1wklkbv.com Open in urlscan Pro
94.130.10.163 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7
Submission: On July 21 via api (July 21st 2024, 5:01:41 pm UTC) from US — Scanned from DE

Summary HTTP 51 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 16 IPs in 7 countries across 12 domains to perform 51 HTTP transactions. The main IP is 94.130.10.163, located in Landshut, Germany and belongs to HETZNER-AS, DE. The main domain is 1wklkbv.com.
TLS certificate: Issued by R10 on July 20th 2024. Valid for: 3 months.

This is the only time 1wklkbv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	94.130.10.163 94.130.10.163	24940 (HETZNER-AS) (HETZNER-AS)
1	18.239.18.40 18.239.18.40	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	154.197.121.128 154.197.121.128	328608 (Africa-on...) (Africa-on-Cloud-AS)
4 8	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	18.239.94.121 18.239.94.121	16509 (AMAZON-02) (AMAZON-02)
3 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1d::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
4	52.214.197.35 52.214.197.35	16509 (AMAZON-02) (AMAZON-02)
1	13.227.219.120 13.227.219.120	16509 (AMAZON-02) (AMAZON-02)
3	190.115.24.78 190.115.24.78	59692 (IQWEB) (IQWEB)
2	44.229.169.60 44.229.169.60	16509 (AMAZON-02) (AMAZON-02)
51	16

18 94.130.10.163 (Landshut, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: df865c775.fastvps-server.com

1wklkbv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.18.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-40.ams58.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.197.121.128 (Seychelles)

ASN328608 (Africa-on-Cloud-AS, ZA)

1win-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.166 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

12572451.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
12688802.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.94.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-121.ams1.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1d::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.214.197.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-197-35.eu-west-1.compute.amazonaws.com

datc.owdp.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-120.ams54.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 190.115.24.78 (Belize)

ASN59692 (IQWEB, AE)
PTR: ddos-guard.net

1wprru.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.229.169.60 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-169-60.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	1wklkbv.com 1wklkbv.com	717 KB
11	doubleclick.net 4 redirects 12572451.fls.doubleclick.net — Cisco Umbrella Rank: 335755 12688802.fls.doubleclick.net — Cisco Umbrella Rank: 340553 ad.doubleclick.net — Cisco Umbrella Rank: 210 stats.g.doubleclick.net — Cisco Umbrella Rank: 252	1 KB
6	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 6787	4 KB
4	owdp.tech datc.owdp.tech — Cisco Umbrella Rank: 317024	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	368 KB
3	1wprru.life 1wprru.life	143 KB
3	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 4671 api2.amplitude.com — Cisco Umbrella Rank: 1505	24 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3773
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2503	71 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	60 KB
2	1win-cdn.com 1win-cdn.com — Cisco Umbrella Rank: 686502	552 B
1	google.de www.google.de — Cisco Umbrella Rank: 6716	63 B
51	12

	Domain	Requested by
18	1wklkbv.com	1wklkbv.com
6	mc.yandex.com	2 redirects 1wklkbv.com mc.yandex.ru
4	datc.owdp.tech	1wklkbv.com
4	12688802.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	12572451.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	www.googletagmanager.com	1wklkbv.com www.googletagmanager.com
3	1wprru.life	1wklkbv.com
2	api2.amplitude.com	cdn.amplitude.com
2	region1.analytics.google.com	www.googletagmanager.com
2	ad.doubleclick.net	1wklkbv.com
2	mc.yandex.ru	1 redirects 1wklkbv.com
2	1win-cdn.com	1wklkbv.com
1	script.hotjar.com	static.hotjar.com
1	www.google.de	1wklkbv.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	static.hotjar.com	1wklkbv.com
1	cdn.amplitude.com	1wklkbv.com
51	17

This site contains links to these domains. Also see Links.

Domain
1wprru.life

Subject Issuer	Validity	Valid
1wklkbv.com R10	`2024-07-20` - `2024-10-18`	3 months	crt.sh
cdn.amplitude.com Amazon RSA 2048 M02	`2023-12-14` - `2025-01-12`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
1win-cdn.com WE1	`2024-07-01` - `2024-09-29`	3 months	crt.sh
*.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.de WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
datc.owdp.tech R11	`2024-07-10` - `2024-10-08`	3 months	crt.sh
1wprru.life R3	`2024-06-05` - `2024-09-03`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2024-01-31` - `2025-03-02`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7
Frame ID: FCBAFAABFEEA5D763A39AE608BB0D01D
Requests: 47 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CMymmY3OuIcDFWME-QAdHBEqCQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4317704519681.9575
Frame ID: 2C262B73DC581D3DEBC4D44D2691D51C
Requests: 1 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=CNSToI3OuIcDFRUj-QAdgfQm2Q;src=12688802;type=actio0;cat=allpa0;ord=1;num=6424134693921;npa=1;auiddc=1245300471.1721581297;ps=1;pcor=801998639;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9188705310z8894400803za201zb894400803;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3D33a766s80i9r7
Frame ID: 361690C5B52C01A17C39416A74C6F7FE
Requests: 1 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CLGltI3OuIcDFeUZ-QAdEDYBWw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1683592668574.7004
Frame ID: 3E4948CF47B512FE2B5A2E36863F7EA0
Requests: 1 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=CJK0tI3OuIcDFSQd-QAdDogMAw;src=12688802;type=actio0;cat=allpa0;ord=1;num=7334182846339;npa=1;auiddc=1245300471.1721581297;ps=1;pcor=1297589258;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9188705310z8894400803za201zb894400803;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26
Frame ID: B7313AB5AB61AD0B7376A1039F471E1E
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 0AEFF05422B84C24F4F3ADEEED5F90BE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1win

Detected technologies

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Websocket (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<(?:link|a)[^>]+href=["']wss?://

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

51
Requests

96 %
HTTPS

33 %
IPv6

12
Domains

17
Subdomains

16
IPs

7
Countries

1387 kB
Transfer

3093 kB
Size

32
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://1wprru.life/casino?open=deposit
Title: Entrada

Search URL Search Domain Scan URL

URL: https://1wprru.life/bonuses
Title: Termos e condições da promoção

Search URL Search Domain Scan URL

URL: https://1wprru.life/?open=deposit
Title: Recarregar conta

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4317704519681.9575 HTTP 302
https://12572451.fls.doubleclick.net/activityi;dc_pre=CMymmY3OuIcDFWME-QAdHBEqCQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4317704519681.9575

Request Chain 29

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=6424134693921;npa=1;auiddc=1245300471.1721581297;ps=1;pcor=801998639;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9188705310z8894400803za201zb894400803;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3D33a766s80i9r7 HTTP 302
https://12688802.fls.doubleclick.net/activityi;dc_pre=CNSToI3OuIcDFRUj-QAdgfQm2Q;src=12688802;type=actio0;cat=allpa0;ord=1;num=6424134693921;npa=1;auiddc=1245300471.1721581297;ps=1;pcor=801998639;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9188705310z8894400803za201zb894400803;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3D33a766s80i9r7

Request Chain 39

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10437.EZDQWZg7YGMK7TY_dok6PmALvabjns4IGGpytSmz8qrn0IClayVFR3fNZ_7U7MTV.PCkKijPLzP6qzkPWd4fQA2UHYn8%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10437.YzN81F7HAUrNtfSqq2lw9fWS0ZdFDzUKR68M6wEy_-I95nzFWaRvyiCb_T9_JcQH0JkVJMtzfwnbFrstlQ6XJQjap6ifONTiocZ_6AU5ReObpqDM7zqEVGF_r1qCbJbT4JFMM2yJz1KhVD2nzj9NIIsRcV-otP6AHNkt46wBhetCz5QD0UYNB08ecRfEpwYWrYsbMRkurnscWIwZfEKDYcZKBdiohlQnnFzwJoa2wgo%2C.DVWbs_YsTfA7J9roWPEnVHd7JxU%2C

Request Chain 41

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1683592668574.7004 HTTP 302
https://12572451.fls.doubleclick.net/activityi;dc_pre=CLGltI3OuIcDFeUZ-QAdEDYBWw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1683592668574.7004

Request Chain 42

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=7334182846339;npa=1;auiddc=1245300471.1721581297;ps=1;pcor=1297589258;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9188705310z8894400803za201zb894400803;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26 HTTP 302
https://12688802.fls.doubleclick.net/activityi;dc_pre=CJK0tI3OuIcDFSQd-QAdDogMAw;src=12688802;type=actio0;cat=allpa0;ord=1;num=7334182846339;npa=1;auiddc=1245300471.1721581297;ps=1;pcor=1297589258;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9188705310z8894400803za201zb894400803;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26

Request Chain 47

https://mc.yandex.com/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3D33a766s80i9r7&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgh60k7s18a5hi3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1390%3Acn%3A1%3Adp%3A0%3Als%3A268508928478%3Ahid%3A478378561%3Az%3A120%3Ai%3A20240721190137%3Aet%3A1721581297%3Ac%3A1%3Arn%3A307626383%3Arqn%3A1%3Au%3A1721581297555613424%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A354%3Awv%3A2%3Ads%3A0%2C34%2C11%2C2%2C1%2C0%2C%2C21%2C0%2C%2C%2C%2C313%3Aco%3A0%3Acpf%3A1%3Ans%3A1721581296301%3Agi%3AR0ExLjEuMzg1MDc5NzY1LjE3MjE1ODEyOTc%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1721581297%3At%3A1win&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037568)ti(1) HTTP 302
https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3D33a766s80i9r7&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgh60k7s18a5hi3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1390%3Acn%3A1%3Adp%3A0%3Als%3A268508928478%3Ahid%3A478378561%3Az%3A120%3Ai%3A20240721190137%3Aet%3A1721581297%3Ac%3A1%3Arn%3A307626383%3Arqn%3A1%3Au%3A1721581297555613424%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A354%3Awv%3A2%3Ads%3A0%2C34%2C11%2C2%2C1%2C0%2C%2C21%2C0%2C%2C%2C%2C313%3Aco%3A0%3Acpf%3A1%3Ans%3A1721581296301%3Agi%3AR0ExLjEuMzg1MDc5NzY1LjE3MjE1ODEyOTc%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1721581297%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29

51 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request external-marketing Show response
1wklkbv.com/v3/2431/br/ 17 KB
5 KB 201ms
12ms Document
text/html 94.130.10.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.10.163 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: df865c775.fastvps-server.com
Software: nginx/1.23.4 /
Resource Hash: 106d22bd0f9c2fb50cb35dffac5d41c0d0b71f2a856b6cdd8817c61a225aae60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html
date: Sun, 21 Jul 2024 17:01:36 GMT
etag: "661fb4f3-4336"
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
vary: Accept-Encoding

GET
H2 200 index-0ce5c634.js Show response
1wklkbv.com/v3/2431/br/external-marketing/assets/ 134 KB
41 KB 27ms
26ms Script
application/javascript 94.130.10.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-0ce5c634.js
Requested by: Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.10.163 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: df865c775.fastvps-server.com
Software: nginx/1.23.4 /
Resource Hash: 291b92952130268891642dea5cb85ffa8ba9f62b3c3f95147b41a0ff8111d280

Request headers

Referer: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7
Origin: https://1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
content-encoding: gzip
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
etag: "661fb4f3-216b0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 index-5d372cb9.css
1wklkbv.com/v3/2431/br/external-marketing/assets/ 134 KB
75 KB 15ms
14ms Stylesheet
text/css 94.130.10.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Requested by: Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.10.163 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: df865c775.fastvps-server.com
Software: nginx/1.23.4 /
Resource Hash: 5d372cb95c04fd5b2c34790d6b8679f6dd5796cb27db5c83b68940c568d4bbd1

Request headers

Referer: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
content-encoding: gzip
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
etag: "661fb4f3-216ef"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes

GET
H2 200 logo-1win.svg
1wklkbv.com/v3/2431/br/external-marketing/img/logo/ 3 KB
893 B 22ms
21ms Image
image/svg+xml 94.130.10.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1wklkbv.com/v3/2431/br/external-marketing/img/logo/logo-1win.svg
Requested by: Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.10.163 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: df865c775.fastvps-server.com
Software: nginx/1.23.4 /
Resource Hash: 3cc48cc7988466d19b323285dc3cd9c54f638f4e610b7f00b03d40a312e6a10f

Request headers

Referer: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
content-encoding: gzip
last-modified: Wed, 17 Apr 2024 11:39:30 GMT
server: nginx/1.23.4
etag: "661fb4f2-a4d"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 813

GET
H2 200 analytics-browser-1.9.1-min.js.gz Show response
cdn.amplitude.com/libs/ 78 KB
24 KB 65ms
15ms Script
application/javascript 18.239.18.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/analytics-browser-1.9.1-min.js.gz
Requested by: Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-40.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 003323cb8d24bc4767961492cc2e75ca440b5e1eedecf528248345ff9e99f61c

Request headers

Referer: https://1wklkbv.com/
Origin: https://1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 11:53:36 GMT
content-encoding: gzip
via: 1.1 36a7c1e18cbe5ff8281d77427bf1c0e6.cloudfront.net (CloudFront)
x-amz-version-id: a2lgF8YXGboryhr.g8VsMWAXvZTQIa8E
x-amz-cf-pop: AMS58-P6
age: 10213680
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24161
last-modified: Fri, 03 Mar 2023 20:55:00 GMT
server: AmazonS3
etag: "3f392996cd1c9b079141e6ab3151fc90"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: Vfve0eheNaMHC3kgw95DGwT_fIFY6yV8W0FaACcbtgoLjt0t9yCrKQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 375 KB
110 KB 41ms
17ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Requested by

Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6535aa1d5c227a4fded33e23f64c03837eb1c38d2e17274dba6504bac881bd5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112662
x-xss-protection: 0
last-modified: Sun, 21 Jul 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Jul 2024 17:01:36 GMT

GET
H2 200 flags.svg
1wklkbv.com/v3/2431/br/external-marketing/flags/ 190 KB
45 KB 21ms
21ms Other
image/svg+xml 94.130.10.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1wklkbv.com/v3/2431/br/external-marketing/flags/flags.svg
Requested by: Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.10.163 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: df865c775.fastvps-server.com
Software: nginx/1.23.4 /
Resource Hash: 46f7c85353be615eb961fca31f10d696cc75f317786b29fc250028fd70a081e7

Request headers

Referer: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
content-encoding: gzip
last-modified: Wed, 17 Apr 2024 11:39:30 GMT
server: nginx/1.23.4
etag: "661fb4f2-2f71c"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes

GET
H2 200 form-sprite.svg
1wklkbv.com/v3/2431/br/external-marketing/sprites/ 3 KB
1 KB 21ms
21ms Other
image/svg+xml 94.130.10.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1wklkbv.com/v3/2431/br/external-marketing/sprites/form-sprite.svg
Requested by: Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.10.163 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: df865c775.fastvps-server.com
Software: nginx/1.23.4 /
Resource Hash: 7fac6a360735f048385117afb469e559e28a63e3fd0b0800d0df07ad0e1a417b

Request headers

Referer: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
content-encoding: gzip
last-modified: Wed, 17 Apr 2024 11:39:30 GMT
server: nginx/1.23.4
etag: "661fb4f2-a62"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1010

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/avif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce06da3f08fb8375be6e6a2a4e74a3db33b950d01d63e49e7d43ff4241ff231

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/avif

GET
H2 200 badge-bg-e1fcd70b.svg
1wklkbv.com/v3/2431/br/external-marketing/assets/ 683 B
502 B 15ms
13ms Image
image/svg+xml 94.130.10.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/badge-bg-e1fcd70b.svg
Requested by: Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.10.163 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: df865c775.fastvps-server.com
Software: nginx/1.23.4 /
Resource Hash: e1fcd70bf1a7c0992743176bdd58be930e70c531cfcc57a8d58164c7f61fd642

Request headers

Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
content-encoding: gzip
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
etag: "661fb4f3-2ab"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 457

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/avif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2a79616bf2a1d6e716b14ccd3fbe937237aff01d875e28d0e29c2f339191f6c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/avif

GET
H2 200 star-3f49e448.svg
1wklkbv.com/v3/2431/br/external-marketing/assets/ 431 B
475 B 13ms
12ms Image
image/svg+xml 94.130.10.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/star-3f49e448.svg
Requested by: Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.10.163 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: df865c775.fastvps-server.com
Software: nginx/1.23.4 /
Resource Hash: 3f49e4486b1ded1a0acfe351b613ae721fb302c45f3386b4375667ce5db7895c

Request headers

Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
etag: "661fb4f3-1af"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 431

GET
H2 200 Inter-Regular-ed64c5d8.woff2
1wklkbv.com/v3/2431/br/external-marketing/assets/ 96 KB
96 KB 15ms
14ms Font
font/woff2 94.130.10.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/Inter-Regular-ed64c5d8.woff2
Requested by: Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.10.163 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: df865c775.fastvps-server.com
Software: nginx/1.23.4 /
Resource Hash: ed64c5d83f5fcc357eb8afd0a7b8d9912cae97d88dd57cccb64787bb643c7c76

Request headers

Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Origin: https://1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
content-encoding: gzip
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
etag: "661fb4f3-181c4"
vary: Accept-Encoding
content-type: font/woff2
accept-ranges: bytes

GET
H2 200 racket-left-tablet-768-2a1536de.avif
1wklkbv.com/v3/2431/br/external-marketing/assets/ 6 KB
6 KB 14ms
13ms Image
image/avif 94.130.10.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/racket-left-tablet-768-2a1536de.avif
Requested by: Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.10.163 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: df865c775.fastvps-server.com
Software: nginx/1.23.4 /
Resource Hash: 2a1536dec00b0ec3d3063400280ea1290f056e4f65a38d0cf3d81232ec2fe74f

Request headers

Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
content-encoding: gzip
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
etag: "661fb4f3-1946"
vary: Accept-Encoding
content-type: image/avif
accept-ranges: bytes

GET
H2 200 racket-right-laptop-462fb921.avif
1wklkbv.com/v3/2431/br/external-marketing/assets/ 14 KB
14 KB 16ms
15ms Image
image/avif 94.130.10.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/racket-right-laptop-462fb921.avif
Requested by: Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.10.163 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: df865c775.fastvps-server.com
Software: nginx/1.23.4 /
Resource Hash: 462fb921be64511ed4bf14df155932d82db34ad6eb4e355dacb64cc7ec7fb342

Request headers

Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
content-encoding: gzip
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
etag: "661fb4f3-36ba"
vary: Accept-Encoding
content-type: image/avif
accept-ranges: bytes

GET
H2 200 girl-laptop-c3c32942.avif
1wklkbv.com/v3/2431/br/external-marketing/assets/ 21 KB
21 KB 15ms
14ms Image
image/avif 94.130.10.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/girl-laptop-c3c32942.avif
Requested by: Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.10.163 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: df865c775.fastvps-server.com
Software: nginx/1.23.4 /
Resource Hash: c3c329429486fe516d5655d0c363131b05e1976f9aee61c44309745a1fb440c2

Request headers

Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
content-encoding: gzip
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
etag: "661fb4f3-5275"
vary: Accept-Encoding
content-type: image/avif
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/avif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14635727a3204a6e8b78b00dab023a24a7de925a95b7ef86fa0ccfd93192db73

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/avif

GET
H2 200 Inter-SemiBold-d6d09054.woff2
1wklkbv.com/v3/2431/br/external-marketing/assets/ 104 KB
104 KB 15ms
15ms Font
font/woff2 94.130.10.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/Inter-SemiBold-d6d09054.woff2
Requested by: Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.10.163 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: df865c775.fastvps-server.com
Software: nginx/1.23.4 /
Resource Hash: d6d0905419e1e821c57189396db46ffe335960bd68befedddaf9e73f3f2e7a3a

Request headers

Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Origin: https://1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
content-encoding: gzip
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
etag: "661fb4f3-1a124"
vary: Accept-Encoding
content-type: font/woff2
accept-ranges: bytes

GET
H2 200 Inter-Black-1d1374a7.woff2
1wklkbv.com/v3/2431/br/external-marketing/assets/ 101 KB
101 KB 16ms
15ms Font
font/woff2 94.130.10.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/Inter-Black-1d1374a7.woff2
Requested by: Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.10.163 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: df865c775.fastvps-server.com
Software: nginx/1.23.4 /
Resource Hash: 1d1374a7e2f7a6d506cfcfb4b5bf6edc78801d9dbf58ceb7f5a6b54d5cee5ec4

Request headers

Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Origin: https://1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
content-encoding: gzip
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
etag: "661fb4f3-19598"
vary: Accept-Encoding
content-type: font/woff2
accept-ranges: bytes

GET
H2 200 Inter-Medium-a4ad8ac6.woff2
1wklkbv.com/v3/2431/br/external-marketing/assets/ 103 KB
103 KB 17ms
17ms Font
font/woff2 94.130.10.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/Inter-Medium-a4ad8ac6.woff2
Requested by: Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.10.163 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: df865c775.fastvps-server.com
Software: nginx/1.23.4 /
Resource Hash: a4ad8ac69b901406c6d29ec3173cbf7b00f4652b997b40033c8c640028a6db1e

Request headers

Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Origin: https://1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
content-encoding: gzip
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
etag: "661fb4f3-19dd8"
vary: Accept-Encoding
content-type: font/woff2
accept-ranges: bytes

GET
H2 200 Inter-Bold-04079eb5.woff2
1wklkbv.com/v3/2431/br/external-marketing/assets/ 105 KB
104 KB 15ms
15ms Font
font/woff2 94.130.10.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/Inter-Bold-04079eb5.woff2
Requested by: Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.10.163 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: df865c775.fastvps-server.com
Software: nginx/1.23.4 /
Resource Hash: 04079eb5aa58d207bc036c8e55d464ea23947d1b1d48d220ebcd1b7c230f589f

Request headers

Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Origin: https://1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
content-encoding: gzip
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
etag: "661fb4f3-1a2e4"
vary: Accept-Encoding
content-type: font/woff2
accept-ranges: bytes

OPTIONS
H2 204 filters
1win-cdn.com/domains/by/ Frame 0
0 262ms
232ms Preflight 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1win-cdn.com/domains/by/filters

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://1wklkbv.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8a6cc100083565a7-FRA
date: Sun, 21 Jul 2024 17:01:36 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Headers
x-frame-options: DENY

POST
H2 200 filters Show response
1win-cdn.com/domains/by/ 2 KB
552 B 37ms
36ms Fetch
application/json 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1win-cdn.com/domains/by/filters

Requested by

Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-0ce5c634.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

cloudflare /

Resource Hash

c37dbf708ce56ea91a3c58ae5834ac38356994db5af5ab95662d0882bac8b1a1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
content-encoding: gzip
x-app-version: v1.40.0
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 8a6cc1017a1365a7-FRA

GET
DATA 200
OK truncated
/ 311 B
0 Image
image/avif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/avif

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
91 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9afa026b4263547efc06462a3581583b0dafd433876e359aa8ada67890f61062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93562
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 21 Jul 2024 17:01:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
91 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-16482547739&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

afb5ed590a2a3302eb483be5ded014fe011f91722523bbe3a961c9ab870fb695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92897
x-xss-protection: 0
last-modified: Sun, 21 Jul 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Jul 2024 17:01:36 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 210 KB
76 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

662848dcda0628eafb8c8842f17b2190afe3946c3e574bf9e364f99d0d12632e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77368
x-xss-protection: 0
last-modified: Sun, 21 Jul 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Jul 2024 17:01:36 GMT

GET
H2

200

activityi;dc_pre=CMymmY3OuIcDFWME-QAdHBEqCQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
12572451.fls.doubleclick.net/ Frame 2C26
Redirect Chain

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://12572451.fls.doubleclick.net/activityi;dc_pre=CMymmY3OuIcDFWME-QAdHBEqCQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

0
0

161ms
160ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12572451.fls.doubleclick.net/activityi;dc_pre=CMymmY3OuIcDFWME-QAdHBEqCQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4317704519681.9575?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wklkbv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 995
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jul 2024 17:01:36 GMT
expires: Sun, 21 Jul 2024 17:01:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jul 2024 17:01:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12572451.fls.doubleclick.net/activityi;dc_pre=CMymmY3OuIcDFWME-QAdHBEqCQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4317704519681.9575?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hotjar-2606090.js Show response
static.hotjar.com/c/ 9 KB
4 KB 69ms
23ms Script
application/javascript 18.239.94.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Requested by

Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-121.ams1.r.cloudfront.net

Software

Resource Hash

d4adcfac74d2474efebbfb5cfdd20126d041b28af656c3f6a73fa3743f1f67e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sun, 21 Jul 2024 17:00:43 GMT
via: 1.1 0ce4e0ab92519d33ff3c6cca42806b7e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
age: 55
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/54d4801e2ccc2ba409f933f880932379
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: 8VAJV-7iB06vWmME7pJGNEqhxjBwGCwAlzvN0AR0FuBs-0uOiA8hvg==

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 274ms
131ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9fc0f105fe1e12a87554e5973a997446b02184422130d16e261e020707d1af5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 18 Jul 2024 14:00:06 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66991fe6-11588"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71048
expires: Sun, 21 Jul 2024 18:01:36 GMT

GET
H3

200

activityi;dc_pre=CNSToI3OuIcDFRUj-QAdgfQm2Q;src=12688802;type=actio0;cat=allpa0;ord=1;num=6424134693921;npa=1;auiddc=1245300471.1721581297;ps=1;pcor=801998639;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
12688802.fls.doubleclick.net/ Frame 3616
Redirect Chain

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=6424134693921;npa=1;auiddc=1245300471.1721581297;ps=1;pcor=801998639;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;u...
https://12688802.fls.doubleclick.net/activityi;dc_pre=CNSToI3OuIcDFRUj-QAdgfQm2Q;src=12688802;type=actio0;cat=allpa0;ord=1;num=6424134693921;npa=1;auiddc=1245300471.1721581297;ps=1;pcor=801998639;u...

0
0

165ms
164ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12688802.fls.doubleclick.net/activityi;dc_pre=CNSToI3OuIcDFRUj-QAdgfQm2Q;src=12688802;type=actio0;cat=allpa0;ord=1;num=6424134693921;npa=1;auiddc=1245300471.1721581297;ps=1;pcor=801998639;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9188705310z8894400803za201zb894400803;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3D33a766s80i9r7?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wklkbv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 393
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jul 2024 17:01:37 GMT
expires: Sun, 21 Jul 2024 17:01:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jul 2024 17:01:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12688802.fls.doubleclick.net/activityi;dc_pre=CNSToI3OuIcDFRUj-QAdgfQm2Q;src=12688802;type=actio0;cat=allpa0;ord=1;num=6424134693921;npa=1;auiddc=1245300471.1721581297;ps=1;pcor=801998639;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9188705310z8894400803za201zb894400803;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3D33a766s80i9r7?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=6424134693921;npa=1;auiddc=1245300471.1721581297;ps=1;pcor=801998639;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl...
ad.doubleclick.net/ 0
23 B 255ms
178ms Image
image/png 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=6424134693921;npa=1;auiddc=1245300471.1721581297;ps=1;pcor=801998639;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9188705310z8894400803za201zb894400803;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3D33a766s80i9r7?

Requested by

Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jul 2024 17:01:36 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"3880003109455531342"}],"aggregatable_trigger_data":[{"filters":[{"14":["13647302"]}],"key_piece":"0xec3296d5250afa11","source_keys":["12","13","14","15","16","17","18","19","20","21","634951512","634951513","634951514","634951515","900140808","900140809","900140810","900140811"]},{"key_piece":"0xe69b8565d5d5666a","not_filters":{"14":["13647302"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","634951512","634951513","634951514","634951515","900140808","900140809","900140810","900140811"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"634951512":36,"634951513":36,"634951514":36,"634951515":3530,"900140808":34,"900140809":34,"900140810":34,"900140811":3345},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"964788422234779779","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"3880003109455531342","filters":[{"14":["13647302"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"3880003109455531342","filters":[{"14":["13647302"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"3880003109455531342","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"3880003109455531342","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12688802"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 71ms
14ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-548949LWLW&gtm=45je47h0v894728184z8894400803za200zb894400803&_p=1721581296522&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=385079765.1721581297&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dp=%2Fv3%2F2431%2Fbr%2Fexternal-marketing&sid=1721581296&sct=1&seg=0&dl=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3D33a766s80i9r7&dt=1win&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_url=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3D33a766s80i9r7&tfd=511&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jul 2024 17:01:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1wklkbv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 78ms
21ms Ping
text/plain 2a00:1450:400c:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-548949LWLW&cid=385079765.1721581297&gtm=45je47h0v894728184z8894400803za200zb894400803&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jul 2024 17:01:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1wklkbv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 95ms
42ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-548949LWLW&cid=385079765.1721581297&gtm=45je47h0v894728184z8894400803za200zb894400803&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1&npa=1&frm=0&z=778292737

Requested by

Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jul 2024 17:01:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 pv
datc.owdp.tech/ 0
315 B 220ms
111ms Ping
text/plain 52.214.197.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://datc.owdp.tech/pv

Requested by

Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.214.197.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-197-35.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jul 2024 17:01:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS

POST
H2 204 events
datc.owdp.tech/ 0
314 B 236ms
128ms Ping
text/plain 52.214.197.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://datc.owdp.tech/events?event_name=undefined_undefined

Requested by

Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.214.197.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-197-35.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jul 2024 17:01:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS

GET
H2 200 modules.e4b2dc39f985f11fb1e4.js Show response
script.hotjar.com/ 223 KB
56 KB 59ms
15ms Script
application/javascript 13.227.219.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-120.ams54.r.cloudfront.net

Software

Resource Hash

619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Jul 2024 08:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 1759829
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56291
last-modified: Mon, 01 Jul 2024 08:10:34 GMT
etag: "ca025d2d8ae4b3dc51e058b782590501"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: RGZ2fochijahLdD8wUD3y90YE09dsSKc3Pguq5IDGYRsMhlp3iNoyA==

GET
H2 200 / Show response
1wprru.life/ 426 KB
143 KB 278ms
46ms Fetch
text/html 190.115.24.78
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1wprru.life/

Requested by

Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-0ce5c634.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.24.78 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

81263580e70b5c79f9ad2c8b1cdd4f2e11adbb58bb5ebd45fb78eacc6ea5adc3

Security Headers

Name

Value

X-Frame-Options

ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:37 GMT
content-encoding: gzip
server: ddos-guard
vary: Origin
x-match-domain: 1wklkbv.com
content-type: text/html; charset=utf-8
access-control-allow-origin: https://1wklkbv.com
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
access-control-allow-credentials: true
x-request-id: 8Z85OFiDK6OLnQb2

POST
H2 204 events
datc.owdp.tech/ 0
314 B 117ms
113ms Ping
text/plain 52.214.197.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://datc.owdp.tech/events?event_name=registration_form_view

Requested by

Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.214.197.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-197-35.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jul 2024 17:01:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10437.EZDQWZg7YGMK7TY_dok6PmALvabjns4IGGpytSmz8qrn0IClayVFR3fNZ_7U7MTV.PCkKijPLzP6qzkPWd4fQA2UHYn8%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10437.YzN81F7HAUrNtfSqq2lw9fWS0ZdFDzUKR68M6wEy_-I95nzFWaRvyiCb_T9_JcQH0JkVJMtzfwnbFrstlQ6XJQjap6ifONTiocZ_6AU5ReObpqDM7zqEVGF_r1qCbJbT4JFMM2yJz1...

43 B
672 B

60ms
60ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10437.YzN81F7HAUrNtfSqq2lw9fWS0ZdFDzUKR68M6wEy_-I95nzFWaRvyiCb_T9_JcQH0JkVJMtzfwnbFrstlQ6XJQjap6ifONTiocZ_6AU5ReObpqDM7zqEVGF_r1qCbJbT4JFMM2yJz1KhVD2nzj9NIIsRcV-otP6AHNkt46wBhetCz5QD0UYNB08ecRfEpwYWrYsbMRkurnscWIwZfEKDYcZKBdiohlQnnFzwJoa2wgo%2C.DVWbs_YsTfA7J9roWPEnVHd7JxU%2C

Requested by

Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jul 2024 17:01:37 GMT
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10437.YzN81F7HAUrNtfSqq2lw9fWS0ZdFDzUKR68M6wEy_-I95nzFWaRvyiCb_T9_JcQH0JkVJMtzfwnbFrstlQ6XJQjap6ifONTiocZ_6AU5ReObpqDM7zqEVGF_r1qCbJbT4JFMM2yJz1KhVD2nzj9NIIsRcV-otP6AHNkt46wBhetCz5QD0UYNB08ecRfEpwYWrYsbMRkurnscWIwZfEKDYcZKBdiohlQnnFzwJoa2wgo%2C.DVWbs_YsTfA7J9roWPEnVHd7JxU%2C
strict-transport-security: max-age=31536000
date: Sun, 21 Jul 2024 17:01:37 GMT
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
595 B 103ms
103ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jul 2024 17:01:37 GMT
last-modified: Thu, 18 Jul 2024 14:00:06 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66991fe6-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 21 Jul 2024 18:01:37 GMT

GET
H3

200

activityi;dc_pre=CLGltI3OuIcDFeUZ-QAdEDYBWw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
12572451.fls.doubleclick.net/ Frame 3E49
Redirect Chain

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://12572451.fls.doubleclick.net/activityi;dc_pre=CLGltI3OuIcDFeUZ-QAdEDYBWw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

0
0

160ms
159ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12572451.fls.doubleclick.net/activityi;dc_pre=CLGltI3OuIcDFeUZ-QAdEDYBWw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1683592668574.7004?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wklkbv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 992
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jul 2024 17:01:37 GMT
expires: Sun, 21 Jul 2024 17:01:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jul 2024 17:01:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12572451.fls.doubleclick.net/activityi;dc_pre=CLGltI3OuIcDFeUZ-QAdEDYBWw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1683592668574.7004?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CJK0tI3OuIcDFSQd-QAdDogMAw;src=12688802;type=actio0;cat=allpa0;ord=1;num=7334182846339;npa=1;auiddc=1245300471.1721581297;ps=1;pcor=1297589258;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uap...
12688802.fls.doubleclick.net/ Frame B731
Redirect Chain

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=7334182846339;npa=1;auiddc=1245300471.1721581297;ps=1;pcor=1297589258;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;...
https://12688802.fls.doubleclick.net/activityi;dc_pre=CJK0tI3OuIcDFSQd-QAdDogMAw;src=12688802;type=actio0;cat=allpa0;ord=1;num=7334182846339;npa=1;auiddc=1245300471.1721581297;ps=1;pcor=1297589258;...

0
0

160ms
160ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12688802.fls.doubleclick.net/activityi;dc_pre=CJK0tI3OuIcDFSQd-QAdDogMAw;src=12688802;type=actio0;cat=allpa0;ord=1;num=7334182846339;npa=1;auiddc=1245300471.1721581297;ps=1;pcor=1297589258;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9188705310z8894400803za201zb894400803;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wklkbv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 383
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jul 2024 17:01:37 GMT
expires: Sun, 21 Jul 2024 17:01:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jul 2024 17:01:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12688802.fls.doubleclick.net/activityi;dc_pre=CJK0tI3OuIcDFSQd-QAdDogMAw;src=12688802;type=actio0;cat=allpa0;ord=1;num=7334182846339;npa=1;auiddc=1245300471.1721581297;ps=1;pcor=1297589258;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9188705310z8894400803za201zb894400803;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 affiliate:link_visit Show response
1wprru.life/ 37 B
263 B 67ms
67ms XHR
application/json 190.115.24.78
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1wprru.life/affiliate:link_visit?visit_domain=1wklkbv.com&sub_ids=sub1%3D33a766s80i9r7

Requested by

Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-0ce5c634.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.24.78 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard / Express

Resource Hash

9c3b25f260defd6991608963a30a67cad0981ecce13e5975b1a6304887514d7f

Security Headers

Name

Value

X-Frame-Options

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-origin: 1wklkbv.com

Response headers

date: Sun, 21 Jul 2024 17:01:37 GMT
content-encoding: gzip
server: ddos-guard
etag: W/"25-Zj67mG54TfZ031q1ea2QwFUXWX4"
x-powered-by: Express
access-control-max-age: 7200
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wklkbv.com
access-control-expose-headers: Authorization
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Authorization, X-Origin

GET
H3 200 activity;register_conversion=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=7334182846339;npa=1;auiddc=1245300471.1721581297;ps=1;pcor=1297589258;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscd...
ad.doubleclick.net/ 0
24 B 176ms
176ms Image
image/png 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=7334182846339;npa=1;auiddc=1245300471.1721581297;ps=1;pcor=1297589258;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47h0v9188705310z8894400803za201zb894400803;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26?

Requested by

Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jul 2024 17:01:37 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"3880003109455531342"}],"aggregatable_trigger_data":[{"filters":[{"14":["13647302"]}],"key_piece":"0xec3296d5250afa11","source_keys":["12","13","14","15","16","17","18","19","20","21","634951512","634951513","634951514","634951515","900140808","900140809","900140810","900140811"]},{"key_piece":"0xe69b8565d5d5666a","not_filters":{"14":["13647302"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","634951512","634951513","634951514","634951515","900140808","900140809","900140810","900140811"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"634951512":36,"634951513":36,"634951514":36,"634951515":3530,"900140808":34,"900140809":34,"900140810":34,"900140811":3345},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"6537685816344429779","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"3880003109455531342","filters":[{"14":["13647302"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"3880003109455531342","filters":[{"14":["13647302"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"3880003109455531342","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"3880003109455531342","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12688802"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 affiliate:link_visit
1wprru.life/ Frame 0
0 32ms
32ms Preflight
text/plain 190.115.24.78
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1wprru.life/affiliate:link_visit?visit_domain=1wklkbv.com&sub_ids=sub1%3D33a766s80i9r7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.24.78 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard / Express

Resource Hash

Security Headers

Name

Value

X-Frame-Options

ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Accept: */*
Access-Control-Request-Headers: x-origin
Access-Control-Request-Method: GET
Origin: https://1wklkbv.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Origin
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wklkbv.com
access-control-expose-headers: Authorization
access-control-max-age: 7200
content-encoding: gzip
content-type: text/plain; charset=utf-8
date: Sun, 21 Jul 2024 17:01:37 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: ddos-guard
vary: Accept-Encoding
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
x-powered-by: Express

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame 0AEF 0
0 186ms
58ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://1wklkbv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1048
content-type: text/html
date: Sun, 21 Jul 2024 17:01:37 GMT
etag: "66991fe6-418"
expires: Sun, 21 Jul 2024 18:01:37 GMT
last-modified: Thu, 18 Jul 2024 14:00:06 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.com/watch/92006234/
Redirect Chain

https://mc.yandex.com/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3D33a766s80i9r7&charset=utf-8&uah=chm%0A%3F0&browser-info=pv...
https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3D33a766s80i9r7&charset=utf-8&uah=chm%0A%3F0&browser-info=...

464 B
917 B

55ms
55ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3D33a766s80i9r7&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgh60k7s18a5hi3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1390%3Acn%3A1%3Adp%3A0%3Als%3A268508928478%3Ahid%3A478378561%3Az%3A120%3Ai%3A20240721190137%3Aet%3A1721581297%3Ac%3A1%3Arn%3A307626383%3Arqn%3A1%3Au%3A1721581297555613424%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A354%3Awv%3A2%3Ads%3A0%2C34%2C11%2C2%2C1%2C0%2C%2C21%2C0%2C%2C%2C%2C313%3Aco%3A0%3Acpf%3A1%3Ans%3A1721581296301%3Agi%3AR0ExLjEuMzg1MDc5NzY1LjE3MjE1ODEyOTc%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1721581297%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29

Requested by

Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

5e1186e7a9fd43edc67f0d7a7e33bc23e8300f44b9d9882a885fb85fc9e6f6b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jul 2024 17:01:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 21-Jul-2024 17:01:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wklkbv.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 464
x-xss-protection: 1; mode=block
expires: Sun, 21-Jul-2024 17:01:37 GMT

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 21 Jul 2024 17:01:37 GMT
last-modified: Sun, 21-Jul-2024 17:01:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: https://1wklkbv.com
location: /watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3D33a766s80i9r7&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgh60k7s18a5hi3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1390%3Acn%3A1%3Adp%3A0%3Als%3A268508928478%3Ahid%3A478378561%3Az%3A120%3Ai%3A20240721190137%3Aet%3A1721581297%3Ac%3A1%3Arn%3A307626383%3Arqn%3A1%3Au%3A1721581297555613424%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A354%3Awv%3A2%3Ads%3A0%2C34%2C11%2C2%2C1%2C0%2C%2C21%2C0%2C%2C%2C%2C313%3Aco%3A0%3Acpf%3A1%3Ans%3A1721581296301%3Agi%3AR0ExLjEuMzg1MDc5NzY1LjE3MjE1ODEyOTc%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1721581297%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 21-Jul-2024 17:01:37 GMT

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 533ms
161ms Preflight 44.229.169.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.229.169.60 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-229-169-60.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://1wklkbv.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Sun, 21 Jul 2024 17:01:38 GMT
strict-transport-security: max-age=15768000

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
309 B 177ms
176ms Fetch
application/json 44.229.169.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/analytics-browser-1.9.1-min.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.229.169.60 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-229-169-60.us-west-2.compute.amazonaws.com

Software

Resource Hash

147d99d05b465c4c2485da69257ba15233a77616304f1455bcb7ad95ef758041

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 21 Jul 2024 17:01:38 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-669d3ef2-2a6943f92d2378105f44ddc5
content-length: 94

GET
H2 200 favicon.svg
1wklkbv.com/v3/2431/br/external-marketing/favicon/ 1 KB
596 B 13ms
13ms Other
image/svg+xml 94.130.10.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1wklkbv.com/v3/2431/br/external-marketing/favicon/favicon.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.10.163 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: df865c775.fastvps-server.com
Software: nginx/1.23.4 /
Resource Hash: da27421d59a3829fd6292f822eed7c6b1b7a745870d6b736dc67220627d9d656

Request headers

Referer: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:37 GMT
content-encoding: gzip
last-modified: Wed, 17 Apr 2024 11:39:30 GMT
server: nginx/1.23.4
etag: "661fb4f2-5b5"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 528

GET
H2 200 favicon.ico
1wklkbv.com/v3/2431/br/external-marketing/favicon/ 1 KB
485 B 13ms
13ms Other
image/x-icon 94.130.10.163
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1wklkbv.com/v3/2431/br/external-marketing/favicon/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.10.163 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: df865c775.fastvps-server.com
Software: nginx/1.23.4 /
Resource Hash: 7bf38238e9f2c2b5f670c22222d548a303085bbbf5f4fb609403b11d0fa6f1c9

Request headers

Referer: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:01:37 GMT
content-encoding: gzip
last-modified: Wed, 17 Apr 2024 11:39:30 GMT
server: nginx/1.23.4
etag: "661fb4f2-47e"
vary: Accept-Encoding
content-type: image/x-icon
accept-ranges: bytes
content-length: 430

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 17ms
16ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-548949LWLW&gtm=45je47h0v894728184z8894400803za200zb894400803&_p=1721581296522&gcd=13l3lPl2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=385079765.1721581297&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&dp=%2Fv3%2F2431%2Fbr%2Fexternal-marketing&sid=1721581296&sct=1&seg=0&dl=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3D33a766s80i9r7&dt=1win&_s=2&tfd=1901&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Jul 2024 17:01:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1wklkbv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 pv
datc.owdp.tech/ 0
314 B 127ms
125ms Ping
text/plain 52.214.197.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://datc.owdp.tech/pv

Requested by

Host: 1wklkbv.com
URL: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=33a766s80i9r7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.214.197.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-197-35.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://1wklkbv.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jul 2024 17:01:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.1wklkbv.com/	1970-01-21 06:58:37	Name: AMP_MKTG_494cccfe21 Value: JTdCJTdE
.1wklkbv.com/	1970-01-21 00:22:37	Name: _gcl_au Value: 1.1.1245300471.1721581297
.1wklkbv.com/	1970-01-21 07:49:01	Name: _ga Value: GA1.1.385079765.1721581297
.1wklkbv.com/	1970-01-21 06:58:37	Name: AMP_494cccfe21 Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjI5NTJkOTM2YS02Yjk4LTQyY2EtYjhmYi03YjA3MTVhYTY5ZWQlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzIxNTgxMjk2NjQyJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcyMTU4MTI5Njg2MiU3RA==
.1wklkbv.com/	1970-01-21 06:58:37	Name: _hjSessionUser_2606090 Value: eyJpZCI6ImY1NmVkYjE5LWUwMDYtNTk2Mi1iMTVkLWY0ZGZjOTc0OTFhZCIsImNyZWF0ZWQiOjE3MjE1ODEyOTY5NDMsImV4aXN0aW5nIjpmYWxzZX0=
.1wklkbv.com/	1970-01-20 22:13:03	Name: _hjSession_2606090 Value: eyJpZCI6IjAzMzBhNjIzLThmMjgtNDc1Ny1hMDg4LWQ2NzQ1M2Y0NTlmNiIsImMiOjE3MjE1ODEyOTY5NDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
1wklkbv.com/	1969-12-31 23:59:59	Name: _hjHasCachedUserAttributes Value: true
.yandex.ru/	1970-01-21 07:49:01	Name: i Value: brsZtMYK2b0nNxpFRf0rzdL0bGKcPSwy4aZqIYrneeQP0IKw8oW6HIKoeW1b+sj+0oC1Q2ix8y67FaRnoIF0RVHqV+c=
.yandex.ru/	1970-01-21 07:49:01	Name: yandexuid Value: 2719052901721581296
.yandex.ru/	1970-01-21 06:58:37	Name: yashr Value: 6711664621721581296
.doubleclick.net/	1970-01-20 22:56:13	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 02:32:13	Name: receive-cookie-deprecation Value: 1
.1wklkbv.com/	1970-01-21 06:58:37	Name: _ym_uid Value: 1721581297555613424
.1wklkbv.com/	1970-01-21 06:58:37	Name: _ym_d Value: 1721581297
.mc.yandex.com/	1970-01-20 22:13:01	Name: sync_cookie_csrf Value: 2292145010fake
1wklkbv.com/	1969-12-31 23:59:59	Name: actual_domain Value: https://1wprru.life
1wklkbv.com/	1970-01-20 22:57:39	Name: visit_domain Value: 1wklkbv.com
1wklkbv.com/	1970-01-20 22:57:39	Name: sub_ids Value: sub1=33a766s80i9r7
.yandex.com/	1970-01-21 06:58:37	Name: yashr Value: 4601158761721581297
.1wklkbv.com/	1970-01-20 22:14:13	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 22:13:01	Name: sync_cookie_csrf Value: 4130051017fake
.yandex.com/	1970-01-21 06:58:37	Name: yandexuid Value: 2719052901721581296
.yandex.com/	1970-01-21 06:58:37	Name: yuidss Value: 2719052901721581296
.yandex.com/	1970-01-21 07:49:01	Name: i Value: brsZtMYK2b0nNxpFRf0rzdL0bGKcPSwy4aZqIYrneeQP0IKw8oW6HIKoeW1b+sj+0oC1Q2ix8y67FaRnoIF0RVHqV+c=
.yandex.com/	1970-01-21 07:49:01	Name: yp Value: 1721667697.yu.2272466141721581297
.mc.yandex.com/	1970-01-20 22:14:27	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 621284351721581297
.yandex.com/	1970-01-21 06:58:37	Name: ymex Value: 1724173297.oyu.2272466141721581297#1753117297.yrts.1721581297
.yandex.com/	1970-01-21 06:58:37	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 07:34:37	Name: IDE Value: AHWqTUkA2IslQpwyFeAteoHV1OZbpg8nnUmjQc8kqR8zf9WRUWiHkRYBDE9WgokL
.yandex.com/	1970-01-21 07:49:01	Name: bh Value: KgI/MGDx/fS0Bg==
.1wklkbv.com/	1970-01-21 07:49:01	Name: _ga_548949LWLW Value: GS1.1.1721581296.1.1.1721581298.58.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
1win-cdn.com
1wklkbv.com
1wprru.life
ad.doubleclick.net
api2.amplitude.com
cdn.amplitude.com
datc.owdp.tech
mc.yandex.com
mc.yandex.ru
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
www.google.de
www.googletagmanager.com
13.227.219.120
142.250.185.102
142.250.186.166
154.197.121.128
18.239.18.40
18.239.94.121
190.115.24.78
2001:4860:4802:32::36
2a00:1450:4001:801::2008
2a00:1450:4001:80b::2003
2a00:1450:400c:c1d::9d
2a02:6b8::1:119
44.229.169.60
52.214.197.35
94.130.10.163
003323cb8d24bc4767961492cc2e75ca440b5e1eedecf528248345ff9e99f61c
04079eb5aa58d207bc036c8e55d464ea23947d1b1d48d220ebcd1b7c230f589f
04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7
106d22bd0f9c2fb50cb35dffac5d41c0d0b71f2a856b6cdd8817c61a225aae60
14635727a3204a6e8b78b00dab023a24a7de925a95b7ef86fa0ccfd93192db73
147d99d05b465c4c2485da69257ba15233a77616304f1455bcb7ad95ef758041
1d1374a7e2f7a6d506cfcfb4b5bf6edc78801d9dbf58ceb7f5a6b54d5cee5ec4
291b92952130268891642dea5cb85ffa8ba9f62b3c3f95147b41a0ff8111d280
2a1536dec00b0ec3d3063400280ea1290f056e4f65a38d0cf3d81232ec2fe74f
3cc48cc7988466d19b323285dc3cd9c54f638f4e610b7f00b03d40a312e6a10f
3f49e4486b1ded1a0acfe351b613ae721fb302c45f3386b4375667ce5db7895c
462fb921be64511ed4bf14df155932d82db34ad6eb4e355dacb64cc7ec7fb342
46f7c85353be615eb961fca31f10d696cc75f317786b29fc250028fd70a081e7
4ce06da3f08fb8375be6e6a2a4e74a3db33b950d01d63e49e7d43ff4241ff231
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d372cb95c04fd5b2c34790d6b8679f6dd5796cb27db5c83b68940c568d4bbd1
5e1186e7a9fd43edc67f0d7a7e33bc23e8300f44b9d9882a885fb85fc9e6f6b6
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
6535aa1d5c227a4fded33e23f64c03837eb1c38d2e17274dba6504bac881bd5b
662848dcda0628eafb8c8842f17b2190afe3946c3e574bf9e364f99d0d12632e
7bf38238e9f2c2b5f670c22222d548a303085bbbf5f4fb609403b11d0fa6f1c9
7fac6a360735f048385117afb469e559e28a63e3fd0b0800d0df07ad0e1a417b
81263580e70b5c79f9ad2c8b1cdd4f2e11adbb58bb5ebd45fb78eacc6ea5adc3
9afa026b4263547efc06462a3581583b0dafd433876e359aa8ada67890f61062
9c3b25f260defd6991608963a30a67cad0981ecce13e5975b1a6304887514d7f
9fc0f105fe1e12a87554e5973a997446b02184422130d16e261e020707d1af5a
a4ad8ac69b901406c6d29ec3173cbf7b00f4652b997b40033c8c640028a6db1e
afb5ed590a2a3302eb483be5ded014fe011f91722523bbe3a961c9ab870fb695
b2a79616bf2a1d6e716b14ccd3fbe937237aff01d875e28d0e29c2f339191f6c
c37dbf708ce56ea91a3c58ae5834ac38356994db5af5ab95662d0882bac8b1a1
c3c329429486fe516d5655d0c363131b05e1976f9aee61c44309745a1fb440c2
d4adcfac74d2474efebbfb5cfdd20126d041b28af656c3f6a73fa3743f1f67e1
d6d0905419e1e821c57189396db46ffe335960bd68befedddaf9e73f3f2e7a3a
da27421d59a3829fd6292f822eed7c6b1b7a745870d6b736dc67220627d9d656
e1fcd70bf1a7c0992743176bdd58be930e70c531cfcc57a8d58164c7f61fd642
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed64c5d83f5fcc357eb8afd0a7b8d9912cae97d88dd57cccb64787bb643c7c76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

1wklkbv.com Open in urlscan Pro 94.130.10.163 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

51 Requests

96 %HTTPS

33 %IPv6

12 Domains

17 Subdomains

16 IPs

7 Countries

1387 kBTransfer

3093 kBSize

32 Cookies

3 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

1wklkbv.com Open in urlscan Pro
94.130.10.163 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

96 %
HTTPS

33 %
IPv6

12
Domains

17
Subdomains

16
IPs

7
Countries

1387 kB
Transfer

3093 kB
Size

32
Cookies

51 HTTP transactions
4 data transactions