25a1db0ba83fee8b7a58a7221a59caaf70c0230f80fa
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e