www.1winxsignup.online.rik79vips.link Open in urlscan Pro
185.224.80.94 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.1winxsignup.online.rik79vips.link/
Submission: On April 03 via api (April 3rd 2024, 7:28:00 pm UTC) from US — Scanned from US

Summary HTTP 67 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 67 HTTP transactions. The main IP is 185.224.80.94, located in Netherlands and belongs to ABELOHOST, NL. The main domain is www.1winxsignup.online.rik79vips.link.
TLS certificate: Issued by R3 on April 3rd 2024. Valid for: 3 months.

This is the only time www.1winxsignup.online.rik79vips.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	185.224.80.94 185.224.80.94	204196 (ABELOHOST) (ABELOHOST)
21	2606:4700:303... 2606:4700:3037::6815:8bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	172.67.208.173 172.67.208.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:820::200a	15169 (GOOGLE) (GOOGLE)
23	2606:4700:303... 2606:4700:3034::ac43:9787	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
67	8

5 185.224.80.94 (Netherlands)

ASN204196 (ABELOHOST, NL)
PTR: rik79vips.link

www.1winxsignup.online.rik79vips.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:3037::6815:8bc (United States)

ASN13335 (CLOUDFLARENET, US)

web.nvnstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.67.208.173 (United States)

ASN13335 (CLOUDFLARENET, US)

gemgo88.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:3034::ac43:9787 (United States)

ASN13335 (CLOUDFLARENET, US)

pos.nvncdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	nvncdn.com pos.nvncdn.com — Cisco Umbrella Rank: 502442	4 MB
21	nvnstatic.net web.nvnstatic.net — Cisco Umbrella Rank: 685641	269 KB
11	gemgo88.biz gemgo88.biz	135 KB
5	rik79vips.link www.1winxsignup.online.rik79vips.link	438 KB
4	gstatic.com fonts.gstatic.com	57 KB
1	w.org s.w.org — Cisco Umbrella Rank: 3577	648 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	982 B
67	7

	Domain	Requested by
23	pos.nvncdn.com	www.1winxsignup.online.rik79vips.link
21	web.nvnstatic.net	www.1winxsignup.online.rik79vips.link web.nvnstatic.net
11	gemgo88.biz	www.1winxsignup.online.rik79vips.link
5	www.1winxsignup.online.rik79vips.link	www.1winxsignup.online.rik79vips.link
4	fonts.gstatic.com	fonts.googleapis.com
1	s.w.org	www.1winxsignup.online.rik79vips.link
1	fonts.googleapis.com	www.1winxsignup.online.rik79vips.link
67	7

This site contains links to these domains. Also see Links.

Domain
1winhotel.com
gemgo88.biz
url
www.facebook.com
plus.google.com
instagram.com
twitter.com
youtube.com
nhanh.vn

Subject Issuer	Validity	Valid
1winxsignup.online R3	`2024-04-03` - `2024-07-02`	3 months	crt.sh
web.nvnstatic.net Cloudflare Inc ECC CA-3	`2023-05-09` - `2024-05-07`	a year	crt.sh
gemgo88.biz GTS CA 1P5	`2024-03-29` - `2024-06-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
pos.nvncdn.com E1	`2024-03-15` - `2024-06-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.1winxsignup.online.rik79vips.link/
Frame ID: 4ECE7FE5F50D23F1014AE7428F4A4D29
Requests: 67 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Flower Shop

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

67
Requests

99 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

5473 kB
Transfer

6450 kB
Size

0
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://1winhotel.com/index.php
Title: CLAIM THE BONUS

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/
Title: Demos

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/shop-demos/
Title: Shop Demos

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/
Title: Classic Shop

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/shop-demos/simple-slider/
Title: Simple Slider

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/shop-demos/fullscreen-fashion/
Title: Fullscreen Fashion

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/shop-demos/video-cover/
Title: Video Cover

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/shop-demos/slider-cover/
Title: Slider Cover

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/shop-demos/grid-style-1/
Title: Grid Style 1

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/shop-demos/grid-style-2/
Title: Grid Style 2

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/shop-demos/grid-style-3/
Title: Grid Style 3

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/shop-demos/mega-shop/
Title: Mega Shop

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/shop-demos/cute-shop/
Title: Cute Shop

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/shop-demos/sport-shop/
Title: Sport Shop

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/shop-demos/vendor-shop/
Title: Vendor Shop

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/shop-demos/parallax-shop/
Title: Parallax Shop

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/shop-demos/big-sale/
Title: Big Sale

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/shop-demos/sale-countdown/
Title: Sale Countdown

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/business-demos/
Title: Business Demos

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/business-demos/agency/
Title: Agency

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/business-demos/simple-corporate/
Title: Corporate

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/business-demos/freelancer/
Title: Freelancer

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/business-demos/explore/
Title: Explore

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/demos/business-demos/lifestyle/
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/shop/
Title: Shop

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/elements/pages/
Title: Pages

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/elements/pages/portfolio/
Title: Portfolio

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/elements/pages/about/
Title: About

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/elements/pages/contact/
Title: Contact

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/elements/pages/our-stores/
Title: Our Stores

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/elements/pages/maintenance/
Title: Maintenance

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/blog/
Title: Blog

Search URL Search Domain Scan URL

URL: https://gemgo88.biz/elements/
Title: Elements

Search URL Search Domain Scan URL

URL: http://url/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nhanh.vn/

Search URL Search Domain Scan URL

URL: https://plus.google.com/

Search URL Search Domain Scan URL

URL: https://instagram.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/

Search URL Search Domain Scan URL

URL: https://youtube.com/

Search URL Search Domain Scan URL

URL: https://nhanh.vn/
Title: Nhanh.vn

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.1winxsignup.online.rik79vips.link/ 105 KB
105 KB 673ms
209ms Document
text/html 185.224.80.94
ABELOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.224.80.94 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: rik79vips.link
Software: Apache /
Resource Hash: be86157f9d0408f7569c8f38b5c0d5aac347c3b5ef68fd8e9ab2a55dc22ae51d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-length: 107686
content-type: text/html
date: Wed, 03 Apr 2024 19:27:50 GMT
last-modified: Tue, 02 Apr 2024 19:26:40 GMT
server: Apache

GET
H2 200 font-awesome-4.7.0.min.css
web.nvnstatic.net/css/fontAwesome/ 30 KB
7 KB 684ms
500ms Stylesheet
text/css 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.nvnstatic.net/css/fontAwesome/font-awesome-4.7.0.min.css?v=2
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9316300a7fbfa86a6194659f4e810b08cd25949c2e809e032e80266887ff39fc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 09 May 2023 14:36:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"9611adc1d55048a57fa6ace66c87a235"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EqCvkG22NlIvAtGNsQ2lXSrR1tTf0IKLJcWiPG%2Fm%2FtHRe7WJ8Vg27UZkJ4nHamT4nXVjjcIQYfhGJgtKK2DQnGXVwQxj237z5bUI23GD9shKEzgSivulIBzwoAF2a9NUnTjaNsVWZvZK7EE1X7MyKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 86eb755a5d014bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap-3.3.5.min.css
web.nvnstatic.net/css/bootstrap/ 122 KB
20 KB 216ms
33ms Stylesheet
text/css 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.nvnstatic.net/css/bootstrap/bootstrap-3.3.5.min.css?v=2
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88335864d01761f3f5dee097c5cb099f4b6348dd617fd2a6156c788cfdfb56a1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 May 2023 14:37:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 59
etag: W/"bfef4a47ec5b66775b40bcd0b03f2248"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=luWB16i0VJJ3k5C2IBypTJxHmjMrLmuCdaNiKctn1Qc8j9ji08MzucB7KxOKJ%2FgD%2ByaSWvH9tpAYIY2VVWhu9UKsGbrUYAF18E%2FkE3XwqVLeZU8DJbVqbvH7BPHnnEIvt2EbNKJJRAPxCmtFhwTtzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 86eb755a5d034bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 carousel.css
web.nvnstatic.net/tp/T0235/css/lib/ 6 KB
2 KB 564ms
386ms Stylesheet
text/css 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.nvnstatic.net/tp/T0235/css/lib/carousel.css?v=3
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8cc5490e3db0f7ea81391a0e4fc8b2ee233db1757ced5286290f5cf5494b3d9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 20 Jul 2023 08:59:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"96b7bdf2deaa2b70a46668cd2dd589e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dXIDHeTMWRj4%2Fgm0a4QA0YzdzvosR3MkQFoyTQ3ol4HA20ZLLgrBUPDxTsbswyjdvwVW4g9qh8DZGC98%2FlFTURLms2XLD3flvc4MLhQnA2apWNJAE83UrSY3G1BLY5UBc7EjDScfMIdHF95ujoR9tA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 86eb755a5d054bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 timber.css
web.nvnstatic.net/tp/T0235/css/lib/ 81 KB
14 KB 634ms
457ms Stylesheet
text/css 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.nvnstatic.net/tp/T0235/css/lib/timber.css?v=3
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da985ca1ef364741e178f37d6fa7fc55136359990e0bcbf868d762540d1b4ece

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 20 Jul 2023 08:59:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"982fcd4f65ad35c98e3285631cd0712e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HRnrbXTahS3HK4Gu6OJo227evJWtFahZvb%2F%2FwwkPE%2B7qmiOfoF1ITRi3ivyLehGqbG7sC8%2Fcu7XKzli4nzd9Us%2B9AxSHYQyDs5Nqnof2K3JjY7igrt9C%2FG5pXGhttmGWBTHfaT742lD7nzEgysxuEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 86eb755a5d064bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 suplo-style.css
web.nvnstatic.net/tp/T0235/css/lib/ 139 KB
16 KB 620ms
442ms Stylesheet
text/css 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.nvnstatic.net/tp/T0235/css/lib/suplo-style.css?v=3
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f8a9ee9451a39c852cd7b42d613cc7c684bb1d457641a251efd846165a2c3e5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 20 Jul 2023 08:59:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0071396de0f572440619719b043535f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eixGZ5Hbn%2B1km1NZT9FjTsj3nDwnMoDn8ggbg7bIQ%2BD98vakK%2FpzUozggmnzY9LNXlkU0BTwNu%2FCMPhCeDQ1AhA0OeXcDSLynybpk0XkvEvq%2F7Vq9vG2qGP4E%2BgVrvL3Ix8TvZ7PVPYwd87w2lu5BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 86eb755a5d074bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
web.nvnstatic.net/tp/T0235/css/ 28 KB
6 KB 648ms
471ms Stylesheet
text/css 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.nvnstatic.net/tp/T0235/css/style.css?v=3
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aec7af308858f0dc9ce681a30e7296b36dd1cc54fc1a39e07e0fe2dc3d2673f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 20 Jul 2023 08:59:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"451244c01b5b82af258c1f6b7835b661"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=41Im4CbnGQfPJ%2FrkYyHB63eWG6ylOpTQCfDOtfXQyoa9A%2FScLor4iSWbThm3zQcsrxy%2FqqVS219oR6KLbHgMmFkpl3gGBe1cdLydtjWFKDIMLdAqLupcPDUggmHsS%2F9WnragxL6odo5bMDNCk7JiXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 86eb755a5d024bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 lib.js Show response
web.nvnstatic.net/js/ 128 KB
25 KB 122ms
28ms Script
application/javascript 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.nvnstatic.net/js/lib.js?v=22
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c26cd06d448f62099654a3e5abf47a1709259b8af2126e9b6f23a986491a41da

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2024 04:44:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 60
etag: W/"79239538bd7c686ff9058adc279a8df3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=trvza%2FHFy4ZrvVbvaLQs9ov7VKq3ctw0s3LKsXBNUNUegO9jpU7EpJa7gy3UG3VxnsFKAQzQv0OGbfBIoxIvYt2aH%2BiEcpkKQ%2FZssf%2FutKGCOtVEcAWjPDX%2FlAlfoOcwXEqs14bt%2F6%2FACGaiTdMGig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 86eb755ecfe14bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.cookie.js Show response
web.nvnstatic.net/js/jquery/ 2 KB
1 KB 118ms
25ms Script
application/javascript 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.nvnstatic.net/js/jquery/jquery.cookie.js?v=22
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8a244e9ad0c8ae157e862bb4c93e8b7483c9aa78b5639d54f677f26643e0dd7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 May 2023 14:36:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 60
etag: W/"e1f2978f5b75481171785628a51c0902"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xm1ddZSfhMzAPK2cF%2BB2L%2FDbYcfH%2B5qH78jvOBV%2Bam3Ef8bTGV7ZWRjcEpjj35215W%2FYdKh9p2sSr2EBgxB62nC%2FBs5dbh%2FjcaVY09vAQosINvmE72vcjZ57Q6kw7F0EzuRMsbfxtQrkGYlLJaehDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 86eb755ecfe34bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-ui-1.10.3.custom.min.js Show response
web.nvnstatic.net/js/jquery/ 222 KB
61 KB 122ms
30ms Script
application/javascript 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.nvnstatic.net/js/jquery/jquery-ui-1.10.3.custom.min.js?v=22
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8ad56a392d06dec73a15d61020f2ddcd3d4499b734df5a3d15f25bc62cc24c4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 May 2023 14:36:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 60
etag: W/"a68840e8d2b9202d1b8df102196d1389"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YyWM5ahqIhog%2B7Z1IWUgMEMvOFI9N5%2F%2B%2BurOwECZZARM7H0wYMjiG8gVeVerIBoxgMpaX6xp60Z54noF3DWy9DQa%2BG%2F8Zwr4Obgp%2BswBIPZtaa6bd7v3iyDG8vgXD4EI2RL4u%2Fr8IJA09NieAmwkdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 86eb755ecfe44bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap-3.3.5.min.js Show response
web.nvnstatic.net/js/bootstrap/ 36 KB
10 KB 118ms
27ms Script
application/javascript 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.nvnstatic.net/js/bootstrap/bootstrap-3.3.5.min.js?v=22
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 May 2023 14:36:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 60
etag: W/"e7d9a06cf9053c51cd4ad3386da0659a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rFadoJlzSuY7TO6t9L0kU1AhCHczv6vvL0F4JNv1c1uCwhmogRqLlAPsfhFSB%2B1b1J05fAGwjIT8OXelsz4DuIRwU1BqbW11t4ienw3hzzAgm%2BLFZQcYbzEoPvCU4Y31e6fEWS7I347ECID9hzQpJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 86eb755ecfe54bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 owl.carousel.js Show response
web.nvnstatic.net/js/jquery/ 53 KB
9 KB 536ms
448ms Script
application/javascript 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.nvnstatic.net/js/jquery/owl.carousel.js?v=22
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0611f81ec5521ce8ec2d6a2a719d0de5273898618fa70e79ce1c8d9349c0d43

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 09 May 2023 14:36:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"76b5f8df7e13975445ff162dceb31e03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hRrEYvCWHnUwtv%2FMFSCboMD8UeyG6IEjDp2DdeoHtMEw4uJquASJW8FZRUaGrL6bXgQO%2FCCmWdPnBZhauvp%2FvnNm8pRaiaVQ8O2kGnhnTgQsM%2Flg%2Bfypu9mU888TORFwIPlgh%2BPJ0ZvnDei5u2HndA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 86eb755ecfe64bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 script.js Show response
web.nvnstatic.net/tp/T0235/js/ 14 KB
5 KB 534ms
447ms Script
application/javascript 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.nvnstatic.net/tp/T0235/js/script.js?v=2
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6146a1b1e8875b04747429d64b9c699eb21c879cdb299ceccd1bd2c74c78adde

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 20 Jul 2023 08:59:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4820966e6146f5c8867599e6d4811506"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7r7BkkAw90Z5tgolgM4%2BbtOUcvkRnHHmXpbjT9i7XbWT9lg5LrQLevd1VFlbRZe%2FJQnvuuOG%2B7DnpOU2jqBD6IY%2FkClULKeO1Bca3pjUAMwrPgtLcFNYaBghQ%2FDkETAsbUwnpPIsDJDLT64f77puVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 86eb755ecfe74bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.js Show response
web.nvnstatic.net/tp/T0235/js/ 10 KB
3 KB 624ms
536ms Script
application/javascript 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.nvnstatic.net/tp/T0235/js/main.js?v=2
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 139903bf68ffe8fd048fd25645492123c9642b6f45560a9034de7c93edb225b0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 20 Jul 2023 08:59:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"9296d4916afac85c6485bab1a7d42be2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=omEotryDBAhjwfji98bwTY%2BD5U3lXE6iuTYq9b9O8555YHyb%2Fhsr798V8TBi7ZMDUQwKiO%2B4IPZaWfppm00uvoeWs6ROX2zxKbfHKt1NfEnWKZAoAl4McJLh0d%2FuHeJNoHiyk3%2F5ORUGHsMdgL0FCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 86eb755ecfe84bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 vi-vn.js Show response
web.nvnstatic.net/js/translate/ 4 KB
2 KB 108ms
26ms Script
application/javascript 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.nvnstatic.net/js/translate/vi-vn.js
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a7d3ab3bd183bbf353c73b5466f39fbf2591c37997f2daf25c3394b8da90247

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 May 2023 14:36:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 60
etag: W/"b42ba4ad37f89265e62bb2f3c7b3c961"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qoJc%2B8Eco6DYeLR4KE%2Bvsq3ofaNjg8O7dP%2BVWbsjKRWcWFDLZr76ndd6RE8iZBUD4ALKPyDDzlia%2BBZYh0IHE9IuJhuSTMQ7ejNlFf78ghaTteUmB1rte6%2Fz9W4xTARy5cRUkGLi9RSbDVgmJQ%2FzEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 86eb755ecfe94bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.min.css
gemgo88.biz/wp-includes/css/dist/block-library/ 108 KB
15 KB 172ms
26ms Stylesheet
text/css 172.67.208.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gemgo88.biz/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451650
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 24 Jan 2024 19:02:28 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GIkogzaE1MjrxRkzyJormQJHpR76kgbFJUn40iCmJiJMKT0jKy34ZBSfVohDSLbr4UeA7UPWtPNL2KoOduDp96L2BLN5sOmClmBWiXaaPg4Q%2BbKirKbfvYx1rxJokA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 86eb755a2ea94bd3-BUF
expires: Fri, 05 Apr 2024 14:00:21 GMT

GET
H3 200 fl-icons.css
gemgo88.biz/wp-content/themes/flatsome/assets/css/ 328 B
683 B 28ms
23ms Stylesheet
text/css 172.67.208.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gemgo88.biz/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.12

Requested by

Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30fd9ec16112567ac68f1db9d60e71dd610be376f97dd1856ad61ba4265e8fd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451649
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 15 Jul 2023 16:27:28 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G9my0lQa8pke%2FsbzQwkVdLltwnlgzh9eWhqz0eO%2FpwsGJiPaxag2Vw3n%2FSn178z%2BpjkzrF5bZX9cq5F1xpXUgHtGbt9qAMLKLQMNTzbzdmXxsYKt66vzmH%2BU1bHmPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 86eb755a4ec54bd3-BUF
expires: Fri, 05 Apr 2024 14:00:22 GMT

GET
H2 200 flatsome.css
www.1winxsignup.online.rik79vips.link/ 212 KB
213 KB 131ms
120ms Stylesheet
text/css 185.224.80.94
ABELOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1winxsignup.online.rik79vips.link/flatsome.css
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.224.80.94 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: rik79vips.link
Software: Apache /
Resource Hash: 15361d9026d031431eff554180f6126f97ec06b5eec043b8b7ae715e1ef4880e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:50 GMT
last-modified: Tue, 02 Apr 2024 14:05:46 GMT
server: Apache
accept-ranges: bytes
content-length: 217538
content-type: text/css

GET
H3 200 style.css
gemgo88.biz/wp-content/themes/flatsome/ 567 B
817 B 597ms
592ms Stylesheet
text/css 172.67.208.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gemgo88.biz/wp-content/themes/flatsome/style.css?ver=3.13.3

Requested by

Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bb101ba91c513e949fc1b971277f0228e0ec4ecac0078d01bc63014982835e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 15 Jul 2023 16:27:28 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8L6XlMqScAbVCeOz7RvDGG8mO6zBygilSVX3p5GUQl8nrsXun%2BPcuUT%2FFv5%2FIDZkvZ3oXxUlY0zGzWlIrejKnU0mOSP3O70OXt4UzEPQv5liNgrVNq7H%2F3rrzNlKOg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 86eb755a4ec64bd3-BUF
expires: Wed, 10 Apr 2024 19:27:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
982 B 175ms
64ms Stylesheet
text/css 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Requested by

Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81e56d1e7da2629d351e861469401069405236f6ff9a5efb1eaa704ef6bba81f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Apr 2024 19:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Apr 2024 18:01:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Apr 2024 19:27:51 GMT

GET
H3 200 jquery.min.js Show response
gemgo88.biz/wp-includes/js/jquery/ 86 KB
31 KB 31ms
27ms Script
application/javascript 172.67.208.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gemgo88.biz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451650
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tEJmQ3OmPjK6tR7e17%2FkVV8oz1nDS5Lm1oqpkxof3rg%2FRWKQmm7jTdfiPSZPdfIcHdOjyggC46d2UejxcKlgcIafI1%2FsSMriXCg8Fz%2BZipSr0B2XPX0pGuoTYpMQrg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 86eb755a4ec74bd3-BUF
expires: Fri, 05 Apr 2024 14:00:20 GMT

GET
H3 200 jquery-migrate.min.js Show response
gemgo88.biz/wp-includes/js/jquery/ 13 KB
5 KB 27ms
22ms Script
application/javascript 172.67.208.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gemgo88.biz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451650
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jVUfv6QTdmVf2IvEbIOjihwCNzQnrCXZ0F9YSkpgZVPgHhGtGXeeXQ6%2FbzNCcCipKU7DbaD7UUjsigj4OGLq8Z4R%2FNMGhSn0xv2U7Ow7qJts3pjUm08AeoQsuywFBw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 86eb755a4ec84bd3-BUF
expires: Fri, 05 Apr 2024 14:00:21 GMT

GET
H2 200 logo-1win.png
www.1winxsignup.online.rik79vips.link/img/ 60 KB
60 KB 465ms
456ms Image
image/png 185.224.80.94
ABELOHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.1winxsignup.online.rik79vips.link/img/logo-1win.png
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.224.80.94 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: rik79vips.link
Software: Apache /
Resource Hash: 4261def36013b201f8064599063178c6fe2c0f3d96a17407be249ae1100a9909

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:50 GMT
last-modified: Tue, 02 Apr 2024 13:42:08 GMT
server: Apache
accept-ranges: bytes
content-length: 61293
content-type: image/png

GET
H3 200 effects.css
gemgo88.biz/wp-content/themes/flatsome/assets/css/ 2 KB
891 B 28ms
23ms Stylesheet
text/css 172.67.208.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gemgo88.biz/wp-content/themes/flatsome/assets/css/effects.css?ver=3.13.3

Requested by

Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95d82b0ac6a4bc6cdd7bd41c7757f98e16d77d07861eac6378d4e1eb9c1b9010

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451649
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 15 Jul 2023 16:27:28 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ht6ILVc%2B09UzPothdNxXIeItKObQs7NJZiWPBbbetEMz242ndxxVlZd4M5hoIrRQbe6%2F8KLkMDdnY4OmaPQAz3EgJsA2T85GEf1o1BjSMhbmAb5Ggfbk8eNTLMzQgA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 86eb755a4ec94bd3-BUF
expires: Fri, 05 Apr 2024 14:00:21 GMT

GET
H2 404 email-decode.min.js
www.1winxsignup.online.rik79vips.link/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 0
0 501ms
452ms Script
text/html 185.224.80.94
ABELOHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://www.1winxsignup.online.rik79vips.link/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.224.80.94 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: rik79vips.link
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:51 GMT
server: Apache
content-length: 315
content-type: text/html; charset=iso-8859-1

GET
H3 200 flatsome-live-search.js Show response
gemgo88.biz/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/ 16 KB
6 KB 45ms
23ms Script
application/javascript 172.67.208.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gemgo88.biz/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.13.3

Requested by

Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451648
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 15 Jul 2023 16:27:28 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4QLShvMQyzHv0V4v%2FnADDpwQGPg0CsfWkBQV9KV4RvhGh60tTy9qeIAOWsSHG54st0FLdWuu3HY0oi6qHn7EQSOU26exXEWl9BMdbW49DLpb2lLqDOD4cqEXqQbAVA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 86eb755df9114bd3-BUF
expires: Fri, 05 Apr 2024 14:00:23 GMT

GET
H3 200 hoverIntent.min.js Show response
gemgo88.biz/wp-includes/js/ 1 KB
1 KB 34ms
25ms Script
application/javascript 172.67.208.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gemgo88.biz/wp-includes/js/hoverIntent.min.js?ver=1.10.2

Requested by

Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451646
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hEXQLMtV5hQjVnhxavI7dQ73WQ5mQTUhxTtTXwIhzkjHOsMar6x7rpAu5NyraB54C%2BYgmbi3qC9FQTVhndUK0Waw5u2txizfx%2FnmxdYla9aSCB5Mrmh7HQMK533irA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 86eb755e09134bd3-BUF
expires: Fri, 05 Apr 2024 14:00:26 GMT

GET
H3 200 flatsome.js Show response
gemgo88.biz/wp-content/themes/flatsome/assets/js/ 156 KB
46 KB 86ms
78ms Script
application/javascript 172.67.208.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gemgo88.biz/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.13.3

Requested by

Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2721a86e102d7ce2db2b5763901617fa1380e35d0cd29f28e4d73376bc65f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451649
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 15 Jul 2023 16:27:28 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IihaYKhKphkYVmbZryn2i8PQk59qU6srEH2VjFTUwdt8cZwnvOw%2BXssKooOoxl1grlHlAiUxBvB4lIym%2FG4pPygHu45WBiBzsBfyrNAQ8Qxu8sp1tkJ8l4vVDxWxvg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 86eb755e495c4bd3-BUF
expires: Fri, 05 Apr 2024 14:00:23 GMT

GET
H2 200 20180621_oxKQlE1nFpF7H1lvGOqoEKbN.png
pos.nvncdn.com/89cb33-29656/store/ 46 KB
46 KB 218ms
21ms Image
image/png 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/store/20180621_oxKQlE1nFpF7H1lvGOqoEKbN.png
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4096a1961c6787537e18b25b9a3dc33cac8d56b0fa7df07c2859f0e1deee82f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625026
alt-svc: h3=":443"; ma=86400
content-length: 46817
last-modified: Mon, 27 Nov 2023 17:10:52 GMT
server: cloudflare
etag: "bfc226dc3ec23b06827985d6c69cb781"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ho82qHN0qPjbzx0%2F%2BZA0%2FNvsBxpD%2FKr5z6rLKevjZmqXNvwKJfm1Dj%2B1OVGgK06pkqVRxPTHexTFw8aok%2B1T3qoOjaK6l68qMwpAY%2FBotdLHW%2BxDWsM1B02h6tf634jdLFPsLjSGP7IQDpWWlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f5b2e4bd2-BUF

GET
H2 200 index.js Show response
web.nvnstatic.net/tp/T0235/js/ 6 KB
2 KB 526ms
446ms Script
application/javascript 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.nvnstatic.net/tp/T0235/js/index.js?v=2
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad058659787ae21dfe564551d45f61e14dadd8fcf37cafe978ae7ed6aae80268

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 20 Jul 2023 08:59:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"630d330660782e36d8b57a5ae1749692"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I1U8fVLocxJvGqMkbacToan90htiVIWMzXdOeO8NqwfTj6o8PGHXTAmAqPv%2BPN7TMnw7x%2BAUkzuItoHOmuvG%2Fti%2Ftw5j8X5lOErosE%2Fj%2BMSAFAwsomcIBMGh0FbW8%2FLiq1%2BYpR7uQ8wnvIoI6N%2FSKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 86eb755ecfea4bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 20210111_Is06EkiXd32MBddZV6ta8OZE.jpg
pos.nvncdn.com/89cb33-29656/bn/ 119 KB
120 KB 222ms
26ms Image
image/jpeg 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/bn/20210111_Is06EkiXd32MBddZV6ta8OZE.jpg
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28f953885fadffc76dd92ed30f79c5c222cba78209d24f9ac6ab13756c94ad87

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625025
alt-svc: h3=":443"; ma=86400
content-length: 122091
last-modified: Mon, 27 Nov 2023 16:09:50 GMT
server: cloudflare
etag: "c7af1958ee6a567cedb8f631bf70cfe4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qmWtNIZk%2FFcjtFWrBhLrKrCEnAueiYbDLJ4RdgN9IzqlRKjLXj7wS1LZtCiVAfUAlv%2FJfz%2BE4XVYMDmQ612K2V91kG1susFDSR423RYuRU93PhuUOFmwqBicF4N%2B9ZpRdKku4FS4QnsLfL0uNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f5b2c4bd2-BUF

GET
H2 200 20180621_EnzkmW6aWJKtrF1GAIAKX75W.jpg
pos.nvncdn.com/89cb33-29656/ps/ 449 KB
450 KB 291ms
110ms Image
image/jpeg 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/ps/20180621_EnzkmW6aWJKtrF1GAIAKX75W.jpg
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19ba56ba79eb2836f13aab349cf54ca296973dd8b0608f4551fd8576927bfbff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625027
alt-svc: h3=":443"; ma=86400
content-length: 459824
last-modified: Mon, 27 Nov 2023 16:40:57 GMT
server: cloudflare
etag: "979a96cde52b97b6c30fdecaad945e38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BSWhJDBvti9mZVN6GLTDlp9qIGuIpsT6xdnEMstKFaof0U3wM2wESA5WNeOyX6lbkZxCWl3spsXmtZagG47VH9bhZGBiqCxBqprbE9ZiQgv4OE68Pvj2QMLQUdwQ6dv9YqwDd%2Bv0FzXIk61GJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f5b324bd2-BUF

GET
H2 200 20180621_bJ6Z87lVldBMQS9FFtSniECJ.jpg
pos.nvncdn.com/89cb33-29656/ps/ 450 KB
451 KB 275ms
109ms Image
image/jpeg 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/ps/20180621_bJ6Z87lVldBMQS9FFtSniECJ.jpg
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06de6571a049c9394f733732cb1a4803fe9bbcc21ce848b5521fb52b4f49cf05

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625026
alt-svc: h3=":443"; ma=86400
content-length: 460671
last-modified: Mon, 27 Nov 2023 16:49:17 GMT
server: cloudflare
etag: "3fb21bcd654c698f0d7089d8207faedb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BE4MNuxTGL3bQevVRBNvv4BdbyYBuQS34d1eXcohjOyOk6kCTnj%2F%2BWWaXvMhsEKek5n7Q1XAx%2BN6ut4kvv4%2FGrB5TeFLzLR2M%2BA9RrQ8N5ryFI7saDrPWfz6r6dzsulzGnCDdIHSFgtFqla2Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f5b304bd2-BUF

GET
H2 200 20180621_CZr3JftJqcuauUlCnW4Zy4py.jpg
pos.nvncdn.com/89cb33-29656/ps/ 323 KB
323 KB 275ms
110ms Image
image/jpeg 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/ps/20180621_CZr3JftJqcuauUlCnW4Zy4py.jpg
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 245667d8d5d901e3d032c54310d97f6718930abeb9a998bf16a685b2d17d12d7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625027
alt-svc: h3=":443"; ma=86400
content-length: 330512
last-modified: Mon, 27 Nov 2023 16:40:16 GMT
server: cloudflare
etag: "4640a5ad80b79e4f2e351bb4de15cdc3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S2fepZsKdNAGLI3NT7Ofv8hYALu5ML3QA%2Fxm%2F1AHV9dT60%2B4pw8JbG2X16PaxmlLk6ht9YDik62upz5%2B3EWJRxljky6rvfBB4QLtIdg7zSixna%2FmncDJUqJbrkZiw2DWsv2PAsAWLqtFvmh0jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f5b314bd2-BUF

GET
H2 200 20180621_fmLvkOTNCJNXV9vtbfh9hS3x.jpg
pos.nvncdn.com/89cb33-29656/ps/ 361 KB
362 KB 1171ms
1006ms Image
image/jpeg 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/ps/20180621_fmLvkOTNCJNXV9vtbfh9hS3x.jpg
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7e5a79f048c8ef72d0f2b3bc0916361664f22565646c4d621a10f9d8997915b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:53 GMT
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 16:50:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7c368153c6b3d056deab3bc7205eed1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VEA5B2T4tVjbtnJsQ9crINRx9kL4VqEgjB3hizFs%2BCwi9oK5TEXjPzKiV6OfqP2tMkk5qKwf8r%2BuS8afcgC1%2FdAsrdu2Dj28mx2W%2FG57D00koVTTtXPB%2Fc4Prou4cb0Mef%2FCc6yQCmX%2FKcb3Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f5b2f4bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 369664

GET
H2 200 20180621_yx5JALl2B14koyNy1di5f7q6.jpg
pos.nvncdn.com/89cb33-29656/ps/ 412 KB
412 KB 160ms
147ms Image
image/jpeg 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/ps/20180621_yx5JALl2B14koyNy1di5f7q6.jpg
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4efba4a9f0455ae87c0deb617760b08b7b10bf3e64df9ef87e5cbc169b63483b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625027
alt-svc: h3=":443"; ma=86400
content-length: 421495
last-modified: Mon, 27 Nov 2023 16:57:45 GMT
server: cloudflare
etag: "ffb5817049c620d26f77764855a7bef9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9W3orreUphBzvH0Xs4UTzfFSChO3LRKGUvWYDkvyXNkZ71kf8zagjHmRFxM6gOdzvaOZTmBMsT9a9riL%2FEKbMA%2BtH17n7Xb39aC%2FvIXM7l8%2B5QQplWWfOylPHfdtxeByx%2FeRdwuw2PMrXOo8ig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f9b454bd2-BUF

GET
H2 200 20180621_6mIMedMwmMdpvSNlFvP3QfYL.jpg
pos.nvncdn.com/89cb33-29656/ps/ 483 KB
484 KB 163ms
150ms Image
image/jpeg 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/ps/20180621_6mIMedMwmMdpvSNlFvP3QfYL.jpg
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c35efe122f3ed745c5746f8b77aea9eb91121b8d7924cf52d91a343535175636

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625026
alt-svc: h3=":443"; ma=86400
content-length: 494176
last-modified: Mon, 27 Nov 2023 16:38:29 GMT
server: cloudflare
etag: "6c0f3c1bc67c34bcd66279395006c636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B6HwfmCyiWNKCaBe2ZrwwJROcrKkeXbY5p96SAaUePzGQZnXG%2BS44bWQOydfpTUPztLlpeHMn%2FTRoMdos40GGsuANXrrR7gBtLcUix9CadfSzHQ4VeuUoWkClF8Yoi3Re2HIz37Ww16xFaidOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f9b494bd2-BUF

GET
H2 200 20180621_BSLacThnVZRQuiCTby50b164.jpg
pos.nvncdn.com/89cb33-29656/ps/ 386 KB
387 KB 162ms
150ms Image
image/jpeg 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/ps/20180621_BSLacThnVZRQuiCTby50b164.jpg
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ca62135c4db8ef7e32bd98ae6f2534251ee2ad057481b80d92c30bf7840acaa

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625027
alt-svc: h3=":443"; ma=86400
content-length: 395451
last-modified: Mon, 27 Nov 2023 16:39:52 GMT
server: cloudflare
etag: "8ee610778ba9550af84a0bb2c47cbbc1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zfr%2Fl3yQ31DcOjHdUep0G%2Fts2OrPpzfmyAah25Cwwl%2B%2F830zGPfu%2BPSxiUzXUu4Jr1mA0zl75p5Mf9CxTyXoautuHyColI9WY%2BKhnttr5AosW5dToeEOycGehEYu%2B%2B4Yyh%2BzAnpJVoSqNaFddw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f9b4b4bd2-BUF

GET
H2 200 lazyLoading.gif
web.nvnstatic.net/img/ 3 KB
3 KB 526ms
477ms Image
image/gif 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web.nvnstatic.net/img/lazyLoading.gif?v=2%3E
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 371e62ba99e5c7830161ac5df385d89cdbf976b41313ce8b06ed1873995ce8aa

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 03 Jul 2023 03:44:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ed05732d0b6a7a6e3c6f9bf2faf2a798"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mroaJieWeh%2FSNc5fChYYatlCVamXbZD06E6vVzLK%2B162bUnRfUf93sUovsG53TDeiq5Gy5ioagwwEGpl6iR1A8pQUFJY3O9fwuzL0xS6gIIOKQgD0GBFJRZSLUmPN5ViYilXT8DhM9lYQ8WRd5fzvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 86eb755eeff34bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 3056

GET
H2 200 20190604_I3KQvwPEe4yZWHbnLJmsDAmS.jpg
pos.nvncdn.com/89cb33-29656/ps/ 74 KB
74 KB 877ms
865ms Image
image/jpeg 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/ps/20190604_I3KQvwPEe4yZWHbnLJmsDAmS.jpg
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c95151f7075c21f5e01be93c390d97e17ad99a050a15072c0155d3a7cb8923c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:53 GMT
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 16:58:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "b0c9abe842d923200f5a443ca2b6339c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fob%2Fx52frWIWd33ncEu1rKosj%2FVMN2n4vbZconEd3YtZO9C5H0LB3DsKiwZ%2FQzeVkMF4LSueq2fnL3PgYOC%2Ff6LfF8eep9e1S5kxTSbw3MKdugahL8vuRz0WXUUhnNknPPHE87XV9CpbrSuyAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f9b4c4bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 75623

GET
H2 200 20190604_RjSoaBCO8t8AbYXqMcHnGHT3.jpg
pos.nvncdn.com/89cb33-29656/ps/ 115 KB
116 KB 161ms
149ms Image
image/jpeg 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/ps/20190604_RjSoaBCO8t8AbYXqMcHnGHT3.jpg
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbc718452904199a0a4ddb3ef8d2835e83ff22cf7e4888e14865e3fca98ad248

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625026
alt-svc: h3=":443"; ma=86400
content-length: 117975
last-modified: Mon, 27 Nov 2023 16:59:17 GMT
server: cloudflare
etag: "4f5de1648034fd00690effce9cc71201"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bXFgSI4ONtiQvB0zbOyyQX9UtbF%2B5WHF0jsdN%2BnydqkaXiDr66sZSEqtkRrgOCZIG21ipn59Wyv%2FVNPd35%2FiGJc37UtWWvnURbH0JLyZs6uShUGHn8sv8478U%2BR6EtZHmUdIPIMKltRqmYOgJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f9b4d4bd2-BUF

GET
H2 200 20190604_V7u4juSthsIARmpzbRaf1PNi.jpg
pos.nvncdn.com/89cb33-29656/ps/ 22 KB
22 KB 159ms
147ms Image
image/jpeg 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/ps/20190604_V7u4juSthsIARmpzbRaf1PNi.jpg
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c67032b7d5aae6c7400bbf5393b1526f4fcce0099d4e1c5359928097cf6848b0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625027
alt-svc: h3=":443"; ma=86400
content-length: 22033
last-modified: Mon, 27 Nov 2023 16:59:42 GMT
server: cloudflare
etag: "1b69244b4dc76009cfd5571d53ce0bb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mtlR71%2FcBROl16P2aWSChqjKJrqdHMV%2FnGxIHjPHUXRC56yukhgvwj4S2RPKOqRFOWAiq0%2F2p5vsmL34ankd2WVOXLeiSMzE9vc7h0hA8hUQ2QNEJxO%2BKtb51d6l27xWbFWOrpjXBK8Bl9Fdvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f9b4e4bd2-BUF

GET
H2 200 20190604_5RckhoIn0DzU5HVcnsGwMYt2.jpg
pos.nvncdn.com/89cb33-29656/ps/ 120 KB
121 KB 161ms
150ms Image
image/jpeg 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/ps/20190604_5RckhoIn0DzU5HVcnsGwMYt2.jpg
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4620a960326e976c9b428f723ebb721cca802544358635a5a7579c1f6ccb2de8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625026
alt-svc: h3=":443"; ma=86400
content-length: 123359
last-modified: Mon, 27 Nov 2023 16:58:10 GMT
server: cloudflare
etag: "26a1b9949c2d9f533127c9c6e18f3cd2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IkMwLO4b3w7p%2FUZ3%2BcMmE%2BtFfTpcEuq6gQ8mj8ICRZsa7vaCHcHHOTYv46a%2FUA%2BvRjoGA5McJAb40B2V9xzuDcTZUVhWGQP%2FEuRzng088PHgVGNdIU7POSXceluge3oazUHqOMhw5vOrwslnsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f9b4f4bd2-BUF

GET
H2 200 20190604_M0QHsCFdEXhU1zWOUKslhAvF.jpg
pos.nvncdn.com/89cb33-29656/ps/ 22 KB
22 KB 160ms
149ms Image
image/jpeg 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/ps/20190604_M0QHsCFdEXhU1zWOUKslhAvF.jpg
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca284ce4d6bba26ea855c04588dccd6f337ea42b00c28de2ebfa009a3018cb44

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625026
alt-svc: h3=":443"; ma=86400
content-length: 22181
last-modified: Mon, 27 Nov 2023 16:59:00 GMT
server: cloudflare
etag: "ff363cd97693409ba110a102175f288f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDEzj0KVFj6z92vJLZNnvDTMRoDsGtJv2AcktFbXQFTIdRLSj1O2aJttzNR2Y7ZtxgFGvLFd8U8KNAWTg7suY0L6lpCGIQQILBXvfKz%2F%2FgSDHk3X8YBDcbRKekccSOOyrJAy8rL9rcs4MMXb8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f9b504bd2-BUF

GET
H2 200 20190604_etBTEFJdoNxfbp8ZRwTWUGPz.jpg
pos.nvncdn.com/89cb33-29656/ps/ 58 KB
58 KB 159ms
148ms Image
image/jpeg 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/ps/20190604_etBTEFJdoNxfbp8ZRwTWUGPz.jpg
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a263a38b9412330aa1dc4e66bf67b1004a2a468b65b9014546da0e5ca2d81f76

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625027
alt-svc: h3=":443"; ma=86400
content-length: 59042
last-modified: Mon, 27 Nov 2023 16:59:59 GMT
server: cloudflare
etag: "0ecc0c0760ec46d631ecb4464b4b57ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m3hbVodaots%2FopttemtqmaWL7s2BlF23lKOJCJXefdklY4ZKhTjXjKKC5YzZALOaQdz2DKyoqtzRndNy6sweXSCQTQ0Jq9FKdr%2F9zOdSCL8Q8X7PKvgok%2Fat3%2BHUNV9zx1Sr0q9LfQaS0D%2Ft0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f9b514bd2-BUF

GET
H2 200 20180621_mXSwkASq1VSODsy8SX242N9R.jpg
pos.nvncdn.com/89cb33-29656/ps/ 434 KB
435 KB 163ms
152ms Image
image/jpeg 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/ps/20180621_mXSwkASq1VSODsy8SX242N9R.jpg
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdf464a2b5e944f1f68db20c4f8f18b90c085597e4282c0ece1834b83d4c20ba

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625026
alt-svc: h3=":443"; ma=86400
content-length: 444443
last-modified: Mon, 27 Nov 2023 16:53:27 GMT
server: cloudflare
etag: "fa3c2e710260291ba15788b76ef2626c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JksFBQudflF3f8xSc43xXrn8CV4AU%2BHym1vMokjIboBk1gfr8C7AekMUw0rpFiJbALimX6xaSLtK1MAjOs%2B0MgiMthE9j7yM5GDLLyipNnbdfnHjLnluehh3lEa4SG8qhCyFtwZNfufK4lAUJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f9b524bd2-BUF

GET
H2 200 20180621_0YBIXIfkvJa0eyeMqhi2ZtT0.jpg
pos.nvncdn.com/89cb33-29656/art/ 47 KB
48 KB 162ms
151ms Image
image/jpeg 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/art/20180621_0YBIXIfkvJa0eyeMqhi2ZtT0.jpg
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1eed86bf728fdb124264126f3078bd5680bfdb1d75bf560e70dcfb43c4a8d58f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625025
alt-svc: h3=":443"; ma=86400
content-length: 48635
last-modified: Mon, 27 Nov 2023 15:51:40 GMT
server: cloudflare
etag: "bd74f09f04a933a6f9adac4f577cbee9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LyNOV%2BrJohBY5fYeXMFbsP5C1Iv%2F4pOpHCYqAhSG%2B2UBusWp7cTvJg1L15JiHOw3WsB5Zq3K08KekDL2SoOGRZHrpVNdU0oK5HXt3zb8g1uWOdxGz9JCRr6EgZHRb%2BwlHxqIm5BAcLleBHUeKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f9b534bd2-BUF

GET
H2 200 20180621_02bh894ufcZupOxrMAmruc76.jpg
pos.nvncdn.com/89cb33-29656/art/ 41 KB
41 KB 162ms
151ms Image
image/jpeg 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/art/20180621_02bh894ufcZupOxrMAmruc76.jpg
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5942ed3f5962d438a93eec8d53625bed7f8f008aaf2737b1a25b632a83199f3e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625027
alt-svc: h3=":443"; ma=86400
content-length: 41733
last-modified: Mon, 27 Nov 2023 15:51:32 GMT
server: cloudflare
etag: "1acac2e5db6213db5410be194ab55739"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S1dJ1mGfkfVtDcrNNQoT0dAO0HDCF9ypoYfxJumt%2BqPc%2BwetuRmjaRZ%2F7P50WQz0uyxis2gzZcyKilJkV2TS3sb5VBbX4uOuSpwXjDxVeN2h1XMVqj1fpPsU%2FDw5ZA6IXpKnd42cBD5lVYGeHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f9b544bd2-BUF

GET
H2 200 20180621_2mieXQO6cXJtwxc43ymDh1Zv.jpg
pos.nvncdn.com/89cb33-29656/art/ 56 KB
56 KB 162ms
152ms Image
image/jpeg 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/art/20180621_2mieXQO6cXJtwxc43ymDh1Zv.jpg
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c55c61c886e498b3e9e292f24f45887c523851c82bb10863339b6e9963b5936

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625027
alt-svc: h3=":443"; ma=86400
content-length: 57255
last-modified: Mon, 27 Nov 2023 15:51:48 GMT
server: cloudflare
etag: "c0250163cf0be234c5d11362e254e06e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Io53O5IEMJmCMqyaOPEjuR2LPcqLnr2jisfJiUwmGJhSiWTffwsm1ev9P31K0Bi3Bp2K7BgZoIuR8ydeYXF1237xGN096PD1kqo4zwBwChZNVMD%2FoGDxsYfsRNd9jYeoDJ3HM0%2F4DvhyEGTqAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f9b554bd2-BUF

GET
H2 200 20180621_7sfj74lIzUpGui8lQENJyjFv.jpg
pos.nvncdn.com/89cb33-29656/art/ 44 KB
45 KB 892ms
882ms Image
image/jpeg 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/art/20180621_7sfj74lIzUpGui8lQENJyjFv.jpg
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9c51cab916e2093ea60df5ce954de3557297d210af9578dadcbbf4fa1b55831

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:53 GMT
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 15:52:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "d6a50763eabb6b21a4b28f7a5405b545"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2uZd3fyBxlPRxSZgwoWLFwM6iWBb3aD15l5OfEo%2BVqRaCj3G%2FusaBypO4I%2FhNWiybqSf01iC7uvL1i6WLBP3agQSgMlgs8xDa9T2C%2BYXzDFrtGRml6JGF0eODWqyNjijBG59uS2s0%2B37Z3wZxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f9b564bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 45213

GET
H2 200 lazyLoading.gif
web.nvnstatic.net/img/ 3 KB
3 KB 76ms
46ms Image
image/gif 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web.nvnstatic.net/img/lazyLoading.gif?v=2
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 371e62ba99e5c7830161ac5df385d89cdbf976b41313ce8b06ed1873995ce8aa

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60
alt-svc: h3=":443"; ma=86400
content-length: 3056
last-modified: Mon, 03 Jul 2023 03:44:32 GMT
server: cloudflare
etag: "ed05732d0b6a7a6e3c6f9bf2faf2a798"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tJywe%2Fd7fazZFfLg7lR2yDROqMNLQ%2BJtjidhgrSBqMhzBHLyF8kG3YYeVAPMeBDMnXeOHFtGMVUIDE2sqhMbtaCFUp29IdpmSVhcmWv5AykkJmvGSYz0V25dL%2FKIEs1HE8hcIC6Coav35e4xpbepBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 86eb755eeff44bcd-BUF

GET
H2 200 nhanh_16x16.png
web.nvnstatic.net/img/ 918 B
1 KB 509ms
479ms Image
image/png 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web.nvnstatic.net/img/nhanh_16x16.png?v=2
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0121a8e01488ef384a1d6c43f86727d8ebe818ee8a684c85f7e1268d304c1216

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 03 Jul 2023 03:44:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "cca40d07424538f7d7277969275111c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N8iVKSBzDR1heQRJIFl1sOR1UfUsu2nVZMDRcX0vKm21wO9jsxAeruu5BWJdryzVoJU%2BgojoZt1%2Fcztdirg9L479Yljr4wNAi%2FFb%2FrpBna7YJhu7EjK0KOhGR%2B7TlptLG2c7RKr3eZJqeoC%2B%2F4hFtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 86eb755eeff54bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 918

GET
H2 200 skin.css
web.nvnstatic.net/css/ 1 KB
823 B 119ms
24ms Stylesheet
text/css 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.nvnstatic.net/css/skin.css?v=9
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e9781077a66df904e1babda71786a39797ecaaba99dc55b4be98a3fe308301

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 May 2023 14:36:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 60
etag: W/"cb66caea1cff96f648e6e147cac7e3f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i2irTyzL34uQaqp%2BUJsCwrTKjAdm8Ato1vc6By9rBvQpN8r1eIXyK7HFFeIr5xYiRK4h7yg5vvBUPU9C5aXIIKSa1yBtD8S4H1xZh9%2Fa%2FLudya8u6sd31%2FdcJMgz8L2NGAOHBblFyxP%2FL3UwhcEPpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 86eb755ecfe04bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK dfe70947-2dc5-41b0-b0fb-6e24330823d9
https://www.1winxsignup.online.rik79vips.link/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.1winxsignup.online.rik79vips.link/dfe70947-2dc5-41b0-b0fb-6e24330823d9
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 895b5b7db53c49134a6c6021cb3a676e778b479d43ca28f600a1feb3ea512484

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 1355
Content-Type: text/javascript

GET
H2 200 logo-1win.png
www.1winxsignup.online.rik79vips.link/img/ 60 KB
60 KB 130ms
95ms Image
image/png 185.224.80.94
ABELOHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.1winxsignup.online.rik79vips.link/img/logo-1win.png
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.224.80.94 , Netherlands, ASN204196 (ABELOHOST, NL),
Reverse DNS: rik79vips.link
Software: Apache /
Resource Hash: 4261def36013b201f8064599063178c6fe2c0f3d96a17407be249ae1100a9909

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:51 GMT
last-modified: Tue, 02 Apr 2024 13:42:08 GMT
server: Apache
accept-ranges: bytes
content-length: 61293
content-type: image/png

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 189ms
65ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.1winxsignup.online.rik79vips.link
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 07:50:02 GMT
x-content-type-options: nosniff
age: 41870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 07:50:02 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 187ms
64ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.1winxsignup.online.rik79vips.link
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 09:03:58 GMT
x-content-type-options: nosniff
age: 37434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 09:03:58 GMT

GET
H2 200 20180621_oxKQlE1nFpF7H1lvGOqoEKbN.png
pos.nvncdn.com/89cb33-29656/store/ 46 KB
46 KB 159ms
148ms Image
image/png 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/store/20180621_oxKQlE1nFpF7H1lvGOqoEKbN.png
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4096a1961c6787537e18b25b9a3dc33cac8d56b0fa7df07c2859f0e1deee82f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625026
alt-svc: h3=":443"; ma=86400
content-length: 46817
last-modified: Mon, 27 Nov 2023 17:10:52 GMT
server: cloudflare
etag: "bfc226dc3ec23b06827985d6c69cb781"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BD2Qx1N4v1Otu6gZAiWBqifr%2BJkSEeGYH5Evsvtf1ko%2FIMP%2FSYQF8yl8onW5K2KoeZRbHA8iICwaEJBvAkiBxMkShddwYLZ5jx7B6YHtBSWibqtquhHcOKD93zOHZ%2BKK9%2FKv42aJw%2FIFb7prnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb755f9b574bd2-BUF

GET
H2 200 lazyLoading.gif
web.nvnstatic.net/img/ 3 KB
3 KB 451ms
451ms Image
image/gif 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web.nvnstatic.net/img/lazyLoading.gif?v=2%3E
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 371e62ba99e5c7830161ac5df385d89cdbf976b41313ce8b06ed1873995ce8aa

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 03 Jul 2023 03:44:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ed05732d0b6a7a6e3c6f9bf2faf2a798"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LfohjNSuvDSUZrxoUT4CMNkFKkReyUQcM7OdF7qMEdBxWsjEiK3HWKsG5JXghS0ls15OHQMCXdoK%2F8dfuc3yD07tWqrQ%2BKv%2Blya6SCc9cnsWBwhp4lmO4DqzALQJJ1hjpyqmLCm8Ak8tXBoge2%2Bulw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 86eb755f28114bcd-BUF
alt-svc: h3=":443"; ma=86400
content-length: 3056

GET
H2 200 fontawesome-webfont.woff2
web.nvnstatic.net/css/fontAwesome/fonts/ 75 KB
76 KB 740ms
333ms Font
font/woff2 2606:4700:3037::6815:8bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://web.nvnstatic.net/css/fontAwesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: web.nvnstatic.net
URL: https://web.nvnstatic.net/css/fontAwesome/font-awesome-4.7.0.min.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://web.nvnstatic.net/css/fontAwesome/font-awesome-4.7.0.min.css?v=2
Origin: https://www.1winxsignup.online.rik79vips.link
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: MISS
last-modified: Tue, 09 May 2023 14:37:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eoiM5gwAVdEhoWpgR3xbrVMmPR2Ab5MbMXmyWECY7kdyNwQBOQvM1vN1zZFrWW7paXAX3%2FYJgc2Q3hqbetSLZLIUBtFX7UMKVBv%2B2twt%2BXDN7fTpyNaZNwKjFEpP4Qn5uCqcVZ8fk1yf8wK6OFd%2Bxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 86eb75613b544bcf-BUF
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H2 200 S6u9w4BMUTPHh6UVSwaPGR_p.woff2
fonts.gstatic.com/s/lato/v24/ 5 KB
5 KB 134ms
127ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwaPGR_p.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef7cd3d4ed7de91e7eb3c05a31c6fa1da0b08d07cbfab8ae108c34d5e39cdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.1winxsignup.online.rik79vips.link
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 07:47:57 GMT
x-content-type-options: nosniff
age: 41995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5368
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 07:47:57 GMT

GET
H2 200 S6uyw4BMUTPHjxAwXjeu.woff2
fonts.gstatic.com/s/lato/v24/ 5 KB
5 KB 118ms
105ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.1winxsignup.online.rik79vips.link
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 07:47:37 GMT
x-content-type-options: nosniff
age: 42015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5472
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 07:47:37 GMT

GET
H2 200 20180621_EnzkmW6aWJKtrF1GAIAKX75W.jpg
pos.nvncdn.com/89cb33-29656/ps/ 449 KB
450 KB 658ms
351ms Image
image/jpeg 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pos.nvncdn.com/89cb33-29656/ps/20180621_EnzkmW6aWJKtrF1GAIAKX75W.jpg
Requested by: Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19ba56ba79eb2836f13aab349cf54ca296973dd8b0608f4551fd8576927bfbff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625027
alt-svc: h3=":443"; ma=86400
content-length: 459824
last-modified: Mon, 27 Nov 2023 16:40:57 GMT
server: cloudflare
etag: "979a96cde52b97b6c30fdecaad945e38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BjQVX%2BjZ9aWiYUdDyZUnYQuMuwwtyOhP7CskTMTe0VrphBIZbeLwaVHgmRdBwVIZWwfxyHMVZB4MYutxIegew9y8A2gMxb1qdJmFbJExDVQ8ckm4udqXgbdUVsXep08%2FTXsYGWJm0Cd5OFr4Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb75613ccf4bd2-BUF

GET
H3 200 wp-emoji-release.min.js Show response
gemgo88.biz/wp-includes/js/ 18 KB
5 KB 64ms
30ms Script
application/javascript 172.67.208.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gemgo88.biz/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451645
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JSANaHVBuwptVpIsf5h0kXL7VXKA%2BVEaXGczdPjuz6pRJmDWalacZ2vhFY5x%2Fvz18JUNvrL7CsCLOFz4cbh7Ds4qLCxC1DlgN0ts1J6JRZ7XPN4%2Bs8rogPwnZECKww%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 86eb75639dc54bd3-BUF
expires: Fri, 05 Apr 2024 14:00:27 GMT

GET
H3 200 bg.jpg
gemgo88.biz/wp-content/uploads/2024/03/ 23 KB
23 KB 39ms
38ms Image
image/jpeg 172.67.208.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gemgo88.biz/wp-content/uploads/2024/03/bg.jpg

Requested by

Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

682bce576c9ec9d17cdb295bb348b83e6f9ad1a4c7655c048ef2ee77fe50386f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451646
alt-svc: h3=":443"; ma=86400
content-length: 23352
last-modified: Thu, 14 Mar 2024 09:56:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QiiySDFB3v4849dYyJqkeYltczFtAyqBUQ4J5mY3rdqsPM85AnXXDe%2FSFpRhHnDIqdBKOFk8Fk%2FVYw3aD7DC8rfaF%2B%2FAmmRXPICVN9I24N%2FiV0Yksvb4V%2BOBGJkQ6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 86eb75643e6b4bd3-BUF
expires: Fri, 05 Apr 2024 14:00:27 GMT

GET
H2 200 1f381.svg
s.w.org/images/core/emoji/14.0.0/svg/ 656 B
648 B 176ms
81ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f381.svg

Requested by

Host: www.1winxsignup.online.rik79vips.link
URL: https://www.1winxsignup.online.rik79vips.link/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

05a6562177e8e5f89852e08f7bbd6b62597b35d70c92238fcab4d6674ec76048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nc: HIT yyz 1
date: Wed, 03 Apr 2024 19:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20180621_NyjQ65B8uN3gPQjdtOTWryTZ.png
pos.nvncdn.com/89cb33-29656/store/ 3 KB
3 KB 58ms
19ms Other
image/png 2606:4700:3034::ac43:9787
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pos.nvncdn.com/89cb33-29656/store/20180621_NyjQ65B8uN3gPQjdtOTWryTZ.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9787 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e628178e19bc9c37916c21e80187a52f32e05c1d6f33c75e6af795473f523b1e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.1winxsignup.online.rik79vips.link/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:27:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 625025
alt-svc: h3=":443"; ma=86400
content-length: 2820
last-modified: Mon, 27 Nov 2023 17:10:43 GMT
server: cloudflare
etag: "ec3e79636e0f2f4f34088cc31807f1d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=13gxbkdR7z%2FztXj10JDPs3Q5uKD9olAHuYr1aVA37PWdfU1bqUsOBRjhNrQNqYb6il0FCPQ5Brd18jQwrGBGznUlUuCk1XF3ITi0eWtnhMe8MHa1ecUiBiYP34ySzP7QtI1%2BdpjP%2BFFDIsSpvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 86eb7567798d4bd2-BUF

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.1winxsignup.online.rik79vips.link/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Message: Failed to load resource: the server responded with a status of 404 ()
deprecation	warning	URL: https://gemgo88.biz/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.13.3(Line 57) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
gemgo88.biz
pos.nvncdn.com
s.w.org
web.nvnstatic.net
www.1winxsignup.online.rik79vips.link
172.67.208.173
185.224.80.94
192.0.77.48
2606:4700:3034::ac43:9787
2606:4700:3037::6815:8bc
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::200a
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
0121a8e01488ef384a1d6c43f86727d8ebe818ee8a684c85f7e1268d304c1216
04e9781077a66df904e1babda71786a39797ecaaba99dc55b4be98a3fe308301
05a6562177e8e5f89852e08f7bbd6b62597b35d70c92238fcab4d6674ec76048
06de6571a049c9394f733732cb1a4803fe9bbcc21ce848b5521fb52b4f49cf05
0ca62135c4db8ef7e32bd98ae6f2534251ee2ad057481b80d92c30bf7840acaa
139903bf68ffe8fd048fd25645492123c9642b6f45560a9034de7c93edb225b0
15361d9026d031431eff554180f6126f97ec06b5eec043b8b7ae715e1ef4880e
19ba56ba79eb2836f13aab349cf54ca296973dd8b0608f4551fd8576927bfbff
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
1eed86bf728fdb124264126f3078bd5680bfdb1d75bf560e70dcfb43c4a8d58f
245667d8d5d901e3d032c54310d97f6718930abeb9a998bf16a685b2d17d12d7
28f953885fadffc76dd92ed30f79c5c222cba78209d24f9ac6ab13756c94ad87
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30fd9ec16112567ac68f1db9d60e71dd610be376f97dd1856ad61ba4265e8fd2
371e62ba99e5c7830161ac5df385d89cdbf976b41313ce8b06ed1873995ce8aa
3aec7af308858f0dc9ce681a30e7296b36dd1cc54fc1a39e07e0fe2dc3d2673f
4261def36013b201f8064599063178c6fe2c0f3d96a17407be249ae1100a9909
4620a960326e976c9b428f723ebb721cca802544358635a5a7579c1f6ccb2de8
4bb101ba91c513e949fc1b971277f0228e0ec4ecac0078d01bc63014982835e7
4c55c61c886e498b3e9e292f24f45887c523851c82bb10863339b6e9963b5936
4c95151f7075c21f5e01be93c390d97e17ad99a050a15072c0155d3a7cb8923c
4ef7cd3d4ed7de91e7eb3c05a31c6fa1da0b08d07cbfab8ae108c34d5e39cdb9
4efba4a9f0455ae87c0deb617760b08b7b10bf3e64df9ef87e5cbc169b63483b
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5942ed3f5962d438a93eec8d53625bed7f8f008aaf2737b1a25b632a83199f3e
5a7d3ab3bd183bbf353c73b5466f39fbf2591c37997f2daf25c3394b8da90247
6146a1b1e8875b04747429d64b9c699eb21c879cdb299ceccd1bd2c74c78adde
682bce576c9ec9d17cdb295bb348b83e6f9ad1a4c7655c048ef2ee77fe50386f
81e56d1e7da2629d351e861469401069405236f6ff9a5efb1eaa704ef6bba81f
88335864d01761f3f5dee097c5cb099f4b6348dd617fd2a6156c788cfdfb56a1
895b5b7db53c49134a6c6021cb3a676e778b479d43ca28f600a1feb3ea512484
8f8a9ee9451a39c852cd7b42d613cc7c684bb1d457641a251efd846165a2c3e5
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9316300a7fbfa86a6194659f4e810b08cd25949c2e809e032e80266887ff39fc
95d82b0ac6a4bc6cdd7bd41c7757f98e16d77d07861eac6378d4e1eb9c1b9010
9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
a0611f81ec5521ce8ec2d6a2a719d0de5273898618fa70e79ce1c8d9349c0d43
a263a38b9412330aa1dc4e66bf67b1004a2a468b65b9014546da0e5ca2d81f76
a2721a86e102d7ce2db2b5763901617fa1380e35d0cd29f28e4d73376bc65f97
a8ad56a392d06dec73a15d61020f2ddcd3d4499b734df5a3d15f25bc62cc24c4
ad058659787ae21dfe564551d45f61e14dadd8fcf37cafe978ae7ed6aae80268
be86157f9d0408f7569c8f38b5c0d5aac347c3b5ef68fd8e9ab2a55dc22ae51d
c26cd06d448f62099654a3e5abf47a1709259b8af2126e9b6f23a986491a41da
c35efe122f3ed745c5746f8b77aea9eb91121b8d7924cf52d91a343535175636
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c67032b7d5aae6c7400bbf5393b1526f4fcce0099d4e1c5359928097cf6848b0
ca284ce4d6bba26ea855c04588dccd6f337ea42b00c28de2ebfa009a3018cb44
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cdf464a2b5e944f1f68db20c4f8f18b90c085597e4282c0ece1834b83d4c20ba
d7e5a79f048c8ef72d0f2b3bc0916361664f22565646c4d621a10f9d8997915b
d8cc5490e3db0f7ea81391a0e4fc8b2ee233db1757ced5286290f5cf5494b3d9
da985ca1ef364741e178f37d6fa7fc55136359990e0bcbf868d762540d1b4ece
e628178e19bc9c37916c21e80187a52f32e05c1d6f33c75e6af795473f523b1e
e9c51cab916e2093ea60df5ce954de3557297d210af9578dadcbbf4fa1b55831
ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
f4096a1961c6787537e18b25b9a3dc33cac8d56b0fa7df07c2859f0e1deee82f
f8a244e9ad0c8ae157e862bb4c93e8b7483c9aa78b5639d54f677f26643e0dd7
fbc718452904199a0a4ddb3ef8d2835e83ff22cf7e4888e14865e3fca98ad248

www.1winxsignup.online.rik79vips.link Open in urlscan Pro 185.224.80.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

67 Requests

99 %HTTPS

57 %IPv6

7 Domains

7 Subdomains

8 IPs

2 Countries

5473 kBTransfer

6450 kBSize

0 Cookies

40 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.1winxsignup.online.rik79vips.link Open in urlscan Pro
185.224.80.94 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

99 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

5473 kB
Transfer

6450 kB
Size

0
Cookies

67 HTTP transactions
0 data transactions