urlscan.io logo urlscan.io
SecurityTrails logo

cwin94.xyz Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://cwin94.xyz/
Submission: On July 21 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 37 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is cwin94.xyz.
TLS certificate: Issued by WE1 on July 21st 2024. Valid for: 3 months.
This is the only time cwin94.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 188.114.96.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
16 13.224.245.78 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
2 18.142.102.150 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
37 7
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cwin94.xyz
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
16    13.224.245.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-245-78.lhr62.r.cloudfront.net
w.ladicdn.com
13    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    18.142.102.150 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-102-150.ap-southeast-1.compute.amazonaws.com
a.ladipage.com
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
docs.google.com
Apex Domain
Subdomains		 Transfer
16 ladicdn.com
w.ladicdn.com — Cisco Umbrella Rank: 48331
1 MB
13 gstatic.com
fonts.gstatic.com
262 KB
2 ladipage.com
a.ladipage.com — Cisco Umbrella Rank: 54712
651 B
2 cwin94.xyz
cwin94.xyz
40 KB
1 google.com
docs.google.com — Cisco Umbrella Rank: 347
5 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
37 6
Domain Requested by
16 w.ladicdn.com cwin94.xyz
w.ladicdn.com
13 fonts.gstatic.com fonts.googleapis.com
2 a.ladipage.com w.ladicdn.com
2 cwin94.xyz cwin94.xyz
1 docs.google.com w.ladicdn.com
1 fonts.googleapis.com cwin94.xyz
37 6

This site contains no links.

Subject Issuer Validity Valid
cwin94.xyz
WE1		 2024-07-21 -
2024-10-19		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
w.ladicdn.com
Amazon RSA 2048 M02		 2023-10-12 -
2024-11-10		 a year crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
a.ladipage.com
Amazon RSA 2048 M03		 2024-04-17 -
2025-05-16		 a year crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://cwin94.xyz/
Frame ID: 7F1D63381032F06DF659F07864141262
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

cwin94.xyz - IPHONE 15 PRO MAX

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

37
Requests

95 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

7
IPs

4
Countries

1692 kB
Transfer

2269 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://static.ladipage.net/63419b1baccba4002c445f2e/bin909-20240721080644-lwxjd.png HTTP 301
  • https://w.ladicdn.com/63419b1baccba4002c445f2e/bin909-20240721080644-lwxjd.png
Request Chain 39
  • https://static.ladipage.net/63419b1baccba4002c445f2e/bin909-20240721080644-lwxjd.png HTTP 301
  • https://w.ladicdn.com/63419b1baccba4002c445f2e/bin909-20240721080644-lwxjd.png

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cwin94.xyz/ 		228 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cwin94.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ad2ce9bec20fffabef2b987dc4851bc637476a85b4137d0b9752a9e9dae8f10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a6d369a68a86708-AMS
content-encoding
br
content-type
text/html
date
Sun, 21 Jul 2024 18:21:55 GMT
last-modified
Sun, 21 Jul 2024 08:52:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dOHn88roETEv2I%2BPO1IKTAe%2FKHnmmhKOqRiAy%2B6ZZOeGI3yixD1NV%2Fg4dBP98IJ8SXU5cqsDkvsoICvUscYG4uDpcf4A%2BbgBRrX53FYV5pybNvNvHav3XhKatp1i"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
css2
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Muli:wght@400;700&family=Paytone+One&family=Roboto:wght@400;700&family=Montserrat:wght@400;700&family=Sriracha&display=swap
Requested by
Host: cwin94.xyz
URL: https://cwin94.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8ba058373d7f21a41abac2a3c0ba90132b2f1c01b1621367eb266be54ab6d9d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cwin94.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Jul 2024 18:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Jul 2024 18:21:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Jul 2024 18:21:55 GMT
ladipagev3.min.js
w.ladicdn.com/v4/source/ 		397 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1721116091595
Requested by
Host: cwin94.xyz
URL: https://cwin94.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.245.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-245-78.lhr62.r.cloudfront.net
Software
nginx /
Resource Hash
b5327b2f7b5f33ed467da4a06759e13d483b86d2b4dbe7952268809533853f69

Request headers

Referer
https://cwin94.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 07:50:48 GMT
content-encoding
gzip
via
1.1 f228841669972ff437f333c805ff00bc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
age
469867
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
u5KE3zKcbHEF4hdPz4q-f5_SEql-IZr983zfDueSve2L3Ram7T8veQ==
expires
Wed, 16 Jul 2025 07:50:48 GMT
notify.svg
w.ladicdn.com/source/ 		2 KB
869 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/source/notify.svg?v=1.0
Requested by
Host: cwin94.xyz
URL: https://cwin94.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.245.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-245-78.lhr62.r.cloudfront.net
Software
nginx /
Resource Hash
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12

Request headers

Referer
https://cwin94.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 07 Jun 2024 22:06:57 GMT
content-encoding
gzip
via
1.1 f228841669972ff437f333c805ff00bc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
age
3788098
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
dUhFiG6ok6U9mE0pyzpNWY-xNcmMqGComCDDma29tbHM0LKWZOjCAA==
expires
Sat, 07 Jun 2025 22:06:57 GMT
email-decode.min.js
cwin94.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cwin94.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: cwin94.xyz
URL: https://cwin94.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cwin94.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2024 17:12:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6696a9e8-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FsC5E5kz96GxzsSDgIity9MCjD11FTJKL2JvtBOEoFUiKGidRz1vyry6YOondSDc0PolI%2BWAI7pdENVJfHNWdOJRDaqtyKeqCdSX7SFxV154vaGuJVIAv7JIXqwn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8a6d36a878016708-AMS
expires
Tue, 23 Jul 2024 18:21:55 GMT
truncated
/ 		275 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89a26978ecbd78c49572106639459eafb139392412b30239f7f5c73553617bb6

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		163 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4e9821670e6c665a1146c78e4318bdefbd99a21516e002ce51c7bf965aa3d7d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:wght@400;700&family=Paytone+One&family=Roboto:wght@400;700&family=Montserrat:wght@400;700&family=Sriracha&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cwin94.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:52:53 GMT
x-content-type-options
nosniff
age
455343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32796
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:41:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 11:52:53 GMT
0nksC9P7MfYHj2oFtYm2ChTtgPs.woff2
fonts.gstatic.com/s/paytoneone/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/paytoneone/v23/0nksC9P7MfYHj2oFtYm2ChTtgPs.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:wght@400;700&family=Paytone+One&family=Roboto:wght@400;700&family=Montserrat:wght@400;700&family=Sriracha&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
168c5fc9446db472cbf9e25c0af43e551f18568b20828973eb2068b9d42401c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cwin94.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:57:07 GMT
x-content-type-options
nosniff
age
455089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23064
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 22:01:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 11:57:07 GMT
0nksC9P7MfYHj2oFtYm2ChTjgPvNiA.woff2
fonts.gstatic.com/s/paytoneone/v23/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/paytoneone/v23/0nksC9P7MfYHj2oFtYm2ChTjgPvNiA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:wght@400;700&family=Paytone+One&family=Roboto:wght@400;700&family=Montserrat:wght@400;700&family=Sriracha&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d1ac4910183aefd2b7798c05a8191ddd2d7e480b5a974fdf6a3f451ad6717e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cwin94.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 02:09:46 GMT
x-content-type-options
nosniff
age
231130
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16360
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 22:01:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Jul 2025 02:09:46 GMT
0nksC9P7MfYHj2oFtYm2ChTigPvNiA.woff2
fonts.gstatic.com/s/paytoneone/v23/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/paytoneone/v23/0nksC9P7MfYHj2oFtYm2ChTigPvNiA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:wght@400;700&family=Paytone+One&family=Roboto:wght@400;700&family=Montserrat:wght@400;700&family=Sriracha&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6968f5809c83643e4e8782faf5e928bad76f648a670861b7e91d0777dea7458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cwin94.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 02:12:06 GMT
x-content-type-options
nosniff
age
230990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7740
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:12:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Jul 2025 02:12:06 GMT
7Auwp_0qiz-afT3GLRrX.woff2
fonts.gstatic.com/s/muli/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afT3GLRrX.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:wght@400;700&family=Paytone+One&family=Roboto:wght@400;700&family=Montserrat:wght@400;700&family=Sriracha&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88f27bc04b46e288d95a087776db3cd30cce45a9b5b23c7942e79fefd5b48b2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cwin94.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 22:41:29 GMT
x-content-type-options
nosniff
age
502827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11816
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:46:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Jul 2025 22:41:29 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:wght@400;700&family=Paytone+One&family=Roboto:wght@400;700&family=Montserrat:wght@400;700&family=Sriracha&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cwin94.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 15:27:45 GMT
x-content-type-options
nosniff
age
442451
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 15:27:45 GMT
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:wght@400;700&family=Paytone+One&family=Roboto:wght@400;700&family=Montserrat:wght@400;700&family=Sriracha&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cwin94.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 12:12:39 GMT
x-content-type-options
nosniff
age
454157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27812
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:37:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 12:12:39 GMT
JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:wght@400;700&family=Paytone+One&family=Roboto:wght@400;700&family=Montserrat:wght@400;700&family=Sriracha&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cwin94.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 09:05:22 GMT
x-content-type-options
nosniff
age
119794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9512
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:58:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Jul 2025 09:05:22 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:wght@400;700&family=Paytone+One&family=Roboto:wght@400;700&family=Montserrat:wght@400;700&family=Sriracha&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cwin94.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 00:02:16 GMT
x-content-type-options
nosniff
age
497980
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 00:02:16 GMT
KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:wght@400;700&family=Paytone+One&family=Roboto:wght@400;700&family=Montserrat:wght@400;700&family=Sriracha&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cwin94.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 09:33:10 GMT
x-content-type-options
nosniff
age
463726
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5548
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 09:33:10 GMT
7Auwp_0qiz-afTzGLRrX.woff2
fonts.gstatic.com/s/muli/v29/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTzGLRrX.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:wght@400;700&family=Paytone+One&family=Roboto:wght@400;700&family=Montserrat:wght@400;700&family=Sriracha&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f968e2b575a4921967e9ccb21f184904b8cc5dfb92a1847c72732c85a8cc33d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cwin94.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:57:54 GMT
x-content-type-options
nosniff
age
455042
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:45:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 11:57:54 GMT
0nkrC9D4IuYBgWcI9NbfTwE.woff2
fonts.gstatic.com/s/sriracha/v14/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sriracha/v14/0nkrC9D4IuYBgWcI9NbfTwE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:wght@400;700&family=Paytone+One&family=Roboto:wght@400;700&family=Montserrat:wght@400;700&family=Sriracha&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18c9ba8e85682019d77aa4df03afdf9ff10f694e6d87eb93884b9114a50ae039
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cwin94.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 06:28:22 GMT
x-content-type-options
nosniff
age
474814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39568
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:20:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 06:28:22 GMT
0nkrC9D4IuYBgWcI9NbQTwHSoQ.woff2
fonts.gstatic.com/s/sriracha/v14/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sriracha/v14/0nkrC9D4IuYBgWcI9NbQTwHSoQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Muli:wght@400;700&family=Paytone+One&family=Roboto:wght@400;700&family=Montserrat:wght@400;700&family=Sriracha&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d18da1bfcca459a0c94e96ff88d04f7b1dfae66db683b7492ae6b5c3631b5bac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cwin94.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 09:42:07 GMT
x-content-type-options
nosniff
age
117589
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13564
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:37:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Jul 2025 09:42:07 GMT
324-20200806030632.png
w.ladicdn.com/s1150x1050/5c7362c6c417ab07e5196b05/ 		65 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s1150x1050/5c7362c6c417ab07e5196b05/324-20200806030632.png
Requested by
Host: cwin94.xyz
URL: https://cwin94.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.245.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-245-78.lhr62.r.cloudfront.net
Software
nginx /
Resource Hash
c1d6a9c4bec0c767043fb53950244eaea448dd52b0affc3c4e474203059485b3

Request headers

Referer
https://cwin94.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:21:59 GMT
content-encoding
gzip
via
1.1 f228841669972ff437f333c805ff00bc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
x-cache
Miss from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
94z51XmwZyJkShJ-RWHXm5SVFHVfhfJ2fUtKZ3Eg-ppl9-8OuQ3eRw==
expires
Mon, 21 Jul 2025 18:21:59 GMT
untitled-1-20200806032504.png
w.ladicdn.com/s500x350/5c7362c6c417ab07e5196b05/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s500x350/5c7362c6c417ab07e5196b05/untitled-1-20200806032504.png
Requested by
Host: cwin94.xyz
URL: https://cwin94.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.245.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-245-78.lhr62.r.cloudfront.net
Software
nginx /
Resource Hash
bed8a5c0e77b3d9ade568f1c7c08eae922a045ac7d20988dac39805f8c2de9f6

Request headers

Referer
https://cwin94.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:21:56 GMT
content-encoding
gzip
via
1.1 f228841669972ff437f333c805ff00bc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
x-cache
Miss from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
zmevawBEwjdI2Q0AeqeNET9uhXJ7ZyFn29o_N-qn2V3fx6HYHISZEQ==
expires
Mon, 21 Jul 2025 18:21:56 GMT
light-20200806032504.png
w.ladicdn.com/s450x400/5c7362c6c417ab07e5196b05/ 		156 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s450x400/5c7362c6c417ab07e5196b05/light-20200806032504.png
Requested by
Host: cwin94.xyz
URL: https://cwin94.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.245.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-245-78.lhr62.r.cloudfront.net
Software
nginx /
Resource Hash
801b5a76b60fb86e8f30191e19746eb20aa88930f050ca332a24cc13eb20032d

Request headers

Referer
https://cwin94.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:21:56 GMT
content-encoding
gzip
via
1.1 f228841669972ff437f333c805ff00bc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
x-cache
Miss from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
5r0svg6God-yH89JDwrXAdqfXMJQh7osph3hk4W3mYTRiGGeGq8JLg==
expires
Mon, 21 Jul 2025 18:21:56 GMT
untitled-2-20200806032951.png
w.ladicdn.com/s450x400/5c7362c6c417ab07e5196b05/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s450x400/5c7362c6c417ab07e5196b05/untitled-2-20200806032951.png
Requested by
Host: cwin94.xyz
URL: https://cwin94.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.245.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-245-78.lhr62.r.cloudfront.net
Software
nginx /
Resource Hash
76bdf34ff931f1daac48657cd026a622f24b9ac782367c972db5890b24c137e1

Request headers

Referer
https://cwin94.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 18:41:22 GMT
content-encoding
gzip
via
1.1 f228841669972ff437f333c805ff00bc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
age
258034
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
hdFnrcMRDqVeYOoQ60awUQ6fYtzvRA-nKGAAzQhgmZNOdNgvRonUzg==
expires
Fri, 18 Jul 2025 18:41:22 GMT
untitled-3-20200806033647.png
w.ladicdn.com/s500x400/5c7362c6c417ab07e5196b05/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s500x400/5c7362c6c417ab07e5196b05/untitled-3-20200806033647.png
Requested by
Host: cwin94.xyz
URL: https://cwin94.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.245.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-245-78.lhr62.r.cloudfront.net
Software
nginx /
Resource Hash
5391a45cfe4fb0cca640990421ce2cdf0c33d655e452d8ed8339828e297be030

Request headers

Referer
https://cwin94.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:21:56 GMT
content-encoding
gzip
via
1.1 f228841669972ff437f333c805ff00bc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
x-cache
Miss from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
5VJdq1Ndg53vQa287jAB62XxA1xyPuFNqTtKro1KX5Yv8v3_ntRakQ==
expires
Mon, 21 Jul 2025 18:21:56 GMT
remove-bgai_1721539669565-20240721052805-5c0d0.png
w.ladicdn.com/s650x600/63419b1baccba4002c445f2e/ 		186 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s650x600/63419b1baccba4002c445f2e/remove-bgai_1721539669565-20240721052805-5c0d0.png
Requested by
Host: cwin94.xyz
URL: https://cwin94.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.245.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-245-78.lhr62.r.cloudfront.net
Software
nginx /
Resource Hash
a3bf23452c0c047a567d20dfcf647bd7ae6727966fa08705a6e9772c1b4d071c

Request headers

Referer
https://cwin94.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:21:56 GMT
content-encoding
gzip
via
1.1 f228841669972ff437f333c805ff00bc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
x-cache
Miss from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
2rBN7-ugmeHi4ZBg8b1ioGPbIZJzsHX1mFv0EF9qOW1zgg_EFxOUoA==
expires
Mon, 21 Jul 2025 18:21:56 GMT
screenshot_2-20240721054650-hfiqz.png
w.ladicdn.com/s700x750/63419b1baccba4002c445f2e/ 		239 KB
236 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s700x750/63419b1baccba4002c445f2e/screenshot_2-20240721054650-hfiqz.png
Requested by
Host: cwin94.xyz
URL: https://cwin94.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.245.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-245-78.lhr62.r.cloudfront.net
Software
nginx /
Resource Hash
0808d52f92de0ed4a76d7ee84ce7df11529050eb2e32c6aaabc576e0d92962c7

Request headers

Referer
https://cwin94.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:21:56 GMT
content-encoding
gzip
via
1.1 f228841669972ff437f333c805ff00bc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
x-cache
Miss from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
BlecEa9UHUQMiAe61Q9p_FUKCN_d0GTXxKp3VSB92y6ou5qs4bVkfQ==
expires
Mon, 21 Jul 2025 18:21:56 GMT
screenshot_2-20240721054650-hfiqz.png
w.ladicdn.com/s400x400/63419b1baccba4002c445f2e/ 		183 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s400x400/63419b1baccba4002c445f2e/screenshot_2-20240721054650-hfiqz.png
Requested by
Host: cwin94.xyz
URL: https://cwin94.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.245.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-245-78.lhr62.r.cloudfront.net
Software
nginx /
Resource Hash
4bfe56b9628bb1b0c8cfa869f73f0c6d0918493b8605a8bfa92398a84941f02d

Request headers

Referer
https://cwin94.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:21:57 GMT
content-encoding
gzip
via
1.1 f228841669972ff437f333c805ff00bc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
x-cache
Miss from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
mggECh2fmRTnkrolSkXc4A5aIb60QdVJRZrIpjC6RI5iFA3HW4_3Bg==
expires
Mon, 21 Jul 2025 18:21:57 GMT
screenshot_3-20240721055157-mug3i.png
w.ladicdn.com/s400x400/63419b1baccba4002c445f2e/ 		76 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s400x400/63419b1baccba4002c445f2e/screenshot_3-20240721055157-mug3i.png
Requested by
Host: cwin94.xyz
URL: https://cwin94.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.245.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-245-78.lhr62.r.cloudfront.net
Software
nginx /
Resource Hash
beb3a7e2bbefb023d8cfd9f9d406597fed4c3f8470eb83c2bf7a848cf31254b6

Request headers

Referer
https://cwin94.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:21:56 GMT
content-encoding
gzip
via
1.1 f228841669972ff437f333c805ff00bc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
x-cache
Miss from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
oimDjn4-qiQg27glONcQNjZodf0nM9e3MlPb6_pIaW5jiitz-WdF_w==
expires
Mon, 21 Jul 2025 18:21:56 GMT
screenshot_4-20240721055228-fudyi.png
w.ladicdn.com/s400x400/63419b1baccba4002c445f2e/ 		97 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s400x400/63419b1baccba4002c445f2e/screenshot_4-20240721055228-fudyi.png
Requested by
Host: cwin94.xyz
URL: https://cwin94.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.245.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-245-78.lhr62.r.cloudfront.net
Software
nginx /
Resource Hash
604d32070bc841a35a7033d0ab92fb7659ed24effaa842d9fd60abb9a344c1c8

Request headers

Referer
https://cwin94.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:21:56 GMT
content-encoding
gzip
via
1.1 f228841669972ff437f333c805ff00bc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
x-cache
Miss from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
ro7kv9TP2hwUMlzGS_x5-N06XQfBs5oRRxVNsqBZwKXyL9u4iS5-Qw==
expires
Mon, 21 Jul 2025 18:21:56 GMT
screenshot_1-20240721055106-c3ans.png
w.ladicdn.com/s400x400/63419b1baccba4002c445f2e/ 		194 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s400x400/63419b1baccba4002c445f2e/screenshot_1-20240721055106-c3ans.png
Requested by
Host: cwin94.xyz
URL: https://cwin94.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.245.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-245-78.lhr62.r.cloudfront.net
Software
nginx /
Resource Hash
9f55b2f2ab4a0f4fa1f9f93d74254e9f6e3172009a28b4435870cb9e17e2c443

Request headers

Referer
https://cwin94.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:21:56 GMT
content-encoding
gzip
via
1.1 f228841669972ff437f333c805ff00bc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
x-cache
Miss from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
fD314ok7m05XyPnaupBRCyd7D4tOrnlz0oVUkn1LHJifT0tBrh7D9g==
expires
Mon, 21 Jul 2025 18:21:56 GMT
truncated
/ 		187 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89d106687c005b3aa5cecd08ccc754d6f79a10696e59aed05a785d5f0c28c63b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
event
a.ladipage.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.102.150 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-102-150.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view
Access-Control-Request-Method
POST
Origin
https://cwin94.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
2592000
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 21 Jul 2024 18:21:57 GMT
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
0
ladipage.formdata.min.js
w.ladicdn.com/v4/source/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v4/source/ladipage.formdata.min.js?v=1721116091595
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1721116091595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.245.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-245-78.lhr62.r.cloudfront.net
Software
nginx /
Resource Hash
4e2e1fede580f9ab587a27eb674c1b0153b9b522d0f9f80d1ef9491d8d3303a2

Request headers

Referer
https://cwin94.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 07:50:47 GMT
content-encoding
gzip
via
1.1 f228841669972ff437f333c805ff00bc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
age
469868
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
bCoddMZP9IMQOCp9dmJUQi-KXW4OGSNOexAEOlYx8LTdeMxLdFcIRA==
expires
Wed, 16 Jul 2025 07:50:47 GMT
tq
docs.google.com/spreadsheets/d/1mG-6Nyz1LHntUxqmYiICpOh_cMMCvJVziNwZT8ifVN4/gviz/ 		18 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/spreadsheets/d/1mG-6Nyz1LHntUxqmYiICpOh_cMMCvJVziNwZT8ifVN4/gviz/tq?tqx=out:json
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1721116091595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1731ac843d97c31b207ee90292de6c9dee7e982c608c2a4dcab08fa5ae1e2ebb
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt, base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-VF6YevER4SLnwFI93WG5hQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cwin94.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:21:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt, base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-VF6YevER4SLnwFI93WG5hQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
reporting-endpoints
default="/spreadsheets/d/1mG-6Nyz1LHntUxqmYiICpOh_cMMCvJVziNwZT8ifVN4/web-reports?context=eJwV0XlUlccZBvCX73snMW7BPVUUFcWogCxSUXbudy8guFAp87kkRsM1IirKYtRKilZTRI1KTVGr3gtcEAWNQlwJoFD3I1I5YIxFgwYFrQvqTcHE0Kd__M6ZZ87MOc-80_1Yf9MvcXQDkliSpZsk5T1JR3pIKuspyctRUj78sY-kYX0ljRkg6Z9QNUiS2weSCqBqsKThQyTFOUlyHybJBgnOkuJdJH3sKikJKuGXcZJ6uUnqA-PdJWV7SPrSS5Kjt6QRkOMj6R9g85V0wk9S22RJJcGSKuCRUVJHpKSL0yU1whhd0iRQZ0vqB2ZIg7o5kn6EWwtwB4YvlPRevKTfwcRESRoUwknITZJ0HJ6koRsU_lnSd_B9hqRWqN0g6S5of5EUC8ezJJ0Hv22SIiDmK0kL4BY8AvevJQVC1t8l7YXROZJ8oXi3pHL4DXrvkTQnH--0YR9qDkqqh_SjkjKh_zFJo4BKMRfY862kQ9DzrCQnqCnHefD_TlIUNFVIegq1VegKodfQC7Zdl7QfBtZJcoV7jZKeQ_EtdIGTtzFLqL4r6SYMa5bkATk_SToILi2SfKAUquEiNELrQ_wDNLRLaoE26IRPOyWlQKiqUwyksU6bYEJ3nYLhcA-dzkKXo07v99Ep3EUnCYPG6zQGvp-kUyv0mqzTUPgNek_R6RzUwdwAnRLhdKBOl6FfmE4ucDtcpzboF4UMpmk6xcG26Trth_QZWEN9nE4PIH0OMuTO0-k4TIzXSYO2z3TqhGmLdfoI4hN0SoWKJTpdh9WJOmVCr-XoBy9SdKJUndbDTvD5XCcDuK7W6ffwzjqdBsK4DJ2mwL0B_yLvcU-UKWCd164UwbPP2pWfoaGmXWmCNa4vlTvNL5UH0OTxSmmB_nGvFCd44mFXXkGDp10xRdiV6ZCQbldWgpZhV6Jh1ga7Mhfun7Urj8Gc-F9lGZwI6FAqICOwQ8kE06IOZTo4b-lQxsDGgZ3KVqhf26ncgayrnUo2eNV1KpNhRt83ioSmDW-UFqi1vlEaYfzeXxUfOHrkrXIS_Gb9poTAMOpSXCHDqUvJhNOru5RzMG5tl-INZe-TWg4JjqSuBL8kUkMgNpnUeaA0k9r9_8wOakueg9qR76CSzUEt36qoNVBmVdRyUC4o6v0fFfUpqKyqPWDXh6q6D8JnqeoMqI9V1Tsw7a-qqsPaFlXdAGNHsOoFW59P4V3g_tiffWH_M38ugES7P6eAfUYAX8wJ4FqwlwTwW6gbG8gPcwK5HSaNCuJgaPQO4rvwJj6IFXMQV4tgvgoVfsF8AQ6EBHMhvP0qmMX2YHa9EsweoBWHcDQUNIRwtVMoX4UBkaE8HJqmhnILZGaE8g7weRrK_rAkLIyT4aetYfwajLvDeBrYisP4aUkYeoZxdGMYx8KxQQY-Da4xBvaALasM_DeITDdwDKxfb-DN8OwbA_8My0oNnAZag4GjYcQTA4-F5v8YuA3sLwz8Fm6O0PgHaB-lscNojf_kqvEWOBescR1omsaxsDJF4_XgtFtjN_iwSGNPSD-j8SZwPqfxGBh6XmN3cHuh8USIglnwCSyGLMiGS3ADerVrPADGgw989FrjZVDsYOQy2POpkaOXGDkW0lYaOR1WJRv5SyiDGuBVRu4JB7KNXAiVXxu5Fur3GvkB9Kw0cn9YdcnI5x4a-TJoviaOBvmJiefDvkUmtsHSpSZeB2-2mFjZauLmEyZuh6ovwvkGlLaGczVM7RbBcyCodwSb4MyACHYaGMFukDc0gkvh1sUIfgRufSN5IuT0i2QLnFoTyVWQlRnJ2WB9dyoXwcXuU7kWWqEDav5gEddgwiKLCIaaxchQlGARp-GbDIs4BYnHLCIFMk9ZxA7oWWkRTnDmgUWch9RnFrEOboRbxT0YEWEVXlAfbRUPIMFsFSvBcalVfABZuVaxF5oOWcWSCqtIhuu3raIBDjdZRSlk37OKiGarmAmdr6zC4bVVnIJLMNiWK0ZCC9hh8LFcMRo8u3KFH8Q554lFcMg9TxyH5sA80QZR0_LEXCjbmSdqoOVynrDD_St54jHU988XdyB9UL7YBpWz80UtRHycL2bCkOR84QI7n-eLPdA5xCYcnGziXWebGASn4BJ0BtlEumYT2-DhUpt4Bv0-twkXCIUY8N1hE4EwUi0Q3lDeq0BcAyfnAjEKNg8vEDvhzJ4CcR6i_l0g5sKmyYViYVSh2FhRKLaDo-2g8C45KMIg8v5BMRtK1SJRDVe8isRtGBhQJFxheGiR8ISqzUXiEqy4WSRWw2jHQ8IXQuoOiZmwq-2w2Ac3fz0sfoCN7sViOxi-KBbTwa2yWLzMKBHK-hIx5UKJGJd4RHhDbsMRcRz8JxwVkdC3R7cL-fZv33FsPfDWd3D32AULl5pj0szJa0a6meMTUpOSUzxSViSbF8SnLDabU1PcFyUnLU81L4-f7-3pPdFzkudkD0_v-St8_geGzbpt&build-label=editors.spreadsheets-frontend_20240709.02_p3&imp-sid=CL3u14fguIcDFTSrTwkdArkIFg&is-cached-offline=false"
pragma
no-cache
x-l2-request-path
l2-managed-6
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Reduced
server
GSE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://cwin94.xyz
access-control-expose-headers
Cache-Control,Content-Disposition,Content-Encoding,Content-Length,Content-Type,Date,Expires,Pragma,Server,Transfer-Encoding
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
Arlbm3aYP4F8jryBe5TXZ49CJDmGTgEpjkLwYKtvJpvg65pxTRq/0LtrY3S/FMwogUWu6GvOhoCX1WWtJ8wVXQkAAABpeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IlVzZXJBZ2VudFJlZHVjdGlvbiIsImV4cGlyeSI6MTY1MDQxMjc5OSwiaXNTdWJkb21haW4iOnRydWV9,Ai3pT9iDX83Axy8V9VNotVplzFW2tJ9kgTcxPi10YmhFts/jN7e/pGmGWW+gOUMbSwAMiol70V6YNUtNHHtnZw0AAAByeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IldlYkFzc2VtYmx5SlNTdHJpbmdCdWlsdGlucyIsImV4cGlyeSI6MTcyNzgyNzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-robots-tag
noindex, nofollow, nosnippet
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d43791134e2e13160c0f0ad2a1b60831798f279d51728750ab7a5e3adce156a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
event
a.ladipage.com/ 		125 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1721116091595
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.102.150 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-102-150.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e063566e797cac66b08f1781227f5ed7f4f3ecb2553f3b497c2a60ea1677ad17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

LADI_CLIENT_ID
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT
0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT
0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
LADI_CAMP_NAME
Content-Type
application/json
Referer
https://cwin94.xyz/
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW
0
LADI_PAGE_VIEW
0
LADI_CAMP_TYPE

Response headers

date
Sun, 21 Jul 2024 18:21:57 GMT
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-max-age
2592000
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection
0
screenshot_3-20240721055157-mug3i.png
w.ladicdn.com/s700x750/63419b1baccba4002c445f2e/ 		76 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s700x750/63419b1baccba4002c445f2e/screenshot_3-20240721055157-mug3i.png
Requested by
Host: cwin94.xyz
URL: https://cwin94.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.245.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-245-78.lhr62.r.cloudfront.net
Software
nginx /
Resource Hash
beb3a7e2bbefb023d8cfd9f9d406597fed4c3f8470eb83c2bf7a848cf31254b6

Request headers

Referer
https://cwin94.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 18:22:00 GMT
content-encoding
gzip
via
1.1 f228841669972ff437f333c805ff00bc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
x-cache
Miss from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
gIntDtfSSuEUgPBEYdv1gpi-RnpPIFSf1z9sxOcu3NwqsdV06eWY6A==
expires
Mon, 21 Jul 2025 18:22:00 GMT
bin909-20240721080644-lwxjd.png
w.ladicdn.com/63419b1baccba4002c445f2e/
Redirect Chain
  • https://static.ladipage.net/63419b1baccba4002c445f2e/bin909-20240721080644-lwxjd.png
  • https://w.ladicdn.com/63419b1baccba4002c445f2e/bin909-20240721080644-lwxjd.png
0
0
ladipage.svg
w.ladicdn.com/source/v3/by/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/source/v3/by/ladipage.svg?v=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.245.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-245-78.lhr62.r.cloudfront.net
Software
nginx /
Resource Hash
628302bae3cba02607d2fefa6eaf3d0549c0c8ab9f41bd171d74f3757826b6bf

Request headers

Referer
https://cwin94.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 16 May 2024 00:10:11 GMT
content-encoding
gzip
via
1.1 f228841669972ff437f333c805ff00bc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
age
5767910
x-cache
Hit from cloudfront
server
nginx
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
x-amz-cf-id
91pMIZXc531-L_B_pB9rUn13tIiFu4Yarj00JjAuZVkRq-i5p6Mh0w==
expires
Fri, 16 May 2025 00:10:11 GMT
bin909-20240721080644-lwxjd.png
w.ladicdn.com/63419b1baccba4002c445f2e/
Redirect Chain
  • https://static.ladipage.net/63419b1baccba4002c445f2e/bin909-20240721080644-lwxjd.png
  • https://w.ladicdn.com/63419b1baccba4002c445f2e/bin909-20240721080644-lwxjd.png
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
w.ladicdn.com
URL
https://w.ladicdn.com/63419b1baccba4002c445f2e/bin909-20240721080644-lwxjd.png
Domain
w.ladicdn.com
URL
https://w.ladicdn.com/63419b1baccba4002c445f2e/bin909-20240721080644-lwxjd.png

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ladi_viewport boolean| ladi_is_desktop function| ladi_fbq function| ladi_ttq function| lazyload_run function| equalsLadiPage function| isObjectLadiPage function| isArrayLadiPage function| isFunctionLadiPage function| isBooleanLadiPage function| isStringLadiPage function| isEmptyLadiPage function| isNullLadiPage function| parseFloatLadiPage function| decodeURIComponentLadiPage function| formatNumber function| textToNumber function| formatNumberComma function| textToNumberComma function| formatNumberDot function| textToNumberDot object| Base64 function| LadiPageScriptV2 object| LadiPageScript object| LadiFormulaData object| LadiFormApi object| LadiPageCommand object| LadiPageLocation object| LadiPageShopping object| LadiPageFormData object| LadiPageQueueCommandList object| LadiPageQueueCommand function| lightbox_run function| lightbox_iframe function| lightbox_image function| lightbox_video function| language_set function| LadiPageLibraryV2 function| ladi function| ladi_api_fbq function| ladi_api_ttq function| LadiPageAppV2 function| sha256 function| sha224 object| LadiPageApp

2 Cookies

Domain/Path Name / Value
cwin94.xyz/ Name: _timenow
Value: 1721586116240
cwin94.xyz/ Name: LADI_UNIQUE_ID
Value: 1e0dad85-15d8-42a4-9f0e-1b56ce040115

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
cwin94.xyz
docs.google.com
fonts.googleapis.com
fonts.gstatic.com
w.ladicdn.com
w.ladicdn.com
13.224.245.78
18.142.102.150
188.114.96.3
2a00:1450:4001:80e::2003
2a00:1450:4001:812::200a
2a00:1450:4001:830::200e
0808d52f92de0ed4a76d7ee84ce7df11529050eb2e32c6aaabc576e0d92962c7
0d43791134e2e13160c0f0ad2a1b60831798f279d51728750ab7a5e3adce156a
168c5fc9446db472cbf9e25c0af43e551f18568b20828973eb2068b9d42401c8
1731ac843d97c31b207ee90292de6c9dee7e982c608c2a4dcab08fa5ae1e2ebb
18c9ba8e85682019d77aa4df03afdf9ff10f694e6d87eb93884b9114a50ae039
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef
2d1ac4910183aefd2b7798c05a8191ddd2d7e480b5a974fdf6a3f451ad6717e0
4bfe56b9628bb1b0c8cfa869f73f0c6d0918493b8605a8bfa92398a84941f02d
4e2e1fede580f9ab587a27eb674c1b0153b9b522d0f9f80d1ef9491d8d3303a2
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
5391a45cfe4fb0cca640990421ce2cdf0c33d655e452d8ed8339828e297be030
604d32070bc841a35a7033d0ab92fb7659ed24effaa842d9fd60abb9a344c1c8
628302bae3cba02607d2fefa6eaf3d0549c0c8ab9f41bd171d74f3757826b6bf
6ad2ce9bec20fffabef2b987dc4851bc637476a85b4137d0b9752a9e9dae8f10
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
6f968e2b575a4921967e9ccb21f184904b8cc5dfb92a1847c72732c85a8cc33d
76bdf34ff931f1daac48657cd026a622f24b9ac782367c972db5890b24c137e1
801b5a76b60fb86e8f30191e19746eb20aa88930f050ca332a24cc13eb20032d
88f27bc04b46e288d95a087776db3cd30cce45a9b5b23c7942e79fefd5b48b2c
89a26978ecbd78c49572106639459eafb139392412b30239f7f5c73553617bb6
89d106687c005b3aa5cecd08ccc754d6f79a10696e59aed05a785d5f0c28c63b
8ba058373d7f21a41abac2a3c0ba90132b2f1c01b1621367eb266be54ab6d9d5
9f55b2f2ab4a0f4fa1f9f93d74254e9f6e3172009a28b4435870cb9e17e2c443
a3bf23452c0c047a567d20dfcf647bd7ae6727966fa08705a6e9772c1b4d071c
b4e9821670e6c665a1146c78e4318bdefbd99a21516e002ce51c7bf965aa3d7d
b5327b2f7b5f33ed467da4a06759e13d483b86d2b4dbe7952268809533853f69
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
beb3a7e2bbefb023d8cfd9f9d406597fed4c3f8470eb83c2bf7a848cf31254b6
bed8a5c0e77b3d9ade568f1c7c08eae922a045ac7d20988dac39805f8c2de9f6
c1d6a9c4bec0c767043fb53950244eaea448dd52b0affc3c4e474203059485b3
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12
d18da1bfcca459a0c94e96ff88d04f7b1dfae66db683b7492ae6b5c3631b5bac
d6968f5809c83643e4e8782faf5e928bad76f648a670861b7e91d0777dea7458
e063566e797cac66b08f1781227f5ed7f4f3ecb2553f3b497c2a60ea1677ad17
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929