1win-3zar.xyz Open in urlscan Pro
172.67.149.47  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response 1win-3zar.xyz/	44 KB 14 KB	339ms 296ms	Document text/html	172.67.149.47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1win-3zar.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.149.47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.0.16 Resource Hash fa3eaf80e133cbefcad93a9ccddf4f5040a9e8918edf2467dd9759afe0c042d5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8d5742c8d8611d0e-CPH content-encoding zstd content-type text/html; charset=UTF-8 date Sun, 20 Oct 2024 07:23:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JW5PIH%2Bwm%2BgOtqoWj3WzA6vClh6sRR1renS%2FnCwJvJ9R8Iki6x1XMXUBIKjycPI3Uu5mucEyQF4A%2FEraWjvyJG7z2SlbCA5R5KGwi8pUf6pjaPSq2cHlkNTKLVOYjw71"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=27629&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4174&recv_bytes=4480&delivery_rate=569&cwnd=12000&unsent_bytes=0&cid=55d4bbd08869e90e&ts=302&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding x-powered-by PHP/8.0.16
GET H2	200	css fonts.googleapis.com/	20 KB 1 KB	159ms 57ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Inter%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900&display=auto&ver=3.3.1 Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 77db3a814b522288645e5c994fd7f538e4899223d77583c7a155f79d39f1ffc1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers content-encoding gzip x-content-type-options nosniff expires Sun, 20 Oct 2024 07:23:10 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 20 Oct 2024 07:23:10 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Sun, 20 Oct 2024 06:51:30 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	hxyqs.css 1win-3qaw.xyz/wp-content/cache/wpfc-minified/fqxyx66j/	93 KB 17 KB	179ms 106ms	Stylesheet text/css	2606:4700:3032::ac43:a1ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1win-3qaw.xyz/wp-content/cache/wpfc-minified/fqxyx66j/hxyqs.css Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a1ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3fec37a1f8d10fd1ec31bea03ddc02e1b36af2b7c2fc5ea9a75fd308e9fdda0b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"670e41ba-17500" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SdyKhHLm3duxbcsbfOQuWJlZNGOc4RVx%2FuOlZkliQNC6Yhw9BhG4n4GhJD56WolVIRLiti2D7kQRXx%2BMpygDHhxsPF5EuDBWJ2n8KG%2FwqnUvMFiD3d1XCLVgpR7SMbzcvRV8rcn9gSL3sCV9"}],"group":"cf-nel","max_age":604800} cf-ray 8d5742cb582f92f1-CPH expires Mon, 21 Oct 2024 07:23:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=25806&sent=77&recv=25&lost=0&retrans=0&sent_bytes=61028&recv_bytes=3819&delivery_rate=951488&cwnd=253&unsent_bytes=0&cid=76066cf371ca7f34&ts=113&x=0" date Sun, 20 Oct 2024 07:23:10 GMT content-type text/css last-modified Tue, 15 Oct 2024 10:19:38 GMT vary Accept-Encoding server cloudflare
GET H2	200	hxyqs.css 1win-3qaw.xyz/wp-content/cache/wpfc-minified/m8hfzfzg/	9 KB 3 KB	146ms 73ms	Stylesheet text/css	2606:4700:3032::ac43:a1ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1win-3qaw.xyz/wp-content/cache/wpfc-minified/m8hfzfzg/hxyqs.css Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a1ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1274f71943ff89abe4122aa755cb1415407d48432ff213dcdf06e2e4633d3e4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"670e41ba-2361" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KVc22q6J%2BlGaVKFjwwJCQSO%2F6Ebbghb%2FlF%2FUyzjBRd%2Buqmn%2F3JhifioNNdmFe4hH%2FNb1qi2LDM0xmubzW5F2wm%2FjBLSDR8TdVhNSTHIupQFmn50%2FvTY9Gf2Ew4u0wncdcL6mw6sSt46GBRCo"}],"group":"cf-nel","max_age":604800} cf-ray 8d5742cb583292f1-CPH expires Mon, 21 Oct 2024 07:23:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=25144&sent=33&recv=22&lost=0&retrans=0&sent_bytes=26049&recv_bytes=3819&delivery_rate=612104&cwnd=253&unsent_bytes=0&cid=76066cf371ca7f34&ts=80&x=0" date Sun, 20 Oct 2024 07:23:10 GMT content-type text/css last-modified Tue, 15 Oct 2024 10:19:38 GMT vary Accept-Encoding server cloudflare
GET H/1.1	200 OK	js.js Show response efreecode.com/	4 KB 3 KB	540ms 132ms	Script application/javascript	18.208.5.78 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://efreecode.com/js.js Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_CBC Server 18.208.5.78 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-208-5-78.compute-1.amazonaws.com Software nginx / Resource Hash f70dfb04db96877ea2e3abd371506cc717a68b3a2cbc3428ad7b8678462d06ce Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers Cache-Control max-age=21600 Content-Encoding gzip ETag "5fb2710f-980" Connection keep-alive Expires Sun, 20 Oct 2024 13:23:10 GMT Content-Length 2432 Date Sun, 20 Oct 2024 07:23:10 GMT Content-Type application/javascript Last-Modified Mon, 16 Nov 2020 12:31:11 GMT Server nginx
GET H2	200	present-with-light.png 1win-3qaw.xyz/wp-content/themes/b1win/amstor/img-h/	5 KB 6 KB	156ms 83ms	Image image/png	2606:4700:3032::ac43:a1ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3qaw.xyz/wp-content/themes/b1win/amstor/img-h/present-with-light.png Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a1ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06cee660e5b0dfa3ec59c1a1e03e4ab3da6cb22d1e49c9c51f9cf84ed925e304 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cf-cache-status REVALIDATED etag "66e6d9ca-15e0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z7CAl6xN67bKCaJop%2BINetZME9qbYwDDlIcZ4RIj%2BDV2S5YMqOTTPBgGQK2aVTNwipw9mLavZTHmftSKeqJ5aSFMlef8qAUuP5PxyrMvHU7v6on%2BSeMIaRhqRFtvGuGaa%2BMVkXQ0VgZOdVig"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 07:23:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=24941&sent=42&recv=23&lost=0&retrans=0&sent_bytes=32775&recv_bytes=3819&delivery_rate=951488&cwnd=253&unsent_bytes=0&cid=76066cf371ca7f34&ts=90&x=0" date Sun, 20 Oct 2024 07:23:10 GMT content-type image/png last-modified Sun, 15 Sep 2024 12:57:46 GMT vary Accept-Encoding cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d5742cb583692f1-CPH accept-ranges bytes content-length 5600 server cloudflare
GET H2	200	carraffledesktopheaderticket.svg 1win-3qaw.xyz/wp-content/themes/b1win/amstor/img-h/	1 KB 1 KB	135ms 63ms	Image image/svg+xml	2606:4700:3032::ac43:a1ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3qaw.xyz/wp-content/themes/b1win/amstor/img-h/carraffledesktopheaderticket.svg Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a1ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 358cfe33d6b15df8bc4da747b9603dd53edaf6efbd087417e935af0b16bb732d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status REVALIDATED etag W/"66e6d9c9-429" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ydx7PlVxAoBtTfee2%2BhOTYrTGoTvZol1%2FGEpFsYDvKtCcfCFnmGQn%2B1vn%2BM0txzcUViGF96%2FasOir%2FcQ0fiyVrI6mJ9hOtyDoHMa4DunEIwYD03D0vvpuvSQ1gm9medPNlxQnRwBRhhsiL%2Fg"}],"group":"cf-nel","max_age":604800} cf-ray 8d5742cb583592f1-CPH expires Mon, 21 Oct 2024 07:23:09 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=23063&sent=30&recv=19&lost=0&retrans=0&sent_bytes=24934&recv_bytes=3819&delivery_rate=175034&cwnd=253&unsent_bytes=0&cid=76066cf371ca7f34&ts=71&x=0" date Sun, 20 Oct 2024 07:23:10 GMT content-type image/svg+xml last-modified Sun, 15 Sep 2024 12:57:45 GMT vary Accept-Encoding server cloudflare
GET H2	200	headerlink.png 1win-3qaw.xyz/wp-content/themes/b1win/amstor/img-h/	3 KB 4 KB	144ms 73ms	Image image/png	2606:4700:3032::ac43:a1ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3qaw.xyz/wp-content/themes/b1win/amstor/img-h/headerlink.png Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a1ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de9a991d648a698ba57e534178d52fd8d5a8f19f2c740447e8ecad1cd39d4f94 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cf-cache-status REVALIDATED etag "66e6d9c9-cf1" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FUnmtceWkKIIs8wA1NF%2BKbSL5ziLqtj1bIpwvd3K1c3iXp3lSMaqmmYcZwGUPqaD8PfXErSHFCEvHqrJBrmlRpHPXmtwiLGGft3020vYag5c1UQixRdJjFj01JNT1A1w433ifP6JV8uusw3B"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 07:23:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=25144&sent=37&recv=22&lost=0&retrans=0&sent_bytes=28914&recv_bytes=3819&delivery_rate=612104&cwnd=253&unsent_bytes=0&cid=76066cf371ca7f34&ts=81&x=0" date Sun, 20 Oct 2024 07:23:10 GMT content-type image/png last-modified Sun, 15 Sep 2024 12:57:45 GMT vary Accept-Encoding cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d5742cb583792f1-CPH accept-ranges bytes content-length 3313 server cloudflare
GET H2	200	ru.svg 1win-3qaw.xyz/wp-content/themes/b1win/amstor/img-h/	296 B 649 B	85ms 83ms	Image image/svg+xml	2606:4700:3032::ac43:a1ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3qaw.xyz/wp-content/themes/b1win/amstor/img-h/ru.svg Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a1ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 19f8c7fd19b6611a0225ea210763971454d218b3206cd2dc478b5a1708e4d00e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status REVALIDATED etag W/"66e6d9ca-128" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n5C6JxQALiCMyUTWo9Cbc6XhiAIwoW5S1b38zunb0W0Lod3OC%2BWto%2FBG5jMZS%2FSkSUx9Hb%2F434dGbYCEL%2FapKl6XqAeUwqP9ah3EM9aKEltQhhAaqsrIdEJOE3wGNWMUs5471JROIDjd8iX0"}],"group":"cf-nel","max_age":604800} cf-ray 8d5742cb785592f1-CPH expires Mon, 21 Oct 2024 07:23:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=24724&sent=53&recv=24&lost=0&retrans=0&sent_bytes=40583&recv_bytes=3819&delivery_rate=951488&cwnd=253&unsent_bytes=0&cid=76066cf371ca7f34&ts=104&x=0" date Sun, 20 Oct 2024 07:23:10 GMT content-type image/svg+xml last-modified Sun, 15 Sep 2024 12:57:46 GMT vary Accept-Encoding server cloudflare
GET H2	200	1winlogo.webp 1win-3qaw.xyz/wp-content/themes/b1win/amstor/	942 B 1 KB	84ms 81ms	Image image/webp	2606:4700:3032::ac43:a1ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3qaw.xyz/wp-content/themes/b1win/amstor/1winlogo.webp Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a1ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e36cd0f2581d2d09454f222ff9ab69a9e5a639c54550ac42fa2fa96ac7d77043 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cf-cache-status REVALIDATED etag "66e70992-3ae" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tZWkUD%2BDIU9Na2tJM7yMqbRLJWKmGOL5aOaFYkMZMJa1kruPnEa3m8cRd3Pt0vQ1%2B3gXhrFmHu9vyEZWplpz20R1cOY5R1XI1LgXkIz8g3ro9qj1KuTfb%2BfsqPklQUeTz3YVyAYtXeBtH4nB"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 07:23:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=24724&sent=50&recv=24&lost=0&retrans=0&sent_bytes=39091&recv_bytes=3819&delivery_rate=951488&cwnd=253&unsent_bytes=0&cid=76066cf371ca7f34&ts=103&x=0" date Sun, 20 Oct 2024 07:23:10 GMT content-type image/webp last-modified Sun, 15 Sep 2024 16:21:38 GMT vary Accept-Encoding cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d5742cb684592f1-CPH accept-ranges bytes content-length 942 server cloudflare
GET H2	200	lucky-jet.svg 1win-3qaw.xyz/wp-content/themes/b1win/amstor/img-h/	4 KB 2 KB	95ms 92ms	Image image/svg+xml	2606:4700:3032::ac43:a1ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3qaw.xyz/wp-content/themes/b1win/amstor/img-h/lucky-jet.svg Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a1ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2fd48c96ed2380a0e83d27f0f0321d56118de1bdffe31a6068a29368d0bc1026 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status REVALIDATED etag W/"66e6d9ca-fb6" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=35GS0Ydm%2FQYIMLnx4uQhO7XwLkwnlt2RuO%2FxGiDpefzskqvkOvjolpn9NuZZHCwqESgqi9PVphIyFZ%2F6it6VoLk6dE9HpGL7sv2DoVHxJgfLmwNVg1xOrnys8m5fVGtIWK1OJFBoga3g1Y%2Fe"}],"group":"cf-nel","max_age":604800} cf-ray 8d5742cb785692f1-CPH expires Mon, 21 Oct 2024 07:23:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=25473&sent=94&recv=26&lost=0&retrans=0&sent_bytes=78700&recv_bytes=3819&delivery_rate=951488&cwnd=253&unsent_bytes=0&cid=76066cf371ca7f34&ts=114&x=0" date Sun, 20 Oct 2024 07:23:10 GMT content-type image/svg+xml last-modified Sun, 15 Sep 2024 12:57:46 GMT vary Accept-Encoding server cloudflare
GET H2	200	speed-and-cash.svg 1win-3qaw.xyz/wp-content/themes/b1win/amstor/img-h/	23 KB 11 KB	89ms 86ms	Image image/svg+xml	2606:4700:3032::ac43:a1ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3qaw.xyz/wp-content/themes/b1win/amstor/img-h/speed-and-cash.svg Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a1ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0afff374cbc83adf07b49a5318746673c2c0b464784985d3eac7fc1bf47456cf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status REVALIDATED etag W/"66e6d9ca-5be0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7LcXdsq9pDyFqpuCJAj7%2FKuvVgXwFsFdC7PIjake4RC00jHc%2FAS%2FrOGqMV8UuJdZyI1c6kzVUBtfO6YRqgAtXT3uxgwmcYzd6RGnz4JTce2ign%2BMDH5O7hO1w9kWgZe9VG9LJ%2BdPD7rJ%2BDPq"}],"group":"cf-nel","max_age":604800} cf-ray 8d5742cb785792f1-CPH expires Mon, 21 Oct 2024 07:23:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=25806&sent=56&recv=25&lost=0&retrans=0&sent_bytes=41298&recv_bytes=3819&delivery_rate=951488&cwnd=253&unsent_bytes=0&cid=76066cf371ca7f34&ts=109&x=0" date Sun, 20 Oct 2024 07:23:10 GMT content-type image/svg+xml last-modified Sun, 15 Sep 2024 12:57:46 GMT vary Accept-Encoding server cloudflare
GET H2	200	aviator-game-logo.svg 1win-3qaw.xyz/wp-content/themes/b1win/amstor/img-h/	3 KB 2 KB	98ms 96ms	Image image/svg+xml	2606:4700:3032::ac43:a1ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3qaw.xyz/wp-content/themes/b1win/amstor/img-h/aviator-game-logo.svg Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a1ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 52953914122eca6d894a9805f16d029b8b1e714d0812da44c0417a9fc3a87b40 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status REVALIDATED etag W/"66e6d9ca-c21" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6hk5I752CPSEG92ef344lfCfJi3AiBDmMSCeEnZ7cq5Y%2BjO7G4b6Kin5S3sqfBeUJZI%2FMSb9XiUG0IMepIDJL9pYape28I%2B2lqKpfVwK2WCfcTt0ljCrtd0E2PGkFLLGN84zpYmB2a86HpZu"}],"group":"cf-nel","max_age":604800} cf-ray 8d5742cb785892f1-CPH expires Mon, 21 Oct 2024 07:23:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=25473&sent=98&recv=26&lost=0&retrans=0&sent_bytes=81070&recv_bytes=3819&delivery_rate=951488&cwnd=253&unsent_bytes=0&cid=76066cf371ca7f34&ts=118&x=0" date Sun, 20 Oct 2024 07:23:10 GMT content-type image/svg+xml last-modified Sun, 15 Sep 2024 12:57:46 GMT vary Accept-Encoding server cloudflare
GET H2	200	jetx.svg 1win-3qaw.xyz/wp-content/themes/b1win/amstor/img-h/	13 KB 7 KB	92ms 90ms	Image image/svg+xml	2606:4700:3032::ac43:a1ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3qaw.xyz/wp-content/themes/b1win/amstor/img-h/jetx.svg Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a1ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1dc3bf31ad0c9dad2963f2f65f394253a0fb5fc549bd8226c2dfd3f3f36cfe13 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status REVALIDATED etag W/"66e6d9ca-33e8" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bO%2FJYxUbJqKepIpxtL1LmPa7dp42ggxDGH7CUpyjNIuAivXruZsdD%2B%2BJWvo2or09keYmVQaiVoQo4IipLJ%2BwYtSzkt1rdXFvMAIctq1DwAgjOU8uCQ1PoxZfu%2F8G%2FPvKnnoKUf7jV7bir4w4"}],"group":"cf-nel","max_age":604800} cf-ray 8d5742cb785a92f1-CPH expires Mon, 21 Oct 2024 07:23:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=25806&sent=70&recv=25&lost=0&retrans=0&sent_bytes=54089&recv_bytes=3819&delivery_rate=951488&cwnd=253&unsent_bytes=0&cid=76066cf371ca7f34&ts=110&x=0" date Sun, 20 Oct 2024 07:23:10 GMT content-type image/svg+xml last-modified Sun, 15 Sep 2024 12:57:46 GMT vary Accept-Encoding server cloudflare
GET H2	200	zerkalo_1win-768x692.jpg 1win-3qaw.xyz/wp-content/uploads/2024/09/	91 KB 91 KB	225ms 153ms	Image image/jpeg	2606:4700:3032::ac43:a1ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3qaw.xyz/wp-content/uploads/2024/09/zerkalo_1win-768x692.jpg Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a1ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75954e04d173d6d6f21fe86d260a7febb0b0780b0c85c0dd77b852a097912652 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cf-cache-status MISS etag "66e56ae2-16b9a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HDK8FXimqG93ZXvZ%2Fi70APcknKvOPK%2BSuBP0FBOS5SANfKV05I3dZkvWRKthAfD9dCZAtxU23Vw60w8QfNN9dsUJBqKmGt0beJGpQ%2FIecHXZgGnDtx9e%2BYrx9a%2Bxojp9f5pzQp8ss0an%2FVBq"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 07:23:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=24116&sent=158&recv=35&lost=0&retrans=0&sent_bytes=153518&recv_bytes=3819&delivery_rate=2663264&cwnd=253&unsent_bytes=35048&cid=76066cf371ca7f34&ts=139&x=0" date Sun, 20 Oct 2024 07:23:10 GMT content-type image/jpeg last-modified Sat, 14 Sep 2024 10:52:18 GMT vary Accept-Encoding cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d5742cb583392f1-CPH accept-ranges bytes content-length 93082 server cloudflare
GET H2	200	1win_oficialny-site-768x391.jpg 1win-3qaw.xyz/wp-content/uploads/2024/09/	70 KB 70 KB	116ms 115ms	Image image/jpeg	2606:4700:3032::ac43:a1ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3qaw.xyz/wp-content/uploads/2024/09/1win_oficialny-site-768x391.jpg Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a1ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8d13fb2c3bc665c85f297aaa21a279f0e7eb744ae13d908b346f7e5c242a90aa Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cf-cache-status MISS etag "66e56a60-116d8" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fKsRajhNqpACottzreC%2F2Nk%2BTBFVHDd91KjeVupAtk5EaTxaX3uRtuYDSGukAjiZ%2FH9V4utDX%2BMiKhMWITjzM0vTj7STL4TVHtR0jbebo6kCUOwqh96Uu8osgT40hog093lQqOzDNHIb9xPX"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 07:23:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=24327&sent=102&recv=33&lost=0&retrans=0&sent_bytes=83190&recv_bytes=3819&delivery_rate=2175138&cwnd=253&unsent_bytes=0&cid=76066cf371ca7f34&ts=137&x=0" date Sun, 20 Oct 2024 07:23:10 GMT content-type image/jpeg last-modified Sat, 14 Sep 2024 10:50:08 GMT vary Accept-Encoding cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d5742cb785b92f1-CPH accept-ranges bytes content-length 71384 server cloudflare
GET H2	200	bk_1win-768x571.png 1win-3qaw.xyz/wp-content/uploads/2024/09/	289 KB 290 KB	121ms 120ms	Image image/png	2606:4700:3032::ac43:a1ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3qaw.xyz/wp-content/uploads/2024/09/bk_1win-768x571.png Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a1ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3f6924ffd773c0c3c4f9717f4ad4ba2e6c13dc9f532851d3ecc0990de0b27be2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cf-cache-status MISS etag "66e56b1c-4848d" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UIGhxIG%2BqgH%2B8vGVT50VBmj4hspYCWGn%2B4cGTfcucQBHb8NRGXLnI%2Bd%2B%2B6pobZ8FwMADrb%2F1IxDKDAEmHzAJmz742U1qGggFpEptPDhSWyK7YLgm1MkZ444yP70W9H8eAwFZEZSMp4Y8a5Rp"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 07:23:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=24116&sent=153&recv=35&lost=0&retrans=0&sent_bytes=147536&recv_bytes=3819&delivery_rate=2663264&cwnd=253&unsent_bytes=7889&cid=76066cf371ca7f34&ts=138&x=0" date Sun, 20 Oct 2024 07:23:10 GMT content-type image/png last-modified Sat, 14 Sep 2024 10:53:16 GMT vary Accept-Encoding cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d5742cb785c92f1-CPH accept-ranges bytes content-length 296077 server cloudflare
GET H3	200	bookmaker-rating.svg 1win-3zar.xyz/wp-content/uploads/2024/06/	23 KB 11 KB	83ms 82ms	Image image/svg+xml	172.67.149.47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3zar.xyz/wp-content/uploads/2024/06/bookmaker-rating.svg Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.149.47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12243290d99c3e3d822c15829bef0ff2c9789aefa5cf9b1f25711429a5232c10 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers content-encoding gzip cf-cache-status MISS etag W/"667308e4-5a4e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VdajzJqm0CzfD4hQL7B1X9qenJG1uljmLbi59OBsx4Ofpg2zMB%2FbutNa5NBZO5a%2BnNk1mb%2FLoqruWIqQy4PW8IlguX2Z0uaP6zS7u0xzY6aZqf9EIk%2FvyqBkzmQrTR%2Bm"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 07:23:09 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=25931&sent=28&recv=21&lost=0&retrans=0&sent_bytes=20414&recv_bytes=6534&delivery_rate=490489&cwnd=14400&unsent_bytes=0&cid=55d4bbd08869e90e&ts=415&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:23:09 GMT content-type image/svg+xml last-modified Wed, 19 Jun 2024 16:35:48 GMT vary Accept-Encoding priority u=3,i cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d5742caea441d0e-CPH server cloudflare
GET H3	200	casino-mentor.png 1win-3zar.xyz/wp-content/uploads/2024/06/	2 KB 2 KB	103ms 102ms	Image image/png	172.67.149.47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3zar.xyz/wp-content/uploads/2024/06/casino-mentor.png Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.149.47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 135d5b6cdac55c8f3598b1d5d04bcf737608501709df2567d270fd30ba02b25a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cf-cache-status MISS etag "667308ed-741" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V65h0%2FwREh4v8aUzuTIFER5Yi%2BXqXA2wyhy%2BmfxQNsFxbNkTyOm8VBVMYzJ9xYQr7BvgaOWkjBT8ikIELpb64D8Fg1yC5Jh56O1hfV7BgP5I2MNfjP4mHu3w0gAWjSU2"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 07:23:09 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=25931&sent=40&recv=21&lost=0&retrans=0&sent_bytes=33123&recv_bytes=6534&delivery_rate=490489&cwnd=14400&unsent_bytes=0&cid=55d4bbd08869e90e&ts=422&x=1", cfExtPri, cfHdrFlush;dur=13 date Sun, 20 Oct 2024 07:23:09 GMT content-type image/png last-modified Wed, 19 Jun 2024 16:35:57 GMT vary Accept-Encoding priority u=3,i cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d5742caea451d0e-CPH accept-ranges bytes content-length 1857 server cloudflare
GET H3	200	best-bitcoin-casino.png 1win-3zar.xyz/wp-content/uploads/2024/06/	972 B 2 KB	78ms 77ms	Image image/png	172.67.149.47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3zar.xyz/wp-content/uploads/2024/06/best-bitcoin-casino.png Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.149.47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 24397ec04f26d6b7c9465094a088ab89e4a4216accd5cb45e8563f694dd3fcd5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cf-cache-status MISS etag "667308f2-3cc" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FRTzleX8stGGnc3joA4usyBMMUsX8EU15MoJ%2FMf2psq5d8eBlpUdc45mf2Fej18vL568ME9z3ABlkWWKW%2BWYbF9TBejA0fevagkZi0VhyXwoB9bqJE9reyeWaS%2BNuQh7"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 07:23:09 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=25931&sent=26&recv=21&lost=0&retrans=0&sent_bytes=18723&recv_bytes=6534&delivery_rate=490489&cwnd=14400&unsent_bytes=0&cid=55d4bbd08869e90e&ts=411&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:23:09 GMT content-type image/png last-modified Wed, 19 Jun 2024 16:36:02 GMT vary Accept-Encoding priority u=3,i cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d5742caea481d0e-CPH accept-ranges bytes content-length 972 server cloudflare
GET H3	200	cricket-betting-guru.png 1win-3zar.xyz/wp-content/uploads/2024/06/	8 KB 9 KB	108ms 108ms	Image image/png	172.67.149.47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3zar.xyz/wp-content/uploads/2024/06/cricket-betting-guru.png Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.149.47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d996933d2daf078f08f1460583730af70894c8e2317c273661c10aa3affc5acd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cf-cache-status MISS etag "667308f8-1f83" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6mwRoSNng0x1ohpM%2FfO5wfAsMehzqPpT4HQSnMbGZW35AYEN0DuwOlzwN6yWMPzDGk%2F7CC9VbbVHh8TWT1La9KezSCPXIqAN3QA%2B%2BkVH1a68vbqhDKEOerbanW0UK4Lt"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 07:23:09 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=25931&sent=40&recv=21&lost=0&retrans=0&sent_bytes=33123&recv_bytes=6534&delivery_rate=490489&cwnd=14400&unsent_bytes=0&cid=55d4bbd08869e90e&ts=419&x=1", cfExtPri, cfHdrFlush;dur=21 date Sun, 20 Oct 2024 07:23:09 GMT content-type image/png last-modified Wed, 19 Jun 2024 16:36:08 GMT vary Accept-Encoding priority u=3,i cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d5742caea491d0e-CPH accept-ranges bytes content-length 8067 server cloudflare
GET H3	200	betraja.png 1win-3zar.xyz/wp-content/uploads/2024/06/	1 KB 2 KB	83ms 82ms	Image image/png	172.67.149.47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3zar.xyz/wp-content/uploads/2024/06/betraja.png Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.149.47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ad89292fa4c717acf6c24a9fa1f4c795f1e63f7e03bd4800c73f989c595a950 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cf-cache-status MISS etag "667308e9-41e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rDvUB7lghIuyqLW%2BrzSBs0%2FeWFa1G2XnkOBrhu%2FPux9%2Bj0CHtJY7eTMKkxAzdTi6wJkqlQVHoQiYKeunuUqpujRSfgXCYP6OxLJdJ8Ney99DN46s54cs6YmvusouuN4D"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 07:23:09 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=25931&sent=38&recv=21&lost=0&retrans=0&sent_bytes=31874&recv_bytes=6534&delivery_rate=490489&cwnd=14400&unsent_bytes=0&cid=55d4bbd08869e90e&ts=416&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:23:09 GMT content-type image/png last-modified Wed, 19 Jun 2024 16:35:53 GMT vary Accept-Encoding priority u=3,i cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d5742caea4c1d0e-CPH accept-ranges bytes content-length 1054 server cloudflare
GET H2	200	footer-logo-1.png 1win-3qaw.xyz/wp-content/themes/b1win/images/	1 KB 2 KB	89ms 88ms	Image image/png	2606:4700:3032::ac43:a1ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3qaw.xyz/wp-content/themes/b1win/images/footer-logo-1.png Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a1ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 90e7576f90759e21cacfb2dabae70fb566fa30f673d797b21836ca5166bb80b7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cf-cache-status REVALIDATED etag "666d66d8-4f2" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zgU9p5qGV9CLtuSDzP%2BM4IB9RbelhiKv6gYWJqcXvowFPYLCLszsDyq7Q56Rord2a3sSDJCwu6AkU86gJjfPjPQ6afh2RQrYwiQbts%2FqylbY5mVItx5ROojElyITiQJ0VQtEk5%2FiE8Tbvt9p"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 07:23:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=25806&sent=67&recv=25&lost=0&retrans=0&sent_bytes=52292&recv_bytes=3819&delivery_rate=951488&cwnd=253&unsent_bytes=0&cid=76066cf371ca7f34&ts=110&x=0" date Sun, 20 Oct 2024 07:23:10 GMT content-type image/png last-modified Sat, 15 Jun 2024 10:03:04 GMT vary Accept-Encoding cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d5742cb785d92f1-CPH accept-ranges bytes content-length 1266 server cloudflare
GET H2	200	scripts.min.js Show response 1win-3qaw.xyz/wp-content/themes/b1win/dist/js/	53 KB 19 KB	33ms 31ms	Script application/javascript	2606:4700:3032::ac43:a1ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1win-3qaw.xyz/wp-content/themes/b1win/dist/js/scripts.min.js?v=670f42fa604c8 Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a1ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15f2c90b73c8c753c661f5d2a89ac6d64be504e246d7a3b869ac1ce7c72feae0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers content-encoding gzip cf-cache-status HIT etag W/"666d66d8-d4e1" age 29 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vM4afN4Gl9NCpQSpQNkINsprI4H%2FJJc4XzIzwPQzZskU3ADFs5nDKWBNUI2w26NdnQMnFNsjOX%2FvuevbkAWw5LjBlC85Qu6HSAsxz7KVlmWnGGfNZSTXXvbnVAdnBRJpYGrtNyriudytbzOW"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 07:22:40 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=23063&sent=8&recv=17&lost=0&retrans=0&sent_bytes=3993&recv_bytes=2995&delivery_rate=175034&cwnd=252&unsent_bytes=0&cid=76066cf371ca7f34&ts=53&x=0" date Sun, 20 Oct 2024 07:23:09 GMT content-type application/javascript last-modified Sat, 15 Jun 2024 10:03:04 GMT vary Accept-Encoding cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d5742cb684992f1-CPH server cloudflare
GET H2	200	amstor.custom.js Show response 1win-3qaw.xyz/wp-content/themes/b1win/src/js/	706 B 909 B	43ms 40ms	Script application/javascript	2606:4700:3032::ac43:a1ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1win-3qaw.xyz/wp-content/themes/b1win/src/js/amstor.custom.js?v=670f42fa604eb Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a1ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 756844cbef2c261084c6b107d3eee04d1c57a7cdaba4db9daa298628902d9657 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers content-encoding gzip cf-cache-status HIT etag W/"66ea4843-2c2" age 30 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dko4RfriJENI6Wtxa%2FlKlyqNe6x8D1VEQIVtNAYDy244uasDEV%2BNjC%2BxiW5ljpYlzX4vjQul35P1ObLb0mPyteCZU1R6EVE0nVKiu0Xq%2FQNEIi6GgHl9xZLGo3miXQplTW1i5DDbKncirbsa"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 07:22:40 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=23063&sent=28&recv=19&lost=0&retrans=0&sent_bytes=23959&recv_bytes=3819&delivery_rate=175034&cwnd=253&unsent_bytes=0&cid=76066cf371ca7f34&ts=61&x=0" date Sun, 20 Oct 2024 07:23:10 GMT content-type application/javascript last-modified Wed, 18 Sep 2024 03:25:55 GMT vary Accept-Encoding cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d5742cb785392f1-CPH server cloudflare
GET H2	200	free-money-link-image.png 1win-3qaw.xyz/wp-content/themes/b1win/amstor/img-h/	5 KB 6 KB	80ms 80ms	Image image/png	2606:4700:3032::ac43:a1ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3qaw.xyz/wp-content/themes/b1win/amstor/img-h/free-money-link-image.png Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a1ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d652f09af7a4abeaa6cd6a77f32598dd33e3b7b8a55c032409cd2ecacd11db7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cf-cache-status MISS etag "66e6d9ca-149a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CpgiMOMKqenWTk%2BYf0BU5eK91CMEiQ1mj6bPBYbek98gKGMaiuqz8vS6TrLFNrtQWL66gjWZxkLB4JemGjRFOPThJc4CZNKCYN75GZLi4k%2BMb4gJnmGo3BnariX45fYnM2Rq0j47nP3SK6Cc"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 07:23:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=24042&sent=459&recv=220&lost=0&retrans=0&sent_bytes=546875&recv_bytes=4237&delivery_rate=13581055&cwnd=552&unsent_bytes=0&cid=76066cf371ca7f34&ts=224&x=0" date Sun, 20 Oct 2024 07:23:10 GMT content-type image/png last-modified Sun, 15 Sep 2024 12:57:46 GMT vary Accept-Encoding cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d5742cc291592f1-CPH accept-ranges bytes content-length 5274 server cloudflare
GET H2	200	mob-menu-icon.svg 1win-3qaw.xyz/wp-content/themes/b1win/images/	246 B 646 B	85ms 85ms	Image image/svg+xml	2606:4700:3032::ac43:a1ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3qaw.xyz/wp-content/themes/b1win/images/mob-menu-icon.svg Requested by Host: 1win-3qaw.xyz URL: https://1win-3qaw.xyz/wp-content/cache/wpfc-minified/fqxyx66j/hxyqs.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a1ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e4dde0e19aac71665ae11664fcee341cd579f6c579e225e782f433c0e778a31 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3qaw.xyz/wp-content/cache/wpfc-minified/fqxyx66j/hxyqs.css Response headers cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"666d66d8-f6" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5X1vcZ2sGwMuyI%2F7y0spPKxxgIK5DrQeNtTzgsOzm6tm8rGuUBckAO1QEefLmwfD6GX8akx75tJfprATfb7ZZoUVsUv61HvfLqxnG9eDkfHzBRHXwROUfXsyyrpZNX8PruO4AH3zx1Bz651N"}],"group":"cf-nel","max_age":604800} cf-ray 8d5742cc391992f1-CPH expires Mon, 21 Oct 2024 07:23:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=24042&sent=503&recv=220&lost=0&retrans=0&sent_bytes=601582&recv_bytes=4237&delivery_rate=13581055&cwnd=552&unsent_bytes=8725&cid=76066cf371ca7f34&ts=224&x=0" date Sun, 20 Oct 2024 07:23:10 GMT content-type image/svg+xml last-modified Sat, 15 Jun 2024 10:03:04 GMT vary Accept-Encoding server cloudflare
GET H2	200	stad.webp 1win-3qaw.xyz/wp-content/uploads/2024/06/	56 KB 56 KB	82ms 82ms	Image image/webp	2606:4700:3032::ac43:a1ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1win-3qaw.xyz/wp-content/uploads/2024/06/stad.webp Requested by Host: 1win-3qaw.xyz URL: https://1win-3qaw.xyz/wp-content/cache/wpfc-minified/fqxyx66j/hxyqs.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a1ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee8a2a9fbda38b653e3ac9f6c399756377258cd790ca9a82cb0760f2c41ef87b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3qaw.xyz/wp-content/cache/wpfc-minified/fqxyx66j/hxyqs.css Response headers cf-cache-status REVALIDATED etag "66715dfa-de66" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B1ESlShY7bEXr%2BoAItDD%2FQ7nkHcOLWyRpGLiSQSH4AIFLjOcvcHdPIPWy8%2ByPDzOtCXGSJZnTKZJxWExIPTzHHZoTqrSXgWzA%2BbjdQe4v6zeH6flZt0yFVXpgNQLG%2F5omQHy6AkqreeckJAY"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 07:23:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=24042&sent=465&recv=220&lost=0&retrans=0&sent_bytes=552670&recv_bytes=4237&delivery_rate=13581055&cwnd=552&unsent_bytes=0&cid=76066cf371ca7f34&ts=224&x=0" date Sun, 20 Oct 2024 07:23:10 GMT content-type image/webp last-modified Tue, 18 Jun 2024 10:14:18 GMT vary Accept-Encoding cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d5742cc391b92f1-CPH accept-ranges bytes content-length 56934 server cloudflare
GET		vipnagorgiallabdit.woff2 1win-3qaw.xyz/wp-content/themes/b1win/styles/fonts/	0 0
GET H3	200	UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2 fonts.gstatic.com/s/inter/v18/	18 KB 18 KB	108ms 47ms	Font font/woff2	142.250.185.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Inter%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900&display=auto&ver=3.3.1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f3.1e100.net Software sffe / Resource Hash 62cc01daef72c3ea76a258445368d2f4ab8d05a91f91c53fd12f7c42e3325942 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://1win-3zar.xyz Referer https://fonts.googleapis.com/ Response headers age 359110 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 16 Oct 2025 03:38:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 16 Oct 2024 03:38:00 GMT last-modified Mon, 29 Jul 2024 22:47:20 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18740 x-xss-protection 0 server sffe
GET H3	200	UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 fonts.gstatic.com/s/inter/v18/	47 KB 47 KB	111ms 51ms	Font font/woff2	142.250.185.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Inter%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900&display=auto&ver=3.3.1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f3.1e100.net Software sffe / Resource Hash f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://1win-3zar.xyz Referer https://fonts.googleapis.com/ Response headers age 359217 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 16 Oct 2025 03:36:13 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 16 Oct 2024 03:36:13 GMT last-modified Mon, 29 Jul 2024 22:51:01 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 48444 x-xss-protection 0 server sffe
GET		vipnagorgiallabdit.woff 1win-3qaw.xyz/wp-content/themes/b1win/styles/fonts/	0 0
GET DATA	200 OK	truncated /	2 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 881429761e5e2ab2c861f937308d7b278236ee41f06c0402b061a5d70c49c176 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/gif
GET H/1.1	200 OK	s9.g efreecode.com/	43 B 224 B	132ms 131ms	Image image/gif	18.208.5.78 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://efreecode.com/s9.g?login=1winnn12&srw=1600&srh=1200&jv=false&j=y&srb=24&l= Requested by Host: 1win-3zar.xyz URL: https://1win-3zar.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_CBC Server 18.208.5.78 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-208-5-78.compute-1.amazonaws.com Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers Cache-Control no-store,must-revalidate Content-Length 43 Date Sun, 20 Oct 2024 07:23:10 GMT Content-Type image/gif Server nginx Connection keep-alive
GET		vipnagorgiallabdit.ttf 1win-3qaw.xyz/wp-content/themes/b1win/styles/fonts/	0 0
GET H3	200	favicon.png 1win-3qaw.xyz/wp-content/uploads/2024/05/	543 B 1 KB	81ms 81ms	Other image/png	172.67.161.234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1win-3qaw.xyz/wp-content/uploads/2024/05/favicon.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.161.234 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c17b7c33400c7f9aa8cc9ff3c866a487627c8f31155c99f26adec35c3dbf7123 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cf-cache-status REVALIDATED etag "666d66d7-21f" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pJ2wKCigLhXRxuFaC%2BqxZeil00bcG0SRMLgKVCUm1fWODsYorgeVQ671xb1P3JuYH%2F1Xy811%2BbXTErb6vH1shEt6EEDgFZXua1oSatNTQhYrI%2FFaTqBsH%2FVh7DYOaDGa"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 07:23:11 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=23679&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4234&recv_bytes=4463&delivery_rate=565&cwnd=12000&unsent_bytes=0&cid=13c1ff5bff418f1c&ts=1829&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:23:11 GMT content-type image/png last-modified Sat, 15 Jun 2024 10:03:03 GMT vary Accept-Encoding priority u=1,i cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d5742d74d9492b8-CPH accept-ranges bytes content-length 543 server cloudflare
GET H3	200	favicon.png 1win-3qaw.xyz/wp-content/uploads/2024/05/	543 B 0	0ms 0ms	Other image/png	172.67.161.234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1win-3qaw.xyz/wp-content/uploads/2024/05/favicon.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.161.234 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c17b7c33400c7f9aa8cc9ff3c866a487627c8f31155c99f26adec35c3dbf7123 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://1win-3zar.xyz/ Response headers cf-cache-status REVALIDATED etag "666d66d7-21f" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pJ2wKCigLhXRxuFaC%2BqxZeil00bcG0SRMLgKVCUm1fWODsYorgeVQ671xb1P3JuYH%2F1Xy811%2BbXTErb6vH1shEt6EEDgFZXua1oSatNTQhYrI%2FFaTqBsH%2FVh7DYOaDGa"}],"group":"cf-nel","max_age":604800} expires Mon, 21 Oct 2024 07:23:11 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=23679&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4234&recv_bytes=4463&delivery_rate=565&cwnd=12000&unsent_bytes=0&cid=13c1ff5bff418f1c&ts=1829&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 20 Oct 2024 07:23:11 GMT content-type image/png last-modified Sat, 15 Jun 2024 10:03:03 GMT vary Accept-Encoding priority u=1,i cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d5742d74d9492b8-CPH accept-ranges bytes content-length 543 server cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

1win-3qaw.xyz

URL

https://1win-3qaw.xyz/wp-content/themes/b1win/styles/fonts/vipnagorgiallabdit.woff2

Domain

1win-3qaw.xyz

URL

https://1win-3qaw.xyz/wp-content/themes/b1win/styles/fonts/vipnagorgiallabdit.woff

Domain

1win-3qaw.xyz

URL

https://1win-3qaw.xyz/wp-content/themes/b1win/styles/fonts/vipnagorgiallabdit.ttf

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| myFunction object| ajax object| webpackChunkg function| ETFreeGetStyle function| ETFreetrackercode

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			1win-3zar.xyz/	1970-01-21 09:09:04	Name: pll_language Value: ru

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://1win-3zar.xyz/ Message: Access to font at 'https://1win-3qaw.xyz/wp-content/themes/b1win/styles/fonts/vipnagorgiallabdit.woff2' from origin 'https://1win-3zar.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://1win-3qaw.xyz/wp-content/themes/b1win/styles/fonts/vipnagorgiallabdit.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://1win-3zar.xyz/ Message: Access to font at 'https://1win-3qaw.xyz/wp-content/themes/b1win/styles/fonts/vipnagorgiallabdit.woff' from origin 'https://1win-3zar.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://1win-3qaw.xyz/wp-content/themes/b1win/styles/fonts/vipnagorgiallabdit.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://1win-3zar.xyz/ Message: Access to font at 'https://1win-3qaw.xyz/wp-content/themes/b1win/styles/fonts/vipnagorgiallabdit.ttf' from origin 'https://1win-3zar.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://1win-3qaw.xyz/wp-content/themes/b1win/styles/fonts/vipnagorgiallabdit.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1win-3qaw.xyz
1win-3zar.xyz
efreecode.com
fonts.googleapis.com
fonts.gstatic.com
1win-3qaw.xyz
142.250.185.195
172.67.149.47
172.67.161.234
18.208.5.78
2606:4700:3032::ac43:a1ea
2a00:1450:4001:830::200a
06cee660e5b0dfa3ec59c1a1e03e4ab3da6cb22d1e49c9c51f9cf84ed925e304
0afff374cbc83adf07b49a5318746673c2c0b464784985d3eac7fc1bf47456cf
12243290d99c3e3d822c15829bef0ff2c9789aefa5cf9b1f25711429a5232c10
135d5b6cdac55c8f3598b1d5d04bcf737608501709df2567d270fd30ba02b25a
15f2c90b73c8c753c661f5d2a89ac6d64be504e246d7a3b869ac1ce7c72feae0
19f8c7fd19b6611a0225ea210763971454d218b3206cd2dc478b5a1708e4d00e
1dc3bf31ad0c9dad2963f2f65f394253a0fb5fc549bd8226c2dfd3f3f36cfe13
24397ec04f26d6b7c9465094a088ab89e4a4216accd5cb45e8563f694dd3fcd5
2ad89292fa4c717acf6c24a9fa1f4c795f1e63f7e03bd4800c73f989c595a950
2fd48c96ed2380a0e83d27f0f0321d56118de1bdffe31a6068a29368d0bc1026
358cfe33d6b15df8bc4da747b9603dd53edaf6efbd087417e935af0b16bb732d
3f6924ffd773c0c3c4f9717f4ad4ba2e6c13dc9f532851d3ecc0990de0b27be2
3fec37a1f8d10fd1ec31bea03ddc02e1b36af2b7c2fc5ea9a75fd308e9fdda0b
52953914122eca6d894a9805f16d029b8b1e714d0812da44c0417a9fc3a87b40
5e4dde0e19aac71665ae11664fcee341cd579f6c579e225e782f433c0e778a31
62cc01daef72c3ea76a258445368d2f4ab8d05a91f91c53fd12f7c42e3325942
756844cbef2c261084c6b107d3eee04d1c57a7cdaba4db9daa298628902d9657
75954e04d173d6d6f21fe86d260a7febb0b0780b0c85c0dd77b852a097912652
77db3a814b522288645e5c994fd7f538e4899223d77583c7a155f79d39f1ffc1
881429761e5e2ab2c861f937308d7b278236ee41f06c0402b061a5d70c49c176
8d13fb2c3bc665c85f297aaa21a279f0e7eb744ae13d908b346f7e5c242a90aa
90e7576f90759e21cacfb2dabae70fb566fa30f673d797b21836ca5166bb80b7
9d652f09af7a4abeaa6cd6a77f32598dd33e3b7b8a55c032409cd2ecacd11db7
c17b7c33400c7f9aa8cc9ff3c866a487627c8f31155c99f26adec35c3dbf7123
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1274f71943ff89abe4122aa755cb1415407d48432ff213dcdf06e2e4633d3e4
d996933d2daf078f08f1460583730af70894c8e2317c273661c10aa3affc5acd
de9a991d648a698ba57e534178d52fd8d5a8f19f2c740447e8ecad1cd39d4f94
e36cd0f2581d2d09454f222ff9ab69a9e5a639c54550ac42fa2fa96ac7d77043
ee8a2a9fbda38b653e3ac9f6c399756377258cd790ca9a82cb0760f2c41ef87b
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f70dfb04db96877ea2e3abd371506cc717a68b3a2cbc3428ad7b8678462d06ce
fa3eaf80e133cbefcad93a9ccddf4f5040a9e8918edf2467dd9759afe0c042d5