www.afterwin88cihuy.com Open in urlscan Pro
2606:4700:3031::ac43:868c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://afterwin88cihuy.com/
Effective URL:
https://www.afterwin88cihuy.com/
Submission: On September 29 via api (September 29th 2024, 1:43:29 pm UTC) from US — Scanned from DE

Summary HTTP 56 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 56 HTTP transactions. The main IP is 2606:4700:3031::ac43:868c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.afterwin88cihuy.com.
TLS certificate: Issued by WE1 on September 15th 2024. Valid for: 3 months.

This is the only time www.afterwin88cihuy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	2606:4700:303... 2606:4700:3031::ac43:868c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
35	35.190.44.120 35.190.44.120	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
56	6

12 2606:4700:3031::ac43:868c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

afterwin88cihuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.afterwin88cihuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 35.190.44.120 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 120.44.190.35.bc.googleusercontent.com

9996777888.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	9996777888.com 9996777888.com — Cisco Umbrella Rank: 418759	2 MB
12	afterwin88cihuy.com 1 redirects afterwin88cihuy.com www.afterwin88cihuy.com	122 KB
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 476	109 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	601 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	1 KB
56	5

	Domain	Requested by
35	9996777888.com	www.afterwin88cihuy.com
11	www.afterwin88cihuy.com	www.afterwin88cihuy.com
6	cdn.ampproject.org	www.afterwin88cihuy.com cdn.ampproject.org
1	www.google-analytics.com	www.afterwin88cihuy.com
1	www.googletagmanager.com	cdn.ampproject.org
1	afterwin88cihuy.com	1 redirects
56	6

This site contains links to these domains. Also see Links.

Domain
direct.lc.chat
homegardens.kitchen

Subject Issuer	Validity	Valid
afterwin88cihuy.com WE1	`2024-09-15` - `2024-12-14`	3 months	crt.sh
misc-sni.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
9996777888.com WR3	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.afterwin88cihuy.com/
Frame ID: C1FB5A6B4A6505D94E97FF9EE2BE0053
Requests: 58 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AFTERWIN88 - 24/7 Link Login Afterwin88 Paling Mudah Maxwin

Page URL History Show full URLs

https://afterwin88cihuy.com/ HTTP 308
https://www.afterwin88cihuy.com/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

56
Requests

96 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

2496 kB
Transfer

2959 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://direct.lc.chat/14253606

Search URL Search Domain Scan URL

URL: https://homegardens.kitchen/afterwin88
Title: Masuk

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://afterwin88cihuy.com/ HTTP 308
https://www.afterwin88cihuy.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.afterwin88cihuy.com/
Redirect Chain

https://afterwin88cihuy.com/
https://www.afterwin88cihuy.com/

53 KB
12 KB

1712ms
1688ms

Document
text/html

2606:4700:3031::ac43:868c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afterwin88cihuy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:868c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

a7ecba658e0533c65c798bd1eaa65da31e1d520a22dd4dd0bd869c525a0cc5d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
cache-control: max-age=0 no-cache
cf-cache-status: DYNAMIC
cf-ray: 8cac66be1ad9d382-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 29 Sep 2024 13:43:19 GMT
expires: Sun, 29 Sep 2024 13:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cH1K%2FaM3UJ6tIDfF8d11PYcvS98lV1taPUQTxm0Ae54VuFJW2vlmXDytRO%2B1%2BQvaNLxw2k81F1ExOsnAi8l9YpmvzkSOSjjFsOJyBen0AssKdKtwpfsAmPqiUb0LibyFY5iIZp8V1IbaZixteSWZRygAFeACDg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-powered-by: Next.js

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 8cac66b9aaded382-FRA
content-type: text/html
date: Sun, 29 Sep 2024 13:43:17 GMT
location: https://www.afterwin88cihuy.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GSkbAomMcnl98MWc7LNZlfrSi5H0%2BfQy1eY4Ghu0tNH%2B5vFnQOSURaSSDfXtG6Jg3GRGc2Vnz2bJbk3yazD4jZ%2BQ0Q0UzWXx2jQVvyUwxIRdGD6uOPO9IIeRUIcLtaB%2FGtsu8VLaPas73cF1SJPLNmz0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"

GET
H3 200 speculation
www.afterwin88cihuy.com/cdn-cgi/ 128 B
566 B 61ms
34ms Other
application/speculationrules+json 2606:4700:3031::ac43:868c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.afterwin88cihuy.com/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:868c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.afterwin88cihuy.com
Referer: https://www.afterwin88cihuy.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2BqhVxEQr1pavZ6EUQ0FxzFD7leI6ypdSe6ySOgBvoOGR0FS6Dfm3zwHvKtfAfm%2FeAg%2BzcTpehbuN94usTPAO0qrFKiF1rnyMaaLYqm5iyfB7I0V4Oyl4o4Y2zsbYu7lKOGCSNrZhF4ZjLMA8mgRkrkCsnHAbA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cac66c8e9a6d382-FRA
access-control-allow-origin: https://www.afterwin88cihuy.com
content-length: 128
date: Sun, 29 Sep 2024 13:43:19 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 v0.mjs Show response
cdn.ampproject.org/ 223 KB
62 KB 112ms
56ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.mjs

Requested by

Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3fc3363263323fe77b6f0b6d1717d202a36cb05d71f73f549f20b30de3d95ae

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.afterwin88cihuy.com
Referer: https://www.afterwin88cihuy.com/

Response headers

content-encoding: br
etag: "03ddd6df7f0fb77f"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sun, 29 Sep 2024 13:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Sep 2024 13:43:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 63577
x-xss-protection: 0
server: sffe

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/v0/ 95 KB
29 KB 101ms
45ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.mjs

Requested by

Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffb51d1d1d4a7755ffd48b5d95f67fe73a3aa414e89eac98d4e22fb980b17357

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.afterwin88cihuy.com
Referer: https://www.afterwin88cihuy.com/

Response headers

content-encoding: br
etag: "8dc307a43443c858"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sun, 29 Sep 2024 13:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Sep 2024 13:43:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 29012
x-xss-protection: 0
server: sffe

GET
H2 200 amp-carousel-0.1.mjs Show response
cdn.ampproject.org/v0/ 33 KB
10 KB 118ms
62ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.mjs

Requested by

Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ef75b73e0a95eaf29a005d9a72bccd45a707400fd4d46406399531c61858ef

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.afterwin88cihuy.com
Referer: https://www.afterwin88cihuy.com/

Response headers

content-encoding: br
etag: "a9b70eaee850de26"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Sun, 29 Sep 2024 13:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Sep 2024 13:43:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 10085
x-xss-protection: 0
server: sffe

GET
H3 404 Ekster-Bold.woff2
www.afterwin88cihuy.com/ 0
0 803ms
800ms Font
text/html 2606:4700:3031::ac43:868c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afterwin88cihuy.com/Ekster-Bold.woff2

Requested by

Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:868c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.afterwin88cihuy.com
Referer: https://www.afterwin88cihuy.com/

Response headers

access-control-max-age: 1728000
content-encoding: br
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PczOtQooeKvpVEkqUnbRNryoPjC1bacFLlrYVKqRYEV0uxCpPM91uIJDYfuGJBAoQRjdMUPjXpp7fixLVamzLOfhZBUHlK1iun8K5alLgevdXpkXy8PJQpdwCXJrHFilruqfqcUjqeLfCmam3vP1quqXrcqlcw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
date: Sun, 29 Sep 2024 13:43:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
access-control-allow-credentials: true
cf-ray: 8cac66c92a70d382-FRA
access-control-allow-origin: https://www.afterwin88cihuy.com
x-powered-by: Next.js
server: cloudflare

GET
H3 404 Ekster-Regular.woff2
www.afterwin88cihuy.com/ 0
0 892ms
888ms Font
text/html 2606:4700:3031::ac43:868c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afterwin88cihuy.com/Ekster-Regular.woff2

Requested by

Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:868c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.afterwin88cihuy.com
Referer: https://www.afterwin88cihuy.com/

Response headers

access-control-max-age: 1728000
content-encoding: br
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DNDD7qz11K%2BKRnJXga4b7NseVYR8ffS81hTy6yNvP0etDi4VPeOel%2FHJ8gR%2B72gB%2FIBE8A%2BzdLz1rdu5Mmxj86oJmxM27C0TD7tB5OKRbAzgyYUl0mDckNY85TC5KQarCY3KrR2U3XtkGmHb43Wxgo088OWjmg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
date: Sun, 29 Sep 2024 13:43:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
access-control-allow-credentials: true
cf-ray: 8cac66c92a78d382-FRA
access-control-allow-origin: https://www.afterwin88cihuy.com
x-powered-by: Next.js
server: cloudflare

GET
H3 404 Ekster-Light.woff2
www.afterwin88cihuy.com/ 0
0 905ms
901ms Font
text/html 2606:4700:3031::ac43:868c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afterwin88cihuy.com/Ekster-Light.woff2

Requested by

Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:868c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.afterwin88cihuy.com
Referer: https://www.afterwin88cihuy.com/

Response headers

access-control-max-age: 1728000
content-encoding: br
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Udpu7Mc1uItUkaVGryGyAQDfl62jcpphAiW6R4D7s2RbZm4IJF8yxb8zkTIhjWcWZDA%2FOCXFAMwTQc87dpxcASwQYA83F3dV1uUX%2FWs4xLFd%2FAhjdiN8gabZkme7hRr6%2F8bJvHeMryg8IaX5ThX2yjDJVFb5Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
date: Sun, 29 Sep 2024 13:43:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
access-control-allow-credentials: true
cf-ray: 8cac66c92a7bd382-FRA
access-control-allow-origin: https://www.afterwin88cihuy.com
x-powered-by: Next.js
server: cloudflare

GET
H2 200 live-chat-widget.png
9996777888.com/common/amp/ 83 KB
84 KB 350ms
298ms Image
image/png 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/common/amp/live-chat-widget.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d6fef45b6054745d097a29767662927d666af37b56b8a663d9fe35d021063ce8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=ZxTvgA==, md5=wUwKbLomWIA0x1EblYBEgQ==
etag: "c14c0a6cba26588034c7511b95804481"
age: 0
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 85476
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Fri, 18 Nov 2022 08:38:26 GMT
content-type: image/png
x-guploader-uploadid: AD-8ljtURTsFjKWQQwILTefjZEJ6an21_zH5iBylPFGUPQFwUWN6y88pwIHZncIV9BclpbNXkLc
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1668760706361130
content-length: 85476
content-language: en
server: UploadServer

GET
H2 200 light_logo.svg
9996777888.com/V1005/images/logo_icon/web_logo/ 7 KB
7 KB 380ms
329ms Image
image/svg+xml 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/images/logo_icon/web_logo/light_logo.svg
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a487490689944b8ed91efd9490f21a4015eda402b7b3fbe32f1f29a5359af4c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=SXZrTA==, md5=/a76QEO5IY6M3huGHqWUIA==
etag: "fdaefa4043b9218e8cde1b861ea59420"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 6721
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Mon, 20 Nov 2023 02:50:23 GMT
content-type: image/svg+xml
x-guploader-uploadid: AD-8ljtlLIj0nSiQ9ujfGVRuaruedmBqeYs8EnF6HYi0NgydlSm724u2q7X_h2ns2kAf9EqtRlw
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1700448623103647
content-length: 6721
content-language: en
server: UploadServer

GET
H3 200 Jackpot.gif
www.afterwin88cihuy.com/ 106 KB
106 KB 1362ms
1345ms Image
image/gif 2606:4700:3031::ac43:868c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.afterwin88cihuy.com/Jackpot.gif

Requested by

Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:868c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3c5f2d764a611b56270938fcf2116fa787b2cdae0b122c04d1e49c2137ef58e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: W/"1a67d-190a16a59e0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WOXsmyUeY%2Fb4VAEkg6GXHgp2KAFxEvqGM5LGfBSstD%2BKvFCZSimCNfXsd4rtki6vbYT5jrOdGw70lBPVxRLb6r0J3mvdWCmSklm3P6JhilLqL4JHCZU0YFe85jSEeJKadSqQHtJMB8vEnbw53ucd9fgtI2Awcg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cac66ca8f7bd382-FRA
expires: Tue, 29 Oct 2024 13:43:20 GMT
accept-ranges: bytes
content-length: 108157
date: Sun, 29 Sep 2024 13:43:20 GMT
content-type: image/gif
last-modified: Thu, 11 Jul 2024 10:50:20 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 1726382337.918977_bank_logo.png
9996777888.com/V1005/images/payment/bank/SEABANK/ 7 KB
7 KB 412ms
357ms Image
application/octet-stream 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/images/payment/bank/SEABANK/1726382337.918977_bank_logo.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 14530b7b0138231833140b99118f5a9ebbd74054e8436650aeda415d765f6ddb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=XAMdDw==, md5=gHK3tJZylwhq/Xn7E69D/w==
etag: "8072b7b4967297086afd79fb13af43ff"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7054
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Sun, 15 Sep 2024 06:38:58 GMT
content-type: application/octet-stream
x-guploader-uploadid: AD-8ljumggeXiAMrrQpR0y7ToKMW38oPUgLeHgR1RwNbg_B9j3V6Wggcwt-QG4gamxijhwYx46LP1Fj8Ig
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1726382338315685
content-length: 7054
server: UploadServer

GET
H2 200 1687418330.273996_bank_logo.png
9996777888.com/V1005/images/payment/bank/BSI/ 10 KB
10 KB 382ms
331ms Image
application/octet-stream 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/images/payment/bank/BSI/1687418330.273996_bank_logo.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: dd84f693e590d5cbf0341974180aef7b35ec6475834b1912d4ac13800247428a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=PrcaOg==, md5=7LJgWC9vnAzzgRJ8ZIx1NQ==
etag: "ecb260582f6f9c0cf381127c648c7535"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 10199
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Mon, 20 Nov 2023 02:50:23 GMT
content-type: application/octet-stream
x-guploader-uploadid: AD-8ljvmY8wuH1zFicNSidt2Ovpy737BD4H8qst5_nomH8mxrQwcRNsoZMirOI3kTDCpIt5-1Z0Inkirdw
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1700448623140272
content-length: 10199
server: UploadServer

GET
H2 200 1650038674.914145_bank_logo.png
9996777888.com/V1005/images/payment/bank/CIMB/ 9 KB
9 KB 380ms
326ms Image
application/octet-stream 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/images/payment/bank/CIMB/1650038674.914145_bank_logo.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4914b22a522a127ab9b43dbc83114036875f65532cbeef9fddb06518cd0bbc54

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=1emjig==, md5=ptUwH9apJ8spIMH+8oxrGQ==
etag: "a6d5301fd6a927cb2920c1fef28c6b19"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 8809
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Mon, 20 Nov 2023 02:50:23 GMT
content-type: application/octet-stream
x-guploader-uploadid: AD-8ljs4J1XtfSH9p3ZV41CtMEIGzB8grvYPqtFMsvjn_VMJcv-qtkRP6BoEzCXoxRSf7A42Y8c
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1700448623141201
content-length: 8809
server: UploadServer

GET
H2 200 1650038591.740805_bank_logo.png
9996777888.com/V1005/images/payment/bank/MANDIRI/ 8 KB
8 KB 368ms
327ms Image
application/octet-stream 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/images/payment/bank/MANDIRI/1650038591.740805_bank_logo.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d42829a3774919b1555c6eaff00fb9fb9e3c11b3c440551ee0aa51a925b52c12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=yFs5Zw==, md5=waHJM1VyaI59uAxXWdHFvQ==
etag: "c1a1c9335572688e7db80c5759d1c5bd"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 8385
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Mon, 20 Nov 2023 02:50:23 GMT
content-type: application/octet-stream
x-guploader-uploadid: AD-8ljtR_A3NVgRyGNCKc9Xfx2FffT770jZ1FGpi_iphnY8B0hrT5XFqeuuYTcTd5dlzxFcHN_s
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1700448623245530
content-length: 8385
server: UploadServer

GET
H2 200 1650038443.276751_bank_logo.png
9996777888.com/V1005/images/payment/bank/BRI/ 9 KB
9 KB 376ms
368ms Image
application/octet-stream 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/images/payment/bank/BRI/1650038443.276751_bank_logo.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5e5fcd46dcf2be22323a500b97a65cb79dbef5ae3e9f2ae92c4811fc74981bcf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=k65k8A==, md5=xfvQHmbWEKl7UYFbg+VMvg==
etag: "c5fbd01e66d610a97b51815b83e54cbe"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 9385
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Mon, 20 Nov 2023 02:50:23 GMT
content-type: application/octet-stream
x-guploader-uploadid: AD-8ljt4NsQhEqUoG8fuoN3DZ8WLq3lwgeQzSXHLYxKoM4QA9m8xhFl12UnHnD9Nrw3cLbaGMfc
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1700448623140196
content-length: 9385
server: UploadServer

GET
H2 200 1650876335.955181_bank_logo.png
9996777888.com/V1005/images/payment/bank/BNI/ 9 KB
9 KB 488ms
480ms Image
application/octet-stream 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/images/payment/bank/BNI/1650876335.955181_bank_logo.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3d4b6589a8b876c61ea0ba7be7118f9b48ed4e467020b1ea68c4da62e18cbbba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=SYvDag==, md5=1PXCqYZd7hz/PJIqVYoDMA==
etag: "d4f5c2a9865dee1cff3c922a558a0330"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 9330
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Mon, 20 Nov 2023 02:50:23 GMT
content-type: application/octet-stream
x-guploader-uploadid: AD-8ljujlyBdHjLtdW00UsxeaXe1TQR309ry4NMnQR_Sekm3KsHnCgx-fwYtw-Hl8URdbrMtH2c
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1700448623135356
content-length: 9330
server: UploadServer

GET
H2 200 1658728970.951388_bank_logo.png
9996777888.com/V1005/images/payment/bank/BCA/ 7 KB
8 KB 373ms
366ms Image
application/octet-stream 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/images/payment/bank/BCA/1658728970.951388_bank_logo.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9ba4320a196e0529812789b8eb1994b7f623b13039b576611476ff82c0896a56

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=xQ+0QA==, md5=SdpDUXjaSOwusFXmJPPjqQ==
etag: "49da435178da48ec2eb055e624f3e3a9"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7643
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Mon, 20 Nov 2023 02:50:23 GMT
content-type: application/octet-stream
x-guploader-uploadid: AD-8ljtELltJf22PQEzsFQwElft8Fhw4XM4wll9n-w2oiKuyY3xn7AdKpUvByEhyvfea3K5dJnc
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1700448623112789
content-length: 7643
server: UploadServer

GET
H2 200 1703262679.42709_epayment_logo.png
9996777888.com/V1005/images/payment/epayment/LINKAJA/ 10 KB
10 KB 475ms
467ms Image
application/octet-stream 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/images/payment/epayment/LINKAJA/1703262679.42709_epayment_logo.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 26f0bb7a2634b9152b289cc4c30f97aa263ee2100af78c9703da372e1d48569b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=AJ3AyA==, md5=2gAZzP+bhZiZ+2uvruxr+g==
etag: "da0019ccff9b859899fb6bafaeec6bfa"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 9795
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Fri, 22 Dec 2023 16:31:19 GMT
content-type: application/octet-stream
x-guploader-uploadid: AD-8ljuAY0UdrmRuNk6JcYFY1xA6d0i8MXf0EYR5UFQWKbSoOAFOsSJddHp7pZBms-c7pXw4QdQ
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1703262679724153
content-length: 9795
server: UploadServer

GET
H2 200 1658897115.963117_epayment_logo.png
9996777888.com/V1005/images/payment/epayment/QRIS/ 2 KB
2 KB 370ms
363ms Image
application/octet-stream 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/images/payment/epayment/QRIS/1658897115.963117_epayment_logo.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e284b1a2f3561228e76496f777efce1f6662cb634171d0acdd38853e339de2c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=2UL2wQ==, md5=epwittgKppwD6RoxaR2rVQ==
etag: "7a9c22b6d80aa69c03e91a31691dab55"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 2024
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Mon, 20 Nov 2023 02:50:23 GMT
content-type: application/octet-stream
x-guploader-uploadid: AD-8ljuAb1oK_Jyu8ZmaTUD6mlrQUKhoYE7hRfgyL-qG8hzjbg03L9QUXXsNikEL7PMGtDJ1VZHZPuVejA
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1700448623290810
content-length: 2024
server: UploadServer

GET
H2 200 1650272112.164071_epayment_logo.png
9996777888.com/V1005/images/payment/epayment/TSEL/ 5 KB
5 KB 392ms
384ms Image
application/octet-stream 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/images/payment/epayment/TSEL/1650272112.164071_epayment_logo.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e8320e286bab2e89369044d4cac55f387d2f5583e3a331da489c6d95f1a24f8e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=XvH0cg==, md5=AZ/zsn9BtK9KlJoxwQ0sFA==
etag: "019ff3b27f41b4af4a949a31c10d2c14"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 5131
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Mon, 20 Nov 2023 02:50:23 GMT
content-type: application/octet-stream
x-guploader-uploadid: AD-8ljuDPVrjYe2m-IWXYddE0IgGpMQ-w2ofu0_2BUlV1kt5jSaMiIZYg4D8bLDPLKl2NMrxElo
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1700448623293751
content-length: 5131
server: UploadServer

GET
H2 200 1650192167.169539_epayment_logo.png
9996777888.com/V1005/images/payment/epayment/DANA/ 7 KB
7 KB 375ms
367ms Image
application/octet-stream 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/images/payment/epayment/DANA/1650192167.169539_epayment_logo.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 58f71dabf756fb25c64213bcbb0052448c64629b9dd499f8b2a3dd6c5c232362

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=DXTnbw==, md5=j9uCWn7hhGlQqSyLIFmkhg==
etag: "8fdb825a7ee1846950a92c8b2059a486"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 6939
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Mon, 20 Nov 2023 02:50:23 GMT
content-type: application/octet-stream
x-guploader-uploadid: AD-8ljtIJytoL3auAQmfQqwvszWuZW4SHYGEwcgnfQstTZOr7iyMOc4Fk2jGQhV7hHCDoO65KH52PbMTLA
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1700448623269807
content-length: 6939
server: UploadServer

GET
H2 200 1650041621.377392_epayment_logo.png
9996777888.com/V1005/images/payment/epayment/GOPAY/ 9 KB
9 KB 484ms
477ms Image
application/octet-stream 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/images/payment/epayment/GOPAY/1650041621.377392_epayment_logo.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5932f24db35f983fcb8f78820e319ed2cfaff4da2a86b458d4d150151d6c866d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=XnYfHQ==, md5=fim4ryxw2wb5mkMnwOZdsQ==
etag: "7e29b8af2c70db06f99a4327c0e65db1"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 9143
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Mon, 20 Nov 2023 02:50:23 GMT
content-type: application/octet-stream
x-guploader-uploadid: AD-8ljtHPDk7YXb8dpM6zHWnCLw0FmsyENmynsByXE939IrFg2bPcLgnOnXSckcklji8yNjSmNM
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1700448623259928
content-length: 9143
server: UploadServer

GET
H2 200 1650041715.491428_epayment_logo.png
9996777888.com/V1005/images/payment/epayment/OVO/ 7 KB
7 KB 487ms
480ms Image
application/octet-stream 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/images/payment/epayment/OVO/1650041715.491428_epayment_logo.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 13d725fabb388ad6d2e44287c20339bd458c0b605dfc9528f5a033d636f2303f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=rr62CA==, md5=62HfLFEHs2Ihm6ttoxKDiQ==
etag: "eb61df2c5107b362219bab6da3128389"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 6995
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Mon, 20 Nov 2023 02:50:23 GMT
content-type: application/octet-stream
x-guploader-uploadid: AD-8ljvgb5p7tMM_S4fI2WHQtw0wqVfylRknQHOaaP7QiRcCyrOHUkEGMDwrC-ZiLWZUCx0lXOFfX841RA
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1700448623276866
content-length: 6995
server: UploadServer

GET
H2 200 active.png
9996777888.com/common/provider/pragmatic/slotgame/ 12 KB
13 KB 494ms
487ms Image
image/png 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/common/provider/pragmatic/slotgame/active.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: be46b53eb10733fd4e5a44d01fbe9c8f36256dccc46bcfc7a7b59b849c84f91c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=+Q490w==, md5=s7D+TzIS4msXnkRCx4vKvw==
etag: "b3b0fe4f3212e26b179e4442c78bcabf"
age: 0
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 12678
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Fri, 21 Oct 2022 02:44:51 GMT
content-type: image/png
x-guploader-uploadid: AD-8ljuzvQEVlnP8jiFhYhbKrf53XoppeQns3JGD15Iz7MaZCQh15lEkHPKWHxlDgj1uXOlvVPs
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1666320291377440
content-length: 12678
content-language: en
server: UploadServer

GET
H2 200 active.png
9996777888.com/common/provider/pragmatic/livecasino/ 14 KB
15 KB 372ms
365ms Image
image/png 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/common/provider/pragmatic/livecasino/active.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 69c839950c3945cff482504dba94ef19733fbed01cc6cc7e9a42b525ebbf2d92

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=9Fd6bA==, md5=njX6ol9I7dJ2r78YXwh4aA==
etag: "9e35faa25f48edd276afbf185f087868"
age: 0
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 14647
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Fri, 21 Oct 2022 02:44:51 GMT
content-type: image/png
x-guploader-uploadid: AD-8lju7rPO5w5Nyl4wmvYpIvEbZyBSPb9Oerei5ssxDrtOSGCCRS93CpUFrWeBLFDg5b3-PGa0
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1666320291429992
content-length: 14647
content-language: en
server: UploadServer

GET
H2 200 active.png
9996777888.com/common/provider/joker/slotgame/ 15 KB
15 KB 376ms
369ms Image
image/png 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/common/provider/joker/slotgame/active.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c4dcf020f099e8b5da38bca53e28cb2dfed1e907aab56846bee0a8c5c07c98e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=x03hxA==, md5=xCqwkBl13pzJdfQ/KBDCBw==
etag: "c42ab0901975de9cc975f43f2810c207"
age: 0
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 15026
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Fri, 21 Oct 2022 02:44:51 GMT
content-type: image/png
x-guploader-uploadid: AD-8ljvC-HICmT82YkAIio4gdxo5658Yr7C2nwKylXy5Afqp12wRlUdUqlg05xjNXNLA6Fmwb7kflCPISw
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1666320291254043
content-length: 15026
content-language: en
server: UploadServer

GET
H2 200 active.png
9996777888.com/common/provider/pgsoft/slotgame/ 8 KB
9 KB 485ms
478ms Image
image/png 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/common/provider/pgsoft/slotgame/active.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c5692be2a63e9e904f3e85336feffac01bfce6048df14a9a42efd59f1216e68d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=dB2Ygg==, md5=fzZozDifyJYnQYaWerngCw==
etag: "7f3668cc389fc896274186967ab9e00b"
age: 0
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 8535
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Fri, 21 Oct 2022 02:44:51 GMT
content-type: image/png
x-guploader-uploadid: AD-8lju6mx8ARk2U9pcyxYBj-4xDZwUA0QQfeRfl_f5wZed7FGhOJuHtITpY8ksyf7EppZwTG9GCQbAtYQ
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1666320291335125
content-length: 8535
content-language: en
server: UploadServer

GET
H2 200 active.png
9996777888.com/common/provider/saba/sportsbook/ 13 KB
13 KB 473ms
466ms Image
image/png 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/common/provider/saba/sportsbook/active.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 080d328caf0a24e949561bc0b8c9726697e27c496271496c66b4db535b1c869b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=aqqbMQ==, md5=TnrQeGC8RoIOxYvn0KgcFw==
etag: "4e7ad07860bc46820ec58be7d0a81c17"
age: 0
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 13396
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Fri, 21 Oct 2022 02:44:51 GMT
content-type: image/png
x-guploader-uploadid: AD-8ljv1YETsk9-w59qVI9EsBOdLhHyS-J7kwovSCIOc07YPAwNptoISL2YTQOKpbn7eJMuwg49Vw5sqoQ
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1666320291439833
content-length: 13396
content-language: en
server: UploadServer

GET
H2 200 active.png
9996777888.com/common/provider/spadegaming/slotgame/ 12 KB
12 KB 485ms
478ms Image
image/png 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/common/provider/spadegaming/slotgame/active.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 77ecf48a87424433891250e479c669e553255581c7783419a4fe0b74bf01c11e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=cwO8zw==, md5=eIuA1iWC8ueVvTBFqCoftA==
etag: "788b80d62582f2e795bd3045a82a1fb4"
age: 0
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 12282
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Fri, 21 Oct 2022 02:44:51 GMT
content-type: image/png
x-guploader-uploadid: AD-8ljt-guL_JKj46BPYOZOpqhJYqfLsgZY9Lj2ZPswJWFqNkkYhb6XIz341Y1USS29uM1uzKaI
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1666320291411781
content-length: 12282
content-language: en
server: UploadServer

GET
H2 200 active.png
9996777888.com/common/provider/aegaming/slotgame/ 20 KB
20 KB 371ms
364ms Image
image/png 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/common/provider/aegaming/slotgame/active.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 914e63a62fa2e8f1433d7b4128ce28e8baff04094acafb1e127dac5063eb10e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=Gce2Vg==, md5=yyFcCIR6gJzDiAbHagFa+A==
etag: "cb215c08847a809cc38806c76a015af8"
age: 0
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 20025
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Fri, 21 Oct 2022 02:44:51 GMT
content-type: image/png
x-guploader-uploadid: AD-8ljvwhjZF7ox408vA2cg1g_NxRWiEWXSdWT3KY5FGHVSv2IIpWvUZGAc9n5rCbIb3E2KK2XIR99oMvg
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1666320291265216
content-length: 20025
content-language: en
server: UploadServer

GET
H2 200 active.png
9996777888.com/common/provider/aegaming/livecasino/ 22 KB
22 KB 505ms
498ms Image
image/png 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/common/provider/aegaming/livecasino/active.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 958bdac1a598b9a17a8e31d02dc69342252073f46606592b87e4597f88a36ed9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=pTkOVw==, md5=UUD4dxtwLLPAJvnSkFK+Mg==
etag: "5140f8771b702cb3c026f9d29052be32"
age: 0
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 22360
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Fri, 21 Oct 2022 02:44:51 GMT
content-type: image/png
x-guploader-uploadid: AD-8ljs21wWt4_QAf43tuhKPQdqo6-DaxrtcEObUFJvBYEpmqlbf_nwQzWR5PVPjScAQPQQYSNo
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1666320291211187
content-length: 22360
content-language: en
server: UploadServer

GET
H2 200 active.png
9996777888.com/common/provider/habanero/slotgame/ 5 KB
6 KB 380ms
373ms Image
image/png 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/common/provider/habanero/slotgame/active.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 00da53638c756898da4489365ae148802b9588c76e24be6897db063b3ae6043f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=VNceHA==, md5=R45Ij8rBy3u3qY9kDC2ifg==
etag: "478e488fcac1cb7bb7a98f640c2da27e"
age: 0
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 5515
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Fri, 21 Oct 2022 02:44:51 GMT
content-type: image/png
x-guploader-uploadid: AD-8ljt1IIiO0AtN5lBCfpLTYW_14G9cefX9Cmjh1FUNle-4KmZ8Z4lgFoh_qcXUjCZIB4fF6ZY
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1666320291161655
content-length: 5515
content-language: en
server: UploadServer

GET
H2 200 active.png
9996777888.com/common/provider/gmw/slotgame/ 9 KB
9 KB 495ms
489ms Image
image/png 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/common/provider/gmw/slotgame/active.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 163cf1d743abe58b174c6a71b66c48295bb2a328dc48b528d546e71f737e9b50

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=G9hpaQ==, md5=2jIDrgckAnDYZVjfUej0gg==
etag: "da3203ae07240270d86558df51e8f482"
age: 0
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 9312
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Fri, 21 Oct 2022 02:44:51 GMT
content-type: image/png
x-guploader-uploadid: AD-8ljt50ggwGMfnaZO8SO8do1z4jEoKMSq6ctc8QVdWqMaF1kBBsyN522jsJaCtb1cOSuMfqoM
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1666320291156588
content-length: 9312
content-language: en
server: UploadServer

GET active.png
9996777888.com/common/provider/ebet/livecasino/ 0
0

GET
H2 200 active.png
9996777888.com/common/provider/advantplay/slotgame/ 8 KB
9 KB 382ms
376ms Image
image/png 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/common/provider/advantplay/slotgame/active.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9529f5c36b0a7b6a8291e1c82810d0c29f6a4b48582e092ab5b03d004af0d516

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=+ZzCyA==, md5=X8Fx8oPX+gkNN+Bi3ENhcw==
etag: "5fc171f283d7fa090d37e062dc436173"
age: 0
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 8660
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Thu, 15 Feb 2024 03:21:45 GMT
content-type: image/png
x-guploader-uploadid: AD-8ljszNO0tAuvPNtk4lkm8-bFpI60XsLnOihLh49qDGrKIoNuZxXaftQkyhWJkzGchZ12iNNlncnP15Q
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1707967305648731
content-length: 8660
server: UploadServer

GET
H2 200 active.png
9996777888.com/common/provider/asiagaming/slotgame/ 8 KB
9 KB 488ms
482ms Image
image/png 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/common/provider/asiagaming/slotgame/active.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0d13cc7e7379803e4df7fbf27cdc93583eea44235eb6326051e13c6716f2e3c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=hLNaiw==, md5=bn9Pa8cjHs3ooDMo0IsZdA==
etag: "6e7f4f6bc7231ecde8a03328d08b1974"
age: 0
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 8542
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Fri, 21 Oct 2022 02:44:51 GMT
content-type: image/png
x-guploader-uploadid: AD-8ljvQi6cI1D5siDvKJNU3roV-U-RETFu_XhkrW99Cu5Zp4t-ZGAZvqPtLgygnc2pcJqUyVYg
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1666320291112577
content-length: 8542
content-language: en
server: UploadServer

GET active.png
9996777888.com/common/provider/microgaming/slotgame/ 0
0

GET
H2 200 PAGCOR-logo-(web).png
9996777888.com/V1005/desktop/ 5 KB
5 KB 373ms
367ms Image
image/png 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/desktop/PAGCOR-logo-(web).png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f671bf8757b397d2108f4ffee8d6db9afb3157954cec8c99569b57c36be7f62c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=bWIRKQ==, md5=vZj5KgyAoMG1nn9V5V+w9A==
etag: "bd98f92a0c80a0c1b59e7f55e55fb0f4"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 4873
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Mon, 11 Dec 2023 05:31:23 GMT
content-type: image/png
x-guploader-uploadid: AD-8ljvzB1KXCN1guRc5RiORGDk30FGj09retuwAdh8LgWb39RZla8c60AYR-H_pOJPXm41MJXg
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1702272683664872
content-length: 4873
server: UploadServer

GET
H2 200 victory_engine_logo_mobile.png
9996777888.com/V1005/mobile/ 6 KB
6 KB 482ms
476ms Image
image/png 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/mobile/victory_engine_logo_mobile.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5c5e3d713cb34eb30adbab3650f584deb1339cfee2e04a901ea406f34c60d9c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=HvPing==, md5=UixWJiWaminhQtSP6yB0HQ==
etag: "522c5626259a9a29e142d48feb20741d"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 6051
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Mon, 20 Nov 2023 02:50:26 GMT
content-type: image/png
x-guploader-uploadid: AD-8ljvDAajzAe8uE4C8gOsXY2YqSx4d5QmUOzVysNEcZjY_q4SE8PkbFVOd1gyz8LbWd4RVpSw
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1700448626970129
content-length: 6051
content-language: en
server: UploadServer

GET
H3 200 18.svg
www.afterwin88cihuy.com/ 4 KB
2 KB 865ms
862ms Image
image/svg+xml 2606:4700:3031::ac43:868c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.afterwin88cihuy.com/18.svg

Requested by

Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:868c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb52fb0e80f18d4428af4d00f1de6456775a4226b7bc269534f72d52d97bdceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

access-control-max-age: 1728000
content-encoding: gzip
cf-cache-status: MISS
etag: W/"e3e-190a16a59e0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dAiJ8r%2BlxKfa%2BKhA1Hjnxm8h33UUgRftPqs5qaL83sfnVVCORJ9FnzXUIGV3dUOBnpSRHWNxEtFz6%2BR8eG2W4E0jWowtWQZ2eUfbCsEue%2FVK6pLvJ9e0%2Bm5g6IDt0xB1Ac6gl1TNDiHH0yGCCmN8sowFazkKKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
expires: Sun, 29 Sep 2024 13:43:20 GMT
date: Sun, 29 Sep 2024 13:43:20 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Jul 2024 10:50:20 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8cac66ca9f9ad382-FRA
server: cloudflare

GET
H2 200 amp-auto-lightbox-0.1.mjs Show response
cdn.ampproject.org/rtv/012409061044000/v0/ 7 KB
3 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012409061044000/v0/amp-auto-lightbox-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87fe44ab24d66874a02f8ced823fcf82b3e4dcefb1e3dfa64f0b6efc12868b39

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.afterwin88cihuy.com
Referer: https://www.afterwin88cihuy.com/

Response headers

content-encoding: br
etag: "ac247c086e8ecab3"
age: 308196
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Fri, 26 Sep 2025 00:06:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 00:06:43 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 2817
x-xss-protection: 0
server: sffe

GET
H2 200 amp-loader-0.1.mjs Show response
cdn.ampproject.org/rtv/012409061044000/v0/ 12 KB
4 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012409061044000/v0/amp-loader-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53a4bd4c4aa06c025bba6fb707b7f6fa557be4643170fb2889f9798866a17cb3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.afterwin88cihuy.com
Referer: https://www.afterwin88cihuy.com/

Response headers

content-encoding: br
etag: "79830b4ddf93a583"
age: 228725
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Fri, 26 Sep 2025 22:11:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 22:11:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 3913
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 1694182015.349713_banner_desktop_a_id.jpeg
9996777888.com/V1005/images/banner/3/ 251 KB
251 KB 374ms
367ms Image
application/octet-stream 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/images/banner/3/1694182015.349713_banner_desktop_a_id.jpeg
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 888a5e21d7e4dbdb4df758e1de73ecbda3f4821d715cf8a31b113d63f888188a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=ffIvlQ==, md5=vffMQHDFALo8y/IkKcpM9A==
etag: "bdf7cc4070c500ba3ccbf22429ca4cf4"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 256676
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Mon, 20 Nov 2023 02:50:22 GMT
content-type: application/octet-stream
x-guploader-uploadid: AD-8ljunA9zy674kpPXAMWZ5pL5AhNC3QVOhdy4djHNUrNh85jFo2srYp7jHfBtslY3KiVLkrWtUh9YADg
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1700448622798416
content-length: 256676
server: UploadServer

GET
H2 200 banner_id_20082024124238.png
9996777888.com/common/central-banner/home/77/ 276 KB
277 KB 388ms
384ms Image
image/png 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/common/central-banner/home/77/banner_id_20082024124238.png
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5f45cfaa08f4623672ee6c046e0b9a4cda7765769f58ca1094bfb588ae32a8c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=jT7C7Q==, md5=hU7ZHZFt4m/jVO/tPv5avQ==
etag: "854ed91d916de26fe354efed3efe5abd"
age: 0
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 282879
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Tue, 20 Aug 2024 12:42:38 GMT
content-type: image/png
x-guploader-uploadid: AD-8ljt0HiR7bA4yYm1ipyh_WOCk_hiwwI179OFhlT-W1TV2CQE8EWqJbaw4OWX4kbeqjRLeaDg
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1724157758634967
content-length: 282879
server: UploadServer

GET
H2 200 1687500204.509378_banner_desktop_a_id.jpeg
9996777888.com/V1005/images/banner/4/ 788 KB
790 KB 486ms
482ms Image
application/octet-stream 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/images/banner/4/1687500204.509378_banner_desktop_a_id.jpeg
Requested by: Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 21e131cb9fbb9d2464d187f0b9dc118f8dc8202a56246f4f00ed1281c1d3e598

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=qadABQ==, md5=45oEswcfu5AhqR2nOafyyQ==
etag: "e39a04b3071fbb9021a91da739a7f2c9"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 806733
date: Sun, 29 Sep 2024 13:43:19 GMT
last-modified: Mon, 20 Nov 2023 02:50:22 GMT
content-type: application/octet-stream
x-guploader-uploadid: AD-8lju08GZkamEUWqz8gdzVCamNDhZ0uiGY9hWrUyM2V5gYLDMd9Wsk9bpOszWZyuTPP6bcT_3lPX_0IQ
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1700448622813560
content-length: 806733
server: UploadServer

GET
H3 404 Ekster-Bold.woff
www.afterwin88cihuy.com/ 0
0 702ms
701ms Font
text/html 2606:4700:3031::ac43:868c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afterwin88cihuy.com/Ekster-Bold.woff

Requested by

Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:868c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.afterwin88cihuy.com
Referer: https://www.afterwin88cihuy.com/

Response headers

access-control-max-age: 1728000
content-encoding: br
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1eS9LPniKVJ4%2FiWZpSOhJ5UGapMuV6S6n6wCpQdRxQbFitxHIXxLMlG3Ger5r2rzOAYJoyA%2Bf7YNKhTBMr%2F21r8%2F%2B%2BKpOgwK%2BJKaOPP%2FXzJ3gCo3UB5uX0%2BnlPiHE5rjBhiQIH6%2F72Cvx5jU0hQDkF6pKSqS3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
date: Sun, 29 Sep 2024 13:43:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
access-control-allow-credentials: true
cf-ray: 8cac66ce7d20d382-FRA
access-control-allow-origin: https://www.afterwin88cihuy.com
x-powered-by: Next.js
server: cloudflare

GET
H3 404 Ekster-Regular.woff
www.afterwin88cihuy.com/ 0
0 740ms
738ms Font
text/html 2606:4700:3031::ac43:868c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afterwin88cihuy.com/Ekster-Regular.woff

Requested by

Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:868c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.afterwin88cihuy.com
Referer: https://www.afterwin88cihuy.com/

Response headers

access-control-max-age: 1728000
content-encoding: br
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ygn%2F55OjD933fMblAmLecak1vkKEXeOgIIflhDSGP1wokJ3ihU1Mlw9WJG5p6jr5beT%2F%2BmU9fq2X0taUAhPiU4DDwE0%2BCaGmweIRZzP8X23s%2FaDF3djdEmwBNiNGqIJg1ZbDpzfUjIqgjtUopjB7%2FKjyUHJB%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
date: Sun, 29 Sep 2024 13:43:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
access-control-allow-credentials: true
cf-ray: 8cac66cece81d382-FRA
access-control-allow-origin: https://www.afterwin88cihuy.com
x-powered-by: Next.js
server: cloudflare

GET
H3 404 Ekster-Light.woff
www.afterwin88cihuy.com/ 0
0 696ms
694ms Font
text/html 2606:4700:3031::ac43:868c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afterwin88cihuy.com/Ekster-Light.woff

Requested by

Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:868c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.afterwin88cihuy.com
Referer: https://www.afterwin88cihuy.com/

Response headers

access-control-max-age: 1728000
content-encoding: br
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NtKDpBgU8C5JPLAMgP%2FW78P77FQLvhKWCr2fovWPm4XYMFxSUWdh%2F6whydjAx%2F1VvqfH9afpZ5ErO%2FkcIOTnhx5pK%2BvVHSs6rrBindVWJp0ykBb%2B1VLsl13bC%2Fr1Zq3E8RaKB9e5x1avieEs6LJXjPIPFNfp8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
date: Sun, 29 Sep 2024 13:43:20 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
access-control-allow-credentials: true
cf-ray: 8cac66ceff14d382-FRA
access-control-allow-origin: https://www.afterwin88cihuy.com
x-powered-by: Next.js
server: cloudflare

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012409061044000/v0/analytics-vendors/ 3 KB
956 B 10ms
10ms Fetch
application/json 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012409061044000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Referer: https://www.afterwin88cihuy.com/

Response headers

content-encoding: br
etag: "cba43d5a7f9213e0"
age: 269298
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Fri, 26 Sep 2025 10:55:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 10:55:02 GMT
content-type: application/json
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 926
x-xss-protection: 0
server: sffe

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 673 B
1 KB 68ms
24ms Fetch
application/json 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.afterwin88cihuy.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d81d78ef3466e408ddeb56e425f4826b28d45094df6ad04f85cb9039dac7f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.afterwin88cihuy.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: text/plain;charset=utf-8

Response headers

access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:822:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Sep 2024 13:43:20 GMT
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="amp.json"
vary: *
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:822:0
amp-access-control-allow-source-origin: https://www.afterwin88cihuy.com
access-control-allow-origin: https://www.afterwin88cihuy.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 303
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 collect
www.google-analytics.com/ 35 B
601 B 58ms
9ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=AFTERWIN88%20-%2024%2F7%20Link%20Login%20Afterwin88%20Paling%20Mudah%20Maxwin&sr=1600x1200&cid=amp-Cua6L905irA3JGtgj5sW_w&tid=UA-21312414&dl=https%3A%2F%2Fwww.afterwin88cihuy.com%2F&dr=&sd=24&ul=de-de&de=UTF-8&t=pageview&jid=0.24029258946836163&gjid=0.7789935365790024&_r=1&a=6222&z=0.5226733084461568&gtm=45De1110

Requested by

Host: www.afterwin88cihuy.com
URL: https://www.afterwin88cihuy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

age: 35373
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Sep 2024 03:53:47 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H3 200 favicon.ico
www.afterwin88cihuy.com/ 1 KB
1021 B 670ms
669ms Other
image/x-icon 2606:4700:3031::ac43:868c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.afterwin88cihuy.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:868c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4cf93d1ae7f3758d40797f5a04b99324c484e713a3225e863651fcda16d1565

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

access-control-max-age: 1728000
content-encoding: gzip
cf-cache-status: MISS
etag: W/"47e-190a16a59e0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PFg8Upqp1G5HwvMijBWSQfLNe7fqULdTDdL%2BcEwX8yJc5eXSyjCh3QOakvmZzcLHLS7IXttYpI%2Bq9nLkjtyDOFm1CnuurrZQrZCOiah1kFbhbYu3K%2F0r4ia1kQFKykg3ShPpVJrXmJFXaUYg9oRSiqnQYlsk4g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
expires: Sun, 29 Sep 2024 13:43:21 GMT
date: Sun, 29 Sep 2024 13:43:21 GMT
content-type: image/x-icon
last-modified: Thu, 11 Jul 2024 10:50:20 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8cac66d46a7cd382-FRA
server: cloudflare

GET
H2 200 1687424712.713475_banner_desktop_a_id.jpeg
9996777888.com/V1005/images/banner/6/ 297 KB
298 KB 326ms
325ms Image
application/octet-stream 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/images/banner/6/1687424712.713475_banner_desktop_a_id.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3ffed94f8fd77ba603393b2fd4246d413f8d8bd20019fc15557ec37ac007e230

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=X+h2qg==, md5=yhADv7iUPc2cJs5AuHBhfw==
etag: "ca1003bfb8943dcd9c26ce40b870617f"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 304379
date: Sun, 29 Sep 2024 13:43:22 GMT
last-modified: Mon, 20 Nov 2023 02:50:22 GMT
content-type: application/octet-stream
x-guploader-uploadid: AD-8ljuzQpZrjYqFMHS9i7wCUHJ8A69MFLBHOfqh-f4W1aUGRJa3Pkiqymw2yKdeafo9RoDjCIY
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1700448622829845
content-length: 304379
server: UploadServer

GET
H3 200 1687424732.998946_banner_desktop_a_id.jpeg
9996777888.com/V1005/images/banner/7/ 293 KB
294 KB 357ms
357ms Image
application/octet-stream 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/images/banner/7/1687424732.998946_banner_desktop_a_id.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5da4ee943ed4432322d92503e471732574e66cbac9bb0f669c6b21b92c749355

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=0xTALA==, md5=w/dB9pGqVnkFsegp8u7o6Q==
etag: "c3f741f691aa567905b1e829f2eee8e9"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 300335
date: Sun, 29 Sep 2024 13:43:25 GMT
last-modified: Mon, 20 Nov 2023 02:50:22 GMT
content-type: application/octet-stream
x-guploader-uploadid: AD-8ljv4F13xh91hzch6gYsG2DYsvkx23AGbXj48-nmK7C9Nb8O0WCDmZsseO9Pnv5yclprKigr4xgezDg
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1700448622840723
content-length: 300335
server: UploadServer

GET
H3 200 1687424750.027735_banner_desktop_a_id.jpeg
9996777888.com/V1005/images/banner/8/ 171 KB
0 352ms
352ms Image
application/octet-stream 35.190.44.120
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9996777888.com/V1005/images/banner/8/1687424750.027735_banner_desktop_a_id.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.44.120 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 120.44.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.afterwin88cihuy.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=+3mAYA==, md5=tmBzdUWXg8PU3hSQ81yVsA==
etag: "b6607375459783c3d4de1490f35c95b0"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 14:43:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 294784
date: Sun, 29 Sep 2024 13:43:28 GMT
last-modified: Mon, 20 Nov 2023 02:50:22 GMT
content-type: application/octet-stream
x-guploader-uploadid: AD-8lju6W_dKYynT4F7RSD5senXjZkk73Hv1mGsRMVmh9_DQv-0l3UMxh-Wwq-sVSSrjiVr9IZzvuDfvOg
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1700448622846231
content-length: 294784
server: UploadServer

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 9996777888.com
URL: https://9996777888.com/common/provider/ebet/livecasino/active.png

Domain: 9996777888.com
URL: https://9996777888.com/common/provider/microgaming/slotgame/active.png

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.afterwin88cihuy.com/	1970-01-20 23:56:30	Name: INGRESSCOOKIE Value: 73d8baecead08d9eebee68a78d56a485\|c48a808caceaec3cb7c20e27970422f8
			.afterwin88cihuy.com/	1970-01-21 08:39:13	Name: _ga Value: amp-Cua6L905irA3JGtgj5sW_w

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.afterwin88cihuy.com/Ekster-Bold.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.afterwin88cihuy.com/Ekster-Regular.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.afterwin88cihuy.com/Ekster-Light.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.afterwin88cihuy.com/Ekster-Bold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.afterwin88cihuy.com/Ekster-Light.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.afterwin88cihuy.com/Ekster-Regular.woff Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9996777888.com
afterwin88cihuy.com
cdn.ampproject.org
www.afterwin88cihuy.com
www.google-analytics.com
www.googletagmanager.com
9996777888.com
2606:4700:3031::ac43:868c
2a00:1450:4001:812::2001
2a00:1450:4001:813::2008
2a00:1450:4001:82a::200e
35.190.44.120
00da53638c756898da4489365ae148802b9588c76e24be6897db063b3ae6043f
080d328caf0a24e949561bc0b8c9726697e27c496271496c66b4db535b1c869b
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0d13cc7e7379803e4df7fbf27cdc93583eea44235eb6326051e13c6716f2e3c6
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
13d725fabb388ad6d2e44287c20339bd458c0b605dfc9528f5a033d636f2303f
14530b7b0138231833140b99118f5a9ebbd74054e8436650aeda415d765f6ddb
163cf1d743abe58b174c6a71b66c48295bb2a328dc48b528d546e71f737e9b50
21e131cb9fbb9d2464d187f0b9dc118f8dc8202a56246f4f00ed1281c1d3e598
26f0bb7a2634b9152b289cc4c30f97aa263ee2100af78c9703da372e1d48569b
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
3d4b6589a8b876c61ea0ba7be7118f9b48ed4e467020b1ea68c4da62e18cbbba
3ffed94f8fd77ba603393b2fd4246d413f8d8bd20019fc15557ec37ac007e230
4914b22a522a127ab9b43dbc83114036875f65532cbeef9fddb06518cd0bbc54
53a4bd4c4aa06c025bba6fb707b7f6fa557be4643170fb2889f9798866a17cb3
58f71dabf756fb25c64213bcbb0052448c64629b9dd499f8b2a3dd6c5c232362
5932f24db35f983fcb8f78820e319ed2cfaff4da2a86b458d4d150151d6c866d
5c5e3d713cb34eb30adbab3650f584deb1339cfee2e04a901ea406f34c60d9c0
5da4ee943ed4432322d92503e471732574e66cbac9bb0f669c6b21b92c749355
5e5fcd46dcf2be22323a500b97a65cb79dbef5ae3e9f2ae92c4811fc74981bcf
5f45cfaa08f4623672ee6c046e0b9a4cda7765769f58ca1094bfb588ae32a8c9
69c839950c3945cff482504dba94ef19733fbed01cc6cc7e9a42b525ebbf2d92
77ecf48a87424433891250e479c669e553255581c7783419a4fe0b74bf01c11e
7d81d78ef3466e408ddeb56e425f4826b28d45094df6ad04f85cb9039dac7f37
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87fe44ab24d66874a02f8ced823fcf82b3e4dcefb1e3dfa64f0b6efc12868b39
888a5e21d7e4dbdb4df758e1de73ecbda3f4821d715cf8a31b113d63f888188a
914e63a62fa2e8f1433d7b4128ce28e8baff04094acafb1e127dac5063eb10e0
9529f5c36b0a7b6a8291e1c82810d0c29f6a4b48582e092ab5b03d004af0d516
958bdac1a598b9a17a8e31d02dc69342252073f46606592b87e4597f88a36ed9
9ba4320a196e0529812789b8eb1994b7f623b13039b576611476ff82c0896a56
a487490689944b8ed91efd9490f21a4015eda402b7b3fbe32f1f29a5359af4c5
a7ecba658e0533c65c798bd1eaa65da31e1d520a22dd4dd0bd869c525a0cc5d0
b4cf93d1ae7f3758d40797f5a04b99324c484e713a3225e863651fcda16d1565
bb52fb0e80f18d4428af4d00f1de6456775a4226b7bc269534f72d52d97bdceb
be46b53eb10733fd4e5a44d01fbe9c8f36256dccc46bcfc7a7b59b849c84f91c
c3c5f2d764a611b56270938fcf2116fa787b2cdae0b122c04d1e49c2137ef58e
c4dcf020f099e8b5da38bca53e28cb2dfed1e907aab56846bee0a8c5c07c98e3
c5692be2a63e9e904f3e85336feffac01bfce6048df14a9a42efd59f1216e68d
d42829a3774919b1555c6eaff00fb9fb9e3c11b3c440551ee0aa51a925b52c12
d6fef45b6054745d097a29767662927d666af37b56b8a663d9fe35d021063ce8
dd84f693e590d5cbf0341974180aef7b35ec6475834b1912d4ac13800247428a
e284b1a2f3561228e76496f777efce1f6662cb634171d0acdd38853e339de2c7
e2ef75b73e0a95eaf29a005d9a72bccd45a707400fd4d46406399531c61858ef
e8320e286bab2e89369044d4cac55f387d2f5583e3a331da489c6d95f1a24f8e
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
f3fc3363263323fe77b6f0b6d1717d202a36cb05d71f73f549f20b30de3d95ae
f671bf8757b397d2108f4ffee8d6db9afb3157954cec8c99569b57c36be7f62c
ffb51d1d1d4a7755ffd48b5d95f67fe73a3aa414e89eac98d4e22fb980b17357

www.afterwin88cihuy.com Open in urlscan Pro 2606:4700:3031::ac43:868c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

96 %HTTPS

80 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

2496 kBTransfer

2959 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.afterwin88cihuy.com Open in urlscan Pro
2606:4700:3031::ac43:868c Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

96 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

2496 kB
Transfer

2959 kB
Size

2
Cookies

56 HTTP transactions
2 data transactions