destinyfw.xyz Open in urlscan Pro
172.67.145.118 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://takeoneaudio.com/gorrz?dzkNpJxHsBlYS=htpkvNmgTsmyv17aanvf01byy301nn3x0z1vr1106hg9e6hxmg
Effective URL:
https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996
Submission: On November 07 via api (November 7th 2023, 8:51:22 pm UTC) from CZ — Scanned from DE

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 5 countries across 8 domains to perform 27 HTTP transactions. The main IP is 172.67.145.118, located in United States and belongs to CLOUDFLARENET, US. The main domain is destinyfw.xyz.
TLS certificate: Issued by GTS CA 1P5 on October 8th 2023. Valid for: 3 months.

This is the only time destinyfw.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	78.142.61.74 78.142.61.74	200628 (BGO-CLOUD) (BGO-CLOUD)
1 1	35.189.245.169 35.189.245.169	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.78.223.0 34.78.223.0	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.36.58.128 34.36.58.128	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 22	172.67.145.118 172.67.145.118	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.27.152 104.21.27.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.177.88 172.67.177.88	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	20.50.64.3 20.50.64.3	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
27	4

1 78.142.61.74 (Bulgaria) 1 redirects

ASN200628 (BGO-CLOUD, BG)
PTR: takeoneaudio.com

takeoneaudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.189.245.169 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 169.245.189.35.bc.googleusercontent.com

check-funnel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.78.223.0 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 0.223.78.34.bc.googleusercontent.com

link-routes-3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.58.128 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 128.58.36.34.bc.googleusercontent.com

www.solar4innovate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.67.145.118 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

destinyfw.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.27.152 (None, )

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.177.88 (United States)

ASN13335 (CLOUDFLARENET, US)

virtualpushplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.64.3 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pushvisit.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	destinyfw.xyz 1 redirects destinyfw.xyz	2 MB
3	virtualpushplatform.com virtualpushplatform.com — Cisco Umbrella Rank: 278907	4 KB
2	pushvisit.xyz pushvisit.xyz — Cisco Umbrella Rank: 248582	2 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1002	426 KB
1	solar4innovate.com 1 redirects www.solar4innovate.com	481 B
1	link-routes-3.com 1 redirects link-routes-3.com	744 B
1	check-funnel.com 1 redirects check-funnel.com	341 B
1	takeoneaudio.com 1 redirects takeoneaudio.com	304 B
27	8

	Domain	Requested by
22	destinyfw.xyz	1 redirects destinyfw.xyz
3	virtualpushplatform.com	destinyfw.xyz virtualpushplatform.com
2	pushvisit.xyz	virtualpushplatform.com
1	use.fontawesome.com	destinyfw.xyz
1	www.solar4innovate.com	1 redirects
1	link-routes-3.com	1 redirects
1	check-funnel.com	1 redirects
1	takeoneaudio.com	1 redirects
27	8

This site contains no links.

Subject Issuer	Validity	Valid
destinyfw.xyz GTS CA 1P5	`2023-10-08` - `2024-01-06`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-14` - `2024-02-13`	a year	crt.sh
pushvisit.xyz Sectigo RSA Domain Validation Secure Server CA	`2023-08-02` - `2024-08-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996
Frame ID: 37D9B80056C8EE4F9DD6A017934A3F0D
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Récompenses du sondage

Page URL History Show full URLs

http://takeoneaudio.com/gorrz?dzkNpJxHsBlYS=htpkvNmgTsmyv17aanvf01byy301nn3x0z1vr1106hg9e6hxmg HTTP 302
https://check-funnel.com/?a=996&oc=18770&c=50823&m=3&s1=35_836728_2782653&s2=2439_2238123_06hg9e6_37&... HTTP 302
https://link-routes-3.com/?a=996&oc=18770&c=50823&m=3&s1=35_836728_2782653&s2=2439_2238123_06hg9e6_37&... HTTP 302
https://www.solar4innovate.com/B1Z33J/KKJW2S4/?sub2=334903191&source_id=996 HTTP 302
https://destinyfw.xyz/KDQYgR9KT1/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&... HTTP 302
https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

27
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

4
IPs

5
Countries

2137 kB
Transfer

2986 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://takeoneaudio.com/gorrz?dzkNpJxHsBlYS=htpkvNmgTsmyv17aanvf01byy301nn3x0z1vr1106hg9e6hxmg HTTP 302
https://check-funnel.com/?a=996&oc=18770&c=50823&m=3&s1=35_836728_2782653&s2=2439_2238123_06hg9e6_37&s3=440556891_176-115-236-15&s5=1cyjdan HTTP 302
https://link-routes-3.com/?a=996&oc=18770&c=50823&m=3&s1=35_836728_2782653&s2=2439_2238123_06hg9e6_37&s3=440556891_176-115-236-15&s5=1cyjdan&ckmguid=31ee046c-7511-4e09-81de-596e7bceddc1 HTTP 302
https://www.solar4innovate.com/B1Z33J/KKJW2S4/?sub2=334903191&source_id=996 HTTP 302
https://destinyfw.xyz/KDQYgR9KT1/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 HTTP 302
https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response destinyfw.xyz/ Redirect Chain http://takeoneaudio.com/gorrz?dzkNpJxHsBlYS=htpkvNmgTsmyv17aanvf01byy301nn3x0z1vr1106hg9e6hxmg https://check-funnel.com/?a=996&oc=18770&c=50823&m=3&s1=35_836728_2782653&s2=2439_2238123_06hg9e6_37&s3=440556891_176-115-236-15&s5=1cyjdan https://link-routes-3.com/?a=996&oc=18770&c=50823&m=3&s1=35_836728_2782653&s2=2439_2238123_06hg9e6_37&s3=440556891_176-115-236-15&s5=1cyjdan&ckmguid=31ee046c-7511-4e09-81de-596e7bceddc1 https://www.solar4innovate.com/B1Z33J/KKJW2S4/?sub2=334903191&source_id=996 https://destinyfw.xyz/KDQYgR9KT1/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996	29 KB 6 KB	48ms 47ms	Document text/html	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `340e7d47c7b0ee18747f67299993fb1a904f06f1513bd45de035a55043181230` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 82287406ec485ca4-FRA content-encoding br content-type text/html date Tue, 07 Nov 2023 20:51:15 GMT last-modified Wed, 18 Oct 2023 12:16:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISUiHfNe03%2FrvUn%2BVpxfAu6FJbk3NwCzg96%2BCusQgMG9gPyzs25Uxq5Wm0DcLbTuzoX4D%2FuBopq9Na5GYgr9UKeqBykp7YdOH8VpuZxlBAJobaQ4N7sItmiwHZydXbdm"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 822874067bdf5ca4-FRA content-type text/html date Tue, 07 Nov 2023 20:51:15 GMT location https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgIBff%2BES64nN0%2BhLOa4z1o4eq4lGLbKNltNG5vhyftxLovFaiH3NgaeqCgNIbDiliVfMd7fhhs3TNve50rm82AgfhqODKpDWfAkIZRQ%2Bx5gS7NDIUOkk2zVn2HfJ8G0"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	style.css destinyfw.xyz/css/	17 KB 4 KB	75ms 74ms	Stylesheet text/css	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://destinyfw.xyz/css/style.css Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0dda363b63a3ccd26b84c081a5212deab00504cabe723f805c43a9b63a0fed40` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:15 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 08 May 2023 17:32:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"565509138" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIHyU9qXRGjHZQdD2hGJYLXxiCSviN9FImUypSFLk5rrBFYe4aR4n3IRV8ZX55Lvcx8H2pCNuPxMhwwwTz6pbm2rvkl0pXE5wxGcDvsP9vY63NabbQED6ohhqbWDZUSQ"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control no-cache cf-ray 822874073cba5ca4-FRA alt-svc h3=":443"; ma=86400
GET H2	200	animate.min.css destinyfw.xyz/css/	70 KB 6 KB	97ms 96ms	Stylesheet text/css	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://destinyfw.xyz/css/animate.min.css Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:15 GMT content-encoding br cf-cache-status DYNAMIC last-modified Tue, 28 Jun 2022 17:36:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2015554646" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvUZOj68OXrYhUFHynJ8D0BXmZcGRiGr8nLdL5rLqf4MOqB2CaKTdKOSuo8G0f0KQFivIaABlq%2BN0y2deZMNRY5z73swtPHE1qubvdbTUMW6%2BIkCViP1T3tzUvHS%2BDDr"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control no-cache cf-ray 822874073cbc5ca4-FRA alt-svc h3=":443"; ma=86400
GET H2	200	all.js Show response use.fontawesome.com/releases/v5.15.4/js/	1 MB 426 KB	1168ms 44ms	Script application/javascript	104.21.27.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.15.4/js/all.js Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.27.152 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf` Request headers Referer https://destinyfw.xyz/ Origin https://destinyfw.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:17 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Sep 2023 01:45:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1588982 etag W/"5e29440867fdb02a48dffded02338c31" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0zIVxmGajvDeCAePzLLHA0qwplwvPlNrcoEPw98fCZPujlozxXDFxQ5DIhXELjXCcrqT7Zxu1p2mLC5V7SfM8esTLPKgZhHyOR3nzD4GuufquxR%2BMB2gFJ%2BcBgx%2FZm7YUlEmZ3z"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31556926 cf-ray 8228740fad241ac5-FRA alt-svc h3=":443"; ma=86400
GET H2	200	datehead.js Show response destinyfw.xyz/js/	2 KB 889 B	68ms 67ms	Script application/javascript	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://destinyfw.xyz/js/datehead.js Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2a7c8cd7e91584a085baf5356fd9ab39bc3c671870e3786cbe33c3db256b5604` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:15 GMT content-encoding br cf-cache-status DYNAMIC last-modified Tue, 07 Feb 2023 18:51:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"205022882" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4F4SwsF8H3BQ12%2Fk0AfKTLpw5BxG0iMnzQMjqrEP6b%2BQYIAF752wqz6N%2BHWol4MC3OuBFSWiL27SA0flEvBFp3lgQnlrBP21YgThHLs1dGdba%2FaZxvRCbdlsnVIAA2ZN"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control no-cache cf-ray 822874073cbd5ca4-FRA alt-svc h3=":443"; ma=86400
GET H2	200	ace-push.js Show response virtualpushplatform.com/	10 KB 4 KB	387ms 29ms	Script text/javascript	172.67.177.88 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://virtualpushplatform.com/ace-push.js Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.177.88 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5b7b38d49ff538ea30f98de682751d8edd607525a9f204564ed9353f6e678d06` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:16 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3700 cf-polished origSize=13415 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 16 Aug 2023 15:12:14 GMT server cloudflare etag W/"1d9d0540989ef67" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6B6uJDBYoZ29pvAOFs%2BbNJyQkcJ9emL7h4o%2BW3D8fvSnBmAsNUk3qdCEmJxp8F1UB0u%2F4VYrgCQ7GYFub8ZiU5zmf8%2BA0KQp75RNNjjaOGo6qvIO1%2F6WaaIEuDf1E0ZP9Rkx1h2PKl5mA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=3600 cf-ray 822874098b216909-FRA
GET H2	200	logo.png destinyfw.xyz/images/	11 KB 12 KB	81ms 80ms	Image image/png	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/logo.png Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6a9251f89a6881f12818f5828abe92a1394276147b5154deda045ad0896c48d3` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:15 GMT cf-cache-status DYNAMIC last-modified Mon, 08 May 2023 16:06:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2062059475" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvYEQVeNCOZbO5db4uMImv0Y17hIh4vL2qKQaqujeacQRz5Q6hBsYSC2DXNUUV%2BI9lQshHMBW03iDsAcClkC%2FTMTfqfSQwI5xi25Sw9kzuWo3Fb80Apq8gsvecvvo3n1"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control no-cache accept-ranges bytes cf-ray 822874073cbf5ca4-FRA alt-svc h3=":443"; ma=86400 content-length 11550
GET H2	200	flaglogo.png destinyfw.xyz/images/	2 KB 3 KB	32ms 31ms	Image image/png	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/flaglogo.png Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `34dec14054d91cc30a846052731bae860fb13fa5cbe2b62dc955930ed81ebb6c` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:15 GMT cf-cache-status DYNAMIC last-modified Thu, 03 Nov 2022 06:50:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1513118183" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FFqeY6fJ6HnR4esXOKuYMgur%2BEe1DvRV7E6%2BXp2wmiEndc12Bet0Z3R14Jn4FgMrvcDBoh8Jsh31tvUTcMlt0k6bAhMuNe80wa4Ia7oaIqI%2F329pfVXagZ%2FlhHg9wEV"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control no-cache accept-ranges bytes cf-ray 822874073cc05ca4-FRA alt-svc h3=":443"; ma=86400 content-length 2308
GET H2	200	product.png destinyfw.xyz/images/	518 KB 519 KB	53ms 53ms	Image image/png	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/product.png Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d0cdba2c922eda972c2f9a96abf69ca9f9ac0a4d9386e8de5b00c71ba4d15449` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:15 GMT cf-cache-status DYNAMIC last-modified Thu, 04 May 2023 22:31:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "4206574600" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfVMrF7vwH9ZB5XTUGzMGgXTpSXNCqAVjk7bpdf3SPS93owQl2Srv%2By4VlttDiKyem38v%2F7kE0seOcNRowrvKQncVK9aOvV9htlQPYh3Oi63FnDZWOGHPPW9hYlnI2nt"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control no-cache accept-ranges bytes cf-ray 822874077d005ca4-FRA alt-svc h3=":443"; ma=86400 content-length 530709
GET H2	200	loadingRD.gif destinyfw.xyz/images/	121 KB 122 KB	68ms 67ms	Image image/gif	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/loadingRD.gif Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0bd0d5e70f48939d0f06dc174eabc2f89f8215cf23f22df0cecdfa4e3f648064` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:15 GMT cf-cache-status DYNAMIC last-modified Mon, 08 May 2023 16:13:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "3340244306" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmR4zw4Duoi%2FZXhceQGDMlFGSucUeDa3qzhMWLuwcF7KgVDZmf6wOwXf3tYaiHfzlWgGnkgkzkAkMCweFE6Qs34KMje6YQ2JA6xcJZMedjx3iqTJ861jUyQHL9K1UqlB"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control no-cache accept-ranges bytes cf-ray 82287407cd6e5ca4-FRA alt-svc h3=":443"; ma=86400 content-length 124326
GET H2	200	prize1.png destinyfw.xyz/images/	467 KB 468 KB	45ms 45ms	Image image/png	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/prize1.png Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4dfc10d7b7789510e5b20b85e582e4fca1a346c87473de5bbca1c8c3ecd257e` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:15 GMT cf-cache-status DYNAMIC last-modified Thu, 04 May 2023 22:30:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "952091145" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nVbY3sNv87HrCNPtbXy7Ejpt%2FEwW79HpvXy%2BLcEF79TlHvlrqrD7qNNm2%2F22ZpmRQ4OLYcHok2ME8h6ngOsCAuVXNaEGLkqT2ON0nyiY0QNB8Yyu6DXh33Q0eJwDmW%2B"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control no-cache accept-ranges bytes cf-ray 822874080dd65ca4-FRA alt-svc h3=":443"; ma=86400 content-length 478039
GET H2	200	1.jpg destinyfw.xyz/images/	53 KB 53 KB	57ms 57ms	Image image/jpeg	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/1.jpg Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `609638eda5a0802f689f6cd7093b8c04203e8a7d380560703427202a0669c754` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:16 GMT cf-cache-status DYNAMIC last-modified Thu, 27 Oct 2022 08:19:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "3728314197" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9D2dfsyJa1dasATMG8t0WMy5AywGKhWjcowtjM%2Fna8M80Inn3h29WtN5N0g%2FG2KfmVPVw1q1HPRWUjzEbZi5uD%2BBC0D%2BAFLl3qZRHI8ZH1OW6oN3qkEfVOW97yvwhLBW"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control no-cache accept-ranges bytes cf-ray 82287409b8585ca4-FRA alt-svc h3=":443"; ma=86400 content-length 53891
GET H2	200	2.jpg destinyfw.xyz/images/	38 KB 39 KB	58ms 56ms	Image image/jpeg	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/2.jpg Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3726b1f4b3896a1732d72294945c4d459fcfa3341cd52eba3c53c2695e6ddc0a` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:16 GMT cf-cache-status DYNAMIC last-modified Thu, 27 Oct 2022 08:20:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2408644437" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqJhCX9%2Bv%2FZrCqHdZj8wJ5RRxLso3OU5kp%2BGXQJuAe6dL2YmRKK0qgIFkvRexs%2BRlskdLUABDY%2BvPBI%2FyBPNPogG%2BHPtVS%2BiRAPYbpSFgMwzk%2BwNp5xqbQludC00dmma"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control no-cache accept-ranges bytes cf-ray 82287409b8655ca4-FRA alt-svc h3=":443"; ma=86400 content-length 39092
GET H2	200	comm_pic_1.jpg destinyfw.xyz/images/	72 KB 73 KB	62ms 60ms	Image image/jpeg	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/comm_pic_1.jpg Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6502cf5a2a5769fe9372669a3ad7c7ec7c13b64550c414bd12332c0418888f1f` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:16 GMT cf-cache-status DYNAMIC last-modified Thu, 04 May 2023 22:33:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1533685257" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4ZyylynL%2BNfCyHMMKqhppT8xq3c5aqoRzhO0kk5OeFHYXZMtELZtUpGRezQnlG%2BMczdecusP%2Btb4LVZ7ScNQLlJcgoDWT6yxS6khvARtvF3bWThinlnhLhQAGFPpdpZ"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control no-cache accept-ranges bytes cf-ray 82287409b8665ca4-FRA alt-svc h3=":443"; ma=86400 content-length 74030
GET H2	200	3.jpg destinyfw.xyz/images/	46 KB 47 KB	59ms 57ms	Image image/jpeg	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/3.jpg Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0c7a3b7317394dd60e3133f86ca4e82ca5107a00c93fe248b1e377c9ace8e4ce` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:16 GMT cf-cache-status DYNAMIC last-modified Thu, 27 Oct 2022 08:20:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "3975708501" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xunF8D5wFcsAPbGtRMytx2uXDBkOcsMi2hNq4KMfM9gtAQ2UoPg9SiWS6YkXs8xQQcKLt%2FxV%2FAPg92DataI7zi8LGpIdfFfY1AMcgYwxf%2B8B2LEdIsik2cZWKg9%2Bm%2BML"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control no-cache accept-ranges bytes cf-ray 82287409b8675ca4-FRA alt-svc h3=":443"; ma=86400 content-length 47320
GET H2	200	4.jpg destinyfw.xyz/images/	35 KB 35 KB	64ms 63ms	Image image/jpeg	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/4.jpg Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `126d10d15fe82745b61efa4b92471ab582ba2057a2aadffd8a0c0d846550407a` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:16 GMT cf-cache-status DYNAMIC last-modified Thu, 27 Oct 2022 08:20:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "3219443541" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xePid%2B05GttCAWFjj09%2BKLE7NGPq6C8XZ1PV5f%2BXBgzJTFpqO21oY59jYvNwwd9%2FpG5GWyXmwV2q5GO%2Fclqrnw1U%2FhRpK0El2RrBpulYwdsl6FtyvChoeDHf09X5sa4P"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control no-cache accept-ranges bytes cf-ray 82287409b86a5ca4-FRA alt-svc h3=":443"; ma=86400 content-length 35770
GET H2	200	comm_pic_2.jpg destinyfw.xyz/images/	79 KB 79 KB	102ms 101ms	Image image/jpeg	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/comm_pic_2.jpg Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `adc69e4dc6ca8be9efc957fd8235cb61a53b678a8e6d852dcdaefaa825190543` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:16 GMT cf-cache-status DYNAMIC last-modified Thu, 04 May 2023 22:33:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1816981001" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQmZH06vO6%2BekTgnQdiuE9L9WYVSFthc59gTOphjwyLZkag3jRic8dD6ww9QXbWRUDCfcuFbX4Qcv5JrfKZsKtWPc09gXAYKXb2kWEPapdRjCqxTlYUDUdfpZ5NTPz1N"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control no-cache accept-ranges bytes cf-ray 82287409b86b5ca4-FRA alt-svc h3=":443"; ma=86400 content-length 80842
GET H2	200	5.jpg destinyfw.xyz/images/	48 KB 49 KB	95ms 93ms	Image image/jpeg	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/5.jpg Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `369a79cca006827baf7e0cd3fe2482a2c2395965ddeb2523109075c281cb35ee` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:16 GMT cf-cache-status DYNAMIC last-modified Thu, 27 Oct 2022 08:20:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2841501525" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kCVz%2FPSvQbAYgf059jElx7r7QZrh6yjGTj1Gw8GqRbZVxVLyvb9Oj3sH9mORDfRe8CsBkaakiacTRyUzVa2qYatshnn0Z2k5mU%2FQqbI2c2CE83v1M%2BSwApc8Tpw8xTpk"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control no-cache accept-ranges bytes cf-ray 82287409c86e5ca4-FRA alt-svc h3=":443"; ma=86400 content-length 49519
GET H2	200	f_guarantee.png destinyfw.xyz/images/	6 KB 7 KB	80ms 79ms	Image image/png	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/f_guarantee.png Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:16 GMT cf-cache-status DYNAMIC last-modified Thu, 21 Apr 2022 15:23:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "4237458722" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9enGjlUmNIEGUSiIcQ05Wken%2FiYt%2Ft3N4pd0qogyzNtsJAVQU2TGP14wMqHbqrTmeGksY1IgbDkEVcgATjgY597KgPhumRSszmB8ZQSc3Edzp%2Fw0naFl4IkIR%2BKWr8mk"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control no-cache accept-ranges bytes cf-ray 82287409c8725ca4-FRA alt-svc h3=":443"; ma=86400 content-length 6352
GET H2	200	f_secure_1.png destinyfw.xyz/images/	10 KB 10 KB	88ms 88ms	Image image/png	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/f_secure_1.png Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:16 GMT cf-cache-status DYNAMIC last-modified Thu, 21 Apr 2022 15:23:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2385378595" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPB5FnxhEbWf7EBnGjArkFUtINXvpgp7zeYCF9zFV9QiRhHLbSf%2FfFJSHnMyGaOeEnYlm4D5Qs9NpYUi3%2BpHZSQ67Cw3cu%2FKNZeIaxrebWC84gp82iSt7bApxXgQMlhs"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control no-cache accept-ranges bytes cf-ray 82287409c8735ca4-FRA alt-svc h3=":443"; ma=86400 content-length 9862
GET H2	200	logo2.png destinyfw.xyz/images/	11 KB 12 KB	91ms 91ms	Image image/png	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/logo2.png Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `02ffa19f3baadc4092dfcd8b133a653767dd0879a62945464dc23f943a83fd8c` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:16 GMT cf-cache-status DYNAMIC last-modified Mon, 08 May 2023 16:06:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "229582611" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpAGpkNQ9w7jz%2FrlfjVxAZdcgLcowyY%2FYDmnSDRZgvVkYS8FfF9zGpwvdxKWEjhfVmQNfx8GeLz%2FCCsP%2BWpvUJmaE2HdnluQu%2F3zdCjHVAj4MY03OU4sygxUTvDgRnxx"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control no-cache accept-ranges bytes cf-ray 82287409c8745ca4-FRA alt-svc h3=":443"; ma=86400 content-length 11510
GET H2	200	script.js Show response destinyfw.xyz/js/	8 KB 1 KB	35ms 34ms	Script application/javascript	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://destinyfw.xyz/js/script.js Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `777d05e0f787d4704c670a85a8d41dbab248821292cb0e384f2afb1e36b2c44f` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:15 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 31 Aug 2022 07:03:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1634324984" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2u3hGcPd4e8cRT6VNxXPjUvIlmhgIAWUtPI32HQ7xZiTN68NC33cuqM0GDcI%2B%2BiPWg9mRm7iddPSSO0A1WvYUdmhwDCvcDz4tqW%2F7BD1D2yO9fmYUbTD84IewAhaBZH"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control no-cache cf-ray 822874083e3e5ca4-FRA alt-svc h3=":443"; ma=86400
GET H2	200	bg.png destinyfw.xyz/images/	162 KB 162 KB	106ms 106ms	Image image/png	172.67.145.118 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/bg.png Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.118 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `133bddbbaa4e71d24dd6de60682c957d940113d36733b938d520ca37a488583b` Request headers accept-language de-DE,de;q=0.9 Referer https://destinyfw.xyz/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 20:51:16 GMT cf-cache-status DYNAMIC last-modified Tue, 07 Feb 2023 19:01:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "682250786" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNFnN%2BfP3bMMMoGGEwpmTUF7FjxpHvi0QkvbuewrPxbYbm8hYG4u%2F8uuR7w3pCFVkp6sx%2BYQ0qkqoBvQIZ4ljeOwjga9qKOD5rSAychs2mdkRuJKe226dPrTxiXG5sLz"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control no-cache accept-ranges bytes cf-ray 82287409c8755ca4-FRA alt-svc h3=":443"; ma=86400 content-length 165467
POST H2	200	visit Show response pushvisit.xyz/api/v1/	2 KB 2 KB	49ms 48ms	Fetch application/json	20.50.64.3 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pushvisit.xyz/api/v1/visit Requested by Host: virtualpushplatform.com URL: https://virtualpushplatform.com/ace-push.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Kestrel / Resource Hash `a0f065b2d654bd18d5c5a36d659d35f81d0aca3c55143e8f8c85ba0a07981760` Request headers Referer https://destinyfw.xyz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Content-type application/json Response headers access-control-allow-origin * date Tue, 07 Nov 2023 20:51:16 GMT server Kestrel content-length 1546 content-type application/json; charset=utf-8
OPTIONS H2	200	visit pushvisit.xyz/api/v1/	0 0	104ms 31ms	Preflight	20.50.64.3 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pushvisit.xyz/api/v1/visit Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://destinyfw.xyz Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-origin * content-length 0 date Tue, 07 Nov 2023 20:51:16 GMT
POST H2	200	log-client-error virtualpushplatform.com/api/v1/visit/	0 0	50ms 50ms	Fetch	172.67.177.88 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://virtualpushplatform.com/api/v1/visit/log-client-error Requested by Host: virtualpushplatform.com URL: https://virtualpushplatform.com/ace-push.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.177.88 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://destinyfw.xyz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Content-type application/json Response headers date Tue, 07 Nov 2023 20:51:17 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EK6VO%2FMfnnKZ09V%2FLvu%2BTMQCTOzQNcIveISAb4dxAtoum4kAxF3j81uVFG3c5Qmk4VzJVKstoGjg6fqWkau%2BOE3vfFTk3IB8ijYMbq63R4bW7t3UiS5uyalTEbBi8LJavAxrE64kx0ubKQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 82287415192b65d9-FRA alt-svc h3=":443"; ma=86400 content-length 0
OPTIONS H2	200	log-client-error virtualpushplatform.com/api/v1/visit/	0 0	466ms 135ms	Preflight	172.67.177.88 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://virtualpushplatform.com/api/v1/visit/log-client-error Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.177.88 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://destinyfw.xyz Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 822874144fdc65d9-FRA content-length 0 date Tue, 07 Nov 2023 20:51:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ag4UDcmcBWxAJzEYZt8phmWMdrf5U1ue7DZ7evXZ2UCkEmKpi6q2x%2FsQeRpZ4nStcawMxgqRb%2BM%2FGzip9VkWI4kyApuiueH%2BP5OXWBXGcO7UQa9sF6qaJ3Mh1ei4AQqq%2BbT%2BYlX%2FFMm3Fg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.link-routes-3.com/	1969-12-31 23:59:59	Name: sq Value: TaKqRhMnM1NDhX2UHTv9LVoMrkNNuC2UB2ZUlQIPgupyq9OOuVCiSg==
.link-routes-3.com/	1970-01-21 01:39:10	Name: tym Value: kyG9P8kTyTM/jQkvRVvA4VoMrkNNuC2UB2ZUlQIPgupyq9OOuVCiSg==
.link-routes-3.com/	1970-01-20 16:46:22	Name: c18718 Value: TaKqRhMnM1NWxtWV2zRw+KRRWJgPcXmswsCHsS3zXiNphxFtoydJPg==
www.solar4innovate.com/	1970-01-20 16:04:36	Name: uniqueClick_KKJW2S4 Value: 5ee4f6c2-943f-4976-9038-291b7118572f:1699390274
www.solar4innovate.com/	1970-01-20 18:12:46	Name: transaction_id Value: 0f6e43cd4dab4a52a37190d2babe33f3
destinyfw.xyz/	1969-12-31 23:59:59	Name: SESSIONIDS Value: KDQYgR9KT1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://destinyfw.xyz/?encoded_value=B1Z33J&sub1=&sub2=334903191&sub3=&sub4=&sub5=9367&source_id=996 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

check-funnel.com
destinyfw.xyz
link-routes-3.com
pushvisit.xyz
takeoneaudio.com
use.fontawesome.com
virtualpushplatform.com
www.solar4innovate.com
104.21.27.152
172.67.145.118
172.67.177.88
20.50.64.3
34.36.58.128
34.78.223.0
35.189.245.169
78.142.61.74
02ffa19f3baadc4092dfcd8b133a653767dd0879a62945464dc23f943a83fd8c
0bd0d5e70f48939d0f06dc174eabc2f89f8215cf23f22df0cecdfa4e3f648064
0c7a3b7317394dd60e3133f86ca4e82ca5107a00c93fe248b1e377c9ace8e4ce
0dda363b63a3ccd26b84c081a5212deab00504cabe723f805c43a9b63a0fed40
126d10d15fe82745b61efa4b92471ab582ba2057a2aadffd8a0c0d846550407a
133bddbbaa4e71d24dd6de60682c957d940113d36733b938d520ca37a488583b
2a7c8cd7e91584a085baf5356fd9ab39bc3c671870e3786cbe33c3db256b5604
340e7d47c7b0ee18747f67299993fb1a904f06f1513bd45de035a55043181230
34dec14054d91cc30a846052731bae860fb13fa5cbe2b62dc955930ed81ebb6c
369a79cca006827baf7e0cd3fe2482a2c2395965ddeb2523109075c281cb35ee
3726b1f4b3896a1732d72294945c4d459fcfa3341cd52eba3c53c2695e6ddc0a
5b7b38d49ff538ea30f98de682751d8edd607525a9f204564ed9353f6e678d06
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
609638eda5a0802f689f6cd7093b8c04203e8a7d380560703427202a0669c754
6502cf5a2a5769fe9372669a3ad7c7ec7c13b64550c414bd12332c0418888f1f
6a9251f89a6881f12818f5828abe92a1394276147b5154deda045ad0896c48d3
777d05e0f787d4704c670a85a8d41dbab248821292cb0e384f2afb1e36b2c44f
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
a0f065b2d654bd18d5c5a36d659d35f81d0aca3c55143e8f8c85ba0a07981760
adc69e4dc6ca8be9efc957fd8235cb61a53b678a8e6d852dcdaefaa825190543
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
d0cdba2c922eda972c2f9a96abf69ca9f9ac0a4d9386e8de5b00c71ba4d15449
f4dfc10d7b7789510e5b20b85e582e4fca1a346c87473de5bbca1c8c3ecd257e

destinyfw.xyz Open in urlscan Pro 172.67.145.118 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

0 %IPv6

8 Domains

8 Subdomains

4 IPs

5 Countries

2137 kBTransfer

2986 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

destinyfw.xyz Open in urlscan Pro
172.67.145.118 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

4
IPs

5
Countries

2137 kB
Transfer

2986 kB
Size

6
Cookies

27 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!