urlscan.io logo urlscan.io
SecurityTrails logo

fwin1s.net Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fwin1s.com/
Effective URL: https://fwin1s.net/
Submission: On September 21 via manual from VN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 41 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is fwin1s.net.
TLS certificate: Issued by GTS CA 1P5 on September 13th 2022. Valid for: 3 months.
This is the only time fwin1s.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
26 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:50c0:800... 54113 (FASTLY)
2 151.139.242.29 33438 (STACKPATH)
5 151.101.112.193 54113 (FASTLY)
1 143.204.49.126 16509 (AMAZON-02)
41 7
2    2606:4700:3037::ac43:8743 (United States)

ASN13335 (CLOUDFLARENET, US)
fwin1s.com
26    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
fwin1s.net
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)
codeseven.github.io
2    151.139.242.29 (United States)

ASN33438 (STACKPATH, US)
images.dmca.com
5    151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    143.204.49.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-49-126.osl50.r.cloudfront.net
js.pusher.com
Apex Domain
Subdomains		 Transfer
26 fwin1s.net
fwin1s.net
247 KB
5 imgur.com
i.imgur.com — Cisco Umbrella Rank: 5839
2 MB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392
26 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
74 KB
2 dmca.com
images.dmca.com — Cisco Umbrella Rank: 13433
5 KB
2 fwin1s.com
fwin1s.com
1 KB
1 pusher.com
js.pusher.com — Cisco Umbrella Rank: 14872
18 KB
1 github.io
codeseven.github.io — Cisco Umbrella Rank: 689383
3 KB
41 8
Domain Requested by
26 fwin1s.net fwin1s.net
5 i.imgur.com fwin1s.net
cdn.jsdelivr.net
3 cdn.jsdelivr.net fwin1s.net
3 cdnjs.cloudflare.com fwin1s.net
cdnjs.cloudflare.com
2 images.dmca.com fwin1s.net
2 fwin1s.com 2 redirects
1 js.pusher.com fwin1s.net
1 codeseven.github.io fwin1s.net
41 8

This site contains links to these domains. Also see Links.

Domain
fwin1s.com
zalo.me
www.dmca.com
Subject Issuer Validity Valid
*.fwin1s.net
GTS CA 1P5		 2022-09-13 -
2022-12-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.github.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-04-07		 a year crt.sh
images.dmca.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-03-29		 a year crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh
js.pusher.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://fwin1s.net/
Frame ID: CE7FA3BBEB92C3E9980A2A83A0700F6B
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FWIN1S.COM Chẵn Lẻ MoMo 24/7 Thanh Toán Tự Động 1s clmm min 1k

Page URL History Show full URLs

  1. http://fwin1s.com/ HTTP 301
    https://fwin1s.com/ HTTP 301
    https://fwin1s.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /npm/sweetalert2@([\d.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

41
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

7
IPs

2
Countries

2758 kB
Transfer

3676 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fwin1s.com/ HTTP 301
    https://fwin1s.com/ HTTP 301
    https://fwin1s.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fwin1s.net/
Redirect Chain
  • http://fwin1s.com/
  • https://fwin1s.com/
  • https://fwin1s.net/
34 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
6490b4c3da00783a20d429164f1845dd8b5a1850a533d93d7b2732ab25c1af50

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
74e49c80ac29695e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 21 Sep 2022 17:44:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jq7UPSeXPtrXrz6rwYdDsm%2F%2Fs06SQhiI19gTIc%2FJcPyJF%2Fsb8saNODUPiPZ%2BrLPrxvPirhc7q4zzow152bJ6HgnUi%2BhuteTVKQ7Vo69tDVUCSpLg7Ho%2BDUjdrxJ5LT09wFrik9p51yVx"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.30
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74e49c7ddc00bbc5-FRA
content-type
text/html
date
Wed, 21 Sep 2022 17:44:52 GMT
location
https://fwin1s.net/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPLLCK3UdL08hk0MCOCXqQUS8ytiTLGfDP9i4reYneZf1%2B9fvBWvGskdygpBa6Oih3sEahl1yPsTlkYIdbIeYYdvbHVY%2Fufc21Y5acIoqrk8B4QyDMNIjbNuLrQyLUeDpyHnvuRzhGNb"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-turbo-charged-by
LiteSpeed
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/font-awesome.css
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c0a80a79d8d22f8fb6b46a81df22bb799c7e34e5040d030be11317cc342d612
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11984511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4294
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-6ea3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97xithuEBoGGi1JO9utlkdZhZQsxYFi0p1ai4SkKx0wPc6NAflDuTlu1i0CI2RztUqs%2BiZSe7%2FT7x62UgOQSzjv4dgLhLG9HdPUuBuN%2Fzn%2BrulVJcDkhkEWAfvRXcXALV%2B3fU%2BFHJoegmfMMfcwheQ3d"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74e49c8318f79951-FRA
expires
Mon, 11 Sep 2023 17:44:52 GMT
bootstrap.min.css
fwin1s.net/giaodienkeylogV2/css/ 		123 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/giaodienkeylogV2/css/bootstrap.min.css
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af0329ade02fba6d17261428c7c847e3351ef5777b8fd8555b027438691ba571

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 06:20:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBp1PcjcbFDpY13hSHDxopVrIT1Ioh8G3TvBl1K0LlhFir%2FioiKcEZhJzNPC5LwKoL6w4lwqgr2qlP%2BfRI6LI%2BVsoHV7m6cnx5ScJ9MWA6ACNCzsjU4pWNwIjXadSffjlv11ol%2BPbIYM"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
74e49c830804695e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 28 Sep 2022 17:44:53 GMT
bootstrap-social.css
fwin1s.net/giaodienkeylogV2/css/ 		27 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/giaodienkeylogV2/css/bootstrap-social.css
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30e9d035999bdf80e06eb5de3cd5f28d5f7ff0b64dfcec79cedc597fcd6868dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 06:20:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5IlKCwufl%2BfWi81yVzctJfDxae0Jm5x4OGJNbQX%2BwFuF1XVdkSy3UanX7W3fk9XKGxLbdaxAHgoNN8jJRhlAt1c3cRbE5goT4ie9Q0m2iU7xg9Gn7XjlgKP2XTlR%2FUnl0JGcxQwbRP6w"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
74e49c830805695e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 28 Sep 2022 17:44:53 GMT
style.css
fwin1s.net/giaodienkeylogV2/css/ 		68 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/giaodienkeylogV2/css/style.css?ver=28
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
665c1b243a374eb0deea0e7060c8d62ab2f848aebc1ce60ce51b8d013fbdb8d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 06:20:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrLzRdbcDQw4dowVHELU8DoiL3uNhSh7ArtBw2rz%2BoAwke2ZJAbReJeBpMy6VQDpm8ZAwL0MhPHTLGboY80VRb%2BNVw%2F%2BhiGRiUp%2BG9lZdKPuYDGUlJ9yAoMWkrKkhpEWbQTBcTXuUQZN"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
74e49c830806695e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 28 Sep 2022 17:44:53 GMT
custom.1.css
fwin1s.net/giaodienkeylogV2/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/giaodienkeylogV2/css/custom.1.css?ver=28
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc12d454a2085f4d175b6c7b10b458320c3cc4f76cc86583aceb24536b2a1cf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 06:20:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpAwOU8u4qLWD2dsgZVdJ2MA1VE2g8spec1TAKoKP4WcoBXb6a%2BWoXHeH%2B6i0uw00jXgsWqlAp0iSU9VKNNjsvgxJ2nvpWF24zAXpr5B5ZmnJtsmst67w3wmnkLl9zDI26jbQk%2BOcPV4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
74e49c830807695e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 28 Sep 2022 17:44:53 GMT
wheel.css
fwin1s.net/giaodienkeylogV2/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/giaodienkeylogV2/css/wheel.css?ver=1651368768
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c771a6e98dd5126ee3e9525d7e93d69a8aac15da528deb2c3554b6ef289babfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 17 Sep 2022 06:20:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfbRXql%2BRF%2F%2FNJjlN38uMFe9PoIUQWtxXyYMd0MmNkef3wgsXVRWdMCNCLsbH9kNql5F6svTDsWutci1B9s0cvDP9UFv%2Fj37NMypJ1oQHANOz4sbspGstsQObxHG8zSG5Zrovjl%2ForQ5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
74e49c830809695e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 28 Sep 2022 17:44:53 GMT
simple-notify.min.css
cdn.jsdelivr.net/npm/simple-notify@0.5.4/dist/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/simple-notify@0.5.4/dist/simple-notify.min.css
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ead2c39c8a8e07c7a2c8562d26a19c451b6ec9ddb65e9dfc11b5f34fd652ce3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15927664
x-jsd-version
0.5.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19154-FRA, cache-hhn4020-HHN
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"102c-qFxPXn6EQkynzCDG3ZP1w67wNkY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ls%2B09AYw3eFka8g1a%2F6iiI3pgKatfC1UtmUcsCxQHJXlM8KNuvUuISweTcbNDsCkpfFxUItbwM9msxk8XB973jfFMG7m0ig6Yqr%2BNRNFJJqP2%2BB5fuM39DkWtxyTXgwOzs8SRJV8isUnUjgLDs4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
74e49c83193e9b76-FRA
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 		70 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1731307
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4216
timing-allow-origin
*
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Boz5RaDg7Tj0Zcg4eOUbSsitAtn9LIyIBTZDh5e4wtsy%2BijyXYy2zwM8xYzlRcolv1%2F7p12fkcHdDd1aafAoXflBuWSR7YQuUgUeoP%2FWhEqZdkOTM%2FZHpmXTNPs0WQmnKrrcHcGxHNETUKpAeJfzaLfB"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74e49c8318fd9951-FRA
expires
Mon, 11 Sep 2023 17:44:52 GMT
toastr.min.css
codeseven.github.io/toastr/build/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://codeseven.github.io/toastr/build/toastr.min.css
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
a2426f1111a7c61667d668e9012e3eab58f4e784fe70fe16293dc43b634f812a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id
ea3b0bf4cf4cf89df9169458df29c1bfc2a488a8
date
Wed, 21 Sep 2022 17:44:53 GMT
content-encoding
gzip
age
121
x-cache
HIT
content-length
2750
x-served-by
cache-hhn4071-HHN
access-control-allow-origin
*
last-modified
Fri, 08 Dec 2017 05:18:25 GMT
server
GitHub.com
x-github-request-id
294E:B0E1:10CAE:116FA:632A300B
x-timer
S1663782293.001748,VS0,VE1
etag
W/"5a2a20a1-1769"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Tue, 20 Sep 2022 21:36:35 GMT
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
1
logo.png
fwin1s.net/resources/assets/anh/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fwin1s.net/resources/assets/anh/logo.png
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
288f79132c0fdf243a58af15c0b049e1cae61afa086293d3af75d5f8a30be915

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:53 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2B7LtGLTJeBliApNley25ZauXkOxQLriF%2Fq0OenU3RTS5HmKlNPfmi94TtfAko%2F3nEQ9SO7LrTIStzyb80npjZbQioGG9oMPciZPHRU%2B%2FVfRv16C6m1l8rgX3bDSYWAIodpcRbTkN8wQ"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
x-turbo-charged-by
LiteSpeed
cf-ray
74e49c851a879b63-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
DMCA_logo-grn-btn120w.png
images.dmca.com/Badges/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/DMCA_logo-grn-btn120w.png?ID=138e5213-c42f-48e6-b05d-4e8ff61ee0a
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
f096c63a545538cfdebda14fe95764a84d9c77873fc45afc92861e34c15e906c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:53 GMT
last-modified
Thu, 22 Apr 2010 19:55:29 GMT
server
nginx
x-powered-by
ASP.NET
etag
"8eaf64c255e2ca1:0"
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
link
<http://dmca-images.azurewebsites.net/Badges/DMCA_logo-grn-btn120w.png>; rel="canonical"
content-length
4534
expires
Fri, 21 Oct 2022 17:44:24 GMT
DMCABadgeHelper.min.js
images.dmca.com/Badges/ 		465 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:53 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
nginx
x-powered-by
ASP.NET
etag
"26b181f16d28d51:0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
link
<http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length
280
expires
Fri, 21 Oct 2022 17:44:01 GMT
JKomlkD.png
i.imgur.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/JKomlkD.png
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
c445b627cea6e6ee9345a4bf58e609926f09560c19b588dbfaafaa5498463f5a
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:53 GMT
x-content-type-options
nosniff
age
439274
x-cache
HIT, MISS
content-length
7339
x-served-by
cache-iad-kiad7000029-IAD, cache-hhn4036-HHN
last-modified
Fri, 19 Aug 2022 06:45:29 GMT
server
cat factory 1.0
x-timer
S1663782293.328075,VS0,VE90
etag
"76a03f9fa33b8d8bc1aef5a10a31b1d3"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
30, 0
hu.png
fwin1s.net/upload/files/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fwin1s.net/upload/files/hu.png
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
288f79132c0fdf243a58af15c0b049e1cae61afa086293d3af75d5f8a30be915

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:53 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xab9AcVEUQ9piIj8E4cPHRpK07pi8RM1pyuksN%2FRoaSM9rjuaPy6iO%2FH5Fc%2FtMUQm6R8KP8nrcR8s%2F8aGLu17FdSckrOZf1Ha2LNMCgviO59Xti4xKQB8uJQC5ee1hT73YUOksp2rElo"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
x-turbo-charged-by
LiteSpeed
cf-ray
74e49c851a8a9b63-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pusher.min.js
js.pusher.com/7.0/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.pusher.com/7.0/pusher.min.js
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.49.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-49-126.osl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5075d6ff784f2d5de13cac7bfc1befc486db62e37d98b28ff249c8fc46cd7b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 27 Aug 2022 01:45:45 GMT
content-encoding
gzip
last-modified
Fri, 04 Feb 2022 15:47:58 GMT
server
AmazonS3
age
2217549
etag
W/"50ad48267f5c084cceb88264d13effe0"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-cache
Hit from cloudfront
x-amz-cf-pop
OSL50-C1
x-amz-cf-id
w3yEumr8x-bOnGqH6UGS2thW8a1ow9ou_h7VXljGEXgHQAkNSNuTng==
via
1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
wheel.min.js
fwin1s.net/giaodienkeylogV2/js/ 		119 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/giaodienkeylogV2/js/wheel.min.js?V2
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f495093e337dd79f7c52e2b9a0dafb600d0da8818f136f7be1e500229d716a3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 19 Sep 2022 14:44:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecxHG8zGw0lzy7g9UxFH8LG0YrHSHQSn7tmf7vF%2BeNkrKOvIPfuevG%2FQNAmi%2Bs%2FsfSmf%2Fj%2Ff7RTEAIGIFgoMgVlrf8I%2BTZhR9jEED%2Fa2ATg6G%2FcMyYWgClhR1zhCT56Vd9QIDw9V5Jiw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
74e49c851a749b63-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 28 Sep 2022 17:44:53 GMT
jquery-1.10.1.min.js
fwin1s.net/giaodienkeylogV2/js/ 		158 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/giaodienkeylogV2/js/jquery-1.10.1.min.js
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
802721672854662262a2cf87587bca710542419d6ab0f4e0ac17d7f17d8a5d2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 19 Sep 2022 14:46:01 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gITMELsawcWWY5rNnj8yEuFT3%2BG%2BFA8LHnPp6tyrLT5H8l3GFE%2BHgfkCQYyC1jiMoW0rbJwoj2Bma11u56mYsfnsRcHTgbC0CfewhpaSdOxRhvmiJ%2BTtaw2TS9m0BosQnCFZXiHRxaQI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
74e49c851a7b9b63-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 28 Sep 2022 17:44:53 GMT
jquery-ui-1.9.2.custom.min.js
fwin1s.net/giaodienkeylogV2/js/ 		147 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/giaodienkeylogV2/js/jquery-ui-1.9.2.custom.min.js
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3986625ae3526c817b7c3ed504b9fe0e22d1311103e6e5870c528913fd78bedc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 19 Sep 2022 15:00:05 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvMD7IQIejEBl8qfRqMpVRCCD92Mtsn%2BktqK0DXQaOOfrZgFS4DD1pSDIPlx9HjmK2S3dcW3tQ53OfhoGnSFeCUIzF3qfMPUfFhqHk2huv2DZWy%2B3AgAwiy2IwtWiQeBvpn%2F94QDs4F1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
74e49c851a7d9b63-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 28 Sep 2022 17:44:53 GMT
bootstrap.min.js
fwin1s.net/giaodienkeylogV2/js/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/giaodienkeylogV2/js/bootstrap.min.js
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7251de82cf36e1cc665cfafaabd51d734e182d54a9363604be1afbceacdf9873

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 19 Sep 2022 14:45:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFiWaEi1SX3i%2FRaHEOzqccbxpIhOq2J43m68oORxD2AukZDI5B1x7XKo4Dqb63iLKAuhWDCgMMMguqG3ZRsTs4LGwoBmWZ2O6WuXizPAFgr8kMiOqZ8kpGfBC0g1Qxw4nrp10BneyXfJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
74e49c851a809b63-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 28 Sep 2022 17:44:53 GMT
moment.min.js
fwin1s.net/giaodienkeylogV2/js/ 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/giaodienkeylogV2/js/moment.min.js
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fda2475b66664627bbc58000e35c12bd85c0fc7b934c0b99003811868969c5dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 19 Sep 2022 14:46:15 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6sByXqra1IirWBG%2B3tTdXQI2v%2FNdbhmw1eRk5u5sAZcFVLjr%2FQvdHsNuwoJ9ZywUJOozKPn7SFozfV5DUkewqZK7PGyi4WHlSQaVECcWsehN14SIQ4%2BJM8h2UMndqkzDlOyu7Wxzhcz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
74e49c851a839b63-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 28 Sep 2022 17:44:53 GMT
sweetalert2@11
cdn.jsdelivr.net/npm/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@11
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b86447bc3b55a4178577b68a5a735d83ba88a3e7fe7503e51513124ea3aaee8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
33016
x-jsd-version
11.4.33
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19171-FRA, cache-scl2220024-SCL
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1122c-J9H0DCRqMGO33uXpjie+s7dGIes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pa8bYrJi%2FEE6IWpCeuGUb8VlwoO76TRzZ9LRdxwLSOSYh8z0KR58A%2FQgyZPxWynHOXD2r3O4htrU%2Fo2AteK5uaGHbT5gq5qeI3QPMZADc8CszrOOD7RsYRPoDJCtoA1IXp93f6OWRulwQokzCIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
74e49c852c606910-FRA
simple-notify.min.js
cdn.jsdelivr.net/npm/simple-notify@0.5.4/dist/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/simple-notify@0.5.4/dist/simple-notify.min.js
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dd21ba6a428bfc8be6d6383ee944224092a5c041a9aee03950f646232226766
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15927764
x-jsd-version
0.5.4
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19170-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"2e44-ghHNRAdHQ33/1k14dWmCP30Sag0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CEOwrXgqMwvcmx6iNWukv5lRCA%2FMdYjfsgOSPt%2B53il1ISJzeilUJpvD5B2siOb4apVO9uZ6aDODkzI16%2BR7%2BijAkR8mfqda%2BY5E5X%2BcnIf5DuTVKdYaAzNZLE7N6n2BdYDwcku3QfUZGS51qU8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
74e49c852c656910-FRA
script.js
fwin1s.net/giaodienkeylogV2/js/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/giaodienkeylogV2/js/script.js?ver=28042003.v890
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7205e190fe22afc467ec14f37037f33ad41383633fb0154edbaf80329b6dd8fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 19 Sep 2022 15:06:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXKbfEmLVf%2F2NEdp3gK5LCl%2BjWkvAXFgN3go%2FA3ckGHmwccNQgGdL8cKxI896YIksWd%2Bf9dETSUUvXVEOjwhXLuAAiXDQ7V0UocZVXcgdcCTPN9gnYh8wEoExOu%2FnmLL0Snr%2FUP%2FQfPK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
74e49c851a869b63-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 28 Sep 2022 17:44:53 GMT
fontawesome-webfont.woff
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/fonts/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/font-awesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21e45c41baea7d20aab5072507cc63329a02166880445330bd85f9d171492443
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/font-awesome.css
Origin
https://fwin1s.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3633355
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65456
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-ffac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFxJZPHDxoTP9a7IDthVTXVP9ema34JmXk3F2%2Fo9yRPa39AyByHyIf%2F6rdGtlS4tqNtqNfUYy5593AjnS%2FO0MrnJoYifmSrVu%2B1sVP8%2Btp1fkcRki0EUtZZwsagfBBorx%2FO6Eli%2Bx3tP2CaF5ysNpzjF"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74e49c853f7e9122-FRA
expires
Mon, 11 Sep 2023 17:44:53 GMT
tick.mp3
fwin1s.net/upload/files/ 		11 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/upload/files/tick.mp3
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash

Request headers

Referer
https://fwin1s.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 21 Sep 2022 17:44:54 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2m6MGWXEj3vhCNUenrhD%2BPBNEuzf5ZEdH5auhk2BAwYYM3yRkls3IPKVv14VX3GQCWZEpbHBGKRIsm%2BtGCaysa3hZmLWOtv%2FetvG24GNsgEu7WkGJuq%2FpUI0TtEwi1fXHKqeJDeJNQG"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
x-turbo-charged-by
LiteSpeed
cf-ray
74e49c87f88d9b63-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
settings
fwin1s.net/api/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/api/settings
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/giaodienkeylogV2/js/jquery-1.10.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
02c55cc2866f11c2c5802b8f5696298f2717dbae582363b1545c958d97716fc6

Request headers

Accept
*/*
Referer
https://fwin1s.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:54 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.30
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-ratelimit-remaining
59
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDoukY3WuT0RbqRC%2FzOJTepzhMrXWw6DUX7qma%2FXfSJChaFsfC%2FWgb0SZkRypU%2FsQCSi386lZa3yywMFZXNBfoc3uH1k3jbRbqQT2QctWuEtp296Bfutrbx%2BfZ%2FlswUfdGldl0H4tvQu"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-turbo-charged-by
LiteSpeed
x-ratelimit-limit
60
cf-ray
74e49c87f8979b63-FRA
momo
fwin1s.net/api/ 		30 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/api/momo
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/giaodienkeylogV2/js/jquery-1.10.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
a9bffcf57e97d54d653ddbb75297628d4f2b8bd1a1d86ed7b3eeeea4c7bd8752

Request headers

Accept
*/*
Referer
https://fwin1s.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.30
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-ratelimit-remaining
52
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xez4UVDHV8XTjgUKFTUwzy8ih7slBFpbNdyGKHlcHZ3rUDHeQm6cUs%2BRBZoCQNcgear19AxeO5H9OddTocPmJin%2BIWC5qtbADAjjYybmfPyYkz22wzpAKqAMYtfRTGBgS%2B8wl5EpHclG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-turbo-charged-by
LiteSpeed
x-ratelimit-limit
60
cf-ray
74e49c8b4ff39b63-FRA
history
fwin1s.net/api/ 		2 KB
787 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/api/history
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/giaodienkeylogV2/js/jquery-1.10.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
819b56c0fca4673c552ec61bc7453af91bcbed8d50a657e625e763787449ac0b

Request headers

Accept
*/*
Referer
https://fwin1s.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.30
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-ratelimit-remaining
55
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8fkcAoT5oXo9W%2Bq0OIsHkbXDeqm2RbIJUDjWnXex2Q2GGTJvMzEQHElU92Q8f4x%2FC%2BFDQfLqz439XMu39VCktWgXo3P1lMTtU1Ke%2BlOkKM8qkwJq8Qj0cQOrHcUypwbjZJHHULm0vnb"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-turbo-charged-by
LiteSpeed
x-ratelimit-limit
60
cf-ray
74e49c8b4ff59b63-FRA
balance-hu
fwin1s.net/api/ 		64 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/api/balance-hu
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/giaodienkeylogV2/js/jquery-1.10.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
e15550d49af6b4db1af5727fd4e84bf625cc62c3f2e515129d093410e098a813

Request headers

Accept
*/*
Referer
https://fwin1s.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.30
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-ratelimit-remaining
55
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBtvcxJeklGiucndvOhyZzgB2BIqI28BU8PEGyPaC%2Bbz76PiVYB1msFx6flVA%2BNPKLtt5jjOzC9kTjNTm5yUU4BIviR4Jy5WHx4tGQlqBN5AiJBBySdxHzchXGoje3t9Ap59E8iUq5Y5"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-turbo-charged-by
LiteSpeed
x-ratelimit-limit
60
cf-ray
74e49c8b4ff89b63-FRA
week_top
fwin1s.net/api/ 		427 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/api/week_top
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/giaodienkeylogV2/js/jquery-1.10.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
d5c657dd59c729e7a44cd3281fcbf7974b6172ef779f714d45824b49f2e900ad

Request headers

Accept
*/*
Referer
https://fwin1s.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.30
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-ratelimit-remaining
52
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjjIHMrukQg0V8W1JNolZd7Y2F%2B1YeeQhbT778x6cS5oi9DVgU1ixHQK11AA05%2Ff7cuUQ2QzHY0uBHikW5YMTIWSaWWZUBZvvELM0bug%2FmIuxYsVAlV%2Bo7yV3rNQ2VeETm30J%2F4la6cg"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-turbo-charged-by
LiteSpeed
x-ratelimit-limit
60
cf-ray
74e49c8b684b9b63-FRA
render_minigame
fwin1s.net/api/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/api/render_minigame
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/giaodienkeylogV2/js/jquery-1.10.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
d720aa147431f6cd8be7a7308f60c4453d1b5a366107a8e479970f44a5e74952

Request headers

Accept
*/*
Referer
https://fwin1s.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 21 Sep 2022 17:44:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.30
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-ratelimit-remaining
52
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ms5vWTes3FP8kGC4iZm3S7NLjstmJEmivP6zTC%2B6AdiM9yxsY0%2BXdSgKNyEqtqP3VdMkunwlo%2FdyPEKDKpkyqaxx%2Bmfr63DutcFjGOzNwe4doVEgBgAFTQUeSuq0zp9rQe8mJx3iMeCD"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-turbo-charged-by
LiteSpeed
x-ratelimit-limit
60
cf-ray
74e49c8b684d9b63-FRA
render_minigame
fwin1s.net/api/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/api/render_minigame
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/giaodienkeylogV2/js/jquery-1.10.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
def2a721be89d4f92ab98528e2e4457594b53ff567e92ed22ee7ea1f61aafc43

Request headers

Accept
*/*
Referer
https://fwin1s.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 21 Sep 2022 17:44:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.30
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-ratelimit-remaining
53
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmcjbqfs4kz4e1KQnYerehggWvcljoBsYhH9TDblMrbEv0Al%2FhpOgELyN5hxXvvOzKsSwBQU%2FsqZ8Uwvc9EFFQYaqaO%2BWSzSKvYgIbn9MNRX22NG64yyGQ%2FqH2HDbRqWhUzv11%2BSMSL2"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-turbo-charged-by
LiteSpeed
x-ratelimit-limit
60
cf-ray
74e49c8b68539b63-FRA
render_minigame
fwin1s.net/api/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/api/render_minigame
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/giaodienkeylogV2/js/jquery-1.10.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
ed288f9531f3bda1d2a38fc6ce08e7ea4dfc5dc23adf37731ab028e1d3e281f3

Request headers

Accept
*/*
Referer
https://fwin1s.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 21 Sep 2022 17:44:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.30
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-ratelimit-remaining
54
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UaBeYgQ12p4mjTQXeYBSZbppFW%2FS4f9n3Af%2F2wGNQMn7JOc8svXz0jyF2EfM%2FGK17gYE8DAlguO%2FC13g9MsouuwYhbHOV6XK8%2BmelEJXuZYAY9fPp9L9DgeDdn0uUoAMyhZPQl0jBzRM"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-turbo-charged-by
LiteSpeed
x-ratelimit-limit
60
cf-ray
74e49c8b68569b63-FRA
muster.js
fwin1s.net/themes/js/ 		19 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/themes/js/muster.js?_=1663782293728
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/giaodienkeylogV2/js/jquery-1.10.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
288f79132c0fdf243a58af15c0b049e1cae61afa086293d3af75d5f8a30be915

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://fwin1s.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:55 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.30
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5gst%2FIw6HLf4JkkqOojzPeyGHFcTII6xHmrfSN70vNBQ8pflq3RR5W962tU0yueO35tRalqj4Ft2oH7ayMEXpulCk0T7c7Q0Eq%2Bcw5qkbUeETkFayC7xB1fxnGVLULf6ZNqTgUuO6o0"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
x-turbo-charged-by
LiteSpeed
cf-ray
74e49c92dff79b63-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
momo
fwin1s.net/api/ 		30 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/api/momo
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/giaodienkeylogV2/js/jquery-1.10.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
a9bffcf57e97d54d653ddbb75297628d4f2b8bd1a1d86ed7b3eeeea4c7bd8752

Request headers

Accept
*/*
Referer
https://fwin1s.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:56 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.30
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-ratelimit-remaining
50
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiYbAl9WuszjsVcOa9LoXxUfb7Qin57BchRiJ3Nw1ctOwifRtku6KMIJwhZNz8hYhbjxOtEJj2Rf1KjAHr7z6stUyD2oQR8Ao%2F8hAl8LLmr%2FtPZlXTqqA0KlSBsCYLpze3cf%2BlNfQlBf"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-turbo-charged-by
LiteSpeed
x-ratelimit-limit
60
cf-ray
74e49c97ea449b63-FRA
history
fwin1s.net/api/ 		2 KB
782 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fwin1s.net/api/history
Requested by
Host: fwin1s.net
URL: https://fwin1s.net/giaodienkeylogV2/js/jquery-1.10.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
819b56c0fca4673c552ec61bc7453af91bcbed8d50a657e625e763787449ac0b

Request headers

Accept
*/*
Referer
https://fwin1s.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:56 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.30
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-ratelimit-remaining
50
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BFCiznTw5jgHNuB746qqAk96rUaSWBhSr3xgfGE7YilvHVQ98yJPROAqWCYSMtHdAXciE2MPQRjqEi6o0vuHSpkp9OraBV%2FT0aP2O040ifHUmdgQ0MQiZohtxmy71Jvk0hvrj5u7GRt"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-turbo-charged-by
LiteSpeed
x-ratelimit-limit
60
cf-ray
74e49c97ea459b63-FRA
Ui62NTi.png
i.imgur.com/ 		791 KB
792 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Ui62NTi.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
4ab00f1f39426efaaccab1c11435be03ae6fd17dd0606113e97ea9f49354e374
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:56 GMT
x-content-type-options
nosniff
age
394658
x-cache
HIT, MISS
content-length
810017
x-served-by
cache-iad-kcgs7200090-IAD, cache-hhn4036-HHN
last-modified
Sat, 17 Sep 2022 04:07:06 GMT
server
cat factory 1.0
x-timer
S1663782296.309818,VS0,VE281
etag
"b882b1c4a65827ab0691e88c896e8bb2"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
15, 0
1ZHeaAQ.gif
i.imgur.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/1ZHeaAQ.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
475f4b039e056994b3302fa03b2af7a221ac7374567bdf7cca505c4f41293bd2
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:56 GMT
x-content-type-options
nosniff
age
1175283
x-cache
HIT, HIT
content-length
2329
x-served-by
cache-iad-kiad7000172-IAD, cache-hhn4036-HHN
last-modified
Fri, 07 Jun 2019 13:44:49 GMT
server
cat factory 1.0
x-timer
S1663782296.313286,VS0,VE2
etag
"3e3b46c8ea8310369986412439643289"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
79, 1
Ui62NTi.png
i.imgur.com/ 		791 KB
792 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Ui62NTi.png
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/simple-notify@0.5.4/dist/simple-notify.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
4ab00f1f39426efaaccab1c11435be03ae6fd17dd0606113e97ea9f49354e374
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:44:58 GMT
x-content-type-options
nosniff
age
394660
x-cache
HIT, HIT
content-length
810017
x-served-by
cache-iad-kcgs7200090-IAD, cache-hhn4036-HHN
last-modified
Sat, 17 Sep 2022 04:07:06 GMT
server
cat factory 1.0
x-timer
S1663782298.308130,VS0,VE0
etag
"b882b1c4a65827ab0691e88c896e8bb2"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
15, 1
Ui62NTi.png
i.imgur.com/ 		791 KB
792 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Ui62NTi.png
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/simple-notify@0.5.4/dist/simple-notify.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
4ab00f1f39426efaaccab1c11435be03ae6fd17dd0606113e97ea9f49354e374
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fwin1s.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 17:45:00 GMT
x-content-type-options
nosniff
age
394662
x-cache
HIT, HIT
content-length
810017
x-served-by
cache-iad-kcgs7200090-IAD, cache-hhn4036-HHN
last-modified
Sat, 17 Sep 2022 04:07:06 GMT
server
cat factory 1.0
x-timer
S1663782300.308163,VS0,VE0
etag
"b882b1c4a65827ab0691e88c896e8bb2"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
15, 2

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| x function| Pusher function| Winwheel function| Pin function| Animation function| Segment function| PointerGuide function| winwheelPercentToDegrees function| winwheelAnimationLoop function| winwheelTriggerSound object| winwheelToDrawDuringAnimation function| winwheelStopAnimation boolean| winhweelAlreadyDrawn function| winwheelLoadedImage function| winwheelResize object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| CSSPlugin function| $ function| jQuery object| jQuery110107034299939534885 function| moment function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| Notify undefined| hash function| getRndInteger function| buildUrl function| initUrl function| copyStringToClipboard function| number_format function| initAjax function| getNum function| loadMomo function| loadSettings function| loadHistorys function| loadWeekTop function| loadMinigame function| loadHu function| check_dayMission function| reward_dayMission function| checkTran function| refund function| checkTran2 function| joinhu function| joinDiemdanh function| day_limit function| reset_data function| init function| spin_finished function| draw_wheel function| start_spin function| roll_spin function| spin function| reset_wheel function| withdraw function| roll function| playSound function| withdraw_wheel function| check_amount function| check_ReferFriend function| reward_ReferFriend function| check_Giftcode function| countSeccond string| game_active function| NhanQuaNgay

2 Cookies

Domain/Path Name / Value
fwin1s.net/ Name: XSRF-TOKEN
Value: eyJpdiI6ImtSWVlpc0U1T3J5aUhSei9VUURwd3c9PSIsInZhbHVlIjoibEtRRW92cnRTWGtydnBrQ2llRjFmTWlUSHZhNjRBWE5OdTRBUHVGNmdWRy9pM1JMM1REWlFra05ScFdDUTQwVk1HWVlkMm5zeTBTTGlNZHVWeE9mR3BVUEFyVnM4K21Gb2xzcjNKTnl0K2FtTitnMkxVaHRTa1A2M2RPYlJsb2UiLCJtYWMiOiI4YTVjNTAyOGJmZWZmOTQwMzQ4ZGQ3MTI5NGU2MjhiYjUxZjZlMDc1MWVlYTA0NzI1M2U0YzZiMmMyNTUyOThhIiwidGFnIjoiIn0%3D
fwin1s.net/ Name: laravel_session
Value: eyJpdiI6ImNWWXRpcGp3YktOS3QzZ0VwYU5mVFE9PSIsInZhbHVlIjoiYVpsMmlsWklTd1pVTUJ0U0dMQUd1bFkvNGl4dmhReHcvbjRUaTNPNnU1ME9sc3FYUXR5MHBQSHNsblNFUmQvcUV6Y0gyN2tyd2Z3SFJmVEN1TjNsZGEva1ZneGRnUjNmMEZNc0ZHSVltMzVtVk1RMm53VXdhUmxiNjB3NEtKSTciLCJtYWMiOiJhYWZkZjUwOGY1ZTRlYzQ5ZWYyZTAyMjM3YTdmZGVkNzE3MTAxZTBmZTdmMGEwNDc1NmYxNjc1YWE4MDBkYzRjIiwidGFnIjoiIn0%3D

4 Console Messages

Source Level URL
Text
network error URL: https://fwin1s.net/upload/files/hu.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://fwin1s.net/resources/assets/anh/logo.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://fwin1s.net/upload/files/tick.mp3
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://fwin1s.net/giaodienkeylogV2/js/jquery-1.10.1.min.js(Line 2992)
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
codeseven.github.io
fwin1s.com
fwin1s.net
i.imgur.com
images.dmca.com
js.pusher.com
143.204.49.126
151.101.112.193
151.139.242.29
2606:4700:3037::ac43:8743
2606:4700::6810:5614
2606:4700::6811:190e
2606:50c0:8000::153
2a06:98c1:3120::3
02c55cc2866f11c2c5802b8f5696298f2717dbae582363b1545c958d97716fc6
0dd21ba6a428bfc8be6d6383ee944224092a5c041a9aee03950f646232226766
21e45c41baea7d20aab5072507cc63329a02166880445330bd85f9d171492443
288f79132c0fdf243a58af15c0b049e1cae61afa086293d3af75d5f8a30be915
30e9d035999bdf80e06eb5de3cd5f28d5f7ff0b64dfcec79cedc597fcd6868dc
3986625ae3526c817b7c3ed504b9fe0e22d1311103e6e5870c528913fd78bedc
3ead2c39c8a8e07c7a2c8562d26a19c451b6ec9ddb65e9dfc11b5f34fd652ce3
475f4b039e056994b3302fa03b2af7a221ac7374567bdf7cca505c4f41293bd2
4ab00f1f39426efaaccab1c11435be03ae6fd17dd0606113e97ea9f49354e374
5075d6ff784f2d5de13cac7bfc1befc486db62e37d98b28ff249c8fc46cd7b96
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6490b4c3da00783a20d429164f1845dd8b5a1850a533d93d7b2732ab25c1af50
665c1b243a374eb0deea0e7060c8d62ab2f848aebc1ce60ce51b8d013fbdb8d5
7205e190fe22afc467ec14f37037f33ad41383633fb0154edbaf80329b6dd8fd
7251de82cf36e1cc665cfafaabd51d734e182d54a9363604be1afbceacdf9873
7c0a80a79d8d22f8fb6b46a81df22bb799c7e34e5040d030be11317cc342d612
802721672854662262a2cf87587bca710542419d6ab0f4e0ac17d7f17d8a5d2f
819b56c0fca4673c552ec61bc7453af91bcbed8d50a657e625e763787449ac0b
a2426f1111a7c61667d668e9012e3eab58f4e784fe70fe16293dc43b634f812a
a9bffcf57e97d54d653ddbb75297628d4f2b8bd1a1d86ed7b3eeeea4c7bd8752
af0329ade02fba6d17261428c7c847e3351ef5777b8fd8555b027438691ba571
b86447bc3b55a4178577b68a5a735d83ba88a3e7fe7503e51513124ea3aaee8f
bc12d454a2085f4d175b6c7b10b458320c3cc4f76cc86583aceb24536b2a1cf6
c445b627cea6e6ee9345a4bf58e609926f09560c19b588dbfaafaa5498463f5a
c771a6e98dd5126ee3e9525d7e93d69a8aac15da528deb2c3554b6ef289babfb
d5c657dd59c729e7a44cd3281fcbf7974b6172ef779f714d45824b49f2e900ad
d720aa147431f6cd8be7a7308f60c4453d1b5a366107a8e479970f44a5e74952
def2a721be89d4f92ab98528e2e4457594b53ff567e92ed22ee7ea1f61aafc43
e15550d49af6b4db1af5727fd4e84bf625cc62c3f2e515129d093410e098a813
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
ed288f9531f3bda1d2a38fc6ce08e7ea4dfc5dc23adf37731ab028e1d3e281f3
f096c63a545538cfdebda14fe95764a84d9c77873fc45afc92861e34c15e906c
f495093e337dd79f7c52e2b9a0dafb600d0da8818f136f7be1e500229d716a3d
fda2475b66664627bbc58000e35c12bd85c0fc7b934c0b99003811868969c5dd