urlscan.io logo urlscan.io
SecurityTrails logo

1win-fxy.top Open in urlscan Pro
172.67.163.98  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://g89kw.1win-vbn3.xyz/
Effective URL: https://1win-fxy.top/
Submission: On December 03 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 26 HTTP transactions. The main IP is 172.67.163.98, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1win-fxy.top.
TLS certificate: Issued by WE1 on November 22nd 2024. Valid for: 3 months.
This is the only time 1win-fxy.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.10.243.9 57724 (DDOS-GUAR...)
16 172.67.163.98 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
8 192.0.77.48 2635 (AUTOMATTIC)
26 4
Apex Domain
Subdomains		 Transfer
16 1win-fxy.top
1win-fxy.top
293 KB
8 w.org
s.w.org — Cisco Umbrella Rank: 4753
9 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 740
20 KB
1 1win-vbn3.xyz
g89kw.1win-vbn3.xyz
478 B
26 4
Domain Requested by
16 1win-fxy.top 1win-fxy.top
8 s.w.org 1win-fxy.top
2 unpkg.com 1 redirects 1win-fxy.top
1 g89kw.1win-vbn3.xyz 1 redirects
26 4

This site contains no links.

Subject Issuer Validity Valid
1win-fxy.top
WE1		 2024-11-22 -
2025-02-20		 3 months crt.sh
*.w.org
Sectigo ECC Domain Validation Secure Server CA		 2023-12-18 -
2025-01-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://1win-fxy.top/
Frame ID: 96A9772E3523C2737F0BBE9CDBBBD6F7
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1Вин официальный сайт игровых автоматов онлайн казино

Page URL History Show full URLs

  1. https://g89kw.1win-vbn3.xyz/ HTTP 301
    https://1win-fxy.top/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

26
Requests

92 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

321 kB
Transfer

575 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://g89kw.1win-vbn3.xyz/ HTTP 301
    https://1win-fxy.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://unpkg.com/alpinejs@3.14.3/dist/cdn.min.js?ver=6.6.2 HTTP 302
  • https://unpkg.com/alpinejs@3.14.3/dist/cdn.min.js

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1win-fxy.top/
Redirect Chain
  • https://g89kw.1win-vbn3.xyz/
  • https://1win-fxy.top/
45 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1win-fxy.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a065e513dbe2a40a3a0ea0c438c67c4db3508625206b194510857600f98fae19

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ec54467acd5f7d1-LAX
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Tue, 03 Dec 2024 17:27:24 GMT
link
<https://1win-fxy.top/wp-json/>; rel="https://api.w.org/" <https://1win-fxy.top/wp-json/wp/v2/pages/2>; rel="alternate"; title="JSON"; type="application/json" <https://1win-fxy.top/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qY%2F%2B7PAxLcUeMg63G%2F4VO18o3uAGMt1MaldX1nhGmxqNhuNIvNQdgNX3%2B5k8Uy2eLyjnKVkdvogDrDMIFXJQB1bBOVaeDppGSj960QizpbDx%2FpcR02lfFisIU0s848Q%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=79813&min_rtt=78657&rtt_var=14411&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4235&recv_bytes=4485&delivery_rate=255&cwnd=12000&unsent_bytes=0&cid=8558f91ce2157e62&ts=418&x=1" cfExtPri cfHdrFlush;dur=0
x-pingback
https://1win-fxy.top/xmlrpc.php

Redirect headers

content-encoding
br
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Tue, 03 Dec 2024 17:27:23 GMT
location
https://1win-fxy.top/
server
ddos-guard
vary
Accept-Encoding
x-redirect-by
WordPress
style.min.css
1win-fxy.top/wp-includes/css/dist/block-library/ 		110 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-fxy.top/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"66e0f390-1b72b"
age
2698
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=28y%2FmVSe6qEqV8hJCoXzp9KhMeq6zJzb0aY5EaConLfSMUvKBQEmAT5UN3UqQEog2Vn8h%2BZHGHAWl8yHb1fE1LfaSGg7hU9hmRsQIVElfSKmlorhOXx%2FBjMgdqV4cRI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=78340&min_rtt=72009&rtt_var=5048&sent=41&recv=25&lost=0&retrans=0&sent_bytes=35423&recv_bytes=7506&delivery_rate=123291&cwnd=16800&unsent_bytes=0&cid=8558f91ce2157e62&ts=587&x=1", cfExtPri, cfHdrFlush;dur=57
date
Tue, 03 Dec 2024 17:27:24 GMT
content-type
text/css
last-modified
Wed, 11 Sep 2024 01:34:08 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec5446aa93ff7d1-LAX
server
cloudflare
style.css
1win-fxy.top/wp-content/themes/bk/ 		29 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-fxy.top/wp-content/themes/bk/style.css?ver=1.0.14
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da0530e4bdb9fb9b3da5e2655e5b7b1de5e0ca798f0c4450e9715b83a8a2bab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"6726058e-7550"
age
2698
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eKArlMkva%2FhfvDLqGKvRm%2BTNQ9ccmWatgXpE8vgyYxlv7ap62PET0sqnbKaQiFc%2Buh%2FC21kNyv06VQEPGUUC3lIn2kwHpLCfbSAutNj8pEcNTrfMLjpJM3B%2FVPIj7OY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=78340&min_rtt=72009&rtt_var=5048&sent=41&recv=25&lost=0&retrans=0&sent_bytes=35423&recv_bytes=7506&delivery_rate=123291&cwnd=16800&unsent_bytes=0&cid=8558f91ce2157e62&ts=590&x=1", cfExtPri, cfHdrFlush;dur=73
date
Tue, 03 Dec 2024 17:27:24 GMT
content-type
text/css
last-modified
Sat, 02 Nov 2024 10:57:18 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec5446aa943f7d1-LAX
server
cloudflare
utilities.css
1win-fxy.top/wp-content/themes/bk/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-fxy.top/wp-content/themes/bk/utilities.css?ver=1.0.14
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25048bdd90b9af51bf2ca65fbbdafe8d82eca2f8f9579b288a8ae64273313e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"6726058e-18ee"
age
2698
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TSX1p5P9e6yuCjMv5Aw%2F3SUBJTQXH4oaiAX%2Besm2Y7lwDmJ8rBcqeH2kYX2yirtg1QjJoNYc84OwgBcZ%2F5bA%2FuoKoOx7DPcVfD1aAQ3znkrcd7rhi4rR6ANeNOEu7s0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=78340&min_rtt=72009&rtt_var=5048&sent=37&recv=25&lost=0&retrans=0&sent_bytes=30889&recv_bytes=7506&delivery_rate=123291&cwnd=16800&unsent_bytes=0&cid=8558f91ce2157e62&ts=587&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 17:27:24 GMT
content-type
text/css
last-modified
Sat, 02 Nov 2024 10:57:18 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec5446aa94cf7d1-LAX
server
cloudflare
jquery.min.js
1win-fxy.top/wp-includes/js/jquery/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-fxy.top/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"66d55316-15601"
age
2698
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dHP6fyDUHXDLEBZTbfxEcmbPg3IkyWvFbKumHOfBFUcuwZ9u5RfS5fRYSgWYAmKTy3yoBC9NO8cvcmiQwddgihB8zIc5jx%2FGTxAAYypMvqG0WyTC7Fn2%2F30p1ONG6Dc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=78340&min_rtt=72009&rtt_var=5048&sent=27&recv=25&lost=0&retrans=0&sent_bytes=19441&recv_bytes=7506&delivery_rate=123291&cwnd=16800&unsent_bytes=0&cid=8558f91ce2157e62&ts=586&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 17:27:24 GMT
content-type
application/javascript
last-modified
Mon, 02 Sep 2024 05:54:30 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec5446aa952f7d1-LAX
server
cloudflare
jquery-migrate.min.js
1win-fxy.top/wp-includes/js/jquery/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-fxy.top/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"66d55316-3509"
age
2698
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Drg8K6oQ0ARYMQxeWMnLwfcQTdS%2B6cOf8AtZ9IiInIT832EzkfTmLRV7Hb5r0JLbuF5CDPP5rgVIOhrVnMHTRUlPej1XjrPz6QcJsDpDTfxzKEP2%2BLiho97r9nQY1OE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=78340&min_rtt=72009&rtt_var=5048&sent=41&recv=25&lost=0&retrans=0&sent_bytes=35423&recv_bytes=7506&delivery_rate=123291&cwnd=16800&unsent_bytes=0&cid=8558f91ce2157e62&ts=591&x=1", cfExtPri, cfHdrFlush;dur=72
date
Tue, 03 Dec 2024 17:27:24 GMT
content-type
application/javascript
last-modified
Mon, 02 Sep 2024 05:54:30 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec5446aa958f7d1-LAX
server
cloudflare
cdn.min.js
unpkg.com/alpinejs@3.14.3/dist/
Redirect Chain
  • https://unpkg.com/alpinejs@3.14.3/dist/cdn.min.js?ver=6.6.2
  • https://unpkg.com/alpinejs@3.14.3/dist/cdn.min.js
44 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/alpinejs@3.14.3/dist/cdn.min.js
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H2
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
689f513978d11d69f4d33794f7296c9a586a2e55de79bb447cddbc3f474f9f07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"aefb-R6i+gIPjatYPNnhWV9PvyY0o02Q"
age
2357783
x-content-type-options
nosniff
date
Tue, 03 Dec 2024 17:27:24 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JC0GE0YJK1Y9MYT027BEVCPV-lax
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8ec5446c9b2808f4-LAX
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
location
/alpinejs@3.14.3/dist/cdn.min.js
content-encoding
br
cf-cache-status
HIT
age
633
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8ec5446bf9f408f4-LAX
access-control-allow-origin
*
date
Tue, 03 Dec 2024 17:27:24 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JE6RCNFMBVKNB8ZGFD10CMMJ-lax
server
cloudflare
1win600-3.png
1win-fxy.top/wp-content/uploads/2024/11/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-fxy.top/wp-content/uploads/2024/11/1win600-3.png
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b031f692a01ecb5b356e4c85e3cac37bf854a0c83b893ddacebb102895490880

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

cf-cache-status
HIT
etag
"6725f508-45ec"
age
2698
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fjNRlcWb9tGcEW4O5z2xgDoe4TLnUamGKdvH4qMnYTrCcXbaAKuixS0GEhg8Z5XeaDaGY0yy7KfulvnAwa3L2exA5%2FQfkYB1XMRjtQUlnV6Lu%2BgsOVM22SbG7tACS24%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=78340&min_rtt=72009&rtt_var=5048&sent=41&recv=25&lost=0&retrans=0&sent_bytes=35423&recv_bytes=7506&delivery_rate=123291&cwnd=16800&unsent_bytes=0&cid=8558f91ce2157e62&ts=589&x=1", cfExtPri, cfHdrFlush;dur=74
date
Tue, 03 Dec 2024 17:27:24 GMT
content-type
image/png
last-modified
Sat, 02 Nov 2024 09:46:48 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec5446aa95df7d1-LAX
accept-ranges
bytes
content-length
17900
server
cloudflare
1-Official-page-1win-Medium-7.jpeg
1win-fxy.top/wp-content/uploads/2024/11/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-fxy.top/wp-content/uploads/2024/11/1-Official-page-1win-Medium-7.jpeg
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
debfebd5aa985138cb08c3a6faa8d7ddf3e2c0781818e4f92be5f7d4efd53d16

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

cf-cache-status
HIT
etag
"6729e816-268c"
age
2698
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=foQpBVGNcWGTwKqdLQfJJiZlA9AMdXrwjiq078r0M%2Ft%2BMDtmKXfDNywQMyzuuVY4%2BIJoOiZc90ndE8JQdknE9pAnAsyOTDoPIDKRk4vVf5wvYY5z6h3OpR1oQPHZouA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=78340&min_rtt=72009&rtt_var=5048&sent=28&recv=25&lost=0&retrans=0&sent_bytes=20135&recv_bytes=7506&delivery_rate=123291&cwnd=16800&unsent_bytes=0&cid=8558f91ce2157e62&ts=587&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 17:27:24 GMT
content-type
image/jpeg
last-modified
Tue, 05 Nov 2024 09:40:38 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec5446aa960f7d1-LAX
accept-ranges
bytes
content-length
9868
server
cloudflare
2-Mirror-1win-Medium-7.jpeg
1win-fxy.top/wp-content/uploads/2024/11/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-fxy.top/wp-content/uploads/2024/11/2-Mirror-1win-Medium-7.jpeg
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d6f427cb3c04d64b17582099d97c2edf185b7264a2953c635d26bb3f78af41c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

cf-cache-status
HIT
etag
"6729e818-d85f"
age
2698
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SpGD72UZNmI5EzPMP4NPRaNpGjO35zfpBbVYE77lsRzhqHhjqZoe4IB%2FEh2mJX65JbDA3eBKsXFiODZNF9fa7kW7i2s9lBF9puVYSuk7mSujNVWDMXbK48QWidbYw%2F8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=78340&min_rtt=72009&rtt_var=5048&sent=41&recv=25&lost=0&retrans=0&sent_bytes=35423&recv_bytes=7506&delivery_rate=123291&cwnd=16800&unsent_bytes=0&cid=8558f91ce2157e62&ts=597&x=1", cfExtPri, cfHdrFlush;dur=66
date
Tue, 03 Dec 2024 17:27:24 GMT
content-type
image/jpeg
last-modified
Tue, 05 Nov 2024 09:40:40 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec5446aa967f7d1-LAX
accept-ranges
bytes
content-length
55391
server
cloudflare
3-Casino-1win-Medium-7.jpeg
1win-fxy.top/wp-content/uploads/2024/11/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-fxy.top/wp-content/uploads/2024/11/3-Casino-1win-Medium-7.jpeg
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
121a0b0787f4a8568152ed0f4078e854c01d81d2682cbe69bc2095c473c6f104

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

cf-cache-status
HIT
etag
"6729e81a-7a2a"
age
5521
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GnyZWv1r7si3SZstx04PSDyXdHNDyxCbOdrzzwXsHJNK9NPFE60U6P2Fb%2FAvpkhT1SfP2cvRfcge6hFOtky0N1zK55jIudf%2BNKX%2F4rCTee%2FvAme%2Bk9t5rSMu3Bem0uU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=88611&min_rtt=72009&rtt_var=10050&sent=67&recv=34&lost=0&retrans=0&sent_bytes=62747&recv_bytes=8222&delivery_rate=223095&cwnd=27300&unsent_bytes=0&cid=8558f91ce2157e62&ts=678&x=1", cfExtPri, cfHdrFlush;dur=66
date
Tue, 03 Dec 2024 17:27:24 GMT
content-type
image/jpeg
last-modified
Tue, 05 Nov 2024 09:40:42 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec5446b4b6ef7d1-LAX
accept-ranges
bytes
content-length
31274
server
cloudflare
4-Sign-up-1win-Medium-7.jpeg
1win-fxy.top/wp-content/uploads/2024/11/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-fxy.top/wp-content/uploads/2024/11/4-Sign-up-1win-Medium-7.jpeg
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f832aa5104983e9a1b8bbd73314a2b460e7ea0bf0e8f2acea4668c4da822ee1e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

cf-cache-status
HIT
etag
"6729e81b-9d6c"
age
5522
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2eEDkuHCxxV5AMaU6GYEPbmNaSAVDpnKduySmw2rZsDde6Mc8q1qtLKJG0N9ahSwBhp4e6BW9TOfHtpsN9NZFujXszeuGtWcFz6BqivuglLr1veZQN5pmdFzgsgraAg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=82049&min_rtt=72009&rtt_var=3656&sent=220&recv=78&lost=21&retrans=21&sent_bytes=236379&recv_bytes=10782&delivery_rate=587180&cwnd=79170&unsent_bytes=0&cid=8558f91ce2157e62&ts=1109&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 17:27:25 GMT
content-type
image/jpeg
last-modified
Tue, 05 Nov 2024 09:40:43 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec5446ddeddf7d1-LAX
accept-ranges
bytes
content-length
40300
server
cloudflare
5-Log-in-1win-Medium-7.jpeg
1win-fxy.top/wp-content/uploads/2024/11/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-fxy.top/wp-content/uploads/2024/11/5-Log-in-1win-Medium-7.jpeg
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e67a75aab5a717677db03e831a6a04fbbb540712e196ce39f3b86266faa8d0cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

cf-cache-status
HIT
etag
"6729e81d-b1d4"
age
5522
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OLZe2Rm049bJnhk96V26ITWOD8WZSKKjr%2B1TCGctZZL2W3fYrUZTcpHSLXhkk06qLhhejhCLJF3MQ97K6d%2BY4nFQWxmbGUwa%2FyDP8SqSiNJjKlPy%2FRLp%2FOMGuwg0i94%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=88239&min_rtt=72009&rtt_var=7084&sent=259&recv=84&lost=21&retrans=21&sent_bytes=279585&recv_bytes=11644&delivery_rate=21144&cwnd=79170&unsent_bytes=0&cid=8558f91ce2157e62&ts=1313&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 17:27:25 GMT
content-type
image/jpeg
last-modified
Tue, 05 Nov 2024 09:40:45 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec5446f3d26f7d1-LAX
accept-ranges
bytes
content-length
45524
server
cloudflare
clipboard.min.js
1win-fxy.top/wp-content/themes/bk/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-fxy.top/wp-content/themes/bk/js/clipboard.min.js?ver=2.0.8
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11be927cda59c8b6019ebbea838285c5beaf21183ea4b83dbd4e4fbf9413ce4a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"6726058e-29b4"
age
5522
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uble49C%2FwS0bJdf9XJcThWnVuy9eTmYVtz54lcAU%2FXFAhtQ0ay%2FG1gqt2UresGCw4tFRW9P6gDUIPuzkqqEfpxCpn%2FsCYqT3yPQ7r69FaIfsgH1mvCxMahYHmZQ538k%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=82049&min_rtt=72009&rtt_var=3656&sent=215&recv=78&lost=21&retrans=21&sent_bytes=231921&recv_bytes=10782&delivery_rate=587180&cwnd=79170&unsent_bytes=0&cid=8558f91ce2157e62&ts=1100&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 17:27:25 GMT
content-type
application/javascript
last-modified
Sat, 02 Nov 2024 10:57:18 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec5446ddee4f7d1-LAX
server
cloudflare
custom.js
1win-fxy.top/wp-content/themes/bk/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-fxy.top/wp-content/themes/bk/js/custom.js?ver=1.0.0
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eab6cc4281436c1f242017546b3eff4fc1a95386d0372c855d0873fd195cea7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"6726058e-570"
age
5522
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=chF5ej661oRzdlmUpTbq%2BZhBA1Tyi3g1kFo0K0u6GCE2OIZsX6vvjV6mWHO4cIzuOFgA3nCKSLKPoXucb%2Br8wQ2okBG%2B4k4Ev6gJKhZualGVlvce7l3z8fJ%2FxtQZPhQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=86183&min_rtt=72009&rtt_var=6999&sent=256&recv=82&lost=21&retrans=21&sent_bytes=278259&recv_bytes=11229&delivery_rate=414660&cwnd=79170&unsent_bytes=0&cid=8558f91ce2157e62&ts=1204&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 17:27:25 GMT
content-type
application/javascript
last-modified
Sat, 02 Nov 2024 10:57:18 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec5446e8a40f7d1-LAX
server
cloudflare
bf3f4de5-3444-4405-a116-b0065c1bb077
https://1win-fxy.top/ 		0
0
wp-emoji-release.min.js
1win-fxy.top/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-fxy.top/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"66d55316-4926"
age
5521
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hUT0qbMBOJr6Rw1h2Tpg5zu6xmI3Kd13e2K0N5c0VIwrk8R7ac%2F7SpFLsRPUr4UBsNDqzK1J7KPWhZ9PUxo26yV4DRtdSo63chk4V%2BNbzfQqbq8%2BmmkwOk3HHL3yNQ0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=85084&min_rtt=72009&rtt_var=6076&sent=300&recv=89&lost=21&retrans=21&sent_bytes=326829&recv_bytes=12107&delivery_rate=522612&cwnd=79170&unsent_bytes=0&cid=8558f91ce2157e62&ts=1422&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 17:27:25 GMT
content-type
application/javascript
last-modified
Mon, 02 Sep 2024 05:54:30 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec5446feffff7d1-LAX
server
cloudflare
2699.svg
s.w.org/images/core/emoji/15.0.3/svg/ 		1014 B
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/15.0.3/svg/2699.svg
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
fd50660faa8eab2d0d56a11232c99c161e4f12e3e1697824b4037eb8374056ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

vary
Accept-Encoding
cache-control
max-age=315360000
content-encoding
br
x-nc
HIT bur 2
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 17:27:25 GMT
content-type
image/svg+xml
last-modified
Tue, 30 Jan 2024 01:15:16 GMT
server
nginx
x-frame-options
SAMEORIGIN
2728.svg
s.w.org/images/core/emoji/15.0.3/svg/ 		1 KB
823 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/15.0.3/svg/2728.svg
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
9271962e9fc8257ce9e008bde83ac1408a2f196db6142548769f290873b70b93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

vary
Accept-Encoding
cache-control
max-age=315360000
content-encoding
br
x-nc
HIT bur 2
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 17:27:25 GMT
content-type
image/svg+xml
last-modified
Tue, 30 Jan 2024 01:15:39 GMT
server
nginx
x-frame-options
SAMEORIGIN
1f3c6.svg
s.w.org/images/core/emoji/15.0.3/svg/ 		1 KB
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/15.0.3/svg/1f3c6.svg
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
7510cc92013c2cd6c8271e3435539d9870044945e4a50151a50b18e61ee4ba83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

vary
Accept-Encoding
cache-control
max-age=315360000
content-encoding
br
x-nc
HIT bur 2
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 17:27:25 GMT
content-type
image/svg+xml
last-modified
Tue, 30 Jan 2024 01:21:10 GMT
server
nginx
x-frame-options
SAMEORIGIN
1f4b8.svg
s.w.org/images/core/emoji/15.0.3/svg/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/15.0.3/svg/1f4b8.svg
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
ba092715bd6bd22a504e8b81116bfa85f85f5b1987800fcfcd36ddc63bc9fce0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

vary
Accept-Encoding
cache-control
max-age=315360000
content-encoding
br
x-nc
HIT bur 2
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 17:27:25 GMT
content-type
image/svg+xml
last-modified
Tue, 30 Jan 2024 01:15:38 GMT
server
nginx
x-frame-options
SAMEORIGIN
1f680.svg
s.w.org/images/core/emoji/15.0.3/svg/ 		677 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/15.0.3/svg/1f680.svg
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
3892ef66f49ce43d49c8719e9277da0e0e821059f0cc239a549f6629cc12b3cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

vary
Accept-Encoding
cache-control
max-age=315360000
content-encoding
br
x-nc
HIT bur 2
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 17:27:25 GMT
content-type
image/svg+xml
last-modified
Tue, 30 Jan 2024 01:15:16 GMT
server
nginx
x-frame-options
SAMEORIGIN
1f911.svg
s.w.org/images/core/emoji/15.0.3/svg/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/15.0.3/svg/1f911.svg
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
cf3cee22c8db46b0bb32815b28fa6b4582bc7d92150d49cf62ae4260979bc718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

vary
Accept-Encoding
cache-control
max-age=315360000
content-encoding
br
x-nc
HIT bur 2
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 17:27:25 GMT
content-type
image/svg+xml
last-modified
Tue, 30 Jan 2024 01:15:16 GMT
server
nginx
x-frame-options
SAMEORIGIN
1f4b0.svg
s.w.org/images/core/emoji/15.0.3/svg/ 		1 KB
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/15.0.3/svg/1f4b0.svg
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
100ecea07468a02c810a78e200b9e7e874d508e859d3106aa19260bebc46c88b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

vary
Accept-Encoding
cache-control
max-age=315360000
content-encoding
br
x-nc
HIT bur 2
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 17:27:26 GMT
content-type
image/svg+xml
last-modified
Tue, 30 Jan 2024 01:21:10 GMT
server
nginx
x-frame-options
SAMEORIGIN
1f340.svg
s.w.org/images/core/emoji/15.0.3/svg/ 		1 KB
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/15.0.3/svg/1f340.svg
Requested by
Host: 1win-fxy.top
URL: https://1win-fxy.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
762a21a73ce5607534f037e439debaf601dc84f319a5c318d1a71c855c3bb0fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

vary
Accept-Encoding
cache-control
max-age=315360000
content-encoding
br
x-nc
HIT bur 2
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 03 Dec 2024 17:27:26 GMT
content-type
image/svg+xml
last-modified
Tue, 30 Jan 2024 01:18:34 GMT
server
nginx
x-frame-options
SAMEORIGIN
8-4.png
1win-fxy.top/wp-content/uploads/2024/11/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://1win-fxy.top/wp-content/uploads/2024/11/8-4.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc6f02142c2c205a1cd661ba19f372d6236cdba31b51715bdb5d282436057edd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1win-fxy.top/

Response headers

cf-cache-status
HIT
etag
"6725f509-99d"
age
5522
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0e0upxjcf0eU7aYzfQO2IECuRD9SrOwK3k1dYEPsyPotdtKXdYOMIc8APf9dEC%2FlxegkLp5oxoJ6Pn%2BR5Rtnb6akgm1XReGBekD9wy8Eira7pQ0AsXM9pvpTbooLjOE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=85530&min_rtt=72009&rtt_var=5448&sent=307&recv=91&lost=21&retrans=21&sent_bytes=332975&recv_bytes=12509&delivery_rate=57308&cwnd=79170&unsent_bytes=0&cid=8558f91ce2157e62&ts=2140&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 17:27:26 GMT
content-type
image/png
last-modified
Sat, 02 Nov 2024 09:46:49 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec544745abcf7d1-LAX
accept-ranges
bytes
content-length
2461
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
1win-fxy.top
URL
blob:https://1win-fxy.top/bf3f4de5-3444-4405-a116-b0065c1bb077

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings function| jQuery object| Alpine function| ClipboardJS object| twemoji object| wp

4 Cookies

Domain/Path Name / Value
.1win-vbn3.xyz/ Name: __ddg8_
Value: hIGhwRDzj7sHPYjn
.1win-vbn3.xyz/ Name: __ddg9_
Value: 162.245.206.249
.1win-vbn3.xyz/ Name: __ddg10_
Value: 1733246843
.1win-vbn3.xyz/ Name: __ddg1_
Value: MeD7dOcgABolSBHh0bEu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1win-fxy.top
g89kw.1win-vbn3.xyz
s.w.org
unpkg.com
1win-fxy.top
172.67.163.98
192.0.77.48
2606:4700::6811:f6cb
45.10.243.9
0d6f427cb3c04d64b17582099d97c2edf185b7264a2953c635d26bb3f78af41c
100ecea07468a02c810a78e200b9e7e874d508e859d3106aa19260bebc46c88b
11be927cda59c8b6019ebbea838285c5beaf21183ea4b83dbd4e4fbf9413ce4a
121a0b0787f4a8568152ed0f4078e854c01d81d2682cbe69bc2095c473c6f104
25048bdd90b9af51bf2ca65fbbdafe8d82eca2f8f9579b288a8ae64273313e3d
3892ef66f49ce43d49c8719e9277da0e0e821059f0cc239a549f6629cc12b3cf
4da0530e4bdb9fb9b3da5e2655e5b7b1de5e0ca798f0c4450e9715b83a8a2bab
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
689f513978d11d69f4d33794f7296c9a586a2e55de79bb447cddbc3f474f9f07
7510cc92013c2cd6c8271e3435539d9870044945e4a50151a50b18e61ee4ba83
762a21a73ce5607534f037e439debaf601dc84f319a5c318d1a71c855c3bb0fc
8eab6cc4281436c1f242017546b3eff4fc1a95386d0372c855d0873fd195cea7
9271962e9fc8257ce9e008bde83ac1408a2f196db6142548769f290873b70b93
a065e513dbe2a40a3a0ea0c438c67c4db3508625206b194510857600f98fae19
b031f692a01ecb5b356e4c85e3cac37bf854a0c83b893ddacebb102895490880
ba092715bd6bd22a504e8b81116bfa85f85f5b1987800fcfcd36ddc63bc9fce0
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cf3cee22c8db46b0bb32815b28fa6b4582bc7d92150d49cf62ae4260979bc718
dc6f02142c2c205a1cd661ba19f372d6236cdba31b51715bdb5d282436057edd
debfebd5aa985138cb08c3a6faa8d7ddf3e2c0781818e4f92be5f7d4efd53d16
e67a75aab5a717677db03e831a6a04fbbb540712e196ce39f3b86266faa8d0cc
f832aa5104983e9a1b8bbd73314a2b460e7ea0bf0e8f2acea4668c4da822ee1e
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
fd50660faa8eab2d0d56a11232c99c161e4f12e3e1697824b4037eb8374056ea