1wyxza.top Open in urlscan Pro
190.115.19.43 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1watvm.top/
Effective URL:
https://1wyxza.top/
Submission: On November 18 via api (November 18th 2022, 12:21:40 pm UTC) from US — Scanned from DE

Summary HTTP 128 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 13 domains to perform 128 HTTP transactions. The main IP is 190.115.19.43, located in Belize City, Belize and belongs to DDOS-GUARD CORP., BZ. The main domain is 1wyxza.top.
TLS certificate: Issued by R3 on October 2nd 2022. Valid for: 3 months.

This is the only time 1wyxza.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	190.115.24.54 190.115.24.54	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
1 19	190.115.19.43 190.115.19.43	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
69	104.26.10.233 104.26.10.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
2 3	185.39.80.168 185.39.80.168	200015 (LIVETEX) (LIVETEX)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
1	52.222.206.118 52.222.206.118	16509 (AMAZON-02) (AMAZON-02)
3 6	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1	18.66.147.116 18.66.147.116	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
11	185.39.80.61 185.39.80.61	200015 (LIVETEX) (LIVETEX)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
10	2606:4700:20:... 2606:4700:20::ac43:4a03	13335 (CLOUDFLAR...) (CLOUDFLARENET)
128	17

1 190.115.24.54 (Belize City, Belize) 1 redirects

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: mail.cointradefinance.com

1watvm.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 190.115.19.43 (Belize City, Belize) 1 redirects

ASN262254 (DDOS-GUARD CORP., BZ)

1wgreq.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1wyxza.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 104.26.10.233 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-1win.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
proxy.cdn-1win.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.132 (United States)

ASN54113 (FASTLY, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.39.80.168 (Russian Federation) 2 redirects

ASN200015 (LIVETEX, RU)

cs15.livetex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
balancer-cloud.livetex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-118.fra56.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.134 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

12572451.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-116.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.39.80.61 (Russian Federation)

ASN200015 (LIVETEX, RU)

widgets-04.livetex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
balancer-04.livetex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
io2-ls-04.livetex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wapi-04.livetex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::ac43:4a03 (United States)

ASN13335 (CLOUDFLARENET, US)

widgets-04.livetex.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	cdn-1win.xyz cdn-1win.xyz — Cisco Umbrella Rank: 695724 proxy.cdn-1win.xyz	5 MB
18	1wyxza.top 1wyxza.top	1 MB
14	livetex.ru 2 redirects cs15.livetex.ru — Cisco Umbrella Rank: 240257 balancer-cloud.livetex.ru — Cisco Umbrella Rank: 209599 widgets-04.livetex.ru — Cisco Umbrella Rank: 398562 balancer-04.livetex.ru — Cisco Umbrella Rank: 319030 io2-ls-04.livetex.ru wapi-04.livetex.ru	122 KB
10	livetex.me widgets-04.livetex.me — Cisco Umbrella Rank: 374408	469 KB
6	doubleclick.net 3 redirects 12572451.fls.doubleclick.net	2 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8709	990 B
3	google.com adservice.google.com — Cisco Umbrella Rank: 72	1 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 625 script.hotjar.com — Cisco Umbrella Rank: 763 vars.hotjar.com — Cisco Umbrella Rank: 824	72 KB
3	amplitude.com api.lab.amplitude.com — Cisco Umbrella Rank: 7260 cdn.amplitude.com — Cisco Umbrella Rank: 2845	27 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	125 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2536	344 B
1	1wgreq.top 1 redirects 1wgreq.top	98 B
1	1watvm.top 1 redirects 1watvm.top	216 B
128	13

	Domain	Requested by
67	cdn-1win.xyz	1wyxza.top cdn-1win.xyz
18	1wyxza.top	1wyxza.top
10	widgets-04.livetex.me	balancer-cloud.livetex.ru widgets-04.livetex.me
6	12572451.fls.doubleclick.net	3 redirects www.googletagmanager.com
3	wapi-04.livetex.ru	widgets-04.livetex.me
3	io2-ls-04.livetex.ru	widgets-04.livetex.me
3	balancer-04.livetex.ru	balancer-cloud.livetex.ru widgets-04.livetex.me
3	adservice.google.de	adservice.google.com
3	adservice.google.com	12572451.fls.doubleclick.net
2	widgets-04.livetex.ru
2	balancer-cloud.livetex.ru	2 redirects
2	proxy.cdn-1win.xyz
2	www.googletagmanager.com	1wyxza.top www.googletagmanager.com
2	api.lab.amplitude.com	cdn-1win.xyz
1	region1.google-analytics.com	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	cdn.amplitude.com	1wyxza.top
1	script.hotjar.com	static.hotjar.com
1	cs15.livetex.ru	1wyxza.top
1	static.hotjar.com	1wyxza.top
1	1wgreq.top	1 redirects
1	1watvm.top	1 redirects
128	22

This site contains links to these domains. Also see Links.

Domain
1w.run
t.me
www.instagram.com
www.facebook.com
twitter.com
casinomentor.com
www.miglioricasinoonline.info
www.bestbitcoincasino.com
casinosanalyzer.com
cricketbettingwali.in
cricketbettingguru.com

Subject Issuer	Validity	Valid
1wyxza.top R3	`2022-10-02` - `2022-12-31`	3 months	crt.sh
*.cdn-1win.xyz GTS CA 1P5	`2022-11-18` - `2023-02-16`	3 months	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-05-24` - `2023-06-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.livetex.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-05-21` - `2023-06-22`	a year	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.livetex.me E1	`2022-11-14` - `2023-02-12`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://1wyxza.top/
Frame ID: F99D2FE831189A24C18E1C50BA426111
Requests: 107 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CJ6Z3Pfbt_sCFRKmsgodRHEM2Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6778560302456.34
Frame ID: 3538F2CD79ED4932775B74FF53774B1A
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
Frame ID: 381BCE225CBEDEDE7DC4270AE62B62A2
Requests: 1 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CKuj3vfbt_sCFR5BkQUdZ4wFTg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2441609236496.9487
Frame ID: AA04856701888C2CFB8B5F10FC678A23
Requests: 1 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CPif3vfbt_sCFUKOsgodRU0PSQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7605696104916.764
Frame ID: 964F57A970B0D4CEB1695E8FBC7C08EC
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJ6Z3Pfbt_sCFRKmsgodRHEM2Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6778560302456.34;~oref=https://1wyxza.top/
Frame ID: 929DB4D11F1D5AF2EA298E54AF2A3C44
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKuj3vfbt_sCFR5BkQUdZ4wFTg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2441609236496.9487;~oref=https://1wyxza.top/
Frame ID: 0C4DCD843130B7335F499E0A784AE031
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPif3vfbt_sCFUKOsgodRU0PSQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7605696104916.764;~oref=https://1wyxza.top/
Frame ID: 897D3D86EC985F87550AF77484866963
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJ6Z3Pfbt_sCFRKmsgodRHEM2Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6778560302456.34;~oref=https://1wyxza.top/
Frame ID: 596C1EE0152B66027557E87444598471
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKuj3vfbt_sCFR5BkQUdZ4wFTg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2441609236496.9487;~oref=https://1wyxza.top/
Frame ID: 1ED638320AF921830809C2A3715A164E
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPif3vfbt_sCFUKOsgodRU0PSQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7605696104916.764;~oref=https://1wyxza.top/
Frame ID: 22D55D51FE74AC4931971A5DA64416FD
Requests: 1 HTTP requests in this frame

Frame: https://widgets-04.livetex.me/js/iframe.html?host-page-origin=https://1wyxza.top
Frame ID: A9FACF8FBDC85DD5EA7B3B33970FF539
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1win

Page URL History Show full URLs

http://1watvm.top/ HTTP 301
https://1wgreq.top/ HTTP 301
https://1wyxza.top/ Page URL

Detected technologies

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

128
Requests

98 %
HTTPS

35 %
IPv6

13
Domains

22
Subdomains

17
IPs

4
Countries

7226 kB
Transfer

16883 kB
Size

13
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://1w.run/
Title: Partnerprogramm

Search URL Search Domain Scan URL

URL: https://t.me/joinchat/bfhCv0orJDVjNmJi

Search URL Search Domain Scan URL

URL: https://www.instagram.com/1win_en/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/1win-English-103111365328235

Search URL Search Domain Scan URL

URL: https://twitter.com/1winPro

Search URL Search Domain Scan URL

URL: https://casinomentor.com/reviews/1win-casino

Search URL Search Domain Scan URL

URL: https://www.miglioricasinoonline.info/1win/

Search URL Search Domain Scan URL

URL: https://www.bestbitcoincasino.com/review/1wincasino

Search URL Search Domain Scan URL

URL: https://casinosanalyzer.com/online-casinos/1win.pro

Search URL Search Domain Scan URL

URL: https://cricketbettingwali.in/review/1-win-casino

Search URL Search Domain Scan URL

URL: https://cricketbettingguru.com/best-cricket-betting-sites/1win-review/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1watvm.top/ HTTP 301
https://1wgreq.top/ HTTP 301
https://1wyxza.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6778560302456.34 HTTP 302
https://12572451.fls.doubleclick.net/activityi;dc_pre=CJ6Z3Pfbt_sCFRKmsgodRHEM2Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6778560302456.34

Request Chain 39

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2441609236496.9487 HTTP 302
https://12572451.fls.doubleclick.net/activityi;dc_pre=CKuj3vfbt_sCFR5BkQUdZ4wFTg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2441609236496.9487

Request Chain 40

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7605696104916.764 HTTP 302
https://12572451.fls.doubleclick.net/activityi;dc_pre=CPif3vfbt_sCFUKOsgodRU0PSQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7605696104916.764

Request Chain 84

https://balancer-cloud.livetex.ru/get-client/?site_id=171207&version=1.2.36&target=settings_path&rnd=9pdkk5d80i8 HTTP 302
https://widgets-04.livetex.ru/js/widgetsSettings.json

Request Chain 88

https://balancer-cloud.livetex.ru/get-client/?site_id=171207&version=1.2.36&target=path&rnd=4riz4c9osp HTTP 302
https://widgets-04.livetex.ru/js/app3.js

128 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
1wyxza.top/
Redirect Chain

http://1watvm.top/
https://1wgreq.top/
https://1wyxza.top/

3 MB
905 KB

542ms
357ms

Document
text/html

190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wyxza.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

97253f882b9ad190b64d5df3fe807a4cc134de0d6dc7581c37742f81159d9f97

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 18 Nov 2022 12:21:29 GMT
server: nginx/1.22.0
x-frame-options: DENY

Redirect headers

content-length: 169
content-type: text/html
date: Fri, 18 Nov 2022 12:21:28 GMT
location: https://1wyxza.top
server: nginx/1.22.0
x-frame-options: DENY

GET
H2 200 desktop.6a8015f6.js Show response
1wyxza.top/js/ 116 KB
35 KB 48ms
47ms Script
application/javascript 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wyxza.top/js/desktop.6a8015f6.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

bcffe09106db68228801b93db91f85bc08e633ce50b5a8062536a0e7bf83355b

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:30 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 11:34:05 GMT
server: nginx/1.22.0
etag: W/"63776dad-1cf25"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.txt Show response
cdn-1win.xyz/ 8 B
452 B 96ms
42ms Fetch
text/plain 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/1.txt?1668774090979
Requested by: Host: 1wyxza.top
URL: https://1wyxza.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d2c759213949af96fbdcd756a5146f64a9acadf9625bd7a9feb04bb4517b4f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 18 Nov 2022 11:33:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63776d7f-8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3%2BL1a61jYYnh7xlcDo08acjTQ7sRUybDRSV74%2FHacQcQKjjh7HC3nBt8eKduyoS2ULiDnJodDo2mi63%2BB0cGECV9SZnYr4CHCSKR9D41f4J0kCfv7ORc3KPJK4Fmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 76c0aa950bd99a3f-FRA
content-length: 8

GET
H2 200 chunk-vendors.efc1f45c.js Show response
1wyxza.top/js/ 423 KB
154 KB 67ms
66ms Script
application/javascript 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wyxza.top/js/chunk-vendors.efc1f45c.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

df329cd49293c7ed39390f61c0c08c35b1a7dfb3374d752c48adb7434cc049b3

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://1wyxza.top/
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:30 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 11:34:05 GMT
server: nginx/1.22.0
etag: W/"63776dad-69b92"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chunk-common.77cb8ea6.js Show response
1wyxza.top/js/ 15 KB
5 KB 93ms
92ms Script
application/javascript 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wyxza.top/js/chunk-common.77cb8ea6.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

767ed8079c0656263c80bb5945e63297e94a50bec143736fe0ef86597c30f497

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://1wyxza.top/
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:30 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 11:34:05 GMT
server: nginx/1.22.0
etag: W/"63776dad-3d43"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.49e32535.js Show response
1wyxza.top/js/ 87 KB
33 KB 112ms
111ms Script
application/javascript 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wyxza.top/js/index.49e32535.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

bec71a3348203f5513809117926d3b0ab7b7fa9dcd5d256ef07f708f3ade3d82

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://1wyxza.top/
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:30 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 11:34:05 GMT
server: nginx/1.22.0
etag: W/"63776dad-15c68"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 affiliate:link_visit Show response
1wyxza.top/ 15 B
399 B 39ms
39ms XHR
application/json 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wyxza.top/affiliate:link_visit?visit_domain=1wyxza.top&sub_ids=undefined

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/chunk-vendors.efc1f45c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 / Express

Resource Hash

a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
server: nginx/1.22.0
etag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
x-powered-by: Express
x-frame-options: DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: undefined
access-control-expose-headers: Authorization
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 15

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 icons-common.614df494.js Show response
cdn-1win.xyz/js/ 226 KB
62 KB 78ms
42ms Script
application/javascript 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/icons-common.614df494.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

364d31ef9b27918df7b80aa6e01cb9d7a95dbd8f70064b1a066a60fd5aa5ba9f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8404
cf-polished: origSize=231212
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 10:00:55 GMT
server: cloudflare
etag: W/"637757d7-3872c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHY8x%2BxYuIg8mCz5D4PwSMTdCiFVGgM5DMYd%2FeyoUv%2B9%2BYHScFI5YUvB33ijjbm8T4hM99jkf5vGNjvJMlhYXyKGOhB4%2B1XUe76YZPj5EI%2BTOSQEPCqy0LpBZkQV5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa961b2fbb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1705.2298da3e.js Show response
cdn-1win.xyz/js/ 29 KB
10 KB 93ms
58ms Script
application/javascript 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/1705.2298da3e.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

270fd7ec5b3a45c223ebd2f7740a48447e8d190b0ae2487cf6c4ddfc94cea1b6

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 873436
cf-polished: origSize=29313
cf-bgj: minify
last-modified: Tue, 08 Nov 2022 09:43:19 GMT
server: cloudflare
etag: W/"636a24b7-7281"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZhacdYYZZgj6SnmNLTYWjYinG6ondZPrvwy5qEZxYCH%2BTduhZWmnKv9q7HTuhtWwLGLb3ileZ5y9AG6blNXTvh0VYm3cshZRT9wPgqQ8GxQ4GEaBVaUb4vonKgQfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa961b38bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2668.483dafc4.js Show response
cdn-1win.xyz/js/ 59 KB
17 KB 71ms
37ms Script
application/javascript 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/2668.483dafc4.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fd0b13ce1db838b3e23b8c9b9585e7a593c35edb204b8ee97cff76c82e33dba

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7880
cf-polished: origSize=60574
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 10:09:39 GMT
server: cloudflare
etag: W/"637759e3-ec9e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=suMqwtEnXdlygloF2BjV%2F0YCKqpc0s0kNr2LcyIrmODJ47k6g1HvKVcZYwb2g%2FddNU5JvmR9cizMOGcZ1eVa6DDT%2FmTwF4xFnD6yXUIwQnlRrq5X90LjupuMIJk7NA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa961b32bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8374.825673f3.js Show response
cdn-1win.xyz/js/ 522 KB
142 KB 92ms
58ms Script
application/javascript 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/8374.825673f3.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efab8ecccf9644cc6e9de5c06f4eead79674e6ab6e1dd68760c771039ef12aea

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2842
cf-polished: origSize=534125
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 11:33:18 GMT
server: cloudflare
etag: W/"63776d7e-8266d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2BPdYa534jp6hEK9Yo9F%2BMSDPBPas2sXMrQ2aVgJOSqKdQNfRbVCrYerY2Y42ONwEU1aD7e10KLlwsLKxbbDpjXWze50MKXxZyu3R6C2qoVqFqa3yFM%2BKbYVgLqemA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa961b3abb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.51862259.css
cdn-1win.xyz/css/ 111 KB
19 KB 72ms
40ms Stylesheet
text/css 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/css/desktop.51862259.css

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89f8b0747eee17fd3e29d018898ac43b2371f7208520f256a1c6f829131d8199

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8379
cf-polished: origSize=113389
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 10:00:57 GMT
server: cloudflare
etag: W/"637757d9-1baed"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5NrRqhNx59hhqMzpBB%2FQhhSaPCcwkhd02cscfJR1RecCRoUb%2BVAOWUm0kevgvPrCsCNwFwlQA6f2Iy2NZvcxzI3QWxavIbyjNtT7kZrCgV25A8tTaVdcRoLWn5PFPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa961b2cbb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.6a8015f6.js Show response
cdn-1win.xyz/js/ 116 KB
30 KB 89ms
58ms Script
application/javascript 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/desktop.6a8015f6.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b29e3705bc6353b031e92cb9b913e985f301778997c871baf003a742ac476a3

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2759
cf-polished: origSize=118565
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 11:33:18 GMT
server: cloudflare
etag: W/"63776d7e-1cf25"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQxTieGnuokTfUqk7Bn2wFUawJiSFcdQfCZ1IwlIOdy3Ti3G881NqGAM9pOLt1rHWVaEtpTzL9%2B3pHXD7cxz%2Fn1H9TPFzx3PnTiz1eNMEKGEQGsZhDq3Pp4lbpuDNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa961b3bbb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFNSText.c652402c.woff2
cdn-1win.xyz/fonts/ 370 KB
371 KB 48ms
48ms Font
application/octet-stream 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/fonts/SFNSText.c652402c.woff2
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/desktop.51862259.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49073903870a8bb345c24e632270bc480dde66725f0af85c66df5cb7269c4214

Request headers

Referer: https://cdn-1win.xyz/css/desktop.51862259.css
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2565457
content-length: 379312
last-modified: Wed, 19 Oct 2022 18:07:59 GMT
server: cloudflare
etag: "63503cff-5c9b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5SSOUOcvJdeSa2BbpcPFnsr2suzLQlTDtMOQdr0JJP0ATEjSgtCpjONF9gihqNbHFLwit1VvPDSJQ7jUWS%2BiaLUalXeujsHrg7SakpuA7o2v4g0Q%2BrcNA4YgIstJjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76c0aa967f189a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 241ms
191ms Preflight 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://1wyxza.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://1wyxza.top
access-control-max-age: 1800
date: Fri, 18 Nov 2022 12:21:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-amzn-trace-id: Root=1-637778cb-601a5bcc11217a00732ee463
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4062-HHN
x-timer: S1668774092.779121,VS0,VE173

GET
H2 200 1959.0f42cf4c.js Show response
cdn-1win.xyz/js/ 192 KB
44 KB 35ms
35ms Script
application/javascript 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/1959.0f42cf4c.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a80e828d38a3bcd538602c347de067809481044d7857046104c5ad4d1d1813f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6833859
cf-bgj: minify
last-modified: Wed, 31 Aug 2022 10:03:20 GMT
server: cloudflare
etag: W/"630f31e8-2fe26"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnCzWEtv%2BeVlwLTg4a6SnYvyPAQsuIfoAb13DrnelMTgpko0O%2BF7k5q8VixlgUCH%2BuPEMVUrnQOAxPjUEirTVlvp6ozi0oSANUNXjrx08rm5G9%2FxOxlCQDhz%2B%2FMvRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa973e6abb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 2 B
138 B 23ms
21ms Fetch
application/json 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/js/8374.825673f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wyxza.top/
accept-language: de-DE,de;q=0.9
Authorization: Api-Key client-utHKVjcfmBn9NBTv9TXTB9Qo2likMJCV
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS41LjUiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMDciLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwidXNlcl9wcm9wZXJ0aWVzIjp7fX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by: cache-hhn4062-HHN
date: Fri, 18 Nov 2022 12:21:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 2978
x-timer: S1668774092.975201,VS0,VE1
x-amzn-trace-id: Root=1-63776d29-56d5f8711737ab743c9e6bdb
vary: Origin, Origin
x-cache: HIT
content-type: application/json;charset=utf-8
access-control-allow-origin: https://1wyxza.top
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2
x-cache-hits: 1

GET
H2 200 get-authorization Show response
1wyxza.top/ 19 B
183 B 89ms
89ms XHR
application/json 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wyxza.top/get-authorization?random=1668774091726-0.6654405334334608

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/chunk-vendors.efc1f45c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

759315d5ae8c31136d2a7bc803e591554894987559325cdf7e0b5965bec0eaca

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wyxza.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: https://1wyxza.top
date: Fri, 18 Nov 2022 12:21:31 GMT
access-control-allow-credentials: true
server: nginx/1.22.0
content-length: 19
x-frame-options: DENY
content-type: application/json; charset=utf-8

GET
H2 200 firebase-app.js Show response
1wyxza.top/firebase/8.1.1/ 19 KB
7 KB 24ms
23ms Script
application/javascript 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wyxza.top/firebase/8.1.1/firebase-app.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 11:34:05 GMT
server: nginx/1.22.0
etag: W/"63776dad-4ded"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 125 KB
48 KB 66ms
26ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4aa004783c419a2130bd81f239701ed616769fc87abe0893d8ba053912ee9f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48395
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Nov 2022 12:21:31 GMT

GET
H2 200 hotjar-2606090.js Show response
static.hotjar.com/c/ 4 KB
2 KB 85ms
19ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

912221aeaca6ba4231da5d6a30c99711d12e8060d39ed7d77c9d10237e36ddc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/c9fffe7398ac3fb3398f509800229ace
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: NvH397WzPE4tBTj_PNLslDvhnPtXmYJDaFQnLEyj2mmFxXfZrFNkHw==

GET
H2 200 client.js Show response
cs15.livetex.ru/js/ 2 KB
1 KB 324ms
68ms Script
application/javascript 185.39.80.168
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://cs15.livetex.ru/js/client.js
Requested by: Host: 1wyxza.top
URL: https://1wyxza.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.80.168 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 11628576aa0c8af216a2a18bd48baef78a9dff831ac706699313abbbcfbd0506

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 15:23:51 GMT
server: nginx
etag: W/"62d03507-690"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
expires: Sat, 19 Nov 2022 12:21:32 GMT

GET
H2 200 firebase-messaging.js Show response
1wyxza.top/firebase/8.1.1/ 40 KB
12 KB 47ms
46ms Script
application/javascript 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wyxza.top/firebase/8.1.1/firebase-messaging.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 11:34:05 GMT
server: nginx/1.22.0
etag: W/"63776dad-9f25"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5616.c1491995.css
cdn-1win.xyz/css/ 16 KB
3 KB 59ms
32ms Stylesheet
text/css 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/css/5616.c1491995.css

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ada3da6673d59485a386158787756d4d27beae9e38466dbe646d05f406b8d9b6

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6833832
cf-bgj: minify
last-modified: Wed, 31 Aug 2022 10:03:20 GMT
server: cloudflare
etag: W/"630f31e8-3f30"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51S4122AoB2EzecWK707hmxEcm%2Bs%2FUSnNcfZFJLWrzBdJctUiXmMcO9OFN0HJY7EG2IXWYNiAeZ11WrJqMWoLx%2FcWC%2FU2T9SMf8qlyJ%2Fmt8%2BgY%2FJuPbbVNGOwO6NBg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa9a3dcbbb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1883.ce7803cd.js Show response
cdn-1win.xyz/js/ 13 KB
5 KB 57ms
32ms Script
application/javascript 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/1883.ce7803cd.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

952fc95c0b994becce7780ba0dfa5f7b8038ca1b56357258bd5bd73dbb2f554c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8380
cf-polished: origSize=13732
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 10:00:57 GMT
server: cloudflare
etag: W/"637757d9-35a4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GK2Us%2FTJQBYuIYGFlViLsIG9ZZhcq5OAxlbuGmJZI8XeCQFHCPaA4CQTPKr2i3svRBLBZkgczJx5JpmzPHvRw1vcd%2FxineXeCY%2FrhJXyuPEI8IwsMNLkzjOJTwZTw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa9a3ddbbb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5620.1e3d9f4c.js Show response
cdn-1win.xyz/js/ 8 KB
3 KB 59ms
35ms Script
application/javascript 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/5620.1e3d9f4c.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cb3180ed77e3dba3b84b431ffe6405605aad7d75fddcc68adda163bf8551351

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7816
cf-polished: origSize=8440
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 10:09:39 GMT
server: cloudflare
etag: W/"637759e3-20f8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37VwBlivBcggVDXtPmVzd7MLVGj4lwX8SkgtWeZSKnpm%2BtHC%2BlLfoCgeD4u%2B2NyrDX3xRyh58Xhs9STJ7uKDO1jQkPAkD1gmJN5tUAd3UNQcSVNBMl39KqK78JCp0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa9a3dddbb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 174.1ef9cd20.js Show response
cdn-1win.xyz/js/ 81 KB
17 KB 46ms
39ms Script
application/javascript 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/174.1ef9cd20.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6b8bf14b6a15c19d60f1e407e701dc46fe4077e49a8059ad7c69312a77a2d0f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7816
cf-polished: origSize=83073
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 10:09:39 GMT
server: cloudflare
etag: W/"637759e3-14481"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVvqdL3NjsPMivQzXxUsxmNwELMGf7XiXa7pI7zRwick708EDxDQcqbQTjqK4TkbZC2kThgV%2FS5U7aqMHPQ%2BvLhrJXm2CASC4prm5HkiJxn%2Fa20KC8fKceyzN51Mtg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa9a3de1bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 541.d16bb6ff.js Show response
cdn-1win.xyz/js/ 11 KB
4 KB 37ms
31ms Script
application/javascript 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/541.d16bb6ff.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20f61cb9a11d4647d1e49d431fc8925cc9557545fed06f7053bf6e777ee90013

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 873454
cf-polished: origSize=11775
cf-bgj: minify
last-modified: Tue, 08 Nov 2022 09:43:19 GMT
server: cloudflare
etag: W/"636a24b7-2dff"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHJw3C%2FFdlojqnSNv%2B5H0gPBVtRDThjBagiHsuYOLD6zTa1BSu4%2BKksyoATcpFTARl3W9eADWqhMCjX5lvLmEDENF9nshcBEOvzLuNdw4lLrTLLZIxEXKL8arV0K1w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa9a3de3bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7249.95ecdddd.js Show response
cdn-1win.xyz/js/ 8 KB
4 KB 39ms
33ms Script
application/javascript 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/7249.95ecdddd.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

414a74315c51d21e972ef3b093212bc83c1fdd92f736789357bffcdafc8e9793

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2403030
cf-polished: origSize=8709
cf-bgj: minify
last-modified: Fri, 21 Oct 2022 16:46:52 GMT
server: cloudflare
etag: W/"6352ccfc-2205"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OECb8%2BVFNHHZMk9NjJt365oAGAxgDKxZqoJPAyVzX0fOY3vfw7F7111FoGZ9Zo0hYscceURRC%2ByNK9V8waX4Jb8WgoVzx%2FqmPrihVhba74yLnKNUo44LOzMEzLkj8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa9a3de6bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9083.27e270d1.css
cdn-1win.xyz/css/ 67 KB
11 KB 62ms
57ms Stylesheet
text/css 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/css/9083.27e270d1.css

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e50c3321f8cae6f04abd90ed0ade670105ac4c3e6f47fbbad0d6ebef0264fa0c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8375
cf-polished: origSize=68720
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 10:00:57 GMT
server: cloudflare
etag: W/"637757d9-10c70"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLEVbU8Kif8v54VNmH%2Bi%2FCE2tpIQiLxzKnP44smuJi1%2FX3D8gSYdnMI185bt1aCBkAG8KSefifxIGscHvkXMs8Iu%2BMEX%2FlAtcBempWjoBAJdMULcYwS7MI%2BHZ%2FemKw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa9a3dd6bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9083.c3a8d65e.js Show response
cdn-1win.xyz/js/ 91 KB
24 KB 65ms
61ms Script
application/javascript 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/9083.c3a8d65e.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b644a50878f57a8d0483315c2337cd81fca26d4f63dade2f2a40caa1d1a5bd71

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2733
cf-polished: origSize=93168
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 11:33:18 GMT
server: cloudflare
etag: W/"63776d7e-16bf0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGMW4J9ojWJQuzHD%2BFxpUUTYiDGpgwHZd%2BY1nwrpPVut5KlN54%2F%2BbK4AMCAUpHY5wXdq0G%2FkLWXd8BAIe888BOrkyHGB2UpDzPWooWlifOhwJym%2Bq3Yb%2BZAuJtEZDA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa9a3de9bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9617.53479fe1.js Show response
cdn-1win.xyz/js/ 21 KB
7 KB 42ms
40ms Script
application/javascript 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/9617.53479fe1.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14f74d78521106b7b8b9f94f9e481ad37bfcedacf17572545f8a0f51375b248d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2733
cf-polished: origSize=22041
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 11:33:18 GMT
server: cloudflare
etag: W/"63776d7e-5619"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6Xd2sdFH3zXFBK4jEdPw3wizwIjkQZKg6Isk%2F0Y6RrE6o77UCQe0yfc60bUXM2mq0rPJJvv%2FVmTP6j0NZEiB787Srihd2uErSIMudcUN6b8%2Fe9wBrMLI0VkAqIpRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa9a3df0bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7725.9e883aca.css
cdn-1win.xyz/css/ 10 KB
3 KB 35ms
33ms Stylesheet
text/css 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/css/7725.9e883aca.css

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cea561cb5c9466e4bd8b00f9627f0d0d259a110e06017d4be6e50ad9e8889f0

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1283221
cf-bgj: minify
last-modified: Thu, 03 Nov 2022 15:53:40 GMT
server: cloudflare
etag: W/"6363e404-2994"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIX7KI2cS0t%2Fs3qzfxQS16bnQWUBeBhCXOaNC9rPFjUMUI8vWQZlHtB%2B4Jy1pqjsb2MdLQTDNq4SXMhwH%2B%2BYIUYG2qU0I%2BtdqYx9Rzng3N6Yh96e8IZpIKWjWaN7fA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa9a3dedbb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 title Show response
1wyxza.top/common/ 16 B
128 B 58ms
58ms XHR
application/json 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wyxza.top/common/title?path=bets&lang=de

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/chunk-vendors.efc1f45c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wyxza.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
server: nginx/1.22.0
content-length: 16
vary: Origin
x-frame-options: DENY
content-type: application/json; charset=utf-8

GET
H2 200 modules.55241fd65a1af5a1837b.js Show response
script.hotjar.com/ 262 KB
68 KB 92ms
20ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.55241fd65a1af5a1837b.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

abcc01ec7f27663d20ef3186dd63224980fb38ba81a9451d9eccfa597f1dd9d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 11:06:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 90925
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68617
last-modified: Thu, 17 Nov 2022 11:05:52 GMT
etag: "5f82b1a8e62b6a241154cb066c4d1ad8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ZNsXJZfDlc_pUoHakLUa7tNVWFcJkljejT1ioIBB2PGjatX7sx02aQ==

GET
H2 200 amplitude-8.17.0-min.gz.js Show response
cdn.amplitude.com/libs/ 92 KB
27 KB 83ms
20ms Script
application/javascript 52.222.206.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-8.17.0-min.gz.js
Requested by: Host: 1wyxza.top
URL: https://1wyxza.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e7a2297c8371775455adc684445c2a383bcd0cee869777d45aefd8bc08456a6

Request headers

Referer: https://1wyxza.top/
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 11:00:28 GMT
content-encoding: gzip
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
x-amz-version-id: wr63ICD3duh0Opi8j2KDhI34Ow38BHG0
x-amz-cf-pop: FRA56-P3
age: 3028864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27400
last-modified: Fri, 25 Mar 2022 19:53:18 GMT
server: AmazonS3
etag: "e5211b7cbee53b6912f07a1cd72a4582"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: TX23eWDublH6I5G1M9cfD_goSQnnIigq8viW5hukNX59NP8y_JthjQ==

GET
H3

200

activityi;dc_pre=CJ6Z3Pfbt_sCFRKmsgodRHEM2Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o... Show response
12572451.fls.doubleclick.net/ Frame 3538
Redirect Chain

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://12572451.fls.doubleclick.net/activityi;dc_pre=CJ6Z3Pfbt_sCFRKmsgodRHEM2Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

553 B
330 B

89ms
54ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12572451.fls.doubleclick.net/activityi;dc_pre=CJ6Z3Pfbt_sCFRKmsgodRHEM2Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6778560302456.34?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

2282a044c854fd9315c840f7f42ff4a59882df629fd209586fb279b5fc8140df

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wyxza.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 305
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 12:21:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 12:21:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12572451.fls.doubleclick.net/activityi;dc_pre=CJ6Z3Pfbt_sCFRKmsgodRHEM2Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6778560302456.34?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
77 KB 29ms
24ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7521f7698777389511c01af5f8fb436025df6a6c66739336efeaba234824ee02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78657
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 18 Nov 2022 12:21:31 GMT

GET
H2 200 box-c6ca1c87e308a39aabb76b56ba54398b.html Show response
vars.hotjar.com/ Frame 381B 2 KB
1 KB 62ms
17ms Document
text/html 18.66.147.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-116.fra60.r.cloudfront.net

Software

Resource Hash

a0084043f26a51ea743463b4a653e4850cbaae0868832e4471a199f753fc6b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://1wyxza.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1209565
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 12:22:06 GMT
etag: "b6d25d1350d6a014d80689f389e76f97"
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-amz-cf-id: QfPY_g9kri050qCfz8I0VlSdRduxPZLcilf1gY_jbYSghhvPern_Tw==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H3

200

activityi;dc_pre=CKuj3vfbt_sCFR5BkQUdZ4wFTg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o... Show response
12572451.fls.doubleclick.net/ Frame AA04
Redirect Chain

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://12572451.fls.doubleclick.net/activityi;dc_pre=CKuj3vfbt_sCFR5BkQUdZ4wFTg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

555 B
332 B

55ms
51ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12572451.fls.doubleclick.net/activityi;dc_pre=CKuj3vfbt_sCFR5BkQUdZ4wFTg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2441609236496.9487?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

e72ea632f2f5bb38a38dff63fccf53332d462dcd0e425689d687d87ee0aa89e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wyxza.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 307
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 12:21:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 12:21:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12572451.fls.doubleclick.net/activityi;dc_pre=CKuj3vfbt_sCFR5BkQUdZ4wFTg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2441609236496.9487?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CPif3vfbt_sCFUKOsgodRU0PSQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o... Show response
12572451.fls.doubleclick.net/ Frame 964F
Redirect Chain

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://12572451.fls.doubleclick.net/activityi;dc_pre=CPif3vfbt_sCFUKOsgodRU0PSQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

554 B
332 B

57ms
53ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12572451.fls.doubleclick.net/activityi;dc_pre=CPif3vfbt_sCFUKOsgodRU0PSQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7605696104916.764?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

2e44c413f3fb6d1e82f3966b1b949d10c10b2f024213abad02ce04e7b60d83e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wyxza.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 307
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 12:21:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 12:21:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12572451.fls.doubleclick.net/activityi;dc_pre=CPif3vfbt_sCFUKOsgodRU0PSQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7605696104916.764?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 icons-pack-home.e8bf03cf.js Show response
cdn-1win.xyz/js/ 78 KB
23 KB 37ms
37ms Script
application/javascript 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/icons-pack-home.e8bf03cf.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cacca2b863dcb76d949a2e54a420eccf16ded163af4642ae53cf5ac0246cca2e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2403198
cf-polished: origSize=80069
cf-bgj: minify
last-modified: Fri, 21 Oct 2022 16:46:51 GMT
server: cloudflare
etag: W/"6352ccfb-138c5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhjsNe47bGJ9AhViCv3gm2QDdfWJ8FRDtjX%2FVeRk3BRIXHt70TA2oG4ulvHjQoKRp6sFflnz8sJe1K6TajUlB6%2BpMDSWrf3N9B9SNSupI0J7Rvvu7BFXEwrhhyJk6w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa9b88c7bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icons-pack-sports-promotion.9bb32256.js Show response
cdn-1win.xyz/js/ 19 KB
8 KB 29ms
29ms Script
application/javascript 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/icons-pack-sports-promotion.9bb32256.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96c3140721009b7d978d196bd49612ff55347b43d8dab50294ccc5568319e5e2

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2403202
cf-polished: origSize=19260
cf-bgj: minify
last-modified: Fri, 21 Oct 2022 16:46:51 GMT
server: cloudflare
etag: W/"6352ccfb-4b3c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyVyeMD5sQXyfKky%2BIzyUAuxpX5ANTMwJJV7rYdxP9U%2Bp9YrFBc2vx4xwcM%2Bq8AJXlRk534U9cxRqDGSq%2FCNNk8RiKJthL7iqTVZm%2BRquuvYHYiyjjBjMrC2Fi4fTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa9bb923bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icons-pack-payment-full.6272cc58.js Show response
cdn-1win.xyz/js/ 110 KB
22 KB 28ms
27ms Script
application/javascript 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/icons-pack-payment-full.6272cc58.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2a5caafafc6106754cf5aafe561b67452393863271c18a6d290b6a78691cd70

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2403202
cf-polished: origSize=112398
cf-bgj: minify
last-modified: Fri, 21 Oct 2022 16:46:55 GMT
server: cloudflare
etag: W/"6352ccff-1b70e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTjOLygac90VAtkkO6jJdtbMyFJV8fC6lSnjU3h7tICvYlzu9FAyJ%2FXerlTf%2FxOg%2BcwaoCvNB69jp0aJvZS0OrRrWmM1agItKI30uaa8vuLagEty68THL9oHchtlwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa9bc955bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 free-money-link-image.ac893118-120.png
cdn-1win.xyz/img/ 22 KB
23 KB 27ms
24ms Image
image/png 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/free-money-link-image.ac893118-120.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efc95075ce36a9f1abb2c7f51ef75805679f1901669808d4152d9fa3fe57557d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10276187
content-length: 22903
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
server: cloudflare
etag: "62d94d8b-5977"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZslx8515NILCALZtmE9LTeVmdfaU4780nCV5xTs2H1HhJetAfuXODWQipSb2aH7hg%2FMr7ucQBahxTh%2Bzu6peVLETFdI769BDfYb8QG%2FtRkS0nl15gwnZo5COCRPJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76c0aa9be99cbb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFNSDisplay.2b5dc965.woff2
cdn-1win.xyz/fonts/ 288 KB
289 KB 27ms
27ms Font
application/octet-stream 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/fonts/SFNSDisplay.2b5dc965.woff2
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/desktop.51862259.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efdc0e9caf5e1b3f650e8ecd022ecd000bb070e1b0cf359eeb228603c325384b

Request headers

Referer: https://cdn-1win.xyz/css/desktop.51862259.css
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1746087
content-length: 295048
last-modified: Fri, 28 Oct 2022 14:03:54 GMT
server: cloudflare
etag: "635be14a-48088"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6ir%2BegPXxvAnxn5wL8yy0g4Bl7Ov%2BBEyDBLtSok0WJKHPiJk9zaNDal5M%2Br5U2wzVQFRLBx9kdTwztrna5q71fwGAk1aLUy0xnKWZn6hsImaVwBLd3r6vpYIvsC7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76c0aa9bfc3a9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 present-with-light.c2c357bc-151.png
cdn-1win.xyz/img/ 19 KB
20 KB 25ms
24ms Image
image/png 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/present-with-light.c2c357bc-151.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73db6c5aca6a6439e60eb8f3db722f922c34d39c7be9a491a4e9b4957bf979b7

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10277562
content-length: 19578
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
server: cloudflare
etag: "62d94d8b-4c7a"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AymK9T1pwtSTr7fQKj7ww36sbDwNrnN%2BIP2rVPDhNZV8YijL%2B5m%2FYngNjRZaNC3USnPKGelOeeGJrZQHO3H6aQGygfErkWaby3LEa2af7KnOhwhvLgvbBbpiuN4KBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76c0aa9c4aa2bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pwa_android_en.10259506-690.png
cdn-1win.xyz/img/ 58 KB
58 KB 27ms
27ms Image
image/png 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/pwa_android_en.10259506-690.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf9eb34aeb0c704137a5e59860435b753ed8d2d52c7dcb94af13e5445f8ac09f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10276186
content-length: 58920
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
server: cloudflare
etag: "62d94d8b-e628"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3kiDurtEWwWYJ7kv0HF1WWFrPJIZaJ%2B9giRIMr%2BPeDBIQVP6DAtnfLj9rhz0SHFdNK%2FhNbUKY3yqejkHaKZ5jOoWN%2BLySI%2FYp2UkIaB%2FMxUVtquzmBdneXHn%2FOPGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76c0aa9c4aa7bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 aviator-game-logo.2fb50dc0.svg
cdn-1win.xyz/img/ 3 KB
2 KB 29ms
28ms Image
image/svg+xml 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1win.xyz/img/aviator-game-logo.2fb50dc0.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6364edc4b1553377c0095fcca9ad118ba03f1e3d953c30239b8fbd14d75000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10277562
etag: W/"62d94d8b-bfa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLBlvAYF0aYgx0FY04rPCgWxyR4aeuFfbTNbFhrGoYkdO3yK7i6TatFvCeb1kCUKRLLZBRMSnjMcrvM2M6BsO84Yntu88tKCukAecKOO%2Bv7Pbsh5yTk6wxE1kWNa6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 76c0aa9c4ab1bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fire.47bc0337.svg
cdn-1win.xyz/img/ 580 B
667 B 41ms
41ms Image
image/svg+xml 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1win.xyz/img/fire.47bc0337.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3545ed802d036fffc6f9d885c6d32b5bb146476a0320f3bba13e0fdd0cbc337

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10276041
etag: W/"62d94d8b-244"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5399DANd%2FRSIfw7Vp7duIxaX%2B2ZT65waPxkTwW4SV78UxfJQi2JiNEsx1YcwjnR%2F1lv0%2Bs6ELApL4RkY7nu0Y8Lo6n2rLZ%2BWk4h1doV3HK14jxDz7ongBUpAvu6DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 76c0aa9c4ab4bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pwa_ios_en.4673caff-690.png
cdn-1win.xyz/img/ 59 KB
60 KB 27ms
26ms Image
image/png 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/pwa_ios_en.4673caff-690.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30c2e3ed129c83494eeaab5b60a520f6efcd483e9ff61d79a1aae50b50482e49

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10276006
content-length: 60659
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
server: cloudflare
etag: "62d94d8b-ecf3"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZC%2BSx%2FDOefN6MCGlHkTK1DJrhJy8O0Z%2F%2B2Gg9w6HPlVfPJRxb%2BO2fjz6IFjH5ybseSUWyy1ToIjI3OU9Vufqrz93mjlpkSrB6f1k9V%2B4ZIx54LUcnIRKX9cg2lWWYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76c0aa9c4ab7bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 casino-mentor.5cf9062c-172.png
cdn-1win.xyz/img/ 3 KB
4 KB 26ms
25ms Image
image/png 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/casino-mentor.5cf9062c-172.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c52bf76d9931bd28ea4fc2055bf9b904f73d7eeced084fae47c2faaffbc6b7ce

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10277562
content-length: 3438
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
server: cloudflare
etag: "62d94d8b-d6e"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EczuaYVKPlTufJzPG%2B4p7hDR7Os918SPUAcyBqE7h0DHa%2BxwRWKFbhe8RsTIZrX%2BdV91WbvEz5iKND5lX%2BNytV5Ae34WidFcchXQBhNI6YhPff5cKF3bvClga7CmGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76c0aa9c4ab9bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 migliori-casino-online.56a37c15-50.png
cdn-1win.xyz/img/ 2 KB
2 KB 30ms
29ms Image
image/png 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/migliori-casino-online.56a37c15-50.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40dcfacb3f2c4c73ed10f113bd8cbb638c560d2381d2ea0f5e4d4a8f511de1a4

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10277562
content-length: 1744
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
server: cloudflare
etag: "62d94d8b-6d0"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qybxtwlrGj5PP0bI8chUe7HiUJ2iAnn3qjrEdi9jiGU%2F7hZM519lVGIJyBkBS1BhvYPB0mL1PG%2BkXlTyb3PZZj9cVtRfpEnpmXBuGcwtvRbSj8Yk3HtgkHRjPr%2Bgsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76c0aa9c4abdbb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 best-bitcoin-casino.35cdfe6a-50.png
cdn-1win.xyz/img/ 2 KB
2 KB 25ms
24ms Image
image/png 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/best-bitcoin-casino.35cdfe6a-50.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b07d781cd89db50889bb5f207634763c01f3aa8b26b346cf68548e6ea17add27

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10277562
content-length: 1743
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
server: cloudflare
etag: "62d94d8b-6cf"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4YbU%2FxlqMWiNdJ%2BdOtYnw2wvk%2FvK9tAEISn98Z%2B7WPqjv5mqXgZTvnS4xyU9VGgh3I4gfkzomv6y2NN7QqAoWg15ckmYs2vRocoffBg26p1qdqnWDJBhz74%2FH%2BPElg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76c0aa9c4ac1bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 casinos-analyzer.58bc0eb2-182.png
cdn-1win.xyz/img/ 3 KB
3 KB 39ms
38ms Image
image/png 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/casinos-analyzer.58bc0eb2-182.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3af748a497a13fe03834a1e78c1c3f780b2afafdc1fc6170963a24c4b67ba148

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10277562
content-length: 2950
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
server: cloudflare
etag: "62d94d8b-b86"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dMkHBZY7LMAWYFuFAolIAVuz2H5KML2ERmf%2FDuLz3kYa72jxIwcZTyF%2FxDem401Rd4NRe1LrBK3kYhvEq5cnmyMIHUh5%2BG%2BvwC%2B5duF4ohvxfTn8%2BGuSD4Szr%2Btrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76c0aa9c4ac2bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cricket-betting-wali.37514d50-43.png
cdn-1win.xyz/img/ 4 KB
5 KB 48ms
48ms Image
image/png 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/cricket-betting-wali.37514d50-43.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec340cc778df957a6321aaadfad6d5169a8f32a639eaf9025124a789eb1ba65

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10277562
content-length: 4513
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
server: cloudflare
etag: "62d94d8b-11a1"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F206zm9ALNw1AIPTg%2F8BkpE30fLQcOhOZNMlAGPYvvEAgFIJOOT3cZ6klLdFbYB1gQ9df%2B6kDhlLEzp0nKl3YwvKsBxwEnEZNTPNMCkqGNghDNd2K1%2BksN3vYMo5Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76c0aa9c4ac4bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cricket-betting-guru.4045f0c2-500.png
cdn-1win.xyz/img/ 22 KB
22 KB 29ms
28ms Image
image/png 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/cricket-betting-guru.4045f0c2-500.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9f97539e2c079387b34e099020dcaa53819da023cadf3e38a526d588c5d50cc

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10277562
content-length: 22453
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
server: cloudflare
etag: "62d94d8b-57b5"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBorVQfyuGDawpNvhh1S%2FBnbE2iEnVUy%2BxIj%2BB%2FSyo6iInXots1akXY%2BNy9b0rjK7TpuvtkvN%2BrHPnHcgQo4Ujg065OiyB65kB%2BEYeiFmVL8mRzLAhVXS7MQXXKI9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76c0aa9c4ac9bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all-v2 Show response
cdn-1win.xyz/common/banners/ 3 KB
2 KB 1116ms
1114ms XHR
application/json 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/common/banners/all-v2?lang=de&type=desktop&bannersType=main

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/chunk-vendors.efc1f45c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4cbbe402afdbd30767b2b2cd27c3162e21785ed824585793665191c781a294d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wyxza.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwNtxMVGkwT7JkVPZuDjgFnpr%2FpAHUxr9yl9yzS%2B5Z7%2BJU17jdmdsNuaTTsovLlpQRE0v2joSC1wWYmFlblw3fiKgwTHtfewtPJuZNm8%2BbkbxQUtxoy7ElOg23oF%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wyxza.top
x-frame-options: DENY
cf-ray: 76c0aa9c5cee9a3f-FRA

GET
H2 200 sprite-tvbet-frame@2.f861bcf8-256.png
cdn-1win.xyz/img/ 8 KB
8 KB 34ms
33ms Image
image/png 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/sprite-tvbet-frame@2.f861bcf8-256.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

420dca426d98adeab96e8d2b0a03fadd76531edcd80b2fca143044de28d04fc6

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10276041
content-length: 8285
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
server: cloudflare
etag: "62d94d8b-205d"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWKuhSaI1CmcNV6hh2ZQKix2dkBsRoZvD9iPaLu%2FAB%2BtN4ZVmHtx%2FmmIOeis12ja4Y6mnfIevsgXrIeq2XCLOYWeIMskFPYmup1D7d6d5GIUK8WO2z1tkI4CXFarYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76c0aa9c5ad8bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sprite-tvbet@2.36763152-256.webp
cdn-1win.xyz/img/ 504 KB
505 KB 24ms
23ms Image
image/webp 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/sprite-tvbet@2.36763152-256.webp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7c352d2bf45fef53c5af10af5ffaafacaa3d46b40a3061af39e0ae08cbb8a92

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Nov 2022 10:09:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4614
etag: "637759e4-7df68"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adFZHLpYSW7NIuYrf1jZGBFDjEPF6Zrgqn%2BojLHaAFz03uQkDShW7iytk2o%2FVJkuDxSOHn%2BW6e3UMy%2BVgOrW6X%2FAIpU%2Fb7aUif9%2BfWyAg8d0x9TR0c8EfLjSxvlabQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76c0aa9c5ad9bb71-FRA
content-length: 515944

GET
H2 200 sprite-roulette-frame@2.c410ea63-256.png
cdn-1win.xyz/img/ 39 KB
39 KB 59ms
57ms Image
image/png 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/sprite-roulette-frame@2.c410ea63-256.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

362a8c010b8dfad12a948325c5537fd046c32168e7a78de0ae6733eb5ebd4978

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10276041
content-length: 39675
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
server: cloudflare
etag: "62d94d8b-9afb"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71EIjVFWdajsHoUAt%2F0DHuyiYxi5SK9FExHYRYJjfhbOzFfuK8zI3%2BAxRWznqsFhJPiE6WWBUrKcrBTtxGWOsamcDj46yQ5EE4lhfHZ95l3MsqRayFObeKNfHf%2BwIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76c0aa9c5adbbb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sprite-roulette@2.e2c67007-256.webp
cdn-1win.xyz/img/ 1 MB
1 MB 37ms
36ms Image
image/webp 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/sprite-roulette@2.e2c67007-256.webp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06d889fcaea4c7ae0b81ebf379fc774708d17bc76895739d50b84c970876e3ac

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Nov 2022 11:33:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2109
etag: "63776d7f-159ee6"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLUchaJ5pHqrdkTtrGOmy%2BasWRlrgVWpWLPy1Xb83XPtd4kYSthyGNoyD034JDOIrLsv1g15VWRlvUBlVO70tNq5WqskbQtmoP%2BV%2B85TlHIE2e0SpnqHLQWMr5x6Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76c0aa9c5addbb71-FRA
content-length: 1416934

GET
H2 200 sprite-dice-frame@2.fa765f9b-256.png
cdn-1win.xyz/img/ 26 KB
26 KB 33ms
32ms Image
image/png 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/sprite-dice-frame@2.fa765f9b-256.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8273cc691200f1a973a9da1ad2b26f493b446eebf7827d2886525a41103934a6

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10276041
content-length: 26606
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
server: cloudflare
etag: "62d94d8b-67ee"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xv3DzwJ9qeCfj1K8ZFZKsYsFcM6R%2Fz%2F3YpTplnlXE44OaFfx7sw8EqB8j6eLNPqSl1XL2JnMLwwxhCBM%2FjoF3sKQU9Gzgc1ds7SWrDHDBDqqSQmdqtNYDTm8YHOR8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76c0aa9c5ae0bb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sprite-dice@2.4b21cc5a-256.webp
cdn-1win.xyz/img/ 808 KB
809 KB 41ms
40ms Image
image/webp 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/sprite-dice@2.4b21cc5a-256.webp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f63fdb32d35ffa1703e6908b5e3c0b02837e5997bc53d4df83008e2153a9a1de

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Nov 2022 11:33:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 452
etag: "63776d7f-c9e58"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDyf84KFEaRrafF1lqZLUYUZhKRB2tZGnyGwdIImiUpIAnSND%2F1hcy52KepRJ6gNKA1bnXfu7Bp8cYyIsYtNsVXTjPIfuogchmulePnnLvTI47JyoNIKf5qRUqUjxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76c0aa9c5aedbb71-FRA
content-length: 826968

GET
H2 200 sprite-poker-frame@2.8b89cd4f-256.png
cdn-1win.xyz/img/ 14 KB
14 KB 45ms
44ms Image
image/png 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/sprite-poker-frame@2.8b89cd4f-256.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47bf8de69f9aca075152594fafc8529150a82b7b8129fa55bb2fc111e53b3aa

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10276041
content-length: 14193
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
server: cloudflare
etag: "62d94d8b-3771"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9KlMoqftjGqEKT68FI8gx3lfGoc3NROpLc2ib3Awn2QVCJfwbTNmcR6Eu3ir6%2FgPm%2BH5p3kaqIEhtJVSM3twjqK3I%2BaRRZRv%2Ft9XPGQQCZK0WCWDWYJrvQy0YWDcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76c0aa9c5aeebb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sprite-poker@2.db927018-256.webp
cdn-1win.xyz/img/ 609 KB
610 KB 37ms
36ms Image
image/webp 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/sprite-poker@2.db927018-256.webp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45e7bafe88284b6f3aaac133d38c9db59f67d46ae27cab5a299b5b7c704eaa9d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Nov 2022 10:09:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4614
etag: "637759e4-985e8"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYfeUvqmYzR3rQFrt3AVYyk9OGMB1EBBKRzyJ133TMTr5dxLhmvcpcc3MOO%2F%2BRV2urEaJAJoib7w4brVYbmI9GHP2lb0TtiyMCthA2ktyOQis19CKOOk5FoOToH1ig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76c0aa9c5af0bb71-FRA
content-length: 624104

POST
H2 200 ask Show response
1wyxza.top/microservice/ 17 KB
4 KB 51ms
50ms XHR
application/json 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wyxza.top/microservice/ask

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/chunk-vendors.efc1f45c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 / Express

Resource Hash

814e89ded3e1200c7f2e87c9ddb97e39ca3bdd1fa497de728bd2d9f189f1d9af

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wyxza.top/bets/home
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
content-encoding: gzip
server: nginx/1.22.0
etag: W/"d1f-Z+GvjIYaQ0ZXGRZ1ujF6rSpBWTg"
x-powered-by: Express
x-frame-options: DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wyxza.top
access-control-expose-headers: Authorization
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 3359

POST
H2 200 ask Show response
1wyxza.top/microservice/ 44 KB
3 KB 494ms
493ms XHR
application/json 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wyxza.top/microservice/ask

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/chunk-vendors.efc1f45c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 / Express

Resource Hash

8fceb90dcfc40087af492f5b59c30590c264efa6fda63eb27edb063e90579932

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wyxza.top/bets/home
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
content-encoding: gzip
server: nginx/1.22.0
etag: W/"ad4-rkwG8GgqU3WRHaUn/YascNcCZZs"
x-powered-by: Express
x-frame-options: DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wyxza.top
access-control-expose-headers: Authorization
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 2772

POST
H2 200 ask Show response
1wyxza.top/microservice/ 1014 KB
57 KB 1187ms
1187ms XHR
application/json 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wyxza.top/microservice/ask

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/chunk-vendors.efc1f45c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 / Express

Resource Hash

17d8d329c9991b89a3b41657dde1e576914ce20f0d225bff1568547bf982362f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wyxza.top/bets/home
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
content-encoding: gzip
server: nginx/1.22.0
etag: W/"e2db-XZzvDahsE2rj2Jq/x0ygXEPHQX8"
x-powered-by: Express
x-frame-options: DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wyxza.top
access-control-expose-headers: Authorization
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 58075

POST
H2 200 ask Show response
1wyxza.top/microservice/ 784 KB
32 KB 1905ms
1905ms XHR
application/json 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wyxza.top/microservice/ask

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/chunk-vendors.efc1f45c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 / Express

Resource Hash

88135630c7c3e3882763226c85f98b74c5e4c57323374a7f4476c1630f5f56b3

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wyxza.top/bets/home
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 18 Nov 2022 12:21:34 GMT
content-encoding: gzip
server: nginx/1.22.0
etag: W/"7cd6-gIO22gdU64GnJ7gvwt+TqAbjsuc"
x-powered-by: Express
x-frame-options: DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wyxza.top
access-control-expose-headers: Authorization
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 31958

GET
H2 200 home-poker-banner-bg.a6c0ddd5-600.webp
cdn-1win.xyz/img/ 22 KB
22 KB 63ms
62ms Image
image/webp 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/home-poker-banner-bg.a6c0ddd5-600.webp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfe18e34eff343a40443b392e24ffc0b0dab851ae22fe835b80e49e11cbe3d50

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Nov 2022 10:09:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4614
etag: "637759e4-56c6"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ta3%2BhsnWag2U404DJHEqhQsJYAF6kHYU9XOPVjTwqQWuGTdT8ADVtEhRa%2BhEuI1EoC8nyzmHX5vp5rySQUqtr%2FrqB7WnXEMM5iZFzPQRXYVev6OfMtxbaCZRPh6IyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76c0aa9cdbfdbb71-FRA
content-length: 22214

GET
H2 200 bonus-banner-cashback-casino.png@avif
proxy.cdn-1win.xyz/unsafe/banner_desktop_main_1x/plain/https://cdn-1win.xyz/banner-files/ 5 KB
6 KB 72ms
58ms Image
image/avif 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://proxy.cdn-1win.xyz/unsafe/banner_desktop_main_1x/plain/https://cdn-1win.xyz/banner-files/bonus-banner-cashback-casino.png@avif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57f273fd55196ec4f9a4ecd54a2061e125ec56346a14d0f35eadab261b3784e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "afr-jhlkuoDx_XrwjiuFbkzj6HdVsjvDmAeQvV8BbYs/RIjYxYTRlY2U4LTYzNWI4Ig"
x-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tDGu7rBvQ6zNfn%2BfytlBlFgDNhKmXg4GcDxJA69BsYOghfpv0FF%2Ffa9ohUobH7p1ZUY9YvfzdImj5tcL9Jji9QFICAr1yellFh1Ww%2BV7DP1aiIJY2a%2FT5T2NXrt4o%2F918V7Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
cache-control: max-age=604800, public
content-disposition: inline; filename="bonus-banner-cashback-casino.avif"
cf-ray: 76c0aa9cec25bb71-FRA
content-length: 5488
x-request-id: Wb9L3x2QCYuyCQWW_UAFi
expires: Fri, 18 Nov 2022 12:39:06 GMT

GET
H2 200 bonus-banner-deposit.png@avif
proxy.cdn-1win.xyz/unsafe/banner_desktop_main_1x/plain/https://cdn-1win.xyz/banner-files/ 4 KB
4 KB 73ms
58ms Image
image/avif 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://proxy.cdn-1win.xyz/unsafe/banner_desktop_main_1x/plain/https://cdn-1win.xyz/banner-files/bonus-banner-deposit.png@avif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c27d45b3efa448f6eb1837aaceadf464496e2cf04bf6c6d7cfef3683ebdf8e42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "afr-jhlkuoDx_XrwjiuFbkzj6HdVsjvDmAeQvV8BbYs/RIjYxYTRlY2UwLTU0YWIyIg"
x-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GoQ1GuCWYY7WXODp5iiXdZUmrflrrbmoG%2Bmo0gouZ1p0qhmTfDImXsJsVbLVzQNAnIkvcJvdv%2FdbvbCWoRmvOf3dlkJClL188FvrdP%2FCnSFLUGQ14CbvnvI%2BKEjZVUzWN1GWEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
cache-control: max-age=604800, public
content-disposition: inline; filename="bonus-banner-deposit.avif"
cf-ray: 76c0aa9cec22bb71-FRA
content-length: 4157
x-request-id: vm89-1U7gl7XmwB2arCTn
expires: Fri, 18 Nov 2022 12:30:00 GMT

GET
H2 200 icons-pack-social.11d06b0b.js Show response
cdn-1win.xyz/js/ 20 KB
6 KB 57ms
57ms Script
application/javascript 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/icons-pack-social.11d06b0b.js

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/index.49e32535.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6fe04cc8e91f587fb45ad4a1f2329e9f2d50ef2ec0bf39050fe3e45769ab297

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2403202
cf-polished: origSize=20146
cf-bgj: minify
last-modified: Fri, 21 Oct 2022 16:46:54 GMT
server: cloudflare
etag: W/"6352ccfe-4eb2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2Fei3N1YdgY9Bz7VbPY3E4w65wJHerRSkFp1dscm5X1Gs0L0%2FzEHkoqPYHrp1FrV4taRVX759qtaeI4Mqi6442sE%2F9Bd6OireiIya%2FJJm3PmT8VHSKuAiOQB2fM0NA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
cf-ray: 76c0aa9d5d1fbb71-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 BJWyBOvKVv_465wXOdP2q9ej0kGs5ID_3l9irf6GL5R1GU9aeqXBBwUthz54Z14tMvlTE2Brf9y42zeIdCC4NyaNx8hd4N_S6b1S.jpg
cdn-1win.xyz/locales-flags/ 23 KB
23 KB 52ms
52ms Image
image/jpeg 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1win.xyz/locales-flags/BJWyBOvKVv_465wXOdP2q9ej0kGs5ID_3l9irf6GL5R1GU9aeqXBBwUthz54Z14tMvlTE2Brf9y42zeIdCC4NyaNx8hd4N_S6b1S.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8f3066c0a0180a59f4427b69b14ec11c437f63506f35db345cb3ee9a86a4fa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5577
x-cache-status: HIT
content-length: 23258
cf-bgj: h2pri
last-modified: Mon, 07 Feb 2022 10:40:50 GMT
server: cloudflare
etag: "6200f732-5ada"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJi4GyYXbfgqhxKrL6fyLRZEfZ0mV5xPogEE4pclFyFUi8%2FBXCrBERXBIxXcmCzAVkC1A0n5DcEzb1pS2rijq80IykzB06JRcdLEAKn73DNGArYoDbFY%2FUCzI7JtXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76c0aa9d5d29bb71-FRA

GET
H2 200 all-v2 Show response
cdn-1win.xyz/common/banners/ 3 KB
2 KB 1337ms
1336ms XHR
application/json 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/common/banners/all-v2?lang=de&type=desktop&bannersType=main&localeId=26

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/chunk-vendors.efc1f45c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4cbbe402afdbd30767b2b2cd27c3162e21785ed824585793665191c781a294d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wyxza.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qohNd20T2rB2rhaM97UFimT%2B073Eyb8qZnxvBjqgza8Dya%2FobAqaHPogtWmxe9bT1Nv%2B9cLqVNHYZX6NXVXIDB5heMzh53xt%2FpMWY90tCwiei9O%2BqHYF4pTcPzVf1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wyxza.top
x-frame-options: DENY
cf-ray: 76c0aa9d5f219a3f-FRA

POST
H2 200 ask Show response
1wyxza.top/microservice/ 17 KB
4 KB 41ms
39ms XHR
application/json 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wyxza.top/microservice/ask

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/chunk-vendors.efc1f45c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 / Express

Resource Hash

814e89ded3e1200c7f2e87c9ddb97e39ca3bdd1fa497de728bd2d9f189f1d9af

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wyxza.top/bets/home
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
content-encoding: gzip
server: nginx/1.22.0
etag: W/"d1f-Z+GvjIYaQ0ZXGRZ1ujF6rSpBWTg"
x-powered-by: Express
x-frame-options: DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wyxza.top
access-control-expose-headers: Authorization
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 3359

POST
H2 200 ask Show response
1wyxza.top/microservice/ 44 KB
3 KB 34ms
32ms XHR
application/json 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wyxza.top/microservice/ask

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/chunk-vendors.efc1f45c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 / Express

Resource Hash

8fceb90dcfc40087af492f5b59c30590c264efa6fda63eb27edb063e90579932

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wyxza.top/bets/home
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 18 Nov 2022 12:21:32 GMT
content-encoding: gzip
server: nginx/1.22.0
etag: W/"ad4-rkwG8GgqU3WRHaUn/YascNcCZZs"
x-powered-by: Express
x-frame-options: DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wyxza.top
access-control-expose-headers: Authorization
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 2772

POST
H2 200 ask Show response
1wyxza.top/microservice/ 1014 KB
57 KB 962ms
961ms XHR
application/json 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wyxza.top/microservice/ask

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/chunk-vendors.efc1f45c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 / Express

Resource Hash

cb2716d02fca4d1abe93ced14e8e0061832383a662f8908b4c97197c4dc4976c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wyxza.top/bets/home
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
content-encoding: gzip
server: nginx/1.22.0
etag: W/"e2bf-5szYeWf2GCI8M80Brg/ERTe/hqE"
x-powered-by: Express
x-frame-options: DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wyxza.top
access-control-expose-headers: Authorization
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 58047

POST
H2 200 ask Show response
1wyxza.top/microservice/ 784 KB
32 KB 2228ms
2227ms XHR
application/json 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wyxza.top/microservice/ask

Requested by

Host: 1wyxza.top
URL: https://1wyxza.top/js/chunk-vendors.efc1f45c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 / Express

Resource Hash

88135630c7c3e3882763226c85f98b74c5e4c57323374a7f4476c1630f5f56b3

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wyxza.top/bets/home
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 18 Nov 2022 12:21:34 GMT
content-encoding: gzip
server: nginx/1.22.0
etag: W/"7cd6-gIO22gdU64GnJ7gvwt+TqAbjsuc"
x-powered-by: Express
x-frame-options: DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wyxza.top
access-control-expose-headers: Authorization
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 31958

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CJ6Z3Pfbt_sCFRKmsgodRHEM2Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame 929D 552 B
774 B 105ms
53ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJ6Z3Pfbt_sCFRKmsgodRHEM2Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6778560302456.34;~oref=https://1wyxza.top/

Requested by

Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=CJ6Z3Pfbt_sCFRKmsgodRHEM2Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6778560302456.34?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33eabca71ddc39e3af57122c1863667936cf90526ed42a3c3f4fb34b6c44528c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 306
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 12:21:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CKuj3vfbt_sCFR5BkQUdZ4wFTg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame 0C4D 554 B
378 B 181ms
179ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKuj3vfbt_sCFR5BkQUdZ4wFTg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2441609236496.9487;~oref=https://1wyxza.top/

Requested by

Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=CKuj3vfbt_sCFR5BkQUdZ4wFTg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2441609236496.9487?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac23f735b8778143749fac8d4aecd41a11f16fb135f628d2006723a97794286c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 308
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 12:21:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CPif3vfbt_sCFUKOsgodRU0PSQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame 897D 553 B
377 B 220ms
219ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPif3vfbt_sCFUKOsgodRU0PSQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7605696104916.764;~oref=https://1wyxza.top/

Requested by

Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=CPif3vfbt_sCFUKOsgodRU0PSQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7605696104916.764?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3c8becb57367cb7f961fdb2a987d82e0142fd011128532c5e6356f2fb7c8fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 307
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 12:21:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
344 B 67ms
23ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-548949LWLW&gtm=2oeb90&_p=2105423130&cid=1981559977.1668774093&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668774092&sct=1&seg=0&dl=https%3A%2F%2F1wyxza.top%2Fbets%2Fhome&dt=1win&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Nov 2022 12:21:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1wyxza.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

widgetsSettings.json Show response
widgets-04.livetex.ru/js/
Redirect Chain

https://balancer-cloud.livetex.ru/get-client/?site_id=171207&version=1.2.36&target=settings_path&rnd=9pdkk5d80i8
https://widgets-04.livetex.ru/js/widgetsSettings.json

823 B
1 KB

335ms
70ms

XHR
application/json

185.39.80.61
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets-04.livetex.ru/js/widgetsSettings.json

Protocol

Server

185.39.80.61 , Russian Federation, ASN200015 (LIVETEX, RU),

Reverse DNS

Software

Resource Hash

1fa82e973cd370596fed3d7647743fd6f5108792fdc816237a4530b600129e47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 07 Nov 2022 10:22:42 GMT
etag: "6368dc72-337"
access-control-max-age: 1728000
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 823

Redirect headers

pragma: no-cache
date: Fri, 18 Nov 2022 12:21:32 GMT
server: nginx
location: //widgets-04.livetex.ru/js/widgetsSettings.json
access-control-allow-origin: https://1wyxza.top
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
access-control-allow-credentials: true
content-length: 0
expires: Fri, 18 Nov 2022 12:21:31 GMT

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CJ6Z3Pfbt_sCFRKmsgodRHEM2Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BG... Frame 596C 194 B
776 B 94ms
54ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CJ6Z3Pfbt_sCFRKmsgodRHEM2Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6778560302456.34;~oref=https://1wyxza.top/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJ6Z3Pfbt_sCFRKmsgodRHEM2Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6778560302456.34;~oref=https://1wyxza.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 12:21:32 GMT
expires: Fri, 18 Nov 2022 12:21:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CKuj3vfbt_sCFR5BkQUdZ4wFTg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BG... Frame 1ED6 194 B
107 B 94ms
53ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CKuj3vfbt_sCFR5BkQUdZ4wFTg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2441609236496.9487;~oref=https://1wyxza.top/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKuj3vfbt_sCFR5BkQUdZ4wFTg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2441609236496.9487;~oref=https://1wyxza.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 12:21:32 GMT
expires: Fri, 18 Nov 2022 12:21:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CPif3vfbt_sCFUKOsgodRU0PSQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BG... Frame 22D5 194 B
107 B 85ms
52ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CPif3vfbt_sCFUKOsgodRU0PSQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7605696104916.764;~oref=https://1wyxza.top/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPif3vfbt_sCFUKOsgodRU0PSQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7605696104916.764;~oref=https://1wyxza.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 12:21:32 GMT
expires: Fri, 18 Nov 2022 12:21:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

app3.js Show response
widgets-04.livetex.ru/js/
Redirect Chain

https://balancer-cloud.livetex.ru/get-client/?site_id=171207&version=1.2.36&target=path&rnd=4riz4c9osp
https://widgets-04.livetex.ru/js/app3.js

114 KB
115 KB

220ms
70ms

Script
application/javascript

185.39.80.61
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets-04.livetex.ru/js/app3.js

Protocol

Server

185.39.80.61 , Russian Federation, ASN200015 (LIVETEX, RU),

Reverse DNS

Software

Resource Hash

17a207d9c80901869fea50c14c9605766a1c0ae57965018641dcb8ceb23c6d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: "6368d609-1c873"
access-control-max-age: 1728000
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 116851

Redirect headers

pragma: no-cache
date: Fri, 18 Nov 2022 12:21:33 GMT
server: nginx
location: //widgets-04.livetex.ru/js/app3.js
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
access-control-allow-credentials: true
content-length: 0
expires: Fri, 18 Nov 2022 12:21:32 GMT

GET
H2 200 500_i18_bg.8afee640-1508.webp
cdn-1win.xyz/img/ 217 KB
217 KB 36ms
35ms Image
image/webp 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/500_i18_bg.8afee640-1508.webp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00e2e1541bb08118217bf1922a0905076d690ca0a1fd0f3b509e9fea1f09d8e1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Nov 2022 10:09:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4453
etag: "637759e4-3625e"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TWlwpXbYl7uaPUWsbkvlGP4Rwzh15Ee6VANfMbmBkmb3qnhp%2FcUP10zKsbQe8SBALqWtpZyPsVRFCzC7d93%2FW1rsML2ADGCDxdkoonIrdDZ7EyZSlVuUf4BVmll%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76c0aaa38ae5bb71-FRA
content-length: 221790

GET
H2 200 500_i18_img.f14567b3-1508.webp
cdn-1win.xyz/img/ 40 KB
41 KB 41ms
41ms Image
image/webp 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/500_i18_img.f14567b3-1508.webp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4be0ff9f83b7247ab6abec81cba9dff75dcda7fc9d9a121dfab968cb994506f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Nov 2022 10:09:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4453
etag: "637759e4-a124"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSuAv7d7E9jmV386iCyzuBTHwTSIuUCQHJlebyajUAvu94eiDa3VyQkMdjn%2FAPgRNXVTlaIlNAWsdVz0seby0C%2Bn%2BMT8orbhjheB213B6KweuxasYzt8jGMpPmrh5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76c0aaa38ae6bb71-FRA
content-length: 41252

GET
H2 200 icons_football.2e809939.svg
cdn-1win.xyz/img/ 815 B
827 B 54ms
23ms Image
image/svg+xml 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1win.xyz/img/icons_football.2e809939.svg
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/5616.c1491995.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4733308fe48b77777df8c5a28a4046f4df83b02a0d8b5dd3ff676807c55eacd4

Request headers

Referer: https://cdn-1win.xyz/css/5616.c1491995.css
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Nov 2022 12:24:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 912889
etag: W/"6368f90e-32f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUj3KriV0hT361od8W%2F5MvKOQTzw%2BTVth61CeFTLcZdE6OWlKzzjtBlSL5ioH6Z1BHHyzlXI3zle%2BeFesPpNrwQbLxei7BO5QGdSb1G1KfE2dzebcjf4RyUVJtB6qA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 76c0aaa4da929a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icons_basketball.aaa47453.svg
cdn-1win.xyz/img/ 963 B
837 B 56ms
24ms Image
image/svg+xml 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1win.xyz/img/icons_basketball.aaa47453.svg
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/5616.c1491995.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5e637db6249229d09cce020b7ae1c1ecb603d01298117e6bc466bc9b2dd4a3

Request headers

Referer: https://cdn-1win.xyz/css/5616.c1491995.css
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Nov 2022 12:24:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 912889
etag: W/"6368f90e-3c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ZGB%2BzPF63HDOiBAugM2r4u3YtjyfEIPXdQUoA%2Bb7jGidAQ9Ylrr94dZv9wpRF2CGKc3zDs6anfe25CAKH6Sfnmsm%2Bg5YDf6lCDXoSh%2BrpRp%2F66wzn7bKBeuSExB8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 76c0aaa4da969a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icons_hockey.0d49138d.svg
cdn-1win.xyz/img/ 1021 B
904 B 59ms
28ms Image
image/svg+xml 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1win.xyz/img/icons_hockey.0d49138d.svg
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/5616.c1491995.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b196341ebbeb333db150ae1fa2e38909588928812f98c5357bc95d435a285d9d

Request headers

Referer: https://cdn-1win.xyz/css/5616.c1491995.css
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 15:53:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1168536
etag: W/"6363e404-3fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Vek%2F3QIFpbR%2Bmm7tXqgoK2DVpo9ToGSXift6FcM9VDGtMUfKOr8TjhlfJL1ZJkI0tFT1nmh%2B65xpGTlUalltwDMX6AEoQ971c9ch8o44%2FfJVqxZK4qEpuYZU8TMew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 76c0aaa4da989a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icons_tennis.4b25aa6e.svg
cdn-1win.xyz/img/ 2 KB
1 KB 58ms
29ms Image
image/svg+xml 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1win.xyz/img/icons_tennis.4b25aa6e.svg
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/5616.c1491995.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b39fa2ac38915cbbb1e2d91eb56cca6a9789056b6a6addd2fe65e35057d56e39

Request headers

Referer: https://cdn-1win.xyz/css/5616.c1491995.css
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 15:53:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1066343
etag: W/"6363e404-6b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7jeFAjzWJrxsPgTFc2ua5LA7mdn4t7uzzeU4aex3ruSwFCrtRYmB2IDh3MU8N785ihgGSZfjwJ4VoDbsptEtLM8%2F2KoGdn0AT1cV8GgAjlvdISfOVRbiKC%2F59504Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 76c0aaa4da9b9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icons_criket.e18d0c2a.svg
cdn-1win.xyz/img/ 1 KB
953 B 62ms
33ms Image
image/svg+xml 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1win.xyz/img/icons_criket.e18d0c2a.svg
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/5616.c1491995.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2e9901325f19577d6ed6f2ddcbc38c3522b3e1dc9ee2fcbc133475602986357

Request headers

Referer: https://cdn-1win.xyz/css/5616.c1491995.css
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 15:53:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1168535
etag: W/"6363e404-44d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cCWfx9FFpWwYV7chMkf%2FvigUfHWq76JsAGIAueY2swUwYwj%2BeTelgSS17eXGD9b5zm2qbqfhaNf8OIYzKW8o%2Bwr%2FRxgEbUWRUEEZ7M7EstILksQwUfsiiffkFqqyHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 76c0aaa4da9e9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icons_gandball.a82d6ed8.svg
cdn-1win.xyz/img/ 881 B
850 B 67ms
39ms Image
image/svg+xml 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1win.xyz/img/icons_gandball.a82d6ed8.svg
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/5616.c1491995.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 594f8d2ac0e06f158af8554ccdd7d841a90eb15cbbcfbdab4068d443786d8182

Request headers

Referer: https://cdn-1win.xyz/css/5616.c1491995.css
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Nov 2022 09:43:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 868156
etag: W/"636a24b7-371"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdBQaDt2MMi70HZSizavR7MdXZ4tvyITA09KCRFKIP54nYCFNCLlv%2BYjpCXThr31Ud%2FQSRf3v0OZ%2FG40Tj7Crwazp8UAh%2FDqgU%2FEOYIMf73d3tR%2FeM6uGEr7KU9cdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 76c0aaa4da9f9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icons_voleball_pesok.c3ba8fc5.svg
cdn-1win.xyz/img/ 2 KB
1 KB 66ms
38ms Image
image/svg+xml 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1win.xyz/img/icons_voleball_pesok.c3ba8fc5.svg
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/5616.c1491995.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77a28d50f65f8140ad2826e1f29ff0574220d575e6f179e71aa86f1b431b6fa5

Request headers

Referer: https://cdn-1win.xyz/css/5616.c1491995.css
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 15:53:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1168535
etag: W/"6363e404-664"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNKkcbuqV%2BcmDEHj6xqAXHQ%2BHGUBnaUnpvuXHBzTi5wnYzwsX1wGWk4an8HHAbNHDjxkNvmXl5LFDRIhUI%2Bjuk%2FvS117QTbHJQyruCRq%2BH2v57octHPXnQweH4brlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 76c0aaa4daab9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 998335e8f7dbc80e13099ab24624d3ea34f672e0.svg
cdn-1win.xyz/icons/ 7 KB
4 KB 80ms
52ms Image
image/svg+xml 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/icons/998335e8f7dbc80e13099ab24624d3ea34f672e0.svg

Requested by

Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/5616.c1491995.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

179139fd7b277af62a331519bc64d63e220a5611c726d0e45400e72daad9913d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn-1win.xyz/css/5616.c1491995.css
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
content-security-policy: block-all-mixed-content
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1724866B54F279E5
age: 5101
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Apr 2021 11:51:24 GMT
server: cloudflare
etag: W/"c3b2816ad8e2e562bbe69e47be1f5927"
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: image/svg+xml
access-control-allow-origin: https://1wyxza.top
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZDZCHa0aU%2BOy0K1jDly%2FQuAMwC4L5mEM21inTpyva%2FxAUquCGcGdYx2QuT4oTMndlYwpcYS01U0dpCNokCeQtD2D2Z7GM53AbzlpDkuJCfx7ImxpFYb6JfgBnKEjg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 76c0aaa4daae9a3f-FRA

GET
H2 200 2ee00755975ea0c15ca9230fba05449e9c28a7f2.svg
cdn-1win.xyz/icons/ 6 KB
3 KB 60ms
32ms Image
image/svg+xml 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/icons/2ee00755975ea0c15ca9230fba05449e9c28a7f2.svg

Requested by

Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/5616.c1491995.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68de2793ef35e08b1cd932399b59091c663000f9924cbaf922b23871747d96ff

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn-1win.xyz/css/5616.c1491995.css
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
content-security-policy: block-all-mixed-content
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17284DB491180D86
age: 4192
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Apr 2021 11:54:29 GMT
server: cloudflare
etag: W/"18eeb3353668ebfa079f489ccc601e65"
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: image/svg+xml
access-control-allow-origin: https://1wyxza.top
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EjsDg8pAHNjinJEiVhgSxGO3x6VHX7oiCFQ4c5PScLd%2FgLpxM7KPFpHtizoVNBBJ1Yd%2Bp3LaEEah8hCZlPRvWuu0XiXwdYGub%2FQGpO7%2FUJUM4rCS%2FQOGXLiGoqx9w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 76c0aaa4daaf9a3f-FRA

GET
H2 200 icons_darts.143c6b32.svg
cdn-1win.xyz/img/ 1 KB
1 KB 84ms
57ms Image
image/svg+xml 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1win.xyz/img/icons_darts.143c6b32.svg
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/5616.c1491995.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: becd693f606eca58fe7423fd1c5b8613179b9f4387a7d8b8b255b4c4a80e3122

Request headers

Referer: https://cdn-1win.xyz/css/5616.c1491995.css
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2022 15:55:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 581673
etag: W/"636e7059-4f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnmRV84nkgcwJS1skz%2BKZ7IvUS6JpcZL%2FygQBt291fzoOiUC70nCMkHqe%2F6fLdhwqQauu9l517g4fAGILn6RQhpAXg3OfdCrTQL4879eU9Uqt1sUF7e2UnKfik%2FL8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 76c0aaa4dab19a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icons_footzal.52da9664.svg
cdn-1win.xyz/img/ 1 KB
972 B 76ms
54ms Image
image/svg+xml 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1win.xyz/img/icons_footzal.52da9664.svg
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/5616.c1491995.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4028e5732fc328948217ce1dc6d8ec7f64acf9184158cdac3bf97fc8c1b75f0

Request headers

Referer: https://cdn-1win.xyz/css/5616.c1491995.css
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 15:53:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1168535
etag: W/"6363e404-53f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=reTiN%2BHdVO4u5%2F%2FKkhPEqU1YQ5JRaKPu3mGPo2u9LDDL6IPr1bzv2dKS2JJ%2Fiwl%2Fek%2BL2fInTrVuGnwAoRy10mda1dOpy2wI%2BsioWLp9b7YqqNRvmvDZ6Hpqgpfdfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 76c0aaa4fadc9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icons_badminton.947fc776.svg
cdn-1win.xyz/img/ 1 KB
1 KB 75ms
53ms Image
image/svg+xml 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1win.xyz/img/icons_badminton.947fc776.svg
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/5616.c1491995.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8b156f28a3954edb5ca55197935f4f37a7b1454b117ee4938ca411866e9d71d

Request headers

Referer: https://cdn-1win.xyz/css/5616.c1491995.css
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 10:49:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 325542
etag: W/"63721d3d-50a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZWoZYXA9x46mDfd%2BFCv0fD%2BlUPPs%2BPU0yfHI4IhB2Qdcmj6gpqfKAeMTov%2FwDbvZm4oOgGtYwuQ9rct%2FANP%2BBBYsWPiMCAXJRjlobJ9g3mHkuT1aL%2FxCNfzUJWXLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 76c0aaa4fadf9a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c2e1af90ed80b58a581f6992db91305e3bfba73f.svg
cdn-1win.xyz/icons/ 4 KB
3 KB 77ms
55ms Image
image/svg+xml 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/icons/c2e1af90ed80b58a581f6992db91305e3bfba73f.svg

Requested by

Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/5616.c1491995.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bed7b15d1b2f9197eadb0e727764298d269d7e149c0f8e765c12e812ca56cc66

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn-1win.xyz/css/5616.c1491995.css
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
content-security-policy: block-all-mixed-content
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1727AF4DA9BA17FD
age: 4144
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 12:05:45 GMT
server: cloudflare
etag: W/"79f35f317c2192ddfbfaf0e146cd3117"
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: image/svg+xml
access-control-allow-origin: https://1wyxza.top
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GnEZAX8S5F%2F%2F07ccX%2BO8ouJtbNJjmUOnDfizqo81TNaxrLjI%2BpqfEbWOIzHOfdxGtoBW1DDMJ%2BubKkr7XflWFYQ7IgBLhWnGJkKgu1BslUww%2FOr%2F30yOlQhV9R8pw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 76c0aaa4fae09a3f-FRA

GET
H2 200 fc70693a5441512c41e516977f3cf124c2c84765.svg
cdn-1win.xyz/icons/ 2 KB
1 KB 79ms
58ms Image
image/svg+xml 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/icons/fc70693a5441512c41e516977f3cf124c2c84765.svg

Requested by

Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/5616.c1491995.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

959ebae6547b1f59b7a7480fe29bec2aa803f77063ddf0b4657136aa7c0b6e68

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn-1win.xyz/css/5616.c1491995.css
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
content-security-policy: block-all-mixed-content
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 172490F10AC5D201
age: 1301
x-xss-protection: 1; mode=block
last-modified: Mon, 18 Apr 2022 13:20:59 GMT
server: cloudflare
etag: W/"f8fb13e82f625b99b4610e00040f6df4"
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: image/svg+xml
access-control-allow-origin: https://1wyxza.top
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19xhPDmsyZZMzvQNS1Cvjdrf59OAFgojTmyYoS9HG0sRypyCk1Xckihqq5sqM21Ot3YFCCfV1I3wZ6tiw0l9fQZ%2FNvgTGeRWhG6HWB7W2TjEqmWigqrA7s5Cpch2aw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 76c0aaa4fae29a3f-FRA

GET
H2 200 49d42d679ad17491715098f60ad98c5d63a2622c.svg
cdn-1win.xyz/icons/ 2 KB
1 KB 77ms
56ms Image
image/svg+xml 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/icons/49d42d679ad17491715098f60ad98c5d63a2622c.svg

Requested by

Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/5616.c1491995.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d56ce613357eb8533275b2e9645c671086a7992a8646091e89a44c0b44501205

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn-1win.xyz/css/5616.c1491995.css
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
content-security-policy: block-all-mixed-content
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17269C2AFC84B35F
age: 1301
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Apr 2021 12:00:22 GMT
server: cloudflare
etag: W/"8beb3315915d87600bc62c6d7b6d314b"
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: image/svg+xml
access-control-allow-origin: https://1wyxza.top
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FHj6G55fn0onODUsMjEBAS58cUGP1lOCRtZOlQoBzh%2FnVfedMfuj7aKzMsm0b%2FhtjZVtXVUn4jyi26jnYydoll2VuCqQ40DcbQGXWBUAJCeKVHWuZeWlUtEftNGSg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 76c0aaa4fae39a3f-FRA

GET
H2 200 icons_special.31565f03.svg
cdn-1win.xyz/img/ 1019 B
883 B 78ms
59ms Image
image/svg+xml 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1win.xyz/img/icons_special.31565f03.svg
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/5616.c1491995.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 241832d951d7dabf83fa93d246434190fec57670d83deeddc9489b7bade32b1b

Request headers

Referer: https://cdn-1win.xyz/css/5616.c1491995.css
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 15:53:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1156967
etag: W/"6363e404-3fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4Bn2iSteqffOmSRnLc%2BS1eCs0vkxVV275a1dqEYc1TYIytTus1TKO0UHJzXBTlIzmop5t8Ob%2Fz%2B4wL1Jz7ypfFgUW8HemRvkCPwPLUDeCmN2GquiYmZxYSZZicGOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 76c0aaa4fae49a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

HEAD
H2 200 iframe.html
widgets-04.livetex.me/js/ 0
0 129ms
76ms Fetch
text/html 2606:4700:20::ac43:4a03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-04.livetex.me/js/iframe.html
Requested by: Host: balancer-cloud.livetex.ru
URL: https://balancer-cloud.livetex.ru/get-client/?site_id=171207&version=1.2.36&target=path&rnd=4riz4c9osp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FgqPclP5fqUdZEbspScNsY4bpdFXBvpq2Gk46oNNtQcqo7W50FdyZXh0Dd9PAmv8rHXL71u8RxnrCNFcRexl8BBWDAlZpngKQQmvq0Qy5XCWQDRQ2p2NBLF50s95oKqi%2BEjSM5r1ed8OFiiSLa60IBO3w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 76c0aaa74c819972-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 iframe.html Show response
widgets-04.livetex.me/js/ Frame A9FA 2 KB
1 KB 133ms
91ms Document
text/html 2606:4700:20::ac43:4a03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-04.livetex.me/js/iframe.html?host-page-origin=https://1wyxza.top
Requested by: Host: balancer-cloud.livetex.ru
URL: https://balancer-cloud.livetex.ru/get-client/?site_id=171207&version=1.2.36&target=path&rnd=4riz4c9osp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dad30ca2d6a5defd296f718acd748b12e8ac1d29f44903b25f7c54c7470b7313

Request headers

Referer: https://1wyxza.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 76c0aaa80cad8fdc-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 18 Nov 2022 12:21:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBuEVxRsn7h0IWJtTJSgSJGUT64lCV8ToKY4mxxsRXw29f0xdUKspRdF3N9R8zoiMvnbtgyBh5lhjtYRqGwfIvyyYcVzcuG7PTwlf7OFE9CD%2Bfi8KW%2BFs9QMcu3M41wvLS6ZXOy6tVE%2BhLEnPq1dDeteNw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 ui.7.1.1223.js Show response
widgets-04.livetex.me/js/ 1 MB
262 KB 89ms
46ms Script
application/javascript 2606:4700:20::ac43:4a03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-04.livetex.me/js/ui.7.1.1223.js
Requested by: Host: balancer-cloud.livetex.ru
URL: https://balancer-cloud.livetex.ru/get-client/?site_id=171207&version=1.2.36&target=path&rnd=4riz4c9osp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abbd9e045173f339f4fb8aa5b3c3427dfa0661105ae808e4b1d27c35439cf290

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4025
cf-polished: origSize=1159765
cf-bgj: minify
last-modified: Mon, 07 Nov 2022 09:55:08 GMT
server: cloudflare
etag: W/"6368d5fc-11b255"
access-control-max-age: 1728000
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2U%2FdA68I7grFfL1nmH47Z0OpFwsLMkNv5waQbomDZxIAiy9DfTZDQyzY%2BkjgwoEmXzzeeCOmqM%2Fnt5bN9QHnIipwkATIrpzyBafB%2FF4vaFO2jHuK921v9%2F9FpH0HVHW8txmyOmI8IQp1E8%2FdqYBenC2nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 76c0aaa80cb18fdc-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 / Show response
balancer-04.livetex.ru/services/ 510 B
763 B 161ms
70ms Fetch
text/plain 185.39.80.61
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL

https://balancer-04.livetex.ru/services/?site_id=171207&ids=widgets-api-service2-app.thrift-http,widgets-api-service2-app.http&client=widget&version=7.1.1223

Requested by

Host: balancer-cloud.livetex.ru
URL: https://balancer-cloud.livetex.ru/get-client/?site_id=171207&version=1.2.36&target=path&rnd=4riz4c9osp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.39.80.61 , Russian Federation, ASN200015 (LIVETEX, RU),

Reverse DNS

Software

Resource Hash

0f009adee148b2bcd756d4332898e660fa25c5ebb442bac4bee2c450dec94cdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://1wyxza.top
cache-control: no-cache, public
access-control-allow-credentials: true
content-length: 510
expires: Fri, 18 Nov 2022 12:21:33 GMT

GET
H2 200 icons_box.68228b09.svg
cdn-1win.xyz/img/ 1019 B
924 B 24ms
23ms Image
image/svg+xml 104.26.10.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1win.xyz/img/icons_box.68228b09.svg
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/5616.c1491995.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.26.10.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8b40947589d3313945a70df59926446d8a1e750ebbe2d057b445ee8a8474e29

Request headers

Referer: https://cdn-1win.xyz/css/5616.c1491995.css
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Nov 2022 09:43:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 873456
etag: W/"636a24b7-3fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xTQu7sOJcI8e9ppAgtkwubBMtIaGW80QRrzN24oJachEdVBtmgGj5Byswd4WVHxMgDoEgFFOdjIGrge1CLMUyOiJRTcya7sUWCDrY%2FT%2B6u41a%2BCfYXJfEMGquEXGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 76c0aaa95d299a3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendor.b4481d.js Show response
widgets-04.livetex.me/js/ Frame A9FA 467 KB
79 KB 35ms
35ms Script
application/javascript 2606:4700:20::ac43:4a03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-04.livetex.me/js/vendor.b4481d.js
Requested by: Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/iframe.html?host-page-origin=https://1wyxza.top
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c02737c1f46fd97a5042fc8e4f9b7d5992a9548cad4d27a8a45c078d181c0a8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets-04.livetex.me/js/iframe.html?host-page-origin=https://1wyxza.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59426
cf-bgj: minify
server: cloudflare
etag: W/"6368d62d-74c44"
access-control-max-age: 1728000
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8yhytA5xDSDEDi6K%2F9Ro9UqCukWliAUvu2Xlfqor8LUAe3RUMH8EmQa4CNK%2BJEcJSu8o%2F%2FuNfTquXp5%2BoQR7oZIMkYZH2KtDnit4B4NZhYYNY8uwc2jKlVh5r104tYHndvvkcie2GbLyP8kttYG6vyMEw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 76c0aaaae9868fdc-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 services.1cb56e.js Show response
widgets-04.livetex.me/js/ Frame A9FA 352 KB
75 KB 32ms
32ms Script
application/javascript 2606:4700:20::ac43:4a03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-04.livetex.me/js/services.1cb56e.js
Requested by: Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/iframe.html?host-page-origin=https://1wyxza.top
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 464e9858722d810339ac771b7808a68f853545e5ed416eb9653fc5761ea46f8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets-04.livetex.me/js/iframe.html?host-page-origin=https://1wyxza.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 352514
cf-bgj: minify
server: cloudflare
etag: W/"6368d62d-57e7a"
access-control-max-age: 1728000
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzrWrK9dg6bo49UAQ2OvZ%2BXDAkqfQFm3e%2F9jDlRpJ%2Fj6nRXOmPe0rycLN%2BWY44FdbunV%2B27X7kf0gR2kZyRjQckHjx3yazor458Xy%2FA0W1dWON1%2FnQJ0nzk1GlNKuEBUh8hzzzbTrLsY%2BQ1VVzLWMGd06g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 76c0aaaae9898fdc-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 171207.js Show response
widgets-04.livetex.me/js/settings/v3/ Frame A9FA 25 KB
6 KB 87ms
86ms Fetch
application/json 2606:4700:20::ac43:4a03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-04.livetex.me/js/settings/v3/171207.js
Requested by: Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/services.1cb56e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7819858e3c6a58930cd4379199d30f741fa3c229ecaa045e517d91519cc91614

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets-04.livetex.me/js/iframe.html?host-page-origin=https://1wyxza.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Fri, 18 Nov 2022 12:21:34 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uD1XRXPoJkeOzMvJqUzwPycKKhlvWlkXfcDuSbgL3XhOeZQKBN7Rlxtfwb1Jh0NRBfVvfaaV9sftd1CJ2dzEoJFE70lBzOLjxf9ul0X77%2FEkrODDNyS75tRU%2FLr2If%2Bk3EVBxJe40WpR7qrpkPWvfL9s%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public,max-age=0,s-maxage=7200
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 76c0aaabfb998fdc-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 171207.css Show response
widgets-04.livetex.me/css/widgets/ 268 KB
33 KB 3769ms
3769ms XHR
text/css 2606:4700:20::ac43:4a03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-04.livetex.me/css/widgets/171207.css
Requested by: Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/ui.7.1.1223.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd8ec8b853a75c69ba51794c3cd95d289c68c5936f9dc6b227c6716195518c73

Request headers

Referer: https://1wyxza.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Nov 2022 12:21:38 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Thu, 17 Nov 2022 23:33:26 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0OlArwOjBlHtvt02UDcPJbMNf5twwU5f0m6q1a3v6%2BC60BMHqB9TKM%2FlmvxXFKUkRI8%2BBxVdJVnlLtmQ7SzvvWXYJmsQNhSugEUp2hzRk1vEgGdAvl0tv5f1RH18WeRzV4Cv1PxaeNjn8uBf%2BOn9Yrgxg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public,max-age=0,s-maxage=7200
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 76c0aaaecca29972-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 / Show response
balancer-04.livetex.ru/get-server/ Frame A9FA 137 B
383 B 69ms
68ms Script
text/plain 185.39.80.61
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL

https://balancer-04.livetex.ru/get-server/?site_id=171207&__fallback__&=&_m=GET&_c=njr_1_callback&_t=jsonp&_rnd=bsnpwvwdcma&_h[lt-origin]=account%3A281894%3Asite%3A171207

Requested by

Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/vendor.b4481d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.39.80.61 , Russian Federation, ASN200015 (LIVETEX, RU),

Reverse DNS

Software

Resource Hash

e81aa6eb54b89331eb89cf7ce24c8da033990ac2b5764f67738192d0937dbdac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets-04.livetex.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: text/plain; charset=UTF-8
date: Fri, 18 Nov 2022 12:21:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-cache, public
access-control-allow-credentials: true
content-length: 137
expires: Fri, 18 Nov 2022 12:21:38 GMT

GET
H2 200 auth Show response
io2-ls-04.livetex.ru/visitor/ Frame A9FA 542 B
902 B 139ms
84ms Script
text/javascript 185.39.80.61
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL

https://io2-ls-04.livetex.ru/visitor/auth?__fallback__&=&_m=POST&_c=njr_2_callback&_t=jsonp&_=%7B%22is_mobile%22%3Afalse%7D&_rnd=fqew8iaeq5i&_h[lt-origin]=account%3A281894%3Asite%3A171207

Requested by

Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/vendor.b4481d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.39.80.61 , Russian Federation, ASN200015 (LIVETEX, RU),

Reverse DNS

Software

Resource Hash

042a0cf88794dc088cebd1bbea46b99b1d0888bb2ae8f543f00b5c7b224bbae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets-04.livetex.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Fri, 18 Nov 2022 12:21:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
content-length: 542
expires: Fri, 18 Nov 2022 12:21:38 GMT

GET
H2 200 / Show response
balancer-04.livetex.ru/services/ Frame A9FA 784 B
1 KB 70ms
69ms XHR
text/plain 185.39.80.61
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL

https://balancer-04.livetex.ru/services/?account_id=281894&ids=visitor-notification-delivery-service-app.thrift-http&client=widget&version=7.1.1223&0.12347656654732675

Requested by

Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/vendor.b4481d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.39.80.61 , Russian Federation, ASN200015 (LIVETEX, RU),

Reverse DNS

Software

Resource Hash

a56aa87a50f3a363a1399279cde29f6228283d38fbac94df375f69a5675282c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets-04.livetex.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://widgets-04.livetex.me
cache-control: no-cache, public
access-control-allow-credentials: true
content-length: 784
expires: Fri, 18 Nov 2022 12:21:38 GMT

POST
H2 200 WidgetsAPIServiceTag Show response
wapi-04.livetex.ru/ Frame A9FA 41 B
283 B 85ms
78ms XHR
text/plain 185.39.80.61
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL

https://wapi-04.livetex.ru/WidgetsAPIServiceTag

Requested by

Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/vendor.b4481d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.39.80.61 , Russian Federation, ASN200015 (LIVETEX, RU),

Reverse DNS

Software

Resource Hash

df8b813734ebb9a36cbb442c5dbdd8cba10b6b8a6a6be7318e53765e2cbfd937

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widgets-04.livetex.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://widgets-04.livetex.me
date: Fri, 18 Nov 2022 12:21:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 41
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8

GET
H2 200 1668774099366 Show response
io2-ls-04.livetex.ru/poll/0/ Frame A9FA 102 B
354 B 70ms
70ms Script
text/javascript 185.39.80.61
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL

https://io2-ls-04.livetex.ru/poll/0/1668774099366?__fallback__&=&_m=GET&_c=njr_4_callback&_t=jsonp&_rnd=qvuulxf3i2h&_h[lt-origin]=account%3A281894%3Asite%3A171207&_h[x-hold-timeout]=20000&_h[x-destroy-timeout]=40000&_h[cookie]=o8ptiv%3Dio%3Aio-1-kube-livetex-ru%3Asession%3A2bq4t85ydxq5lm5wnx9a4i

Requested by

Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/vendor.b4481d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.39.80.61 , Russian Federation, ASN200015 (LIVETEX, RU),

Reverse DNS

Software

Resource Hash

ca808c9d1a1f337bae5ea92d66079e59e28ded6eb0a4d0863c937443d2fff4ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets-04.livetex.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Fri, 18 Nov 2022 12:21:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
content-length: 102
expires: Fri, 18 Nov 2022 12:21:38 GMT

POST
H2 200 WidgetsAPIServiceTag Show response
wapi-04.livetex.ru/ Frame A9FA 78 B
320 B 72ms
71ms XHR
text/plain 185.39.80.61
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL

https://wapi-04.livetex.ru/WidgetsAPIServiceTag

Requested by

Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/vendor.b4481d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.39.80.61 , Russian Federation, ASN200015 (LIVETEX, RU),

Reverse DNS

Software

Resource Hash

6bf7959a9b77d03809ee21c84c89119a6167ac3bd095bc5af50c2c66b3d2e0ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widgets-04.livetex.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://widgets-04.livetex.me
date: Fri, 18 Nov 2022 12:21:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 78
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8

GET 1668774099446
io2-ls-04.livetex.ru/poll/2ix0o9/ Frame A9FA 0
0

GET
H2 200 add-page Show response
io2-ls-04.livetex.ru/site/ Frame A9FA 261 B
513 B 117ms
117ms Script
text/javascript 185.39.80.61
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL

https://io2-ls-04.livetex.ru/site/add-page?__fallback__&=&_m=POST&_c=njr_5_callback&_t=jsonp&_=%7B%22page%22%3A%7B%22account%3A281894%3Asite%3A171207%3Apage%3Ayav2lhlu27m%22%3A%7B%22seo_referrer%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22page_title%22%3A%22MXdpbg%3D%3D%22%2C%22page_url%22%3A%22aHR0cHM6Ly8xd3l4emEudG9wL2JldHMvaG9tZQ%3D%3D%22%7D%7D%7D&_rnd=hrdditzopoe&_h[lt-origin]=account%3A281894%3Asite%3A171207&_h[cookie]=o8ptiv%3Dio%3Aio-1-kube-livetex-ru%3Asession%3A2bq4t85ydxq5lm5wnx9a4i

Requested by

Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/vendor.b4481d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.39.80.61 , Russian Federation, ASN200015 (LIVETEX, RU),

Reverse DNS

Software

Resource Hash

4b558834c4e06d396c418039258ce8ef7fdf11d4090553b9ca4f62415c5f96a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets-04.livetex.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Fri, 18 Nov 2022 12:21:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
content-length: 261
expires: Fri, 18 Nov 2022 12:21:38 GMT

POST
H2 200 WidgetsAPIServiceTag Show response
wapi-04.livetex.ru/ Frame A9FA 45 B
287 B 72ms
71ms XHR
text/plain 185.39.80.61
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL

https://wapi-04.livetex.ru/WidgetsAPIServiceTag

Requested by

Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/vendor.b4481d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.39.80.61 , Russian Federation, ASN200015 (LIVETEX, RU),

Reverse DNS

Software

Resource Hash

ea7762b92554ce0545a4846053f5d9213ba4ca8c3ea2b08b1b21ab3707b87069

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widgets-04.livetex.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://widgets-04.livetex.me
date: Fri, 18 Nov 2022 12:21:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 45
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8

GET
H2 200 footer_bg.png
widgets-04.livetex.me/images/ 547 B
967 B 39ms
38ms Image
image/png 2606:4700:20::ac43:4a03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets-04.livetex.me/images/footer_bg.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2a1b8d81d0c8cb8f69b1ce1f3ad8ee2a795f5d9befa267b9fd54892c76c91b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58380
content-length: 547
last-modified: Mon, 07 Nov 2022 09:52:17 GMT
server: cloudflare
etag: "6368d551-223"
access-control-max-age: 1728000
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejD%2BjwTq%2BSI51snwzHOYmRailt8PKFNIrw%2BGLGUAMqdxkBi%2F1d3mHo78OsySGAOfsGSoCd4ALmThQ%2BrLNh13JY4%2FEOPLKcdH3U5N1c5EnC%2B6yGkCYfwnSn2Y0kVgAwNxPzvEymdSeH2bSrn1Fk%2F1%2FytK4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 76c0aacaaf668fdc-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 18 Nov 2022 20:04:46 GMT

GET
H2 200 icons.ttf
widgets-04.livetex.me/fonts/ 7 KB
7 KB 32ms
32ms Font
application/octet-stream 2606:4700:20::ac43:4a03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-04.livetex.me/fonts/icons.ttf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d4050ea709bb28a0f3a6b01528958bdb8e9375aa2fdcc3e111821531125a7fb

Request headers

Referer: https://1wyxza.top/
Origin: https://1wyxza.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 85102
content-length: 7156
last-modified: Mon, 07 Nov 2022 09:52:17 GMT
server: cloudflare
etag: "6368d551-1bf4"
access-control-max-age: 1728000
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hb1nf9YU%2BQGPDDPEHRf%2FF%2BYZT9KRZTt9S3MAOatChkJqCj9Vp6o5IfNUi00waGPDnrEmj0ASCcVcD4RjX%2FGmWZUrmNAXWjGQf83XTsBm9dXqSeaIdV%2FHaeJfMny8fqZ1%2BGwsdRuXVHyk5%2B2U4bhPT6EQaA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 76c0aacaa9159972-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sat, 19 Nov 2022 06:21:36 GMT

GET
H2 200 preloader.gif
widgets-04.livetex.me/images/ 4 KB
4 KB 27ms
26ms Image
image/gif 2606:4700:20::ac43:4a03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets-04.livetex.me/images/preloader.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67efea367418257aaa5cd14e446ef9b6d48231fef881ac1a5b9f39732911e918

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1wyxza.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:21:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58380
content-length: 3960
last-modified: Mon, 07 Nov 2022 09:52:17 GMT
server: cloudflare
etag: "6368d551-f78"
access-control-max-age: 1728000
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piKNJIRGkQ2BcbCwEFUL5hS%2F8FF5JNxL6jBO0HFRSj3K5a0NqJVjONC9V3azn2nuCavbQNhzYWTALrvrupVbpm3GOipqslpqGHMNsUfBAEkUmMEi9URL7Dly3OUAJWqTUwLSfE4wiPHcoNSYsua%2Bz9hctg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 76c0aacafffb8fdc-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 18 Nov 2022 20:08:39 GMT

GET
DATA 200
OK truncated
/ 855 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4b0814ddb7d026f97299e4455c0016622ae4ee9efaa4d8c5640643265de9417

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 882 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0316eaf7f780bba871772a47fc0df43a1a06d30901532d1cc4a1dd14c7c70027

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: io2-ls-04.livetex.ru
URL: https://io2-ls-04.livetex.ru/poll/2ix0o9/1668774099446?__fallback__&=&_m=GET&_c=njr_4_callback&_t=jsonp&_rnd=qtltc72kli&_h[lt-origin]=account%3A281894%3Asite%3A171207&_h[cookie]=o8ptiv%3Dio%3Aio-1-kube-livetex-ru%3Asession%3A2bq4t85ydxq5lm5wnx9a4i

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1wyxza.top/	1970-01-20 08:17:32	Name: visit_domain Value: 1wyxza.top
1wyxza.top/	1969-12-31 23:59:59	Name: core-sticky Value: http://10.233.94.3:80
1wyxza.top/	1970-01-20 16:18:30	Name: 1w_lang Value: de
.doubleclick.net/	1970-01-20 07:32:54	Name: test_cookie Value: CheckForPermission
1wyxza.top/	1969-12-31 23:59:59	Name: 1w_locale Value: 26
.1wyxza.top/	1970-01-20 16:18:30	Name: amp_494ccc Value: sAgrX0gIHIrfkfYkRpti2x...1gi5avnnb.1gi5avnnb.0.0.0
.1wyxza.top/	1970-01-20 17:08:54	Name: _ga_548949LWLW Value: GS1.1.1668774092.1.0.1668774092.0.0.0
.1wyxza.top/	1970-01-20 17:08:54	Name: _ga Value: GA1.1.1981559977.1668774093
.1wyxza.top/	1970-01-20 16:18:30	Name: _hjSessionUser_2606090 Value: eyJpZCI6ImZjODk2Y2M5LWVkYTctNWNlMS1iODI5LTk0OWQ1Y2I5ZjdhOCIsImNyZWF0ZWQiOjE2Njg3NzQwOTI1NDYsImV4aXN0aW5nIjpmYWxzZX0=
.1wyxza.top/	1970-01-20 07:32:55	Name: _hjFirstSeen Value: 1
1wyxza.top/	1970-01-20 07:32:54	Name: _hjIncludedInSessionSample Value: 0
.1wyxza.top/	1970-01-20 07:32:55	Name: _hjSession_2606090 Value: eyJpZCI6ImUwNmVkNDIwLTYxMTYtNDA4Mi04MjZiLTdjYWIyZTAxY2VjNiIsImNyZWF0ZWQiOjE2Njg3NzQwOTI2ODUsImluU2FtcGxlIjpmYWxzZX0=
.1wyxza.top/	1970-01-20 07:32:55	Name: _hjAbsoluteSessionInProgress Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://1wyxza.top/bets/home Message: The resource https://1wyxza.top/js/desktop.6a8015f6.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12572451.fls.doubleclick.net
1watvm.top
1wgreq.top
1wyxza.top
adservice.google.com
adservice.google.de
api.lab.amplitude.com
balancer-04.livetex.ru
balancer-cloud.livetex.ru
cdn-1win.xyz
cdn.amplitude.com
cs15.livetex.ru
io2-ls-04.livetex.ru
proxy.cdn-1win.xyz
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
wapi-04.livetex.ru
widgets-04.livetex.me
widgets-04.livetex.ru
www.googletagmanager.com
io2-ls-04.livetex.ru
104.26.10.233
142.250.185.134
151.101.2.132
18.66.147.116
18.66.97.49
185.39.80.168
185.39.80.61
190.115.19.43
190.115.24.54
2001:4860:4802:32::36
2606:4700:20::ac43:4a03
2a00:1450:4001:800::2008
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82f::2002
52.222.206.118
52.222.236.63
00e2e1541bb08118217bf1922a0905076d690ca0a1fd0f3b509e9fea1f09d8e1
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
0316eaf7f780bba871772a47fc0df43a1a06d30901532d1cc4a1dd14c7c70027
042a0cf88794dc088cebd1bbea46b99b1d0888bb2ae8f543f00b5c7b224bbae9
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06d889fcaea4c7ae0b81ebf379fc774708d17bc76895739d50b84c970876e3ac
0a80e828d38a3bcd538602c347de067809481044d7857046104c5ad4d1d1813f
0f009adee148b2bcd756d4332898e660fa25c5ebb442bac4bee2c450dec94cdf
11628576aa0c8af216a2a18bd48baef78a9dff831ac706699313abbbcfbd0506
14f74d78521106b7b8b9f94f9e481ad37bfcedacf17572545f8a0f51375b248d
179139fd7b277af62a331519bc64d63e220a5611c726d0e45400e72daad9913d
17a207d9c80901869fea50c14c9605766a1c0ae57965018641dcb8ceb23c6d8d
17d8d329c9991b89a3b41657dde1e576914ce20f0d225bff1568547bf982362f
1fa82e973cd370596fed3d7647743fd6f5108792fdc816237a4530b600129e47
20f61cb9a11d4647d1e49d431fc8925cc9557545fed06f7053bf6e777ee90013
2282a044c854fd9315c840f7f42ff4a59882df629fd209586fb279b5fc8140df
241832d951d7dabf83fa93d246434190fec57670d83deeddc9489b7bade32b1b
270fd7ec5b3a45c223ebd2f7740a48447e8d190b0ae2487cf6c4ddfc94cea1b6
2cea561cb5c9466e4bd8b00f9627f0d0d259a110e06017d4be6e50ad9e8889f0
2e44c413f3fb6d1e82f3966b1b949d10c10b2f024213abad02ce04e7b60d83e3
30c2e3ed129c83494eeaab5b60a520f6efcd483e9ff61d79a1aae50b50482e49
33eabca71ddc39e3af57122c1863667936cf90526ed42a3c3f4fb34b6c44528c
362a8c010b8dfad12a948325c5537fd046c32168e7a78de0ae6733eb5ebd4978
364d31ef9b27918df7b80aa6e01cb9d7a95dbd8f70064b1a066a60fd5aa5ba9f
3af748a497a13fe03834a1e78c1c3f780b2afafdc1fc6170963a24c4b67ba148
3cb3180ed77e3dba3b84b431ffe6405605aad7d75fddcc68adda163bf8551351
3d2c759213949af96fbdcd756a5146f64a9acadf9625bd7a9feb04bb4517b4f9
40dcfacb3f2c4c73ed10f113bd8cbb638c560d2381d2ea0f5e4d4a8f511de1a4
414a74315c51d21e972ef3b093212bc83c1fdd92f736789357bffcdafc8e9793
420dca426d98adeab96e8d2b0a03fadd76531edcd80b2fca143044de28d04fc6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45e7bafe88284b6f3aaac133d38c9db59f67d46ae27cab5a299b5b7c704eaa9d
464e9858722d810339ac771b7808a68f853545e5ed416eb9653fc5761ea46f8d
4733308fe48b77777df8c5a28a4046f4df83b02a0d8b5dd3ff676807c55eacd4
49073903870a8bb345c24e632270bc480dde66725f0af85c66df5cb7269c4214
4b558834c4e06d396c418039258ce8ef7fdf11d4090553b9ca4f62415c5f96a1
57f273fd55196ec4f9a4ecd54a2061e125ec56346a14d0f35eadab261b3784e1
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
594f8d2ac0e06f158af8554ccdd7d841a90eb15cbbcfbdab4068d443786d8182
5b29e3705bc6353b031e92cb9b913e985f301778997c871baf003a742ac476a3
67efea367418257aaa5cd14e446ef9b6d48231fef881ac1a5b9f39732911e918
68de2793ef35e08b1cd932399b59091c663000f9924cbaf922b23871747d96ff
6bf7959a9b77d03809ee21c84c89119a6167ac3bd095bc5af50c2c66b3d2e0ff
73db6c5aca6a6439e60eb8f3db722f922c34d39c7be9a491a4e9b4957bf979b7
7521f7698777389511c01af5f8fb436025df6a6c66739336efeaba234824ee02
759315d5ae8c31136d2a7bc803e591554894987559325cdf7e0b5965bec0eaca
767ed8079c0656263c80bb5945e63297e94a50bec143736fe0ef86597c30f497
77a28d50f65f8140ad2826e1f29ff0574220d575e6f179e71aa86f1b431b6fa5
7819858e3c6a58930cd4379199d30f741fa3c229ecaa045e517d91519cc91614
7e7a2297c8371775455adc684445c2a383bcd0cee869777d45aefd8bc08456a6
814e89ded3e1200c7f2e87c9ddb97e39ca3bdd1fa497de728bd2d9f189f1d9af
8273cc691200f1a973a9da1ad2b26f493b446eebf7827d2886525a41103934a6
88135630c7c3e3882763226c85f98b74c5e4c57323374a7f4476c1630f5f56b3
89f8b0747eee17fd3e29d018898ac43b2371f7208520f256a1c6f829131d8199
8fceb90dcfc40087af492f5b59c30590c264efa6fda63eb27edb063e90579932
8fd0b13ce1db838b3e23b8c9b9585e7a593c35edb204b8ee97cff76c82e33dba
912221aeaca6ba4231da5d6a30c99711d12e8060d39ed7d77c9d10237e36ddc2
952fc95c0b994becce7780ba0dfa5f7b8038ca1b56357258bd5bd73dbb2f554c
959ebae6547b1f59b7a7480fe29bec2aa803f77063ddf0b4657136aa7c0b6e68
96c3140721009b7d978d196bd49612ff55347b43d8dab50294ccc5568319e5e2
97253f882b9ad190b64d5df3fe807a4cc134de0d6dc7581c37742f81159d9f97
9d4050ea709bb28a0f3a6b01528958bdb8e9375aa2fdcc3e111821531125a7fb
a0084043f26a51ea743463b4a653e4850cbaae0868832e4471a199f753fc6b27
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4be0ff9f83b7247ab6abec81cba9dff75dcda7fc9d9a121dfab968cb994506f
a56aa87a50f3a363a1399279cde29f6228283d38fbac94df375f69a5675282c5
a7c352d2bf45fef53c5af10af5ffaafacaa3d46b40a3061af39e0ae08cbb8a92
abbd9e045173f339f4fb8aa5b3c3427dfa0661105ae808e4b1d27c35439cf290
abcc01ec7f27663d20ef3186dd63224980fb38ba81a9451d9eccfa597f1dd9d7
ac23f735b8778143749fac8d4aecd41a11f16fb135f628d2006723a97794286c
ac5e637db6249229d09cce020b7ae1c1ecb603d01298117e6bc466bc9b2dd4a3
ada3da6673d59485a386158787756d4d27beae9e38466dbe646d05f406b8d9b6
b07d781cd89db50889bb5f207634763c01f3aa8b26b346cf68548e6ea17add27
b196341ebbeb333db150ae1fa2e38909588928812f98c5357bc95d435a285d9d
b2a5caafafc6106754cf5aafe561b67452393863271c18a6d290b6a78691cd70
b39fa2ac38915cbbb1e2d91eb56cca6a9789056b6a6addd2fe65e35057d56e39
b4028e5732fc328948217ce1dc6d8ec7f64acf9184158cdac3bf97fc8c1b75f0
b4b0814ddb7d026f97299e4455c0016622ae4ee9efaa4d8c5640643265de9417
b644a50878f57a8d0483315c2337cd81fca26d4f63dade2f2a40caa1d1a5bd71
b8b156f28a3954edb5ca55197935f4f37a7b1454b117ee4938ca411866e9d71d
bcffe09106db68228801b93db91f85bc08e633ce50b5a8062536a0e7bf83355b
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bec71a3348203f5513809117926d3b0ab7b7fa9dcd5d256ef07f708f3ade3d82
becd693f606eca58fe7423fd1c5b8613179b9f4387a7d8b8b255b4c4a80e3122
bed7b15d1b2f9197eadb0e727764298d269d7e149c0f8e765c12e812ca56cc66
bf9eb34aeb0c704137a5e59860435b753ed8d2d52c7dcb94af13e5445f8ac09f
c02737c1f46fd97a5042fc8e4f9b7d5992a9548cad4d27a8a45c078d181c0a8e
c27d45b3efa448f6eb1837aaceadf464496e2cf04bf6c6d7cfef3683ebdf8e42
c52bf76d9931bd28ea4fc2055bf9b904f73d7eeced084fae47c2faaffbc6b7ce
c8f3066c0a0180a59f4427b69b14ec11c437f63506f35db345cb3ee9a86a4fa1
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca808c9d1a1f337bae5ea92d66079e59e28ded6eb0a4d0863c937443d2fff4ab
cacca2b863dcb76d949a2e54a420eccf16ded163af4642ae53cf5ac0246cca2e
cb2716d02fca4d1abe93ced14e8e0061832383a662f8908b4c97197c4dc4976c
cb6364edc4b1553377c0095fcca9ad118ba03f1e3d953c30239b8fbd14d75000
cfe18e34eff343a40443b392e24ffc0b0dab851ae22fe835b80e49e11cbe3d50
d3c8becb57367cb7f961fdb2a987d82e0142fd011128532c5e6356f2fb7c8fa6
d56ce613357eb8533275b2e9645c671086a7992a8646091e89a44c0b44501205
dad30ca2d6a5defd296f718acd748b12e8ac1d29f44903b25f7c54c7470b7313
dd8ec8b853a75c69ba51794c3cd95d289c68c5936f9dc6b227c6716195518c73
dec340cc778df957a6321aaadfad6d5169a8f32a639eaf9025124a789eb1ba65
df329cd49293c7ed39390f61c0c08c35b1a7dfb3374d752c48adb7434cc049b3
df8b813734ebb9a36cbb442c5dbdd8cba10b6b8a6a6be7318e53765e2cbfd937
e3545ed802d036fffc6f9d885c6d32b5bb146476a0320f3bba13e0fdd0cbc337
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4aa004783c419a2130bd81f239701ed616769fc87abe0893d8ba053912ee9f7
e50c3321f8cae6f04abd90ed0ade670105ac4c3e6f47fbbad0d6ebef0264fa0c
e6b8bf14b6a15c19d60f1e407e701dc46fe4077e49a8059ad7c69312a77a2d0f
e72ea632f2f5bb38a38dff63fccf53332d462dcd0e425689d687d87ee0aa89e5
e81aa6eb54b89331eb89cf7ce24c8da033990ac2b5764f67738192d0937dbdac
e9f97539e2c079387b34e099020dcaa53819da023cadf3e38a526d588c5d50cc
ea7762b92554ce0545a4846053f5d9213ba4ca8c3ea2b08b1b21ab3707b87069
efab8ecccf9644cc6e9de5c06f4eead79674e6ab6e1dd68760c771039ef12aea
efc95075ce36a9f1abb2c7f51ef75805679f1901669808d4152d9fa3fe57557d
efdc0e9caf5e1b3f650e8ecd022ecd000bb070e1b0cf359eeb228603c325384b
f2a1b8d81d0c8cb8f69b1ce1f3ad8ee2a795f5d9befa267b9fd54892c76c91b5
f2e9901325f19577d6ed6f2ddcbc38c3522b3e1dc9ee2fcbc133475602986357
f47bf8de69f9aca075152594fafc8529150a82b7b8129fa55bb2fc111e53b3aa
f4cbbe402afdbd30767b2b2cd27c3162e21785ed824585793665191c781a294d
f63fdb32d35ffa1703e6908b5e3c0b02837e5997bc53d4df83008e2153a9a1de
f6fe04cc8e91f587fb45ad4a1f2329e9f2d50ef2ec0bf39050fe3e45769ab297
f8b40947589d3313945a70df59926446d8a1e750ebbe2d057b445ee8a8474e29

1wyxza.top Open in urlscan Pro 190.115.19.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

128 Requests

98 %HTTPS

35 %IPv6

13 Domains

22 Subdomains

17 IPs

4 Countries

7226 kBTransfer

16883 kBSize

13 Cookies

11 Outgoing links

Page URL History

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

1wyxza.top Open in urlscan Pro
190.115.19.43 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

98 %
HTTPS

35 %
IPv6

13
Domains

22
Subdomains

17
IPs

4
Countries

7226 kB
Transfer

16883 kB
Size

13
Cookies

128 HTTP transactions
3 data transactions