urlscan.io logo urlscan.io
SecurityTrails logo

wins99vip.com Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wins99vip.com/
Effective URL: https://wins99vip.com/6b-th/
Submission: On June 18 via api from BE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 23 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is wins99vip.com.
TLS certificate: Issued by WE1 on June 16th 2024. Valid for: 3 months.
This is the only time wins99vip.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 188.114.96.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 172.67.181.107 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
23 7
11    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
wins99vip.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    172.67.181.107 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-cache-6bet.joyful777.link
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
6    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
Apex Domain
Subdomains		 Transfer
11 wins99vip.com
wins99vip.com
2 MB
7 gstatic.com
fonts.gstatic.com
ssl.gstatic.com
468 KB
3 joyful777.link
cdn-cache-6bet.joyful777.link
20 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2347
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
102 KB
23 5
Domain Requested by
11 wins99vip.com 1 redirects wins99vip.com
6 fonts.gstatic.com wins99vip.com
3 cdn-cache-6bet.joyful777.link wins99vip.com
2 region1.google-analytics.com www.googletagmanager.com
1 ssl.gstatic.com wins99vip.com
1 www.googletagmanager.com wins99vip.com
23 6

This site contains no links.

Subject Issuer Validity Valid
wins99vip.com
WE1		 2024-06-16 -
2024-09-14		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
joyful777.link
E1		 2024-05-20 -
2024-08-18		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://wins99vip.com/6b-th/
Frame ID: 879AF969D5E939D1ED1E6D7866CB826D
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Royal Casino

Page URL History Show full URLs

  1. http://wins99vip.com/ HTTP 307
    https://wins99vip.com/ HTTP 302
    http://wins99vip.com/6b-th/ HTTP 307
    https://wins99vip.com/6b-th/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

23
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

2152 kB
Transfer

3428 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wins99vip.com/ HTTP 307
    https://wins99vip.com/ HTTP 302
    http://wins99vip.com/6b-th/ HTTP 307
    https://wins99vip.com/6b-th/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wins99vip.com/6b-th/
Redirect Chain
  • http://wins99vip.com/
  • https://wins99vip.com/
  • http://wins99vip.com/6b-th/
  • https://wins99vip.com/6b-th/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wins99vip.com/6b-th/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8ae41b3dace51078b3c83806090bb99dbe5bbe8d5d0070130db30282fc05d3b

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-header
Content-Type,*
access-control-allow-methods
GET, POST, DELETE
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89591b77890c9761-FRA
content-encoding
br
content-type
text/html
date
Tue, 18 Jun 2024 06:08:52 GMT
last-modified
Fri, 17 May 2024 06:45:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HiYF7fEJJn4yCu8ZwlPqlGg%2F5DYlDbdcsFWPfZGpPUkIbknO9jbBFsF1%2BrS4o53IFfZoyYZerQQfXJRuv5symYLKcJlnPZbvtYFkgYchiutiobBosMn9RbpIlSWdbq9O"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding

Redirect headers

Location
https://wins99vip.com/6b-th/
Non-Authoritative-Reason
HttpsUpgrades
js
www.googletagmanager.com/gtag/ 		305 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GZ4YYPF389
Requested by
Host: wins99vip.com
URL: https://wins99vip.com/6b-th/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba0ddf8eff32187f6c375b2de7ac4f02ea9563d415612eacaabcf1bb009a3ebc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 06:08:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103783
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 18 Jun 2024 06:08:53 GMT
onelink-smart-script-latest.js
cdn-cache-6bet.joyful777.link/landing/static/js/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-cache-6bet.joyful777.link/landing/static/js/onelink-smart-script-latest.js
Requested by
Host: wins99vip.com
URL: https://wins99vip.com/6b-th/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.181.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8088e68ca162898ac66d3bfbafdf12e8c2a04d3ccb23c03136b575bb468a7749

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 06:08:53 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
352
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 16 Dec 2023 09:15:58 GMT
server
cloudflare
etag
W/"657d6ace-b1e0"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, GET, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IGvnTjH7HtoRkttG7Ep80yQPYIL9r1Ic8l0kR2v6yln75inbY1BYUmHo3nDWV8DyrZzRsuVqHivurHjz7%2BzkUabnMuuNeMPJiTafJBaKQVwYgVhZLq8y9NEtHVHUseW0A6BPABCUZr16897I%2BGnnvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=43200
access-control-allow-header
Content-Type,*, Content-Type,*
cf-ray
89591b7c9b2d04a3-FRA
expires
Tue, 18 Jun 2024 18:03:01 GMT
init.js
cdn-cache-6bet.joyful777.link/landing/static/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-cache-6bet.joyful777.link/landing/static/js/init.js
Requested by
Host: wins99vip.com
URL: https://wins99vip.com/6b-th/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.181.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcf28d42a070e67908583faca93506f0189b78b69aeed1d3e6d8d7ee7badbb57

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 06:08:53 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
352
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 16 Dec 2023 09:18:30 GMT
server
cloudflare
etag
W/"657d6b66-b05"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, GET, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X9pZ5g82CWUjgqnIRg9p3y64iEofKM6KjziUAUsHqOi28y9WboedYGg447qt6AInZeuqari4ALUbAN859PnowRqhzKxF7dollhwCZc10KPyNwVKMuJLJ2LomdWUJWRhV14vAt3HXZVwhC9M4GnVnbw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=43200
access-control-allow-header
Content-Type,*, Content-Type,*
cf-ray
89591b7c9b2f04a3-FRA
expires
Tue, 18 Jun 2024 18:03:01 GMT
index.js
cdn-cache-6bet.joyful777.link/landing/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-cache-6bet.joyful777.link/landing/static/js/index.js?t=102
Requested by
Host: wins99vip.com
URL: https://wins99vip.com/6b-th/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.181.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af04a6091024120e5050de39f91308e87be87eb19c66875038ab78330b02928e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 06:08:53 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
352
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 17 May 2024 06:45:20 GMT
server
cloudflare
etag
W/"6646fd00-f42"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, GET, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rbuUTXXax72Ch8afjUEt%2B%2BJkJFpcGB3peXsq%2Fmh7%2BGHsbnJM%2F2mU%2F5o9jXqLJlM8JQWsR0fcEW7ZxOsPfJg2L%2BNc0iNbf3v13P%2F8Ho1yOVHrCgr6WR5XAvlw7fGhzz4uqCy6xYZtIuer6v7IG1c5Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=43200
access-control-allow-header
Content-Type,*, Content-Type,*
cf-ray
89591b7c9b2304a3-FRA
expires
Tue, 18 Jun 2024 18:03:01 GMT
index-mcfyfFId.js
wins99vip.com/6b-th/assets/ 		1019 KB
324 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wins99vip.com/6b-th/assets/index-mcfyfFId.js
Requested by
Host: wins99vip.com
URL: https://wins99vip.com/6b-th/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8558f1565ab06cc27f9d796f29979f570a5c4f27ed4645e10bd6e561aa6b2f8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/6b-th/
Origin
https://wins99vip.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 06:08:53 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 17 May 2024 06:40:37 GMT
server
cloudflare
etag
W/"6646fbe5-fea00"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, DELETE
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rkOW5gsNwkx9j7MlB8Nz0kzhGJrqIEgt3kZmodzpHag8CqTqVQh6Xim%2Fhlsx%2FiMOe6Ldwh67hF3R5eQIPJfqSLY%2F1G7hkuKROeL07FUxe9OPw8oDI9yhLd%2F7T3n5OdJC"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=43200
access-control-allow-header
Content-Type,*
cf-ray
89591b7a6d1c9761-FRA
expires
Tue, 18 Jun 2024 18:08:53 GMT
index-k498dhTM.css
wins99vip.com/6b-th/assets/ 		417 KB
72 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wins99vip.com/6b-th/assets/index-k498dhTM.css
Requested by
Host: wins99vip.com
URL: https://wins99vip.com/6b-th/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a88ac8ff5b7cf4d8cbc7096e0e76fd574498a63a0c9157a7484d67f24086251e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/6b-th/
Origin
https://wins99vip.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 06:08:53 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 17 May 2024 06:40:37 GMT
server
cloudflare
etag
W/"6646fbe5-6842e"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, DELETE
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7lHaw%2FlESQyTaC66aEO6AtJMXBg9CIXq3GPhDxfSHkWovpApd4MGSLgf7y7KBUE5kzTYmkxwwW6SpK696vTjxqpEN9jLoxysF%2FoA%2BHv33%2BjRUIAIyPFEbZfe3WmB7nsV"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=43200
access-control-allow-header
Content-Type,*
cf-ray
89591b7a6d1d9761-FRA
expires
Tue, 18 Jun 2024 18:08:53 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GZ4YYPF389&gtm=45je46c0v9175719367za200&_p=1718690932931&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=2129514144.1718690934&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718690933&sct=1&seg=0&dl=https%3A%2F%2Fwins99vip.com%2F6b-th%2F&dt=Royal%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2544&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GZ4YYPF389
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 06:08:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wins99vip.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: wins99vip.com
URL: https://wins99vip.com/6b-th/assets/index-k498dhTM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/
Origin
https://wins99vip.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 04:01:16 GMT
x-content-type-options
nosniff
age
7658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 04:01:16 GMT
Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2
fonts.gstatic.com/s/googlematerialicons/v137/ 		227 KB
227 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlematerialicons/v137/Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2
Requested by
Host: wins99vip.com
URL: https://wins99vip.com/6b-th/assets/index-k498dhTM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a0782a9b3c97cbe256803fd198d86427e2b1b40b85c93bc3a8e34a1be6d37bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/
Origin
https://wins99vip.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:34:41 GMT
x-content-type-options
nosniff
age
387253
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
232676
x-xss-protection
0
last-modified
Mon, 08 May 2023 17:53:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 18:34:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: wins99vip.com
URL: https://wins99vip.com/6b-th/assets/index-k498dhTM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/
Origin
https://wins99vip.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 01:26:48 GMT
x-content-type-options
nosniff
age
448926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 01:26:48 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

Referer
Origin
https://wins99vip.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPiYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v58/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPiYUvaYr.woff2
Requested by
Host: wins99vip.com
URL: https://wins99vip.com/6b-th/assets/index-k498dhTM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2ddd5d244eb3c818e1ed283accff7e897c7c31c127fca5766711562ad111623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/
Origin
https://wins99vip.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 15 Jun 2024 01:13:55 GMT
x-content-type-options
nosniff
age
276899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16756
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:36:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Jun 2025 01:13:55 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: wins99vip.com
URL: https://wins99vip.com/6b-th/assets/index-k498dhTM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/
Origin
https://wins99vip.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 21:31:20 GMT
x-content-type-options
nosniff
age
290254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Jun 2025 21:31:20 GMT
kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v149/ 		159 KB
159 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialiconsextended/v149/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
Requested by
Host: wins99vip.com
URL: https://wins99vip.com/6b-th/assets/index-k498dhTM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/
Origin
https://wins99vip.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:41:34 GMT
x-content-type-options
nosniff
age
386840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162924
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 00:15:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 18:41:34 GMT
truncated
/ 		645 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
317e5fdaa14e548c0045d5e662709cfe0b692e0384a8396cf22054bf0a1e1c48

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
logo_512x512-6qDoeuzt.png
wins99vip.com/6b-th/assets/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wins99vip.com/6b-th/assets/logo_512x512-6qDoeuzt.png
Requested by
Host: wins99vip.com
URL: https://wins99vip.com/6b-th/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09e3fa7fd3d17be75b157b7200c16cef9f6177e1b4e7f6c43d9f2e797c0bdad4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/6b-th/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 06:08:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
83494
last-modified
Fri, 17 May 2024 06:40:38 GMT
server
cloudflare
etag
"6646fbe6-14626"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d1To4hshSFeBA4i4eUrOtVV27s2i5dWdcXX9%2FD07L7PyjL%2BxJFJS9cxGwVjR8Gc%2BaJQBOGkv%2FhbfouqJ8oJS1Fq0RHRngv2p39ZNs5e9IzD5D5sSN0b7I4f41f%2Bn0Et%2B"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-header
Content-Type,*
accept-ranges
bytes
cf-ray
89591b869df29761-FRA
expires
Thu, 18 Jul 2024 06:08:55 GMT
truncated
/ 		290 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38a8500fa191e34b57a68a650dbf571554594bb948d43e24768f0f74aad1d970

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3baa42198443b52099ac30c407e264594105de99a7b2e0bc9db1f4c0f6b5accd

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		332 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
469c936814b431210209150ca7f39a314a333269c07a5c83483d0c3ee0d772d4

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b32f096cd84902f288837d959e50eab29a97ce4392af4b3d29bd9a7e7910a080

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		1000 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
780f72ad0d5724b3b64aea0e626f410cb9e7eb88fe069f1f38c2adc4f3e806d4

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
thailand.png
ssl.gstatic.com/store/images/regionflags/ 		146 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/store/images/regionflags/thailand.png
Requested by
Host: wins99vip.com
URL: https://wins99vip.com/6b-th/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0af7d71444847da1592d0224f0bb5a72979b7c1ed05fe951b81a045feb7545c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 02:35:21 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Oct 2019 17:15:00 GMT
server
sffe
age
444813
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 13 Jun 2025 02:35:21 GMT
2_1-kX45_8VY.jpg
wins99vip.com/6b-th/assets/ 		205 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wins99vip.com/6b-th/assets/2_1-kX45_8VY.jpg
Requested by
Host: wins99vip.com
URL: https://wins99vip.com/6b-th/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
291779114ed52c4e372509b7710409fa1279beb7122266064204f1db77680afe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/6b-th/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 06:08:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
209679
last-modified
Fri, 17 May 2024 06:40:37 GMT
server
cloudflare
etag
"6646fbe5-3330f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8pd0%2B%2B%2Bx3WVE0JePEfGoC9PwIXW95AmL7hTq2gAJWwKWy%2B1iF8X7I9085%2FDA2FF9RFi5ck%2FTgdcDLYAWXBSx%2FfukLLFKx%2FlYUMvWxoRjuKuE82wvMooyIULDWGpQ1qvJ"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-header
Content-Type,*
accept-ranges
bytes
cf-ray
89591b869dfa9761-FRA
expires
Thu, 18 Jul 2024 06:08:55 GMT
2_2--p5VDt0o.jpg
wins99vip.com/6b-th/assets/ 		298 KB
298 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wins99vip.com/6b-th/assets/2_2--p5VDt0o.jpg
Requested by
Host: wins99vip.com
URL: https://wins99vip.com/6b-th/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18b6857df9a9a9c58e9553dd92dee461404d6599861210890714632850b56809

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/6b-th/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 06:08:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
304669
last-modified
Fri, 17 May 2024 06:40:37 GMT
server
cloudflare
etag
"6646fbe5-4a61d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g2V4bALNpntStK9y%2FHv1symNF%2F1xwqi9GWwfgtRlaCAhysYS%2Bsd9Oj2I%2BYdwYId3eOmS0IALNDBrYX8rCzS59d7LFR%2BjJKHl9sRMPxRxzCKj4wb1%2BCxe6%2Bt9bK3EXiwZ"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-header
Content-Type,*
accept-ranges
bytes
cf-ray
89591b869dfe9761-FRA
expires
Thu, 18 Jul 2024 06:08:55 GMT
2_3-ETrsilwz.jpg
wins99vip.com/6b-th/assets/ 		213 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wins99vip.com/6b-th/assets/2_3-ETrsilwz.jpg
Requested by
Host: wins99vip.com
URL: https://wins99vip.com/6b-th/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1fa6722e8dbaf3fd9fd8fe3a5f80d286e780ea4b9a8679f8661de5b56d80679

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/6b-th/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 06:08:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
218024
last-modified
Fri, 17 May 2024 06:40:37 GMT
server
cloudflare
etag
"6646fbe5-353a8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lcTIYAvJaZZBHq%2Fx6RyMoIZ0LTNYAFR4FMjoYmGA%2Fs844sJ7aR9NEt9m%2FQ9%2BZSoMD4oIrAvTkX7SHqyxGSNLWDp0qcSYe54cFMTIxqbDzIRmpNmqBDU1PbxUJo1ajAUh"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-header
Content-Type,*
accept-ranges
bytes
cf-ray
89591b869dff9761-FRA
expires
Thu, 18 Jul 2024 06:08:55 GMT
2_4-OpMtC8vS.jpg
wins99vip.com/6b-th/assets/ 		199 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wins99vip.com/6b-th/assets/2_4-OpMtC8vS.jpg
Requested by
Host: wins99vip.com
URL: https://wins99vip.com/6b-th/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1c7984feed6559a2fb0f5e4ef975d8abe9ae3a38873c2bcab0bb755e80d393d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/6b-th/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 06:08:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
203861
last-modified
Fri, 17 May 2024 06:40:37 GMT
server
cloudflare
etag
"6646fbe5-31c55"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sgNEjtCPrKFsQYPGfJtQ9XBMCh7ENhl8%2BOC1Jy3mFztuJweQ0v7H7n7e9jeKQdVxN0EqzTLu%2ByuKO2Z1yls1uL7q3Xzr3v70z%2BocGdYDBV0KtN7LVJdyWFJoa1Y0xBH8"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-header
Content-Type,*
accept-ranges
bytes
cf-ray
89591b869e019761-FRA
expires
Thu, 18 Jul 2024 06:08:55 GMT
2_5-EIS2Fp_v.jpg
wins99vip.com/6b-th/assets/ 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wins99vip.com/6b-th/assets/2_5-EIS2Fp_v.jpg
Requested by
Host: wins99vip.com
URL: https://wins99vip.com/6b-th/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3dcaa23d810e36a657a57bc72d23ffc0230e6e2390092bc837882030db30e44

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/6b-th/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 06:08:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
165395
last-modified
Fri, 17 May 2024 06:40:37 GMT
server
cloudflare
etag
"6646fbe5-28613"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lFHo1Ha9ZrZyDQ7Nk2q8vPf8cNSUz7RnoWeh9nfirVQ3%2Bo7zSNhjkWkkjjkiS2BtkuphsbKyWfs4ZQ1OSHj5mkSNSNNL4p%2B4JrcD%2BlslC%2B8pk81CUa%2BgImP6P1zU1V4y"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
access-control-allow-header
Content-Type,*
accept-ranges
bytes
cf-ray
89591b869e029761-FRA
expires
Thu, 18 Jul 2024 06:08:55 GMT
favicon.ico
wins99vip.com/6b-th/ 		4 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://wins99vip.com/6b-th/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f343b3015d0545a7d5b719a434135bcae2ac766ed459aeea671e3688b79d1875

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/6b-th/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 06:08:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 17 May 2024 06:40:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6646fbe4-10be"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE
content-type
image/x-icon
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sK7HU%2BxQ6EvMH%2Bui%2FgwVCmKWZ%2BXY9qbTinQ6x2EpGozhO6ViwG%2B2yoyVGNVWYzN65Dfi38pv9N3FvwJVMCSuhaxUY6FXRQUzNa%2BWU%2BqMhHccr265i6s85vBc0c3zwa3B"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-header
Content-Type,*
cf-ray
89591b92d8ed9761-FRA
alt-svc
h3=":443"; ma=86400
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GZ4YYPF389&gtm=45je46c0v9175719367za200&_p=1718690932931&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=2129514144.1718690934&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1718690933&sct=1&seg=0&dl=https%3A%2F%2Fwins99vip.com%2F6b-th%2F&dt=Royal%20Casino&en=scroll&epn.percent_scrolled=90&_et=17&tfd=7577&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GZ4YYPF389
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wins99vip.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 06:08:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wins99vip.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| gtag object| dataLayer function| _iterableToArrayLimit function| ownKeys function| _objectSpread2 function| _typeof function| _defineProperty function| _slicedToArray function| _toConsumableArray function| _arrayWithoutHoles function| _arrayWithHoles function| _iterableToArray function| _unsupportedIterableToArray function| _arrayLikeToArray function| _nonIterableSpread function| _nonIterableRest function| _toPrimitive function| _toPropertyKey string| AF_URL_SCHEME number| VALID_AF_URL_PARTS_LENGTH string| GOOGLE_CLICK_ID string| ASSOCIATED_AD_KEYWORD string| AF_KEYWORDS object| AF_CUSTOM_EXCLUDE_PARAMS_KEYS object| GCLID_EXCLUDE_PARAMS_KEYS object| LOCAL_STORAGE_VALUES function| isSkippedURL function| getGoogleClickIdParameters function| stringifyParameters function| getParameterValue function| isIOS function| isUACHSupported function| getQueryParamsAndSaveToLocalStorage function| isValidUrl function| getCurrentUrl function| getReferrerUrl function| isSameOrigin function| saveWebReferrer function| removeExpiredLocalStorageItems function| aggregateValuesFromParameters function| getCurrentURLParams function| isOneLinkURLValid function| validatedMs function| isSkipListsValid function| extractCustomParams function| validateAndMappedParams function| isPlatformValid function| getUserAgentData function| createImpressionsLink function| getHexColorAfterValidation function| QRCode string| version string| formatVersion object| AF_SMART_SCRIPT function| initFb function| initTt function| processProxyId function| getApkName function| getUrlParam function| copyOtherInfo function| copy function| getQueryVariable function| getCookieValue function| tipsAndDownload function| download object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __INTLIFY_JIT_COMPILATION__ boolean| __INTLIFY_DROP_MESSAGE_COMPILER__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ boolean| __VUE__

2 Cookies

Domain/Path Name / Value
.wins99vip.com/ Name: _ga
Value: GA1.1.2129514144.1718690934
.wins99vip.com/ Name: _ga_GZ4YYPF389
Value: GS1.1.1718690933.1.0.1718690933.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-cache-6bet.joyful777.link
fonts.gstatic.com
region1.google-analytics.com
ssl.gstatic.com
wins99vip.com
www.googletagmanager.com
172.67.181.107
188.114.96.3
2001:4860:4802:34::36
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
09e3fa7fd3d17be75b157b7200c16cef9f6177e1b4e7f6c43d9f2e797c0bdad4
0af7d71444847da1592d0224f0bb5a72979b7c1ed05fe951b81a045feb7545c7
18b6857df9a9a9c58e9553dd92dee461404d6599861210890714632850b56809
291779114ed52c4e372509b7710409fa1279beb7122266064204f1db77680afe
317e5fdaa14e548c0045d5e662709cfe0b692e0384a8396cf22054bf0a1e1c48
38a8500fa191e34b57a68a650dbf571554594bb948d43e24768f0f74aad1d970
3baa42198443b52099ac30c407e264594105de99a7b2e0bc9db1f4c0f6b5accd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
469c936814b431210209150ca7f39a314a333269c07a5c83483d0c3ee0d772d4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
780f72ad0d5724b3b64aea0e626f410cb9e7eb88fe069f1f38c2adc4f3e806d4
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
8088e68ca162898ac66d3bfbafdf12e8c2a04d3ccb23c03136b575bb468a7749
9a0782a9b3c97cbe256803fd198d86427e2b1b40b85c93bc3a8e34a1be6d37bf
a1c7984feed6559a2fb0f5e4ef975d8abe9ae3a38873c2bcab0bb755e80d393d
a8558f1565ab06cc27f9d796f29979f570a5c4f27ed4645e10bd6e561aa6b2f8
a88ac8ff5b7cf4d8cbc7096e0e76fd574498a63a0c9157a7484d67f24086251e
af04a6091024120e5050de39f91308e87be87eb19c66875038ab78330b02928e
b1fa6722e8dbaf3fd9fd8fe3a5f80d286e780ea4b9a8679f8661de5b56d80679
b32f096cd84902f288837d959e50eab29a97ce4392af4b3d29bd9a7e7910a080
b3dcaa23d810e36a657a57bc72d23ffc0230e6e2390092bc837882030db30e44
ba0ddf8eff32187f6c375b2de7ac4f02ea9563d415612eacaabcf1bb009a3ebc
bcf28d42a070e67908583faca93506f0189b78b69aeed1d3e6d8d7ee7badbb57
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
c8ae41b3dace51078b3c83806090bb99dbe5bbe8d5d0070130db30282fc05d3b
d2ddd5d244eb3c818e1ed283accff7e897c7c31c127fca5766711562ad111623
f343b3015d0545a7d5b719a434135bcae2ac766ed459aeea671e3688b79d1875