1wcext.top Open in urlscan Pro
190.115.19.101 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1wcext.top/
Effective URL:
https://1wcext.top/
Submission: On January 23 via manual (January 23rd 2023, 10:56:04 am UTC) from NL — Scanned from NL

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 10 domains to perform 55 HTTP transactions. The main IP is 190.115.19.101, located in Belize City, Belize and belongs to DDOS-GUARD CORP., BZ. The main domain is 1wcext.top.
TLS certificate: Issued by R3 on January 21st 2023. Valid for: 3 months.

This is the only time 1wcext.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	190.115.19.101 190.115.19.101	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
23	2606:4700:20:... 2606:4700:20::681a:50b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	52.222.139.19 52.222.139.19	16509 (AMAZON-02) (AMAZON-02)
1	13.227.219.28 13.227.219.28	16509 (AMAZON-02) (AMAZON-02)
1	13.227.219.76 13.227.219.76	16509 (AMAZON-02) (AMAZON-02)
6 12	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	52.222.137.213 52.222.137.213	16509 (AMAZON-02) (AMAZON-02)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
55	14

7 190.115.19.101 (Belize City, Belize) 1 redirects

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: indal14.com

1wcext.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:20::681a:50b (United States)

ASN13335 (CLOUDFLARENET, US)

1win-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.132 (United States)

ASN54113 (FASTLY, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-19.ams50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-28.ams54.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-76.ams54.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.166 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

12688802.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
12572451.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.137.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-137-213.ams50.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	1win-cdn.com 1win-cdn.com — Cisco Umbrella Rank: 587938	1 MB
12	doubleclick.net 6 redirects 12688802.fls.doubleclick.net 12572451.fls.doubleclick.net — Cisco Umbrella Rank: 822443	3 KB
7	1wcext.top 1 redirects 1wcext.top	95 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 70	2 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3602	74 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 606 script.hotjar.com — Cisco Umbrella Rank: 725 vars.hotjar.com — Cisco Umbrella Rank: 866	73 KB
3	amplitude.com api.lab.amplitude.com — Cisco Umbrella Rank: 6395 cdn.amplitude.com — Cisco Umbrella Rank: 2434	27 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5193	926 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	134 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2439	343 B
55	10

	Domain	Requested by
23	1win-cdn.com	1wcext.top 1win-cdn.com
7	1wcext.top	1 redirects 1win-cdn.com 1wcext.top
6	adservice.google.com	12572451.fls.doubleclick.net 12688802.fls.doubleclick.net
6	12572451.fls.doubleclick.net	3 redirects www.googletagmanager.com
6	12688802.fls.doubleclick.net	3 redirects www.googletagmanager.com
4	mc.yandex.ru	1 redirects 1wcext.top
2	adservice.google.co.uk	adservice.google.com
2	www.googletagmanager.com	1wcext.top www.googletagmanager.com
2	api.lab.amplitude.com	1win-cdn.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.amplitude.com	1wcext.top
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	1wcext.top
55	14

This site contains no links.

Subject Issuer	Validity	Valid
1wcext.top R3	`2023-01-21` - `2023-04-21`	3 months	crt.sh
*.1win-cdn.com GTS CA 1P5	`2022-12-12` - `2023-03-12`	3 months	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-05-24` - `2023-06-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
cdn.amplitude.com Amazon RSA 2048 M01	`2023-01-12` - `2024-02-11`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://1wcext.top/
Frame ID: 32DFB6B012DD969E3E5D663789172284
Requests: 40 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
Frame ID: F6794F0DAB4C529F35C8C591F6C84D43
Requests: 1 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=CO-3gPXD3fwCFUrOOwId3jcCpQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=160010262962;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F
Frame ID: 3B14A1A70C1A4341E4259A188F2B4A94
Requests: 1 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CLaWgPXD3fwCFczKmgodILcMkg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8769993450472.629
Frame ID: DF520B03040D2A459095DC7A422D6C62
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLaWgPXD3fwCFczKmgodILcMkg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8769993450472.629;~oref=https://1wcext.top/
Frame ID: AD8C3028C999C422B9B168758E27BAF1
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CO-3gPXD3fwCFUrOOwId3jcCpQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=160010262962;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F
Frame ID: D996AC2B9A623B8460B94CEF9EDC7BE8
Requests: 1 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=CPOBjfXD3fwCFcy5mgod7WIFMw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1619439441347;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F
Frame ID: 0AC747B80FE4681C7D921C038A1F273B
Requests: 2 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=COedjfXD3fwCFSzAOwIdedYCAg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=640016919205.042
Frame ID: 3DC6857423AF2072016A824747D2FC6E
Requests: 2 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=CKOKjvXD3fwCFQGlmgod--0OiQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=5385367333496;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2Fbets%2Fhome
Frame ID: C3B246CBF41D1BE2BC81F357E0A6010D
Requests: 2 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CP-ejvXD3fwCFQ3Jmgod2DAISw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5547853333110.209
Frame ID: 1BC507696BDACFADE8EA9D001F7C284E
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.co.uk/ddm/fls/i/dc_pre=CO-3gPXD3fwCFUrOOwId3jcCpQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=160010262962;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F
Frame ID: 44BBE336ACE8B1D6808C58FC2D2E5574
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.co.uk/ddm/fls/i/dc_pre=CLaWgPXD3fwCFczKmgodILcMkg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8769993450472.629;~oref=https://1wcext.top/
Frame ID: A30F646A11C2BB9B590CF269CCA55745
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1win

Page URL History Show full URLs

http://1wcext.top/ HTTP 301
https://1wcext.top/ Page URL

Detected technologies

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

55
Requests

98 %
HTTPS

46 %
IPv6

10
Domains

14
Subdomains

14
IPs

4
Countries

1643 kB
Transfer

4042 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1wcext.top/ HTTP 301
https://1wcext.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=160010262962;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F HTTP 302
https://12688802.fls.doubleclick.net/activityi;dc_pre=CO-3gPXD3fwCFUrOOwId3jcCpQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=160010262962;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F

Request Chain 26

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8769993450472.629 HTTP 302
https://12572451.fls.doubleclick.net/activityi;dc_pre=CLaWgPXD3fwCFczKmgodILcMkg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8769993450472.629

Request Chain 42

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=1619439441347;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F HTTP 302
https://12688802.fls.doubleclick.net/activityi;dc_pre=CPOBjfXD3fwCFcy5mgod7WIFMw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1619439441347;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F

Request Chain 43

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=640016919205.042 HTTP 302
https://12572451.fls.doubleclick.net/activityi;dc_pre=COedjfXD3fwCFSzAOwIdedYCAg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=640016919205.042

Request Chain 44

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=5385367333496;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2Fbets%2Fhome HTTP 302
https://12688802.fls.doubleclick.net/activityi;dc_pre=CKOKjvXD3fwCFQGlmgod--0OiQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=5385367333496;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2Fbets%2Fhome

Request Chain 45

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5547853333110.209 HTTP 302
https://12572451.fls.doubleclick.net/activityi;dc_pre=CP-ejvXD3fwCFQ3Jmgod2DAISw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5547853333110.209

Request Chain 47

https://mc.yandex.ru/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wcext.top%2Fbets%2Fhome&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1526232130580%3Ahid%3A86204411%3Az%3A0%3Ai%3A20230123105600%3Aet%3A1674471361%3Ac%3A1%3Arn%3A133198833%3Arqn%3A1%3Au%3A1674471361657673676%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C34%2C54%2C16%2C87%2C0%2C%2C39%2C0%2C%2C%2C%2C482%3Aco%3A0%3Acpf%3A1%3Ans%3A1674471359391%3Arqnl%3A1%3Ast%3A1674471361%3At%3A1win%20-%20Loading&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wcext.top%2Fbets%2Fhome&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1526232130580%3Ahid%3A86204411%3Az%3A0%3Ai%3A20230123105600%3Aet%3A1674471361%3Ac%3A1%3Arn%3A133198833%3Arqn%3A1%3Au%3A1674471361657673676%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C34%2C54%2C16%2C87%2C0%2C%2C39%2C0%2C%2C%2C%2C482%3Aco%3A0%3Acpf%3A1%3Ans%3A1674471359391%3Arqnl%3A1%3Ast%3A1674471361%3At%3A1win%20-%20Loading&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

55 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
1wcext.top/
Redirect Chain

http://1wcext.top/
https://1wcext.top/

232 KB
75 KB

88ms
54ms

Document
text/html

190.115.19.101
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wcext.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.101 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

indal14.com

Software

openresty/1.19.9.1 /

Resource Hash

7350599f1fc63b2837f6e2ecc080f386945af30dc9dca9b846bf7977fed30396

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 23 Jan 2023 10:55:59 GMT
server: openresty/1.19.9.1
x-frame-options: DENY

Redirect headers

Connection: keep-alive
Content-Length: 175
Content-Type: text/html
Date: Mon, 23 Jan 2023 10:55:59 GMT
Location: https://1wcext.top
Server: openresty/1.19.9.1
X-Frame-Options: DENY

GET
H2 200 desktop.0c6c2020.js Show response
1win-cdn.com/js/ 117 KB
30 KB 83ms
34ms Script
application/javascript 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/desktop.0c6c2020.js
Requested by: Host: 1wcext.top
URL: https://1wcext.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5d187be52df2564a2f3df87de57cb5ecce46a174e5be7a82e81224813efd301

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 246001
cf-polished: origSize=119484
cf-bgj: minify
last-modified: Fri, 20 Jan 2023 14:35:37 GMT
server: cloudflare
etag: W/"63caa6b9-1d2bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKX2kbqW6BFKc1XikkrI%2BhW7qp0qEGnieaFUH4gYsj5Jtr58S1sYX42olRz%2FereoeHdB7RlbPWHrL1vwI%2BTSgtf6KpF4KNqu8qKaqYKmVP6GW56K2DbBbNC0ZvoZsm9Tknyb%2BKAYzeKCcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 78e0000de8499b7a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.31e6deb9.css
1win-cdn.com/css/ 94 KB
16 KB 80ms
31ms Stylesheet
text/css 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/desktop.31e6deb9.css
Requested by: Host: 1wcext.top
URL: https://1wcext.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 706faf901aff057e9010dce6ae5f8bc625c7a014c5a619ea4479d9500e6f36e7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1212946
cf-polished: origSize=95906
cf-bgj: minify
last-modified: Mon, 09 Jan 2023 09:58:55 GMT
server: cloudflare
etag: W/"63bbe55f-176a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snKe7cjTIJtzUc9wOoUrag4d1%2FdCybJS2B5EOEh5Fx3Dd5MpiU93%2BFFAQLk23TrWjkADSyvAjyrxl%2FLmtAunJDaYBJ5z9XU%2BY8%2FaukcHp%2FNplKoVzYBdlMP1rwOU7UVGdv%2FoxdTk6%2B3M3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 78e0000de8479b7a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6610.4f034e44.css
1win-cdn.com/css/ 0
508 B 77ms
29ms Stylesheet
text/css 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/6610.4f034e44.css
Requested by: Host: 1wcext.top
URL: https://1wcext.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:55:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2768216
content-length: 0
cf-bgj: minify
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
server: cloudflare
etag: "63a42a53-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMpQf9V%2FGwNEiFWB5X%2FdFAViwYKOBGHGDu%2BUolVB8%2FjOHK1hnaywP589id1CZw%2BidXv0isMb%2FpEZ2X4E0%2BxaASOzRjaLqc2k1%2BEcNuBA%2FnK797j0uJlCBwHylvkuT0XMh5Fk%2F2fuHspEfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 78e0000de8489b7a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chunk-vendors.faada8e6.js Show response
1win-cdn.com/js/ 417 KB
130 KB 180ms
130ms Script
application/javascript 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/chunk-vendors.faada8e6.js
Requested by: Host: 1wcext.top
URL: https://1wcext.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5408a8273807c126cbf1d89f5e04e5cc4b41c9b1044a518241c101f52f2e4b35

Request headers

Referer: https://1wcext.top/
Origin: https://1wcext.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:55:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 20 Jan 2023 14:35:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63caa6b9-68484"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfYNQn%2FD5BPV%2FjN%2B%2B5aEkZnCKbaEwrEaCHB52hDn6Oci9Noo9oalzY7kK7zmq93ilJUDd6I%2BVrDTQiPawH4uWAAzXKWIl2MazAoBTVCHzd3COeGJHoU1ygRmJYwUBMDCGWzDbsM%2Bz6VOXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 78e0000dfbc29bf8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chunk-common.cb71208d.js Show response
1win-cdn.com/js/ 16 KB
6 KB 103ms
53ms Script
application/javascript 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/chunk-common.cb71208d.js
Requested by: Host: 1wcext.top
URL: https://1wcext.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87f80a6fa9a76f95a1b2638d40753224667ac5d6428d7e22309374a769c47c55

Request headers

Referer: https://1wcext.top/
Origin: https://1wcext.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:55:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 20 Jan 2023 14:35:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63caa6b8-4176"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCr7WCO7cBNkyerO7fzQXAywSpGmc2ew3egVFP22v3I7VKXrgk6G6I45dMEaivBSxCuBlkU45%2FCZXlTRUWBN2gEGDl1%2FoIrpmMJX8272EXbmDthz%2Bp60qX%2FlYtStsvlJVqPwk9RA3lh06Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 78e0000dfbc69bf8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.201d8b07.js Show response
1win-cdn.com/js/ 89 KB
30 KB 159ms
109ms Script
application/javascript 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/index.201d8b07.js
Requested by: Host: 1wcext.top
URL: https://1wcext.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7b9831d9b8b8d20f1abbf718796632365e4c780d8ae71d08d623e5070df9cab

Request headers

Referer: https://1wcext.top/
Origin: https://1wcext.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:55:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 20 Jan 2023 14:35:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63caa6b9-163fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyzcvAYbh%2Fiw9E8E9zVm40Dt63vUQB8oUW%2FcXH2QEp%2BgI%2Bll8bKC97tO%2BozGEDzDkzK0guKOWSM8VXBuuxX%2BN4Bz3Wmfa0XSgYGxsXKYe5z2NxXCwfKcx5Wj1rV2%2BaK6fgFpgVs5sft8%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 78e0000dfbc89bf8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 affiliate:link_visit Show response
1wcext.top/ 15 B
405 B 116ms
116ms XHR
application/json 190.115.19.101
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wcext.top/affiliate:link_visit?visit_domain=1wcext.top&sub_ids=undefined

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/chunk-vendors.faada8e6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.101 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

indal14.com

Software

openresty/1.19.9.1 / Express

Resource Hash

a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:55:59 GMT
server: openresty/1.19.9.1
etag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
x-powered-by: Express
x-frame-options: DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: undefined
access-control-expose-headers: Authorization
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 15

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 icons-common.c0259c25.js Show response
1win-cdn.com/js/ 226 KB
63 KB 39ms
39ms Script
application/javascript 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/icons-common.c0259c25.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.201d8b07.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f615ab12417ad4f7f8fb9d58a83c35087fdf0508b19577597d8c946f16da1bb8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 518051
cf-polished: origSize=231782
cf-bgj: minify
last-modified: Tue, 17 Jan 2023 11:01:35 GMT
server: cloudflare
etag: W/"63c6800f-38966"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkT5Ld1dEjT1DmaCVYgArGdJiC8GZwiry4JlnDWTR0JSkALGSc%2BbJd%2FbpQYqv7ZFmsTsz5KFBj%2FKN4v0uzJq9HpEiqjzJi%2FGJO2cd%2F1stjH%2BsJxX8K8KpAynPuxgfVh856SarAELVTscCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 78e0000f3b1e9b7a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1705.d306728f.js Show response
1win-cdn.com/js/ 29 KB
10 KB 33ms
32ms Script
application/javascript 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/1705.d306728f.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.201d8b07.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 270fd7ec5b3a45c223ebd2f7740a48447e8d190b0ae2487cf6c4ddfc94cea1b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2768211
cf-polished: origSize=29313
cf-bgj: minify
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
server: cloudflare
etag: W/"63a42a53-7281"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qS%2FjZFjnpSKU58q%2FyneJvpkR8z%2BHvV8St6gW713DZl9PYji%2BICdsrcXpHXpWEYYpQxbPaAd%2B5wQqj8Mqz%2FdmmJBiW4CLJEXTFcCw%2FxEfOVHAfxBDficZkOMGUV97c5vEda101JgtPzIztA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 78e0000f3b229b7a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1895.e23540aa.js Show response
1win-cdn.com/js/ 59 KB
17 KB 33ms
33ms Script
application/javascript 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/1895.e23540aa.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.201d8b07.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e935216ecc5d55280286228678596ebe1a64d9aefb07342e9aecac3f183b20fc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 246002
cf-polished: origSize=60219
cf-bgj: minify
last-modified: Fri, 20 Jan 2023 14:35:37 GMT
server: cloudflare
etag: W/"63caa6b9-eb3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFNwZdmm4XpHBhU%2B%2BuTPUY3CE10%2F8Jh3UXXgvBtwzI1Y50TpanIsTnAG6DhksKlK%2BZHggIjnc1wezougUOU1tl%2BJrQ4mVIe2m9xDh3HpdcnkndYJTnBXi8GQabZ2lSeosuAntRvRMUKOGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 78e0000f3b239b7a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2950.0f1d80e0.css
1win-cdn.com/css/ 19 KB
5 KB 62ms
62ms Stylesheet
text/css 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/2950.0f1d80e0.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.201d8b07.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0750e96b72dfb4c62e927432fef14bca007c229282e0b869205c23c52106f3d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 518051
cf-polished: origSize=19496
cf-bgj: minify
last-modified: Tue, 17 Jan 2023 11:01:42 GMT
server: cloudflare
etag: W/"63c68016-4c28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcHuVhBCWcb7esBVlKXjAD%2Fa77MyD0%2BIC5rVlLbBqXyEi%2B%2BGlJOrqUMwCAoR4gtHaW2DTRbGg5hQAkBTnjmoO9rM8W6mHasGn1%2Fh8pXwrUCulEiDVsEGKDBUpCthZzLEmYOqxYBUstvnYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 78e0000f3b279b7a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2950.da072f07.js Show response
1win-cdn.com/js/ 528 KB
144 KB 57ms
57ms Script
application/javascript 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/2950.da072f07.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.201d8b07.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bdc302b8e93168bc32611e94420cf02242186766f3fa462afbc24283a680551

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:55:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 246001
cf-polished: origSize=540912
cf-bgj: minify
last-modified: Fri, 20 Jan 2023 14:35:36 GMT
server: cloudflare
etag: W/"63caa6b8-840f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ndIin1eJqdC4S1jSzKNsOWRdVMCu3LMShjTb8gUiQb6fZzWbUreSoTjbDVbxKnDQ%2BUjUMwrFefpAILH4JfBqzh1k0CJ08fSNWcT1u2Vzx%2FL6hAH500eH%2FOXbn6ET7JcZSRxG2U5RoZ%2FFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 78e0000f3b2b9b7a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFNSText.c652402c.woff2
1win-cdn.com/fonts/ 370 KB
371 KB 99ms
94ms Font
application/octet-stream 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/fonts/SFNSText.c652402c.woff2
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/css/2950.0f1d80e0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49073903870a8bb345c24e632270bc480dde66725f0af85c66df5cb7269c4214

Request headers

Referer: https://1win-cdn.com/css/2950.0f1d80e0.css
Origin: https://1wcext.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:56:00 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Jan 2023 14:35:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63caa6ba-5c9b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSIFCTPDOcor33JDyIaIFLEpW5nF6ZItqIdGhXNSln22RKaTWABt3hEQzCivxsiw5XX%2BJkk8XiloSKFOc4GdzIJbJoU7xyYNj2FUiO0DhZJZsTYAe7GcFZSWdKSGMrDpY8Lc2ebNj%2FmvIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 78e0000fdf099bf8-FRA
content-length: 379312
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 209ms
157ms Preflight 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://1wcext.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://1wcext.top
access-control-max-age: 1800
date: Mon, 23 Jan 2023 10:56:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-amzn-trace-id: Root=1-63ce67c0-4549767c70d92b161800c5ca
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-ams21038-AMS
x-timer: S1674471360.124994,VS0,VE143

GET
H2 200 1959.0f42cf4c.js Show response
1win-cdn.com/js/ 192 KB
44 KB 38ms
33ms Script
application/javascript 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/1959.0f42cf4c.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.201d8b07.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a80e828d38a3bcd538602c347de067809481044d7857046104c5ad4d1d1813f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:56:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2837819
cf-bgj: minify
last-modified: Wed, 21 Dec 2022 11:04:29 GMT
server: cloudflare
etag: W/"63a2e83d-2fe26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGVydvh5P%2FLj7MEvIZro9Uhh4NsDunbTf6rDfjT7rhMv%2FRLTuXkF%2FAhVAxENG2xTKEk%2FFzlHr7Aw4aSajyZzY91SJeqypyYWCQEJkpp%2BqRxt1WNas8rbZrq%2FzDyQ24XTZR3xNC9MjyfMvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 78e000103d2d9b7a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 2 B
130 B 157ms
156ms Fetch
application/json 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/2950.da072f07.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wcext.top/
accept-language: nl-NL,nl;q=0.9
Authorization: Api-Key client-Ss5BFx7UDrTj948TJHfc5ZUoTW67EjvZ
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS41LjUiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMDkiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwidXNlcl9wcm9wZXJ0aWVzIjp7fX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by: cache-ams21038-AMS
date: Mon, 23 Jan 2023 10:56:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 0
x-timer: S1674471360.285887,VS0,VE142
x-amzn-trace-id: Root=1-63ce67c0-73f64d42139b8c503f06196c
vary: Origin, Origin
x-cache: MISS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://1wcext.top
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2
x-cache-hits: 0

GET
H2 200 get-authorization Show response
1wcext.top/ 19 B
186 B 452ms
452ms XHR
application/json 190.115.19.101
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wcext.top/get-authorization?random=1674471360071-0.9825146631721713

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/chunk-vendors.faada8e6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.101 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

indal14.com

Software

openresty/1.19.9.1 /

Resource Hash

759315d5ae8c31136d2a7bc803e591554894987559325cdf7e0b5965bec0eaca

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wcext.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: https://1wcext.top
date: Mon, 23 Jan 2023 10:56:00 GMT
access-control-allow-credentials: true
server: openresty/1.19.9.1
content-length: 19
x-frame-options: DENY
content-type: application/json; charset=utf-8

GET
H2 200 firebase-app.js Show response
1wcext.top/firebase/8.1.1/ 19 KB
7 KB 19ms
17ms Script
application/javascript 190.115.19.101
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wcext.top/firebase/8.1.1/firebase-app.js

Requested by

Host: 1wcext.top
URL: https://1wcext.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.101 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

indal14.com

Software

openresty/1.19.9.1 /

Resource Hash

01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:56:00 GMT
content-encoding: gzip
last-modified: Fri, 20 Jan 2023 14:35:51 GMT
server: openresty/1.19.9.1
etag: W/"63caa6c7-4ded"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 155 KB
56 KB 99ms
41ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Requested by

Host: 1wcext.top
URL: https://1wcext.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b3b5aa01ee29e889524e02d3278e9919594fe6af18723e8c456cdbf8a1bb3910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:56:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57106
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 23 Jan 2023 10:56:00 GMT

GET
H2 200 hotjar-2606090.js Show response
static.hotjar.com/c/ 8 KB
4 KB 54ms
16ms Script
application/javascript 52.222.139.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Requested by

Host: 1wcext.top
URL: https://1wcext.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-19.ams50.r.cloudfront.net

Software

Resource Hash

5589ee8e360950c336afcc97bae5e2f2cf14a498c8df78f09fef1ef8a0860af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 23 Jan 2023 10:55:52 GMT
via: 1.1 4d0f1cf23ad7680cffcd37454ed8e57c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
age: 12
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/9fed03d6c6f90255f74bece142fcb067
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: DucSEWdSOIV6QMPHW882kvxxqbUyh-ObEqlL7UtIcI20REpDeLIDTQ==

GET
H2 200 modules.ea0a6d6a741d5de8308e.js Show response
script.hotjar.com/ 263 KB
68 KB 51ms
17ms Script
application/javascript 13.227.219.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.ea0a6d6a741d5de8308e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-28.ams54.r.cloudfront.net

Software

Resource Hash

6619ef277249ca9230cbc0315da9b41caa9f15996d143f7d1a77d52d901ce269

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:10:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 258355
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68675
last-modified: Fri, 20 Jan 2023 11:09:55 GMT
etag: "e45ceb77c1a47254136f1ef733de65df"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: jdVaghG25pzNMHERp7tVIpObG7YfKtv57D9DSIac-_LVzf_jESZgYA==

GET
H2 200 firebase-messaging.js Show response
1wcext.top/firebase/8.1.1/ 40 KB
12 KB 17ms
16ms Script
application/javascript 190.115.19.101
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wcext.top/firebase/8.1.1/firebase-messaging.js

Requested by

Host: 1wcext.top
URL: https://1wcext.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.101 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

indal14.com

Software

openresty/1.19.9.1 /

Resource Hash

58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:56:00 GMT
content-encoding: gzip
last-modified: Fri, 20 Jan 2023 14:35:51 GMT
server: openresty/1.19.9.1
etag: W/"63caa6c7-9f25"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 box-ff00c703c3bbdf54ae44ee858d64f69e.html Show response
vars.hotjar.com/ Frame F679 2 KB
1 KB 93ms
14ms Document
text/html 13.227.219.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-76.ams54.r.cloudfront.net

Software

Resource Hash

cacf589210d4361a42eed0c4a5ac94db9d22ac0a437db9bcccb8efadc06d71aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://1wcext.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 434574
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 10:13:06 GMT
etag: "730971b89ffa8b99e4157f49a4275594"
last-modified: Wed, 18 Jan 2023 10:12:30 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 26cdacf328fe4eb4e28173938ab3e92c.cloudfront.net (CloudFront)
x-amz-cf-id: LG1gl8Iu3P58EYg1Pn3_lL9pHUO2Cc7fOckMkgflmCxTYZKh08HNVw==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2

200

activityi;dc_pre=CO-3gPXD3fwCFUrOOwId3jcCpQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=160010262962;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F Show response
12688802.fls.doubleclick.net/ Frame 3B14
Redirect Chain

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=160010262962;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F?
https://12688802.fls.doubleclick.net/activityi;dc_pre=CO-3gPXD3fwCFUrOOwId3jcCpQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=160010262962;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F...

481 B
457 B

70ms
69ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12688802.fls.doubleclick.net/activityi;dc_pre=CO-3gPXD3fwCFUrOOwId3jcCpQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=160010262962;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

95364406f855ad73718431dd7cae2d936489cc4055ab1e11560f8876159a7cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wcext.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 282
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 10:56:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 10:56:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12688802.fls.doubleclick.net/activityi;dc_pre=CO-3gPXD3fwCFUrOOwId3jcCpQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=160010262962;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amplitude-8.17.0-min.gz.js Show response
cdn.amplitude.com/libs/ 92 KB
27 KB 55ms
20ms Script
application/javascript 52.222.137.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-8.17.0-min.gz.js
Requested by: Host: 1wcext.top
URL: https://1wcext.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.137.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-137-213.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e7a2297c8371775455adc684445c2a383bcd0cee869777d45aefd8bc08456a6

Request headers

Referer: https://1wcext.top/
Origin: https://1wcext.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 21:23:16 GMT
content-encoding: gzip
via: 1.1 042b48eeaf8a253b1b396e09e8bdea20.cloudfront.net (CloudFront)
x-amz-version-id: wr63ICD3duh0Opi8j2KDhI34Ow38BHG0
x-amz-cf-pop: AMS50-C1
age: 135165
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27400
last-modified: Fri, 25 Mar 2022 19:53:18 GMT
server: AmazonS3
etag: "e5211b7cbee53b6912f07a1cd72a4582"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 9hHBhxqaJP644P3IsAJpBCkOqdh9BfKE7HmYus6UeLGwgfMJX5wpiA==

GET
H2

200

activityi;dc_pre=CLaWgPXD3fwCFczKmgodILcMkg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o... Show response
12572451.fls.doubleclick.net/ Frame DF52
Redirect Chain

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://12572451.fls.doubleclick.net/activityi;dc_pre=CLaWgPXD3fwCFczKmgodILcMkg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

554 B
483 B

60ms
59ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12572451.fls.doubleclick.net/activityi;dc_pre=CLaWgPXD3fwCFczKmgodILcMkg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8769993450472.629?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

f5a1616cfe3ff59a254b0cba58fa7992e011c52f4f19619cffeb2919b07dcc63

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wcext.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 307
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 10:56:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 10:56:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12572451.fls.doubleclick.net/activityi;dc_pre=CLaWgPXD3fwCFczKmgodILcMkg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8769993450472.629?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 211 KB
73 KB 238ms
118ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: 1wcext.top
URL: https://1wcext.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e920c8868829d751996c981a49d415d9a1abc190bc51cc719826441236231e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:56:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63c93a4b-12029"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73769
expires: Mon, 23 Jan 2023 11:56:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
78 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d15c05d62431ff2573f849d8e1dbefa94dd5b1f920538a146bc22d3ee59e186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:56:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79657
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 23 Jan 2023 10:56:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
343 B 50ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-548949LWLW&gtm=2oe1i0&_p=1884804054&cid=446014849.1674471360&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674471360&sct=1&seg=0&dl=https%3A%2F%2F1wcext.top%2F&dt=1win%20-%20Loading&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 10:56:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1wcext.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5616.80aa74eb.css
1win-cdn.com/css/ 20 KB
3 KB 43ms
41ms Stylesheet
text/css 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/5616.80aa74eb.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.201d8b07.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1044c52db2b5fb2415bb7b2161ce330982b737169ed5e0586de79167ed5f131a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:56:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2837070
cf-bgj: minify
last-modified: Wed, 21 Dec 2022 11:04:29 GMT
server: cloudflare
etag: W/"63a2e83d-5088"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BoO%2F%2B8I5rQ7qnCG7CvYaDfSF8z5NRCLO4inIjpsj7KKdiejNwK2TWcThIdQ2myFUWjfTgMx2qqv0%2Fh6qF5fIMyurQeqsrBpz%2FesCX1wC5W%2FqRoDMycgTMXevnbHn1eVSNdwSSwP%2BlOmHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 78e000136b1e9b7a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1883.ce7803cd.js Show response
1win-cdn.com/js/ 13 KB
5 KB 36ms
34ms Script
application/javascript 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/1883.ce7803cd.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.201d8b07.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 952fc95c0b994becce7780ba0dfa5f7b8038ca1b56357258bd5bd73dbb2f554c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:56:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2768209
cf-polished: origSize=13732
cf-bgj: minify
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
server: cloudflare
etag: W/"63a42a53-35a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTbXsyzmaOP4QXLUqEgtouFDzrSbCNeT8HhGKLBT916jma3D0vEpeoDr9FX%2Fo42N345hgSacfjHpMgfTYAlZn%2FrpdLTxVsG%2Fe2c4dBJnT4a3dQIDGDoXUliZ1GB5kSCpb9dhY%2FTfqVrSJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 78e000136b2c9b7a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5862.39aa5820.js Show response
1win-cdn.com/js/ 93 KB
17 KB 51ms
49ms Script
application/javascript 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/5862.39aa5820.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.201d8b07.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 305b57ab0a34ec27f240f50fc3244320833282babd1ae8d7caf5b21ade621565

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:56:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517998
cf-polished: origSize=95351
cf-bgj: minify
last-modified: Tue, 17 Jan 2023 11:01:42 GMT
server: cloudflare
etag: W/"63c68016-17477"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ft8Zjtd5M0gH1xLBliTiiEkGg5PvMn83S%2F2X%2FvxT3EPk%2FeKWoHFfFElVSG5wWG7tPULRdVr42LAXFzJ7%2BTxiuSPAjnHRop0Obo0Pb%2BTw5H%2BHZB%2FZEw0%2BNH5dhQqCRAuIsguHGZUOrTfs5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 78e000136b2e9b7a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 541.d536ea95.js Show response
1win-cdn.com/js/ 11 KB
4 KB 43ms
41ms Script
application/javascript 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/541.d536ea95.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.201d8b07.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5523f0aca6dd2b93fd327050842a07f999bc5e8e2f78fbfa935b8413f9809c7c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:56:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2763343
cf-polished: origSize=11217
cf-bgj: minify
last-modified: Thu, 22 Dec 2022 11:20:10 GMT
server: cloudflare
etag: W/"63a43d6a-2bd1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KyAop3n6u2N2ZuSPUkr7XM3SRcvGwUR4LRLEwZtD%2B5SgQJHnXrVrdmgoboiS0PxnehvGpvap3qEZsxnhJNATeMHRJzxR65jN1jyXVuqu6C6AACE4U7bFg7DJDz3Rbldh6ahflYttz9CXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 78e000136b309b7a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 10.c1d83643.js Show response
1win-cdn.com/js/ 11 KB
4 KB 41ms
39ms Script
application/javascript 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/10.c1d83643.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.201d8b07.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84e9e545770c3bf6f703ffc0f7f444a2b6d6c72f50e5f772cbe1e2732d89479c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:56:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517998
cf-polished: origSize=10928
cf-bgj: minify
last-modified: Tue, 17 Jan 2023 11:01:33 GMT
server: cloudflare
etag: W/"63c6800d-2ab0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYaKJFcs42FOJrVmP90kO1bdhhUmmTKsAsUdh1Ld9KtQrKSz0InIc271nXNMZ1obwfIqqFjCJnRQkWeE3fuFe%2FcHWjF7LV%2FFvnRYbkgJ%2BCTFpVGuMgFHlCSZbuwGX8yCvUj5qNAPEVjy6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 78e000136b339b7a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2765.983f607d.css
1win-cdn.com/css/ 67 KB
11 KB 38ms
37ms Stylesheet
text/css 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/2765.983f607d.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.201d8b07.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d67fcc915344427296caff6806bf5349bdec866d7d9967fca27bad47015194dd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:56:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517998
cf-polished: origSize=68681
cf-bgj: minify
last-modified: Tue, 17 Jan 2023 11:01:42 GMT
server: cloudflare
etag: W/"63c68016-10c49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVc7CcfFHnijOkHIV40sTpROceWypiCdDbAJUkihjNLb8wZjICtDJHjXbByftQ3fWL5ZPiH0gccEDylKip8MudR0A67NJlxrHptLpgUK%2FIlSFu%2FUNi7QFS%2BmMBuxYr4l0hUkozOmKj77MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 78e000136b239b7a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2765.29328b58.js Show response
1win-cdn.com/js/ 97 KB
26 KB 44ms
43ms Script
application/javascript 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/2765.29328b58.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.201d8b07.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dae3740edebb7ed937d38be8f6eb95a59898f859682c538133ba74eac15d3f8d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:56:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517998
cf-polished: origSize=99105
cf-bgj: minify
last-modified: Tue, 17 Jan 2023 11:01:42 GMT
server: cloudflare
etag: W/"63c68016-18321"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTGTWJkRHyO%2BI5BAUN%2F1ivKEwAt3ZFg8rw7E%2BOWuTRsFCcMHsrOIya%2FUChY5KJ2H4Aubv2fui9DR3xA54N13kSZOmW9%2FqGjszsaSX6WS%2B0wwJYxZc08S%2FeAjY1kmthJxDwooK0dVH7g9vA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 78e000136b369b7a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 539.6905ae30.js Show response
1win-cdn.com/js/ 22 KB
7 KB 49ms
47ms Script
application/javascript 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/539.6905ae30.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.201d8b07.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d426fdaff211928727e406be6f5c0831f2220c584a6ed35fc3ed931f6685ebc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:56:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 517998
cf-polished: origSize=22657
cf-bgj: minify
last-modified: Tue, 17 Jan 2023 11:01:33 GMT
server: cloudflare
etag: W/"63c6800d-5881"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYwxa7j%2F1lo7W48nmAtxWTbgneN9qZYZdqQb%2BzJZi4TkgugtWRARuRVu88WAos5sixulCgRLbr6V2cNO01%2FRVRXOkSPkIFKy4cDRejfMFtkuOx5JrNIGMQaw9jyLk27AhHvvvLVmhqSP2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 78e000136b399b7a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 546.f10717d0.css
1win-cdn.com/css/ 11 KB
3 KB 37ms
36ms Stylesheet
text/css 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/546.f10717d0.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.201d8b07.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd649c46cb24fcc4eda36cc6a685121e8a271875bd6acadb5dca1274ce0260ba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:56:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2763297
cf-bgj: minify
last-modified: Thu, 22 Dec 2022 11:20:11 GMT
server: cloudflare
etag: W/"63a43d6b-2bb4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uC%2BsHYYQwRg9eb5zv4nu9PGkXocYCcEDAZ9uRH085umi9I6sz2nBfQgta283x5oYUU4Q9Epnr9RbcE1Y1n4E1QlgZVvSwXdHPrMeOYxHo9thqQh5ztZ%2FDk4W%2BTpi%2Bjv3Xn%2BnNd54nPy0IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 78e000136b289b7a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 title Show response
1wcext.top/common/ 16 B
132 B 360ms
360ms XHR
application/json 190.115.19.101
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wcext.top/common/title?path=bets&lang=en

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/chunk-vendors.faada8e6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.101 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

indal14.com

Software

openresty/1.19.9.1 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wcext.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:56:00 GMT
server: openresty/1.19.9.1
content-length: 16
vary: Origin
x-frame-options: DENY
content-type: application/json; charset=utf-8

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CLaWgPXD3fwCFczKmgodILcMkg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame AD8C 556 B
379 B 116ms
60ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLaWgPXD3fwCFczKmgodILcMkg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8769993450472.629;~oref=https://1wcext.top/

Requested by

Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=CLaWgPXD3fwCFczKmgodILcMkg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8769993450472.629?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14c51e7472808dd24842f22e41d524ee646e7b872e2dbcc8d837c4b459363f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 309
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 10:56:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CO-3gPXD3fwCFUrOOwId3jcCpQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=160010262962;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F Show response
adservice.google.com/ddm/fls/i/ Frame D996 483 B
751 B 97ms
60ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CO-3gPXD3fwCFUrOOwId3jcCpQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=160010262962;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F

Requested by

Host: 12688802.fls.doubleclick.net
URL: https://12688802.fls.doubleclick.net/activityi;dc_pre=CO-3gPXD3fwCFUrOOwId3jcCpQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=160010262962;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a5406a219351a1859d47684c8fe6928aa069c1e3f231c72deb88b7c893994bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12688802.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 283
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 10:56:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CPOBjfXD3fwCFcy5mgod7WIFMw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1619439441347;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F Show response
12688802.fls.doubleclick.net/ Frame 0AC7
Redirect Chain

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=1619439441347;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F?
https://12688802.fls.doubleclick.net/activityi;dc_pre=CPOBjfXD3fwCFcy5mgod7WIFMw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1619439441347;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2...

393 B
254 B

58ms
58ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12688802.fls.doubleclick.net/activityi;dc_pre=CPOBjfXD3fwCFcy5mgod7WIFMw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1619439441347;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

4520943203ab6a17ead3c53d9b57a5149029b14b3510844ce2e1c7a3a9113179

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wcext.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 229
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 10:56:00 GMT
expires: Mon, 23 Jan 2023 10:56:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 10:56:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12688802.fls.doubleclick.net/activityi;dc_pre=CPOBjfXD3fwCFcy5mgod7WIFMw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1619439441347;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=COedjfXD3fwCFSzAOwIdedYCAg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o... Show response
12572451.fls.doubleclick.net/ Frame 3DC6
Redirect Chain

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://12572451.fls.doubleclick.net/activityi;dc_pre=COedjfXD3fwCFSzAOwIdedYCAg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

458 B
288 B

77ms
77ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12572451.fls.doubleclick.net/activityi;dc_pre=COedjfXD3fwCFSzAOwIdedYCAg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=640016919205.042?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

57ed063418817f9d82cb3906fcb6ac8d5ececf077dfe9b389b98692b2837f267

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wcext.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 263
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 10:56:00 GMT
expires: Mon, 23 Jan 2023 10:56:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 10:56:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12572451.fls.doubleclick.net/activityi;dc_pre=COedjfXD3fwCFSzAOwIdedYCAg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=640016919205.042?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CKOKjvXD3fwCFQGlmgod--0OiQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=5385367333496;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2Fbets%2Fhome Show response
12688802.fls.doubleclick.net/ Frame C3B2
Redirect Chain

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=5385367333496;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2Fbets%2Fhome?
https://12688802.fls.doubleclick.net/activityi;dc_pre=CKOKjvXD3fwCFQGlmgod--0OiQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=5385367333496;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2...

404 B
261 B

68ms
67ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12688802.fls.doubleclick.net/activityi;dc_pre=CKOKjvXD3fwCFQGlmgod--0OiQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=5385367333496;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2Fbets%2Fhome?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

b5f70e9f0aebecd27246949fb29b02306325a94d4e0fcea5bbff25897cf0c238

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wcext.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 236
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 10:56:00 GMT
expires: Mon, 23 Jan 2023 10:56:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 10:56:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12688802.fls.doubleclick.net/activityi;dc_pre=CKOKjvXD3fwCFQGlmgod--0OiQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=5385367333496;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2Fbets%2Fhome?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CP-ejvXD3fwCFQ3Jmgod2DAISw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o... Show response
12572451.fls.doubleclick.net/ Frame 1BC5
Redirect Chain

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://12572451.fls.doubleclick.net/activityi;dc_pre=CP-ejvXD3fwCFQ3Jmgod2DAISw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

459 B
290 B

65ms
65ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12572451.fls.doubleclick.net/activityi;dc_pre=CP-ejvXD3fwCFQ3Jmgod2DAISw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5547853333110.209?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

842d51d0f849bb6331dd402ed51dd65e471f1b87853537a699e5819f47ef787c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wcext.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 265
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 10:56:00 GMT
expires: Mon, 23 Jan 2023 10:56:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 10:56:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12572451.fls.doubleclick.net/activityi;dc_pre=CP-ejvXD3fwCFQ3Jmgod2DAISw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5547853333110.209?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 SFNSDisplay.2b5dc965.woff2
1win-cdn.com/fonts/ 288 KB
289 KB 100ms
100ms Font
application/octet-stream 2606:4700:20::681a:50b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/fonts/SFNSDisplay.2b5dc965.woff2
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/css/2950.0f1d80e0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efdc0e9caf5e1b3f650e8ecd022ecd000bb070e1b0cf359eeb228603c325384b

Request headers

Referer: https://1win-cdn.com/css/2950.0f1d80e0.css
Origin: https://1wcext.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:56:00 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Jan 2023 14:35:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63caa6ba-48088"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bK%2BoSxSHPn%2F4%2F6gHwtnQC%2FhJ4AAhxh9ejy%2B2PANOBfIfKWE9VOKAIkcNlsZoW6e0Z1J0eYppMqYU6e7fR%2Br0bTeApmuyUq9KJaj6gohj%2B2bYEsDqyn6EFJE%2F5IVYV2N7tdSouxQThUpRbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 78e000141f819bf8-FRA
content-length: 295048
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/92006234/
Redirect Chain

https://mc.yandex.ru/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wcext.top%2Fbets%2Fhome&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...
https://mc.yandex.ru/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wcext.top%2Fbets%2Fhome&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...

435 B
518 B

61ms
60ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wcext.top%2Fbets%2Fhome&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1526232130580%3Ahid%3A86204411%3Az%3A0%3Ai%3A20230123105600%3Aet%3A1674471361%3Ac%3A1%3Arn%3A133198833%3Arqn%3A1%3Au%3A1674471361657673676%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C34%2C54%2C16%2C87%2C0%2C%2C39%2C0%2C%2C%2C%2C482%3Aco%3A0%3Acpf%3A1%3Ans%3A1674471359391%3Arqnl%3A1%3Ast%3A1674471361%3At%3A1win%20-%20Loading&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: 1wcext.top
URL: https://1wcext.top/bets/home

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a0241b6eeb704193c54d9617c590693eb185c87e778026695d5edf55e1b87cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 10:56:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 23-Jan-2023 10:56:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wcext.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Mon, 23-Jan-2023 10:56:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 Jan 2023 10:56:00 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 23-Jan-2023 10:56:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wcext.top%2Fbets%2Fhome&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1526232130580%3Ahid%3A86204411%3Az%3A0%3Ai%3A20230123105600%3Aet%3A1674471361%3Ac%3A1%3Arn%3A133198833%3Arqn%3A1%3Au%3A1674471361657673676%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C34%2C54%2C16%2C87%2C0%2C%2C39%2C0%2C%2C%2C%2C482%3Aco%3A0%3Acpf%3A1%3Ans%3A1674471359391%3Arqnl%3A1%3Ast%3A1674471361%3At%3A1win%20-%20Loading&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://1wcext.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 23-Jan-2023 10:56:00 GMT

GET
H2 200 dc_pre=CO-3gPXD3fwCFUrOOwId3jcCpQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=160010262962;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F Show response
adservice.google.co.uk/ddm/fls/i/ Frame 44BB 194 B
776 B 111ms
59ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/ddm/fls/i/dc_pre=CO-3gPXD3fwCFUrOOwId3jcCpQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=160010262962;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CO-3gPXD3fwCFUrOOwId3jcCpQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=160010262962;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 10:56:00 GMT
expires: Mon, 23 Jan 2023 10:56:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.co.uk/ddm/fls/i/dc_pre=CLaWgPXD3fwCFczKmgodILcMkg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%... Frame A30F 194 B
150 B 110ms
60ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/ddm/fls/i/dc_pre=CLaWgPXD3fwCFczKmgodILcMkg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8769993450472.629;~oref=https://1wcext.top/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLaWgPXD3fwCFczKmgodILcMkg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8769993450472.629;~oref=https://1wcext.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 10:56:00 GMT
expires: Mon, 23 Jan 2023 10:56:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
113 B 61ms
61ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: 1wcext.top
URL: https://1wcext.top/bets/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wcext.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 10:56:00 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63c93a4b-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 23 Jan 2023 11:56:00 GMT

GET
H2 200 dc_pre=CPOBjfXD3fwCFcy5mgod7WIFMw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1619439441347;gtm=2wg1i0;auiddc=*;~oref=https%3A%2F%2F1wcext.top%2F
adservice.google.com/ddm/fls/z/ Frame 0AC7 42 B
118 B 59ms
59ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPOBjfXD3fwCFcy5mgod7WIFMw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1619439441347;gtm=2wg1i0;auiddc=*;~oref=https%3A%2F%2F1wcext.top%2F

Requested by

Host: 12688802.fls.doubleclick.net
URL: https://12688802.fls.doubleclick.net/activityi;dc_pre=CPOBjfXD3fwCFcy5mgod7WIFMw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1619439441347;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://12688802.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 10:56:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=COedjfXD3fwCFSzAOwIdedYCAg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6...
adservice.google.com/ddm/fls/z/ Frame 3DC6 42 B
107 B 61ms
60ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COedjfXD3fwCFSzAOwIdedYCAg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=640016919205.042

Requested by

Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=COedjfXD3fwCFSzAOwIdedYCAg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=640016919205.042?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://12572451.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 10:56:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CP-ejvXD3fwCFQ3Jmgod2DAISw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5...
adservice.google.com/ddm/fls/z/ Frame 1BC5 42 B
107 B 57ms
57ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CP-ejvXD3fwCFQ3Jmgod2DAISw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5547853333110.209

Requested by

Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=CP-ejvXD3fwCFQ3Jmgod2DAISw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5547853333110.209?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://12572451.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 10:56:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CKOKjvXD3fwCFQGlmgod--0OiQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=5385367333496;gtm=2wg1i0;auiddc=*;~oref=https%3A%2F%2F1wcext.top%2Fbets%2Fhome
adservice.google.com/ddm/fls/z/ Frame C3B2 42 B
107 B 79ms
79ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKOKjvXD3fwCFQGlmgod--0OiQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=5385367333496;gtm=2wg1i0;auiddc=*;~oref=https%3A%2F%2F1wcext.top%2Fbets%2Fhome

Requested by

Host: 12688802.fls.doubleclick.net
URL: https://12688802.fls.doubleclick.net/activityi;dc_pre=CKOKjvXD3fwCFQGlmgod--0OiQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=5385367333496;gtm=2wg1i0;auiddc=1936987521.1674471360;~oref=https%3A%2F%2F1wcext.top%2Fbets%2Fhome?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://12688802.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 10:56:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1wcext.top/	1970-01-20 09:52:29	Name: visit_domain Value: 1wcext.top
1wcext.top/	1969-12-31 23:59:59	Name: core-sticky Value: http://10.233.108.166:80
1wcext.top/	1970-01-20 17:53:27	Name: 1w_lang Value: en
.1wcext.top/	1970-01-20 11:17:27	Name: _gcl_au Value: 1.1.1936987521.1674471360
.1wcext.top/	1970-01-20 17:53:27	Name: _hjSessionUser_2606090 Value: eyJpZCI6ImMwYTUwMTQ5LTc0NTYtNWRhYy1iNjY3LTE1MTVhNzJmYmUwZSIsImNyZWF0ZWQiOjE2NzQ0NzEzNjAyODQsImV4aXN0aW5nIjpmYWxzZX0=
.1wcext.top/	1970-01-20 09:07:53	Name: _hjFirstSeen Value: 1
1wcext.top/	1970-01-20 09:07:51	Name: _hjIncludedInSessionSample Value: 0
.1wcext.top/	1970-01-20 09:07:53	Name: _hjSession_2606090 Value: eyJpZCI6IjYwOTZmNDdhLWQ1YjMtNDk1Ny05OGEzLTcxMTllMDdjOGFlZiIsImNyZWF0ZWQiOjE2NzQ0NzEzNjAzNzYsImluU2FtcGxlIjpmYWxzZX0=
.1wcext.top/	1970-01-20 09:07:53	Name: _hjAbsoluteSessionInProgress Value: 0
.1wcext.top/	1970-01-20 17:53:27	Name: amp_494ccc Value: hf2xPFZ-jzO_B8PAHtW53n...1gnf4aht5.1gnf4aht5.0.0.0
.1wcext.top/	1970-01-20 18:43:51	Name: _ga Value: GA1.1.446014849.1674471360
.1wcext.top/	1970-01-20 17:53:27	Name: _ym_uid Value: 1674471361657673676
.1wcext.top/	1970-01-20 17:53:27	Name: _ym_d Value: 1674471361
1wcext.top/	1969-12-31 23:59:59	Name: 1w_locale Value: 9
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2366273991674471360
.yandex.ru/	1970-01-20 18:43:51	Name: i Value: wE3k2isFvPpJm4ufuXsl54fpYtRIz5pEf0ujN5fZfu+UJYpWpiSEsx4xDBB6Zg87tISmHm88+VtsVXFd+epid8FQUlM=
.yandex.ru/	1970-01-20 17:53:27	Name: yandexuid Value: 2820418601674471360
.yandex.ru/	1970-01-20 17:53:27	Name: yuidss Value: 2820418601674471360
.yandex.ru/	1970-01-20 17:53:27	Name: ymex Value: 1706007360.yc.1674471360#1706007360.yrts.1674471360#1706007360.yrtsi.1674471360
.doubleclick.net/	1970-01-20 18:29:27	Name: IDE Value: AHWqTUnecv6u7TruBHDJnb9FFVqNSqHHsk1eLBw9iapdMKedpMSXfpEnxg01awBqIA0
.1wcext.top/	1970-01-20 09:09:03	Name: _ym_isad Value: 2
.1wcext.top/	1970-01-20 18:43:51	Name: _ga_548949LWLW Value: GS1.1.1674471360.1.1.1674471361.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://1wcext.top/bets/home Message: The resource https://1win-cdn.com/css/6610.4f034e44.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
1wcext.top
1win-cdn.com
adservice.google.co.uk
adservice.google.com
api.lab.amplitude.com
cdn.amplitude.com
mc.yandex.ru
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
www.googletagmanager.com
13.227.219.28
13.227.219.76
142.250.186.166
151.101.66.132
190.115.19.101
2001:4860:4802:32::36
2606:4700:20::681a:50b
2a00:1450:4001:827::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a02:6b8::1:119
52.222.137.213
52.222.139.19
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0a80e828d38a3bcd538602c347de067809481044d7857046104c5ad4d1d1813f
1044c52db2b5fb2415bb7b2161ce330982b737169ed5e0586de79167ed5f131a
14c51e7472808dd24842f22e41d524ee646e7b872e2dbcc8d837c4b459363f0c
1bdc302b8e93168bc32611e94420cf02242186766f3fa462afbc24283a680551
270fd7ec5b3a45c223ebd2f7740a48447e8d190b0ae2487cf6c4ddfc94cea1b6
305b57ab0a34ec27f240f50fc3244320833282babd1ae8d7caf5b21ade621565
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4520943203ab6a17ead3c53d9b57a5149029b14b3510844ce2e1c7a3a9113179
49073903870a8bb345c24e632270bc480dde66725f0af85c66df5cb7269c4214
4a5406a219351a1859d47684c8fe6928aa069c1e3f231c72deb88b7c893994bd
5408a8273807c126cbf1d89f5e04e5cc4b41c9b1044a518241c101f52f2e4b35
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5523f0aca6dd2b93fd327050842a07f999bc5e8e2f78fbfa935b8413f9809c7c
5589ee8e360950c336afcc97bae5e2f2cf14a498c8df78f09fef1ef8a0860af5
57ed063418817f9d82cb3906fcb6ac8d5ececf077dfe9b389b98692b2837f267
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
6619ef277249ca9230cbc0315da9b41caa9f15996d143f7d1a77d52d901ce269
706faf901aff057e9010dce6ae5f8bc625c7a014c5a619ea4479d9500e6f36e7
7350599f1fc63b2837f6e2ecc080f386945af30dc9dca9b846bf7977fed30396
759315d5ae8c31136d2a7bc803e591554894987559325cdf7e0b5965bec0eaca
7d15c05d62431ff2573f849d8e1dbefa94dd5b1f920538a146bc22d3ee59e186
7e7a2297c8371775455adc684445c2a383bcd0cee869777d45aefd8bc08456a6
842d51d0f849bb6331dd402ed51dd65e471f1b87853537a699e5819f47ef787c
84e9e545770c3bf6f703ffc0f7f444a2b6d6c72f50e5f772cbe1e2732d89479c
87f80a6fa9a76f95a1b2638d40753224667ac5d6428d7e22309374a769c47c55
952fc95c0b994becce7780ba0dfa5f7b8038ca1b56357258bd5bd73dbb2f554c
95364406f855ad73718431dd7cae2d936489cc4055ab1e11560f8876159a7cae
9d426fdaff211928727e406be6f5c0831f2220c584a6ed35fc3ed931f6685ebc
a0241b6eeb704193c54d9617c590693eb185c87e778026695d5edf55e1b87cc8
a0750e96b72dfb4c62e927432fef14bca007c229282e0b869205c23c52106f3d
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
b3b5aa01ee29e889524e02d3278e9919594fe6af18723e8c456cdbf8a1bb3910
b5f70e9f0aebecd27246949fb29b02306325a94d4e0fcea5bbff25897cf0c238
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bd649c46cb24fcc4eda36cc6a685121e8a271875bd6acadb5dca1274ce0260ba
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cacf589210d4361a42eed0c4a5ac94db9d22ac0a437db9bcccb8efadc06d71aa
d5d187be52df2564a2f3df87de57cb5ecce46a174e5be7a82e81224813efd301
d67fcc915344427296caff6806bf5349bdec866d7d9967fca27bad47015194dd
d7b9831d9b8b8d20f1abbf718796632365e4c780d8ae71d08d623e5070df9cab
dae3740edebb7ed937d38be8f6eb95a59898f859682c538133ba74eac15d3f8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e920c8868829d751996c981a49d415d9a1abc190bc51cc719826441236231e32
e935216ecc5d55280286228678596ebe1a64d9aefb07342e9aecac3f183b20fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdc0e9caf5e1b3f650e8ecd022ecd000bb070e1b0cf359eeb228603c325384b
f5a1616cfe3ff59a254b0cba58fa7992e011c52f4f19619cffeb2919b07dcc63
f615ab12417ad4f7f8fb9d58a83c35087fdf0508b19577597d8c946f16da1bb8

1wcext.top Open in urlscan Pro 190.115.19.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

98 %HTTPS

46 %IPv6

10 Domains

14 Subdomains

14 IPs

4 Countries

1643 kBTransfer

4042 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

1wcext.top Open in urlscan Pro
190.115.19.101 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

98 %
HTTPS

46 %
IPv6

10
Domains

14
Subdomains

14
IPs

4
Countries

1643 kB
Transfer

4042 kB
Size

22
Cookies

55 HTTP transactions
1 data transactions