win79s.fun Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://win79s.fun/
Submission: On November 16 via manual (November 16th 2023, 8:17:37 am UTC) from AE — Scanned from CH

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 33 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is win79s.fun.
TLS certificate: Issued by GTS CA 1P5 on November 10th 2023. Valid for: 3 months.

This is the only time win79s.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
20	2600:9000:206... 2600:9000:206f:5a00:11:52e1:b680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	52.76.226.154 52.76.226.154	16509 (AMAZON-02) (AMAZON-02)
33	8

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

win79s.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:206f:5a00:11:52e1:b680:93a1 (United States)

ASN16509 (AMAZON-02, US)

w.ladicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.76.226.154 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-226-154.ap-southeast-1.compute.amazonaws.com

a.ladipage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	ladicdn.com w.ladicdn.com — Cisco Umbrella Rank: 57816	2 MB
6	gstatic.com fonts.gstatic.com	150 KB
2	ladipage.com a.ladipage.com — Cisco Umbrella Rank: 81710	632 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	296 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	88 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	win79s.fun win79s.fun	14 KB
33	7

	Domain	Requested by
20	w.ladicdn.com	win79s.fun
6	fonts.gstatic.com	fonts.googleapis.com
2	a.ladipage.com	w.ladicdn.com
2	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	win79s.fun
1	fonts.googleapis.com	win79s.fun
1	win79s.fun
33	7

This site contains no links.

Subject Issuer	Validity	Valid
win79s.fun GTS CA 1P5	`2023-11-10` - `2024-02-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
w.ladicdn.com Amazon RSA 2048 M02	`2023-10-12` - `2024-11-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
a.ladipage.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://win79s.fun/
Frame ID: 5B670DCBE05EBE4B6D7D6665E9755D39
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trang Tải Win79 Club, Win79 Life, Win79 APK, Win79 iOS Chính Thức 2022

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

33
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

8
IPs

3
Countries

1913 kB
Transfer

2712 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
win79s.fun/ 72 KB
14 KB 147ms
60ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://win79s.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20e8b6f7256f19f01b97c13e2ad126ee5a5e615a2759ac5a0a295941f61fa14b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 826e4c230918b930-AMS
content-encoding: br
content-type: text/html
date: Thu, 16 Nov 2023 08:17:24 GMT
last-modified: Fri, 23 Dec 2022 18:05:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEjOjLvfcbZf%2F5bCE0%2BnsRzYeQ7L9id0lE1CQI2MLN3AD7%2BBUV%2Bayut7QrmAFKDt%2F44ZEvcmCEYk5aecst6PeqqkEw%2FFGKiX2YGk5jTxbXmSLYZXSdN0zdOQGWckfZc3Z7aes37CtMtj"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 77ms
30ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Bungee%20Inline:bold,regular&display=swap

Requested by

Host: win79s.fun
URL: https://win79s.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0463fc3c7142d5d130e6908ae2ff4cadc8ddeb8cee000c84f315f975c6b224eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 08:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 08:17:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 08:17:25 GMT

GET
H2 200 ladipage.vi.min.js Show response
w.ladicdn.com/v2/source/ 374 KB
86 KB 438ms
212ms Script
text/javascript 2600:9000:206f:5a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1668504646901
Requested by: Host: win79s.fun
URL: https://win79s.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 930c2c53bd84d481d8ed2d54855411f7dc0cf8d5ea6cc6265b65bf2a2170a17f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 06:11:39 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 2253946
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: eME87aYUVkR99-duq7zyYMdx1DFo0cf3hcoR_HsE8NgZ0CWtw5OHqw==
expires: Sun, 20 Oct 2024 06:11:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
88 KB 90ms
41ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-13KKZ59W5Y

Requested by

Host: win79s.fun
URL: https://win79s.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d69d2ede3cad7e3547db2a40f407704703e99351b46a4d661aa805db7692fe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 08:17:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89637
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Nov 2023 08:17:25 GMT

GET
H2 200 ladipage.min.css
w.ladicdn.com/v2/source/ 66 KB
6 KB 255ms
30ms Stylesheet
text/css 2600:9000:206f:5a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipage.min.css?v=1668504646901
Requested by: Host: win79s.fun
URL: https://win79s.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cdf280f70a1b4ee57e3451e5aecb0d56269e5feec54513bed76598df05acabdf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 01:22:42 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 1148083
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: Ow0dGeukSHHIVxr3vDTwAezzQhO6La9dB_xf0oBEnMuU2BlFtL09cA==
expires: Sat, 02 Nov 2024 01:22:42 GMT

GET
H2 200 background-20221111165338-_hgfq.jpeg
w.ladicdn.com/s1440x1615/6356ca953b4e330020fdd38a/ 190 KB
190 KB 378ms
216ms Image
image/jpeg 2600:9000:206f:5a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s1440x1615/6356ca953b4e330020fdd38a/background-20221111165338-_hgfq.jpeg
Requested by: Host: win79s.fun
URL: https://win79s.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3cd489bbda379debaa3beca1c185cafee609b2c3008bf5f729c742e2cbdcefb3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:04:15 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 15190
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: tRkK_HO31pT82FJX7au-dK__kLhwXqo_GY02Huw-kfMPAlICp_-iPQ==
expires: Fri, 15 Nov 2024 04:04:15 GMT

GET
H2 200 game9-20221115085929-uvqqs.png
w.ladicdn.com/s700x750/6356ca953b4e330020fdd38a/ 56 KB
57 KB 377ms
216ms Image
image/png 2600:9000:206f:5a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s700x750/6356ca953b4e330020fdd38a/game9-20221115085929-uvqqs.png
Requested by: Host: win79s.fun
URL: https://win79s.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ef74b1d6d3fd307117fb708b7747efe0830646d48f08de0c05a0d28cea81f351

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:04:15 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 15190
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: xO0ZE0NeX6DDvjV49faBuX0-_PrbRiupAuQ7xB5bCDXppTXjWlfZ-w==
expires: Fri, 15 Nov 2024 04:04:15 GMT

GET
H2 200 logo-20221111165349-jig2-.png
w.ladicdn.com/s600x600/6356ca953b4e330020fdd38a/ 46 KB
46 KB 196ms
36ms Image
image/png 2600:9000:206f:5a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s600x600/6356ca953b4e330020fdd38a/logo-20221111165349-jig2-.png
Requested by: Host: win79s.fun
URL: https://win79s.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4a887d056ca99b5601ce9fe8e3321b94ed942e22ed3895b63dc4c1bfaa40f572

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:04:14 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 15191
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: GI5SQVAJInmYtb222IqAyA2jkgO7epZ2FUIAExqe5EqaiYrLrm5K9w==
expires: Fri, 15 Nov 2024 04:04:14 GMT

GET
H2 200 slogan-20221111165349-depbl.png
w.ladicdn.com/s1050x550/6356ca953b4e330020fdd38a/ 40 KB
41 KB 223ms
64ms Image
image/png 2600:9000:206f:5a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s1050x550/6356ca953b4e330020fdd38a/slogan-20221111165349-depbl.png
Requested by: Host: win79s.fun
URL: https://win79s.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: dc1dda8da56e121658f57f5d614ed72f2874afb780f3bcda083c0455d8bb656d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:04:15 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 15190
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: b11ZBw1cfp7frFTMLuN8wFPoR5hWU_zM1SOjr9cvB382Rkv7ZaFZoQ==
expires: Fri, 15 Nov 2024 04:04:15 GMT

GET
H2 200 phone-20221111165349-bdode.png
w.ladicdn.com/s400x400/6356ca953b4e330020fdd38a/ 6 KB
7 KB 349ms
215ms Image
image/png 2600:9000:206f:5a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s400x400/6356ca953b4e330020fdd38a/phone-20221111165349-bdode.png
Requested by: Host: win79s.fun
URL: https://win79s.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 95372a6172cdcb4f87e61ad5dbfcb46eb95b50a7dc538cc990d662789b949e12

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:04:15 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 15190
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: MQbgcBLbvaA7flvcSCUtZ98pC6V7wROl_Vxxmp_6XOzkHZ95Advhow==
expires: Fri, 15 Nov 2024 04:04:15 GMT

GET
H2 200 giftcode-win79-20221111180747-zuatm.png
w.ladicdn.com/s700x600/6356ca953b4e330020fdd38a/ 250 KB
250 KB 218ms
84ms Image
image/png 2600:9000:206f:5a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s700x600/6356ca953b4e330020fdd38a/giftcode-win79-20221111180747-zuatm.png
Requested by: Host: win79s.fun
URL: https://win79s.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cdbf242d2cdb952a9d592685e42044e699a7f1330c42f2d19e42ce194c67e798

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:04:15 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 15190
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: w7Pu0TVHWmKfDXACp1twVW7CUoiIeXcvtXoG8LnnTDw_2St2CugkuQ==
expires: Fri, 15 Nov 2024 04:04:15 GMT

GET
H2 200 game6-20221111165339-q3hav.png
w.ladicdn.com/s500x450/6356ca953b4e330020fdd38a/ 14 KB
14 KB 347ms
213ms Image
image/png 2600:9000:206f:5a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s500x450/6356ca953b4e330020fdd38a/game6-20221111165339-q3hav.png
Requested by: Host: win79s.fun
URL: https://win79s.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7dac3e35ba28cda14b036f437160d83ef85ab65205a82fd627da0affeffc891c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:04:15 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 15190
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: f-ZTrJmHXDP4y5hp1EAI-H-ImlV8YRNx1T2F-Vhbz-RqJR1t5-j0Qg==
expires: Fri, 15 Nov 2024 04:04:15 GMT

GET
H2 200 game5-20221111165339-kn0cy.png
w.ladicdn.com/s500x500/6356ca953b4e330020fdd38a/ 13 KB
14 KB 348ms
215ms Image
image/png 2600:9000:206f:5a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s500x500/6356ca953b4e330020fdd38a/game5-20221111165339-kn0cy.png
Requested by: Host: win79s.fun
URL: https://win79s.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: db4a7b2cc49646a75c4955b3f90b451ea28787021a7d8645e1973e10670fa592

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:04:15 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 15190
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: G9MQDxTxfC7xdWr6Jn_pP9G_ccZj5gQGlgY_ytiOoPepISfae08DHg==
expires: Fri, 15 Nov 2024 04:04:15 GMT

GET
H2 200 game3-20221111165339-kqpna.png
w.ladicdn.com/s550x450/6356ca953b4e330020fdd38a/ 12 KB
12 KB 215ms
82ms Image
image/png 2600:9000:206f:5a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s550x450/6356ca953b4e330020fdd38a/game3-20221111165339-kqpna.png
Requested by: Host: win79s.fun
URL: https://win79s.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 74bdc72f4d5765a976b2d95a96539dd8171c40fd62e371396cc4ca989296aee0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:04:15 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 15190
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: 9Is1Lpb1QKyyamynUKWgoH3xipgmx11sKt721IQ-goG4CSqIf6oP6w==
expires: Fri, 15 Nov 2024 04:04:15 GMT

GET
H2 200 game4-20221111165339-blhn8.png
w.ladicdn.com/s500x450/6356ca953b4e330020fdd38a/ 13 KB
13 KB 347ms
214ms Image
image/png 2600:9000:206f:5a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s500x450/6356ca953b4e330020fdd38a/game4-20221111165339-blhn8.png
Requested by: Host: win79s.fun
URL: https://win79s.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 89782dcabedca74c6b2c6544fcc19cb5b9a1b8343c457651fefa80bc288864ca

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:04:15 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 15190
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: Ipf5i6Lv8pbKpsKCe155z5DRCEQ_oGojYv6q7BjzyeUyPwjW-SDhfQ==
expires: Fri, 15 Nov 2024 04:04:15 GMT

GET
H2 200 game2-20221111165339-cf2om.png
w.ladicdn.com/s500x450/6356ca953b4e330020fdd38a/ 13 KB
14 KB 350ms
216ms Image
image/png 2600:9000:206f:5a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s500x450/6356ca953b4e330020fdd38a/game2-20221111165339-cf2om.png
Requested by: Host: win79s.fun
URL: https://win79s.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7ffdd179cae4b4a782fc8c39ba1de67af0a059151d3c43f71c5b77be0525255d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:04:15 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 15190
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: LixWjuQhEFrEPsCNBFa2K2xeFIgLvX0ncxCeBVfjlJs8luzr65XmEQ==
expires: Fri, 15 Nov 2024 04:04:15 GMT

GET
H2 200 game1-20221111165339-owexu.png
w.ladicdn.com/s500x450/6356ca953b4e330020fdd38a/ 14 KB
15 KB 349ms
215ms Image
image/png 2600:9000:206f:5a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s500x450/6356ca953b4e330020fdd38a/game1-20221111165339-owexu.png
Requested by: Host: win79s.fun
URL: https://win79s.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d387ed35dbcf76b0068ece31efd1a9f836bf98f14010b425c0aafb7e71c7bd91

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:04:15 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 15190
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: Nb9xYqVvHOhkjaukMj44ytKB3bylrZxhVPvwegm-_3ryxvxLKrzNRA==
expires: Fri, 15 Nov 2024 04:04:15 GMT

GET
H2 200 button-android-download-20221112032908-p1ucd.svg
w.ladicdn.com/6356ca953b4e330020fdd38a/ 455 KB
345 KB 244ms
111ms Image
image/svg+xml 2600:9000:206f:5a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/6356ca953b4e330020fdd38a/button-android-download-20221112032908-p1ucd.svg
Requested by: Host: win79s.fun
URL: https://win79s.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 86614d21c96219b68701ade2425e103fa4a4a61fab91962cc72a53300b85fa0f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:04:15 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 15190
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: YXXLxIIHkvV0Vzxl7Gbu5bnM_fruUC5vEiM3nbBBU9hRPZEQ85d-IQ==
expires: Fri, 15 Nov 2024 04:04:15 GMT

GET
H2 200 button-ios-download-20221112033013-zinq1.svg
w.ladicdn.com/6356ca953b4e330020fdd38a/ 446 KB
338 KB 348ms
214ms Image
image/svg+xml 2600:9000:206f:5a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/6356ca953b4e330020fdd38a/button-ios-download-20221112033013-zinq1.svg
Requested by: Host: win79s.fun
URL: https://win79s.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 72b36d560384c9a1fb9ae40a81935be208bbbd2887882dc755a83ae4bf4dbc2e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:04:15 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 15190
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: vJCD3YPf-SekHnITjBCl3C2tVl1cOwcriir7sT5UGxhbhL4zZ0BNdg==
expires: Fri, 15 Nov 2024 04:04:15 GMT

GET
H2 200 icon-livechat-20221115085929-qw_n-.png
w.ladicdn.com/s400x400/6356ca953b4e330020fdd38a/ 6 KB
6 KB 349ms
216ms Image
image/png 2600:9000:206f:5a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s400x400/6356ca953b4e330020fdd38a/icon-livechat-20221115085929-qw_n-.png
Requested by: Host: win79s.fun
URL: https://win79s.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7bbda6b5aa49c086159eb91abdda7a81ee3397196213d2c2286be8f46ce6f369

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:04:15 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 15190
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: hCtn2R_mC2mUrJWEMKtfY3VvCZegHo9Ico62GhTB5Er_2LSL_E-IMA==
expires: Fri, 15 Nov 2024 04:04:15 GMT

GET
H2 200 rank-20221115085929-xzzvn.png
w.ladicdn.com/s700x500/6356ca953b4e330020fdd38a/ 19 KB
20 KB 243ms
109ms Image
image/png 2600:9000:206f:5a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s700x500/6356ca953b4e330020fdd38a/rank-20221115085929-xzzvn.png
Requested by: Host: win79s.fun
URL: https://win79s.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 461e7847c44d160a24ba9baf638f2ba77c204ed310917113fd7b534e681d35b9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:04:15 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 15190
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: e0PE7B8i_mqaWQYpKyp4I30hLbjD4VWKqywpfOyJ4huLW11zG4JcyA==
expires: Fri, 15 Nov 2024 04:04:15 GMT

GET
H2 200 icon-form-20221115091055-pg7oh.png
w.ladicdn.com/s1050x850/6356ca953b4e330020fdd38a/ 178 KB
179 KB 344ms
210ms Image
image/png 2600:9000:206f:5a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s1050x850/6356ca953b4e330020fdd38a/icon-form-20221115091055-pg7oh.png
Requested by: Host: win79s.fun
URL: https://win79s.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 819454b731e686e884d67292fda055b4ef2b30a6ffd43ed41ce07c35f59f9133

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:04:15 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 15190
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: vGNsO3WZPCAsuCZH0SoSriyRetmxK8YpY4uUhbUNRCUIg9TQQfRqIw==
expires: Fri, 15 Nov 2024 04:04:15 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 72ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Bungee%20Inline:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://win79s.fun
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 14:29:28 GMT
x-content-type-options: nosniff
age: 496077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 14:29:28 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v36/ 34 KB
34 KB 99ms
46ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Bungee%20Inline:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://win79s.fun
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 14:49:29 GMT
x-content-type-options: nosniff
age: 235676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35120
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 14:49:29 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v36/ 16 KB
16 KB 116ms
64ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Bungee%20Inline:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db5d7bb36691306bda51b903c84fbdef4206d3c166b8080100915d16a617f5ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://win79s.fun
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:28:27 GMT
x-content-type-options: nosniff
age: 568138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16424
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:41:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 18:28:27 GMT

GET
H2 200 Gg8zN58UcgnlCweMrih332VuPGV_-Q.woff2
fonts.gstatic.com/s/bungeeinline/v15/ 27 KB
27 KB 113ms
66ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bungeeinline/v15/Gg8zN58UcgnlCweMrih332VuPGV_-Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Bungee%20Inline:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e25ec977410298852a05c5c08c7346373806585fff088954e3063d8b5d48245

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://win79s.fun
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 03:57:41 GMT
x-content-type-options: nosniff
age: 274784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27168
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:36:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 03:57:41 GMT

GET
H2 200 Gg8zN58UcgnlCweMrih332VuPGt_-WEg.woff2
fonts.gstatic.com/s/bungeeinline/v15/ 18 KB
18 KB 118ms
72ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bungeeinline/v15/Gg8zN58UcgnlCweMrih332VuPGt_-WEg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Bungee%20Inline:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb1eef8635f6bb8ea76caf52f50512b13830d22375c3c8d3bb8f9b0bfba8ac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://win79s.fun
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 02:31:32 GMT
x-content-type-options: nosniff
age: 107153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18360
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:36:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 02:31:32 GMT

GET
H2 200 Gg8zN58UcgnlCweMrih332VuPGp_-WEg.woff2
fonts.gstatic.com/s/bungeeinline/v15/ 7 KB
7 KB 108ms
62ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bungeeinline/v15/Gg8zN58UcgnlCweMrih332VuPGp_-WEg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Bungee%20Inline:bold,regular&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcc16bc491cd3e82cec1b8774058222305e6fefddc2b49cb8dcf12ebbc759a4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://win79s.fun
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 11:35:28 GMT
x-content-type-options: nosniff
age: 333717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7244
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:36:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Nov 2024 11:35:28 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 107ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-13KKZ59W5Y&gtm=45je3b81v897045788&_p=1700122645058&gcd=11l1l1l1l1&dma=0&cid=172554652.1700122645&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700122645&sct=1&seg=0&dl=https%3A%2F%2Fwin79s.fun%2F&dt=Trang%20T%E1%BA%A3i%20Win79%20Club%2C%20Win79%20Life%2C%20Win79%20APK%2C%20Win79%20iOS%20Ch%C3%ADnh%20Th%E1%BB%A9c%202022&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=427
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-13KKZ59W5Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 08:17:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win79s.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 event
a.ladipage.com/ 0
0 575ms
185ms Preflight
application/json 52.76.226.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.76.226.154 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-76-226-154.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view
Access-Control-Request-Method: POST
Origin: https://win79s.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 16 Nov 2023 08:17:26 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d43791134e2e13160c0f0ad2a1b60831798f279d51728750ab7a5e3adce156a

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 event Show response
a.ladipage.com/ 106 B
632 B 190ms
190ms XHR
text/plain 52.76.226.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.vi.min.js?v=1668504646901

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.76.226.154 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-76-226-154.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

29d9e01151932ae6955f915572beab07a838318c9ec100bb77923f13ffcc2eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

LADI_CLIENT_ID
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT: 0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
LADI_CAMP_NAME
Content-Type: application/json
accept-language: de-CH,de;q=0.9
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW: 0
Referer: https://win79s.fun/
LADI_PAGE_VIEW: 0
LADI_CAMP_TYPE

Response headers

date: Thu, 16 Nov 2023 08:17:26 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection: 0

GET
H2 200 ladipage.svg
w.ladicdn.com/source/v3/by/ 12 KB
5 KB 28ms
28ms Image
image/svg+xml 2600:9000:206f:5a00:11:52e1:b680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/source/v3/by/ladipage.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:11:52e1:b680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 628302bae3cba02607d2fefa6eaf3d0549c0c8ab9f41bd171d74f3757826b6bf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 01:25:38 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 2703111
x-cache: Hit from cloudfront
server: nginx
access-control-max-age: 2592000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id: rSSIcMLL2JHBoq-HejRFkSA12E6nNpqBo_95KdmUtzBPVcNPCV6qmw==
expires: Tue, 15 Oct 2024 01:25:38 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 36ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-13KKZ59W5Y&gtm=45je3b81v897045788&_p=1700122645058&gcd=11l1l1l1l1&dma=0&cid=172554652.1700122645&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1700122645&sct=1&seg=0&dl=https%3A%2F%2Fwin79s.fun%2F&dt=Trang%20T%E1%BA%A3i%20Win79%20Club%2C%20Win79%20Life%2C%20Win79%20APK%2C%20Win79%20iOS%20Ch%C3%ADnh%20Th%E1%BB%A9c%202022&en=ScrollDepth_75_percent&_ee=1&ep.event_category=LadiPageScrollDepth&ep.event_label=win79s.fun%2F&ep.non_interaction=true&_et=412&tfd=5842
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-13KKZ59W5Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://win79s.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 08:17:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win79s.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.win79s.fun/	1970-01-21 01:51:22	Name: _ga Value: GA1.1.172554652.1700122645
win79s.fun/	1970-01-20 16:16:49	Name: _timenow Value: 1700122645666
.win79s.fun/	1970-01-21 01:51:22	Name: _ga_13KKZ59W5Y Value: GS1.1.1700122645.1.0.1700122645.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
w.ladicdn.com
win79s.fun
www.googletagmanager.com
2001:4860:4802:34::36
2600:9000:206f:5a00:11:52e1:b680:93a1
2a00:1450:4001:80e::2008
2a00:1450:4001:813::2003
2a00:1450:4001:828::200a
2a06:98c1:3121::3
52.76.226.154
0463fc3c7142d5d130e6908ae2ff4cadc8ddeb8cee000c84f315f975c6b224eb
0d43791134e2e13160c0f0ad2a1b60831798f279d51728750ab7a5e3adce156a
1d69d2ede3cad7e3547db2a40f407704703e99351b46a4d661aa805db7692fe4
1fb1eef8635f6bb8ea76caf52f50512b13830d22375c3c8d3bb8f9b0bfba8ac9
20e8b6f7256f19f01b97c13e2ad126ee5a5e615a2759ac5a0a295941f61fa14b
29d9e01151932ae6955f915572beab07a838318c9ec100bb77923f13ffcc2eee
3cd489bbda379debaa3beca1c185cafee609b2c3008bf5f729c742e2cbdcefb3
461e7847c44d160a24ba9baf638f2ba77c204ed310917113fd7b534e681d35b9
4a887d056ca99b5601ce9fe8e3321b94ed942e22ed3895b63dc4c1bfaa40f572
5e25ec977410298852a05c5c08c7346373806585fff088954e3063d8b5d48245
628302bae3cba02607d2fefa6eaf3d0549c0c8ab9f41bd171d74f3757826b6bf
72b36d560384c9a1fb9ae40a81935be208bbbd2887882dc755a83ae4bf4dbc2e
74bdc72f4d5765a976b2d95a96539dd8171c40fd62e371396cc4ca989296aee0
7bbda6b5aa49c086159eb91abdda7a81ee3397196213d2c2286be8f46ce6f369
7dac3e35ba28cda14b036f437160d83ef85ab65205a82fd627da0affeffc891c
7ffdd179cae4b4a782fc8c39ba1de67af0a059151d3c43f71c5b77be0525255d
819454b731e686e884d67292fda055b4ef2b30a6ffd43ed41ce07c35f59f9133
86614d21c96219b68701ade2425e103fa4a4a61fab91962cc72a53300b85fa0f
89782dcabedca74c6b2c6544fcc19cb5b9a1b8343c457651fefa80bc288864ca
930c2c53bd84d481d8ed2d54855411f7dc0cf8d5ea6cc6265b65bf2a2170a17f
95372a6172cdcb4f87e61ad5dbfcb46eb95b50a7dc538cc990d662789b949e12
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
cdbf242d2cdb952a9d592685e42044e699a7f1330c42f2d19e42ce194c67e798
cdf280f70a1b4ee57e3451e5aecb0d56269e5feec54513bed76598df05acabdf
d387ed35dbcf76b0068ece31efd1a9f836bf98f14010b425c0aafb7e71c7bd91
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47
db4a7b2cc49646a75c4955b3f90b451ea28787021a7d8645e1973e10670fa592
db5d7bb36691306bda51b903c84fbdef4206d3c166b8080100915d16a617f5ea
dc1dda8da56e121658f57f5d614ed72f2874afb780f3bcda083c0455d8bb656d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef74b1d6d3fd307117fb708b7747efe0830646d48f08de0c05a0d28cea81f351
fcc16bc491cd3e82cec1b8774058222305e6fefddc2b49cb8dcf12ebbc759a4c

win79s.fun Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

33 Requests

100 %HTTPS

86 %IPv6

7 Domains

7 Subdomains

8 IPs

3 Countries

1913 kBTransfer

2712 kBSize

3 Cookies

0 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

win79s.fun Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

8
IPs

3
Countries

1913 kB
Transfer

2712 kB
Size

3
Cookies

33 HTTP transactions
1 data transactions