link1.take-win.online Open in urlscan Pro
185.129.100.43 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://meclick.online/catalog?partner_link=OTU6MTMw&subid=veles
Effective URL:
https://link1.take-win.online/d/lotos/loading.html
Submission: On December 13 via api (December 13th 2019, 2:35:35 am UTC) from US

Summary HTTP 67 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 5 countries across 7 domains to perform 67 HTTP transactions. The main IP is 185.129.100.43, located in Russian Federation and belongs to DDOS-GUARD, RU. The main domain is link1.take-win.online.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 11th 2019. Valid for: 3 months.

This is the only time link1.take-win.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.129.100.37 185.129.100.37	57724 (DDOS-GUARD) (DDOS-GUARD)
2 52	185.129.100.43 185.129.100.43	57724 (DDOS-GUARD) (DDOS-GUARD)
4	23.38.53.224 23.38.53.224	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a02:26f0:6c0... 2a02:26f0:6c00:196::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	185.129.100.38 185.129.100.38	57724 (DDOS-GUARD) (DDOS-GUARD)
6	2a03:90c0:999... 2a03:90c0:9997::9997	199524 (GCORE) (GCORE)
1	54.155.68.125 54.155.68.125	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
67	8

1 185.129.100.37 (Russian Federation) 1 redirects

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net

meclick.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 185.129.100.43 (Russian Federation) 2 redirects

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net

link1.take-win.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.38.53.224 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-53-224.deploy.static.akamaitechnologies.com

webfonts.creativecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:196::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.129.100.38 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net

ib-api.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:90c0:9997::9997 (Germany)

ASN199524 (GCORE, AT)

code.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.68.125 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-155-68-125.eu-west-1.compute.amazonaws.com

node132.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	take-win.online 2 redirects link1.take-win.online	947 KB
7	jivosite.com code.jivosite.com node132.jivosite.com	259 KB
4	creativecloud.com webfonts.creativecloud.com	375 KB
2	ib-api.online ib-api.online	399 B
2	typekit.net p.typekit.net	734 B
2	facebook.net connect.facebook.net	60 KB
1	meclick.online 1 redirects meclick.online	236 B
67	7

	Domain	Requested by
52	link1.take-win.online	2 redirects link1.take-win.online
6	code.jivosite.com	link1.take-win.online code.jivosite.com
4	webfonts.creativecloud.com	link1.take-win.online webfonts.creativecloud.com
2	ib-api.online	link1.take-win.online
2	p.typekit.net	link1.take-win.online
2	connect.facebook.net	link1.take-win.online
1	node132.jivosite.com	code.jivosite.com
1	meclick.online	1 redirects
67	8

This site contains links to these domains. Also see Links.

Domain
www.jivosite.ru

Subject Issuer	Validity	Valid
link1.take-win.online Let's Encrypt Authority X3	`2019-12-11` - `2020-03-10`	3 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-11-06` - `2020-02-04`	3 months	crt.sh
ib-api.online Let's Encrypt Authority X3	`2019-12-02` - `2020-03-01`	3 months	crt.sh
*.jivosite.com Go Daddy Secure Certificate Authority - G2	`2017-04-10` - `2020-06-04`	3 years	crt.sh

This page contains 1 frames:

Primary Page: https://link1.take-win.online/d/lotos/loading.html
Frame ID: 7FB7235BF1459FE0FB02407C99C7D284
Requests: 76 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://meclick.online/catalog?partner_link=OTU6MTMw&subid=veles HTTP 307
https://link1.take-win.online/d/lotos HTTP 301
http://link1.take-win.online/d/lotos/ HTTP 301
https://link1.take-win.online/d/lotos/ Page URL
https://link1.take-win.online/d/lotos/loading.html Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

67
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

8
Subdomains

8
IPs

5
Countries

1992 kB
Transfer

3638 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.jivosite.ru/i_sa/?utm_source=link1.take-win.online&utm_medium=link&utm_content=label_tooltip&utm_campaign=from_widget

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://meclick.online/catalog?partner_link=OTU6MTMw&subid=veles HTTP 307
https://link1.take-win.online/d/lotos HTTP 301
http://link1.take-win.online/d/lotos/ HTTP 301
https://link1.take-win.online/d/lotos/ Page URL
https://link1.take-win.online/d/lotos/loading.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://meclick.online/catalog?partner_link=OTU6MTMw&subid=veles HTTP 307
https://link1.take-win.online/d/lotos HTTP 301
http://link1.take-win.online/d/lotos/ HTTP 301
https://link1.take-win.online/d/lotos/

67 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
link1.take-win.online/d/lotos/
Redirect Chain

https://meclick.online/catalog?partner_link=OTU6MTMw&subid=veles
https://link1.take-win.online/d/lotos
http://link1.take-win.online/d/lotos/
https://link1.take-win.online/d/lotos/

24 KB
8 KB

26ms
25ms

Document
text/html

185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

d44fda742037a89599fdf7f77f9ceb059fffa8c600c94bf7fa281ea952c0a87d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:method: GET
:authority: link1.take-win.online
:scheme: https
:path: /d/lotos/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
cookie: __ddg1=A2A324E72A1D4D428FC8C3AC8444EFBE9C2B81C0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
server: ngjit
content-security-policy: upgrade-insecure-requests;
date: Fri, 13 Dec 2019 02:35:16 GMT
content-type: text/html
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
etag: W/"5de4272d-5f62"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding

Redirect headers

Server: ngjit
Date: Fri, 13 Dec 2019 02:35:16 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://link1.take-win.online/d/lotos/
Content-Type: text/html; charset=utf8
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked

GET
H2 200 site_global.css
link1.take-win.online/d/lotos/css/ 7 KB
2 KB 23ms
22ms Stylesheet
text/css 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/css/site_global.css?crc=4101375428

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

88fe87dc60adeebfc2a7c0037a5f68abfac35a422670717909982c74d34af72f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19653
etag: W/"5de4272d-1dd6"
vary: Accept-Encoding
content-type: text/css
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 index.css
link1.take-win.online/d/lotos/css/ 7 KB
2 KB 23ms
22ms Stylesheet
text/css 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/css/index.css?crc=3809586876

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

3751ba44c64b64a284c0bba5dfc1e55076f623cae5c02a8b7321e980c9ed47a6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19653
etag: W/"5de4272d-1ce1"
vary: Accept-Encoding
content-type: text/css
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H/1.1 200
OK open-sans:n4,n7,n3:all.js Show response
webfonts.creativecloud.com/ 24 KB
9 KB 24ms
7ms Script
text/javascript 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://webfonts.creativecloud.com/open-sans:n4,n7,n3:all.js

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.38.53.224 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-53-224.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

41a856fd66cd63fdbbafcfba775fb913b8706effb7b48a89171d696f586e8bbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
Server: nginx
Date: Fri, 13 Dec 2019 02:35:16 GMT
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 9227

GET
H2 200 sharing-crop-u18806.jpg
link1.take-win.online/d/lotos/images/ 70 KB
71 KB 40ms
39ms Image
image/jpeg 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://link1.take-win.online/d/lotos/images/sharing-crop-u18806.jpg?crc=420110117

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

92f0ae9a6f9c5239f6a98d0f904f680e896f52e39b30b90420d4b8cbe4ad7a62

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19653
etag: "5de4272d-119cf"
content-type: image/jpeg
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 logo.png
link1.take-win.online/d/lotos/images/ 33 KB
33 KB 38ms
37ms Image
image/png 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://link1.take-win.online/d/lotos/images/logo.png?crc=467682677

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

26651d9beac50e81ca7208f7051a9bca216814e8214c93ccb963a25a25cb6be8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19653
etag: "5de4272d-83a1"
content-type: image/png
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 original1748313173-crop-u19118.jpg
link1.take-win.online/d/lotos/images/ 33 KB
33 KB 30ms
29ms Image
image/jpeg 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://link1.take-win.online/d/lotos/images/original1748313173-crop-u19118.jpg?crc=425883077

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

7c0e4025d5f2a316c95580a659fc5c41da5a52ea44dcaebb3f57f2c92fc39c69

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19653
etag: "5de4272d-848e"
content-type: image/jpeg
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 loto-icon.gif
link1.take-win.online/d/lotos/images/ 224 KB
224 KB 30ms
30ms Image
image/gif 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://link1.take-win.online/d/lotos/images/loto-icon.gif?crc=530114744

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

7e3941fb0ec3e1cba847c9dc98997bb1dbdbeb556231d72dd91a22b00b5370ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19653
etag: "5de4272d-37eb4"
content-type: image/gif
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 gosloto-crop-u18810.jpg
link1.take-win.online/d/lotos/images/ 4 KB
4 KB 29ms
29ms Image
image/jpeg 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://link1.take-win.online/d/lotos/images/gosloto-crop-u18810.jpg?crc=3821325020

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

1db927f39129c9fb9038d16827daf8c50390384639466f1b9a78d9d7b38a707f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19653
etag: "5de4272d-1123"
content-type: image/jpeg
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 262037-u17584-fr.png
link1.take-win.online/d/lotos/images/ 395 B
462 B 29ms
29ms Image
image/png 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://link1.take-win.online/d/lotos/images/262037-u17584-fr.png?crc=4210439966

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

afcaecfadec98772e5c3614a7244deed0cb7f9856c0624e6ac305f8597916aeb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19653
etag: "18b-598aa96d27cc5"
content-type: image/png
status: 200
x-accel-version: 0.01
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 262037-u17584-fr_2x.png
link1.take-win.online/d/lotos/images/ 813 B
864 B 30ms
29ms Image
image/png 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://link1.take-win.online/d/lotos/images/262037-u17584-fr_2x.png?crc=4203028297

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

60f5f8e31b1f1bb171f10d096ddfc8a9210bee8ea787969c9a96ee0cc1ab2a7b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19653
etag: "32d-598aa96d27cc5"
content-type: image/png
status: 200
x-accel-version: 0.01
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 require.js Show response
link1.take-win.online/d/lotos/scripts/ 16 KB
6 KB 30ms
29ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

771d7512e004b04f2472e9a9bd5f0b731d062108b49b1aa813ec07bf4e419d27

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19653
etag: W/"5de4272d-4024"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 zen.js Show response
link1.take-win.online/d/lotos/ 4 KB
1 KB 28ms
27ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/zen.js

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

60904061bf15f12e2865d56209617a4cac443a34d5d45a240a8f5b5cabdd98ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Tue, 03 Dec 2019 15:37:11 GMT
server: ngjit
age: 19653
etag: W/"5de68127-fe3"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H/1.1 200
OK l
webfonts.creativecloud.com/c/d86156/1w;open-sans,1,VvF:W:n3,VvH:W:n4,Vv8:W:n7/ 203 KB
154 KB 10ms
9ms Stylesheet
text/css 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://webfonts.creativecloud.com/c/d86156/1w;open-sans,1,VvF:W:n3,VvH:W:n4,Vv8:W:n7/l

Requested by

Host: webfonts.creativecloud.com
URL: https://webfonts.creativecloud.com/open-sans:n4,n7,n3:all.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.38.53.224 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-53-224.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5cfb3f8545f09a608105b33480315ddf444a2518d07a4487cc1528c1d18a5d52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
Server: nginx
Date: Fri, 13 Dec 2019 02:35:16 GMT
Vary: Accept-Encoding
Content-Type: text/css;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=604800
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 157529

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30426
x-xss-protection: 0
pragma: public
x-fb-debug: pyCEJZSko8v0tRGJSsgSjsmCPdgDke2EFSBO6YbqT4f8WDPksydXbdvDzLi5IurtyFwTkIHGfSELxNrBqau2Pw==
x-fb-trip-id: 420120009
date: Fri, 13 Dec 2019 02:35:16 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 51 KB
51 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b020c35500d46bb15e25bfc8054ebe307031bc28028743c7e60e5b02a75a8e29

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://link1.take-win.online

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 50 KB
50 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8eb6903b2a9618d5fe8dbb117c7dccea37efbbc17cb3d8a60cd2f5c426b2b6cf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://link1.take-win.online

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 51 KB
51 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dfbece17ed6fc93a37b7dda83dcbfeb7fcaa555ca3e438d056af1e364c40537

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://link1.take-win.online

Response headers

Content-Type: font/opentype

GET
H/1.1 200
OK p.gif
p.typekit.net/ 35 B
367 B 21ms
6ms Image
image/gif 2a02:26f0:6c00:196::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=4&k=&app=muse&ht=tk&h=link1.take-win.online&f=14548.14541.14546&a=&sl=28&fl=27&dc=true&js=1.14.9&_=1576204516446
Requested by: Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:196::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Dec 2019 02:35:16 GMT
Last-Modified: Fri, 18 Oct 2019 21:34:09 GMT
Server: nginx
ETag: "5daa2fd1-23"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35
Expires: Wed, 30 Oct 2019 03:12:45 GMT

GET
H2 200 payment Show response
ib-api.online/api_v1/get_domain/v5pmm6wxj7c0c58g4i2a42ip7wa2h5dq97l9/ 40 B
229 B 279ms
209ms XHR
application/json 185.129.100.38
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://ib-api.online/api_v1/get_domain/v5pmm6wxj7c0c58g4i2a42ip7wa2h5dq97l9/payment

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/zen.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.38 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

9700582911d8d7c914527ea3371c6361475cef077025b208394941f8b048eaca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://link1.take-win.online/d/lotos/
Origin: https://link1.take-win.online

Response headers

status: 200
content-security-policy: upgrade-insecure-requests;
server: ngjit
access-control-allow-origin: *
date: Fri, 13 Dec 2019 02:35:16 GMT
content-type: application/json

GET
H2 200 museconfig.js Show response
link1.take-win.online/d/lotos/scripts/ 2 KB
932 B 22ms
22ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/museconfig.js?crc=4286661555

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

841c8b73cb9a92f13ada9174433d21159719fb7810abe72c6d6c73e83f92bf84

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19653
etag: W/"5de4272d-802"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 jquery-1.8.3.min.js Show response
link1.take-win.online/d/lotos/scripts/ 91 KB
32 KB 23ms
23ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/jquery-1.8.3.min.js?crc=209076791

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19653
etag: W/"5de4272d-16dc5"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 museutils.js Show response
link1.take-win.online/d/lotos/scripts/ 60 KB
17 KB 24ms
23ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/museutils.js?crc=4250906080

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

6d34c213b455e9b664a514bdf0b0c4e0cc6f6998889193a9404a0d16558c73ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19653
etag: W/"5de4272d-f04b"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 whatinput.js Show response
link1.take-win.online/d/lotos/scripts/ 2 KB
750 B 28ms
27ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/whatinput.js?crc=86476730

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

8b4507ad2677bc9668ee296a3b44db60aea2134e6ca3c76131c0f7f24b5788db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19653
etag: W/"5de4272d-6b0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 jquery.watch.js Show response
link1.take-win.online/d/lotos/scripts/ 2 KB
904 B 24ms
23ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/jquery.watch.js?crc=399457859

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

bab32181e9d025908cd9fa8e1a99d38dbe9aa3ac93e1bbd9feacce5c71e46c41

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19653
etag: W/"5de4272d-73b"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 jquery.musepolyfill.bgsize.js Show response
link1.take-win.online/d/lotos/scripts/ 5 KB
2 KB 23ms
23ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/jquery.musepolyfill.bgsize.js?crc=178212883

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

bc5227cb3ea5fbef2fca192723505acf7258d49a9ba47e95ed93fce3a837d9db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19653
etag: W/"5de4272d-13f0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 webpro.js Show response
link1.take-win.online/d/lotos/scripts/ 52 KB
14 KB 28ms
27ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/webpro.js?crc=214003453

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

09b744c047bf3d9438d9695d6a86f891794f03530438e953501950baf8880720

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19653
etag: W/"5de4272d-cf5a"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 musewpslideshow.js Show response
link1.take-win.online/d/lotos/scripts/ 34 KB
9 KB 25ms
24ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/musewpslideshow.js?crc=168777830

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

54091ee37bab0b715566ffd5a7d46ba5f3fcff8e781708af2f6d57cca34e524d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19653
etag: W/"5de4272d-8627"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 jquery.museoverlay.js Show response
link1.take-win.online/d/lotos/scripts/ 9 KB
3 KB 25ms
25ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/jquery.museoverlay.js?crc=4279841063

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

13181d834f10fe00e17cfed0a7e54e070581ca03eb4ed4c6c40e5f2a18c221e6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19653
etag: W/"5de4272d-2208"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 touchswipe.js Show response
link1.take-win.online/d/lotos/scripts/ 10 KB
4 KB 25ms
25ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/touchswipe.js?crc=4065839998

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

9d247c2b691076aab85df0dc9f4922ddb3d628f15c7d11ed9ad104dea3dc5c4c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19653
etag: W/"5de4272d-2782"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 Primary Request loading.html Show response
link1.take-win.online/d/lotos/ 32 KB
10 KB 25ms
23ms Document
text/html 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/loading.html

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

0ae410568d650ba6f070e4a4c557f38d55ee53f21c10593b1f281231a9ab2e78

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

:method: GET
:authority: link1.take-win.online
:scheme: https
:path: /d/lotos/loading.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://link1.take-win.online/d/lotos/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://link1.take-win.online/d/lotos/

Response headers

status: 200
server: ngjit
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1=F1F1413A097D14A8A6705DBA29BD8033AAAA8736; Domain=.take-win.online; HttpOnly; Path=/; Max-Age=31536000
date: Fri, 13 Dec 2019 02:35:23 GMT
content-type: text/html
last-modified: Mon, 02 Dec 2019 18:47:16 GMT
etag: W/"5de55c34-7e7e"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding

GET
H2 200 site_global.css
link1.take-win.online/d/lotos/css/ 7 KB
2 KB 24ms
22ms Stylesheet
text/css 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/css/site_global.css?crc=4101375428

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/loading.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

88fe87dc60adeebfc2a7c0037a5f68abfac35a422670717909982c74d34af72f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19660
etag: W/"5de4272d-1dd6"
vary: Accept-Encoding
content-type: text/css
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 loading.css
link1.take-win.online/d/lotos/css/ 20 KB
3 KB 25ms
23ms Stylesheet
text/css 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/css/loading.css?crc=419371640

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/loading.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

c035648500f21eceabf84195667831b33dd0c1866585126066587e8704a5ae8e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19652
etag: W/"5de4272d-4e17"
vary: Accept-Encoding
content-type: text/css
status: 200
date: Thu, 12 Dec 2019 21:07:51 GMT
accept-ranges: bytes

GET
H/1.1 200
OK open-sans:n4,n7,i3,n3:all.js Show response
webfonts.creativecloud.com/ 24 KB
9 KB 28ms
26ms Script
text/javascript 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://webfonts.creativecloud.com/open-sans:n4,n7,i3,n3:all.js

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/loading.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.38.53.224 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-53-224.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5cc85bd5254347e92ab185678342624e8a4769ab6516fece1a2d883b8ab5a52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
Server: nginx
Date: Fri, 13 Dec 2019 02:35:23 GMT
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 9238

GET
H2 200 sharing-crop-u18063.jpg
link1.take-win.online/d/lotos/images/ 70 KB
71 KB 27ms
25ms Image
image/jpeg 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://link1.take-win.online/d/lotos/images/sharing-crop-u18063.jpg?crc=420110117

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/loading.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

92f0ae9a6f9c5239f6a98d0f904f680e896f52e39b30b90420d4b8cbe4ad7a62

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19652
etag: "5de4272d-119cf"
content-type: image/jpeg
status: 200
date: Thu, 12 Dec 2019 21:07:51 GMT
accept-ranges: bytes

GET
H2 200 logo.png
link1.take-win.online/d/lotos/images/ 33 KB
33 KB 26ms
24ms Image
image/png 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://link1.take-win.online/d/lotos/images/logo.png?crc=467682677

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/loading.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

26651d9beac50e81ca7208f7051a9bca216814e8214c93ccb963a25a25cb6be8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19660
etag: "5de4272d-83a1"
content-type: image/png
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 original1748313173-crop-u19125.jpg
link1.take-win.online/d/lotos/images/ 33 KB
33 KB 26ms
24ms Image
image/jpeg 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://link1.take-win.online/d/lotos/images/original1748313173-crop-u19125.jpg?crc=425883077

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/loading.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

7c0e4025d5f2a316c95580a659fc5c41da5a52ea44dcaebb3f57f2c92fc39c69

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19652
etag: "5de4272d-848e"
content-type: image/jpeg
status: 200
date: Thu, 12 Dec 2019 21:07:51 GMT
accept-ranges: bytes

GET
H2 200 loto-icon.gif
link1.take-win.online/d/lotos/images/ 224 KB
224 KB 24ms
22ms Image
image/gif 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://link1.take-win.online/d/lotos/images/loto-icon.gif?crc=530114744

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/loading.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

7e3941fb0ec3e1cba847c9dc98997bb1dbdbeb556231d72dd91a22b00b5370ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19660
etag: "5de4272d-37eb4"
content-type: image/gif
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 gosloto-crop-u4238.jpg
link1.take-win.online/d/lotos/images/ 4 KB
4 KB 24ms
23ms Image
image/jpeg 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://link1.take-win.online/d/lotos/images/gosloto-crop-u4238.jpg?crc=3821325020

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/loading.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

1db927f39129c9fb9038d16827daf8c50390384639466f1b9a78d9d7b38a707f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19652
etag: "5de4272d-1123"
content-type: image/jpeg
status: 200
date: Thu, 12 Dec 2019 21:07:51 GMT
accept-ranges: bytes

GET
H2 200 31_russian_road_signsvg.png
link1.take-win.online/d/lotos/images/ 1 KB
1 KB 25ms
23ms Image
image/png 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://link1.take-win.online/d/lotos/images/31_russian_road_signsvg.png?crc=4034118440

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/loading.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

1ebf862f64b4551bfddf3acd365cc55cf286923ba1ff8a3fc804dcd6a14aac99

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19652
etag: "5de4272d-5ad"
content-type: image/png
status: 200
date: Thu, 12 Dec 2019 21:07:51 GMT
accept-ranges: bytes

GET
H2 200 262037-u17584-fr.png
link1.take-win.online/d/lotos/images/ 395 B
446 B 27ms
27ms Image
image/png 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://link1.take-win.online/d/lotos/images/262037-u17584-fr.png?crc=4210439966

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/loading.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

afcaecfadec98772e5c3614a7244deed0cb7f9856c0624e6ac305f8597916aeb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19660
etag: "18b-598aa96d27cc5"
content-type: image/png
status: 200
x-accel-version: 0.01
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 262037-u17584-fr_2x.png
link1.take-win.online/d/lotos/images/ 813 B
864 B 22ms
21ms Image
image/png 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://link1.take-win.online/d/lotos/images/262037-u17584-fr_2x.png?crc=4203028297

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/loading.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

60f5f8e31b1f1bb171f10d096ddfc8a9210bee8ea787969c9a96ee0cc1ab2a7b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19660
etag: "32d-598aa96d27cc5"
content-type: image/png
status: 200
x-accel-version: 0.01
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 262037-u17083-fr.png
link1.take-win.online/d/lotos/images/ 423 B
474 B 22ms
22ms Image
image/png 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://link1.take-win.online/d/lotos/images/262037-u17083-fr.png?crc=389857501

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/loading.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

2602bb40f4de922df0876fc7ef2aa16fcee62a6e02a5b25f02847101c3630110

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19652
etag: "1a7-598aa96d27cc5"
content-type: image/png
status: 200
x-accel-version: 0.01
date: Thu, 12 Dec 2019 21:07:51 GMT
accept-ranges: bytes

GET
H2 200 262037-u17083-fr_2x.png
link1.take-win.online/d/lotos/images/ 886 B
937 B 22ms
21ms Image
image/png 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://link1.take-win.online/d/lotos/images/262037-u17083-fr_2x.png?crc=75751202

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/loading.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

a4d4b63436969c1ef6ae3b220f3011be040a2ecbe9d8bb6675aec722ca9465ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19652
etag: "376-598aa96d27cc5"
content-type: image/png
status: 200
x-accel-version: 0.01
date: Thu, 12 Dec 2019 21:07:51 GMT
accept-ranges: bytes

GET
H2 200 require.js Show response
link1.take-win.online/d/lotos/scripts/ 16 KB
6 KB 22ms
21ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/loading.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

771d7512e004b04f2472e9a9bd5f0b731d062108b49b1aa813ec07bf4e419d27

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19660
etag: W/"5de4272d-4024"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 messages.js Show response
link1.take-win.online/d/lotos/scripts/ 14 KB
3 KB 22ms
22ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/messages.js

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/loading.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

08d45225d90e5d49d3aed49079775e970f07ab2136d7057849c5adb8ed2b89de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19652
etag: W/"5de4272d-37a6"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:51 GMT
accept-ranges: bytes

GET
H2 200 zen.js Show response
link1.take-win.online/d/lotos/ 4 KB
1 KB 24ms
22ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/zen.js

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/loading.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

60904061bf15f12e2865d56209617a4cac443a34d5d45a240a8f5b5cabdd98ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Tue, 03 Dec 2019 15:37:11 GMT
server: ngjit
age: 19660
etag: W/"5de68127-fe3"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 widget.js Show response
code.jivosite.com/ 17 KB
17 KB 40ms
12ms Script
application/javascript 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/widget.js
Requested by: Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/loading.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: 9da8657b6d7d7aad21d001303e0b87a8ab6a7dda4580e79d436feb346e3bbed2

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id: nkf-up-gc15, cec-up-gc11
date: Fri, 13 Dec 2019 02:35:23 GMT
via: 1.1 sharxy
x-cached-since: 2019-12-09T14:50:58+00:00, 2019-12-13T01:01:23+00:00
status: 200
x-shard: shieldShard0_80
content-length: 17249
last-modified: Mon, 09 Dec 2019 07:27:05 GMT
server: nginx
etag: "5dedf749-4361"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cache: HIT, HIT
accept-ranges: bytes
expires: Mon, 09 Dec 2019 16:50:58 GMT

GET
H/1.1 200
OK l
webfonts.creativecloud.com/c/eedb8b/1w;open-sans,1,VvG:W:i3,VvF:W:n3,VvH:W:n4,Vv8:W:n7/ 266 KB
202 KB 60ms
59ms Stylesheet
text/css 23.38.53.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://webfonts.creativecloud.com/c/eedb8b/1w;open-sans,1,VvG:W:i3,VvF:W:n3,VvH:W:n4,Vv8:W:n7/l

Requested by

Host: webfonts.creativecloud.com
URL: https://webfonts.creativecloud.com/open-sans:n4,n7,i3,n3:all.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.38.53.224 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-53-224.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a959b0ba6f89288acf0969fdb5b0ae3fe4cd3a3bb7e70479f2023b3c0047beb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
Server: nginx
Date: Fri, 13 Dec 2019 02:35:23 GMT
Vary: Accept-Encoding
Content-Type: text/css;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=604800
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 206358

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/loading.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30426
x-xss-protection: 0
pragma: public
x-fb-debug: pyCEJZSko8v0tRGJSsgSjsmCPdgDke2EFSBO6YbqT4f8WDPksydXbdvDzLi5IurtyFwTkIHGfSELxNrBqau2Pw==
x-fb-trip-id: 420120009
date: Fri, 13 Dec 2019 02:35:23 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 payment Show response
ib-api.online/api_v1/get_domain/v5pmm6wxj7c0c58g4i2a42ip7wa2h5dq97l9/ 40 B
170 B 128ms
128ms XHR
application/json 185.129.100.38
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://ib-api.online/api_v1/get_domain/v5pmm6wxj7c0c58g4i2a42ip7wa2h5dq97l9/payment

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/zen.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.38 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

9700582911d8d7c914527ea3371c6361475cef077025b208394941f8b048eaca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://link1.take-win.online/d/lotos/loading.html
Origin: https://link1.take-win.online

Response headers

status: 200
content-security-policy: upgrade-insecure-requests;
server: ngjit
access-control-allow-origin: *
date: Fri, 13 Dec 2019 02:35:23 GMT
content-type: application/json

GET
H2 200 Jj0jSf56WH Show response
code.jivosite.com/script/widget/config/ 5 KB
5 KB 37ms
12ms XHR
application/x-javascript 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/script/widget/config/Jj0jSf56WH
Requested by: Host: code.jivosite.com
URL: https://code.jivosite.com/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: 53ba1545cae9088d2f3e4bddcc31515d909087f38c13c03bc9bd3119c6f81fa4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://link1.take-win.online/d/lotos/loading.html
Origin: https://link1.take-win.online

Response headers

x-id: nkf-up-gc14, cec-up-gc11
date: Fri, 13 Dec 2019 02:35:23 GMT
via: 1.1 sharxy
server: nginx
status: 200
vary: Accept-Encoding
x-cached-since: 2019-12-13T00:16:06+00:00, 2019-12-13T00:18:31+00:00
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=7200
cache: HIT, STALE
x-shard: shieldShard0_80
accept-ranges: bytes
content-length: 4717
expires: Fri, 13 Dec 2019 02:16:06 GMT

GET
H2 200 museconfig.js Show response
link1.take-win.online/d/lotos/scripts/ 2 KB
932 B 22ms
22ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/museconfig.js?crc=4286661555

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

841c8b73cb9a92f13ada9174433d21159719fb7810abe72c6d6c73e83f92bf84

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19660
etag: W/"5de4272d-802"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 47 KB
47 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59612d69a54875f28dbb4a065627b03b42a65f6872f01e335ed1e94ef6eb6a61

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://link1.take-win.online

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 51 KB
51 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b020c35500d46bb15e25bfc8054ebe307031bc28028743c7e60e5b02a75a8e29

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://link1.take-win.online

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 50 KB
50 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8eb6903b2a9618d5fe8dbb117c7dccea37efbbc17cb3d8a60cd2f5c426b2b6cf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://link1.take-win.online

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 51 KB
51 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dfbece17ed6fc93a37b7dda83dcbfeb7fcaa555ca3e438d056af1e364c40537

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://link1.take-win.online

Response headers

Content-Type: font/opentype

GET
H/1.1 200
OK Jj0jSf56WH Show response
node132.jivosite.com/widget/status/1121665/ 59 B
353 B 100ms
30ms XHR
application/json 54.155.68.125
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://node132.jivosite.com/widget/status/1121665/Jj0jSf56WH?rnd=0.8143063712807275
Requested by: Host: code.jivosite.com
URL: https://code.jivosite.com/widget.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.68.125 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-155-68-125.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 979bd0d566d117f28c3b4edcf5a5e278cbcb06d08cdc943e3226c354f10342f8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://link1.take-win.online/d/lotos/loading.html
Origin: https://link1.take-win.online

Response headers

Date: Fri, 13 Dec 2019 02:35:23 GMT
Server: nginx
X-BotMode: no
X-GeoIP: DE;05;Frankfurt Am Main
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-geoip, x-botmode
Connection: keep-alive
Content-Length: 59

GET
H/1.1 200
OK p.gif
p.typekit.net/ 35 B
367 B 28ms
28ms Image
image/gif 2a02:26f0:6c00:196::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=4&k=&app=muse&ht=tk&h=link1.take-win.online&f=14548.14541.14547.14546&a=&sl=69&fl=43&dc=true&js=1.14.9&_=1576204523597
Requested by: Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/loading.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:196::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Dec 2019 02:35:23 GMT
Last-Modified: Fri, 18 Oct 2019 21:34:09 GMT
Server: nginx
ETag: "5daa2fd1-23"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35
Expires: Wed, 30 Oct 2019 03:12:45 GMT

GET
H2 200 jquery-1.8.3.min.js Show response
link1.take-win.online/d/lotos/scripts/ 91 KB
32 KB 23ms
22ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/jquery-1.8.3.min.js?crc=209076791

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19660
etag: W/"5de4272d-16dc5"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 museutils.js Show response
link1.take-win.online/d/lotos/scripts/ 60 KB
17 KB 23ms
22ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/museutils.js?crc=4250906080

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

6d34c213b455e9b664a514bdf0b0c4e0cc6f6998889193a9404a0d16558c73ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19660
etag: W/"5de4272d-f04b"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 whatinput.js Show response
link1.take-win.online/d/lotos/scripts/ 2 KB
750 B 23ms
22ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/whatinput.js?crc=86476730

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

8b4507ad2677bc9668ee296a3b44db60aea2134e6ca3c76131c0f7f24b5788db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19660
etag: W/"5de4272d-6b0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 jquery.watch.js Show response
link1.take-win.online/d/lotos/scripts/ 2 KB
904 B 23ms
22ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/jquery.watch.js?crc=399457859

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

bab32181e9d025908cd9fa8e1a99d38dbe9aa3ac93e1bbd9feacce5c71e46c41

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19660
etag: W/"5de4272d-73b"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 webpro.js Show response
link1.take-win.online/d/lotos/scripts/ 52 KB
14 KB 24ms
23ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/webpro.js?crc=214003453

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

09b744c047bf3d9438d9695d6a86f891794f03530438e953501950baf8880720

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19660
etag: W/"5de4272d-cf5a"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 jquery.musepolyfill.bgsize.js Show response
link1.take-win.online/d/lotos/scripts/ 5 KB
2 KB 24ms
23ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/jquery.musepolyfill.bgsize.js?crc=178212883

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

bc5227cb3ea5fbef2fca192723505acf7258d49a9ba47e95ed93fce3a837d9db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19660
etag: W/"5de4272d-13f0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 musewpslideshow.js Show response
link1.take-win.online/d/lotos/scripts/ 34 KB
9 KB 22ms
22ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/musewpslideshow.js?crc=168777830

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

54091ee37bab0b715566ffd5a7d46ba5f3fcff8e781708af2f6d57cca34e524d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19660
etag: W/"5de4272d-8627"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 jquery.museoverlay.js Show response
link1.take-win.online/d/lotos/scripts/ 9 KB
3 KB 23ms
22ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/jquery.museoverlay.js?crc=4279841063

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

13181d834f10fe00e17cfed0a7e54e070581ca03eb4ed4c6c40e5f2a18c221e6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19660
etag: W/"5de4272d-2208"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 touchswipe.js Show response
link1.take-win.online/d/lotos/scripts/ 10 KB
4 KB 23ms
23ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/touchswipe.js?crc=4065839998

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/scripts/require.js?crc=7928878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

9d247c2b691076aab85df0dc9f4922ddb3d628f15c7d11ed9ad104dea3dc5c4c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19660
etag: W/"5de4272d-2782"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:43 GMT
accept-ranges: bytes

GET
H2 200 bundle_ru_RU.js Show response
code.jivosite.com/js/ 1 MB
222 KB 12ms
12ms Script
application/javascript 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/js/bundle_ru_RU.js?rand=1575903037
Requested by: Host: code.jivosite.com
URL: https://code.jivosite.com/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: af4173498e9ac13b961c00d3c60dd2acc7409827abf7e344d7aac17579d69580

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id: nkf-up-gc14, cec-up-gc11
date: Fri, 13 Dec 2019 02:35:23 GMT
content-encoding: br
x-cached-since: 2019-12-09T14:50:59+00:00, 2019-12-12T14:51:22+00:00
status: 200
x-shard: shieldShard0_80
content-length: 227197
via: 1.1 sharxy
last-modified: Mon, 09 Dec 2019 07:28:45 GMT
server: nginx
etag: "5dedf7ad-3777d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT, HIT
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 393 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c66b5eadbc121cef27de174430ad219f445c82ff938916a34582c712d4bf76d5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 447 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77e83427001f5875cd40cb1b22294be5edacdab5fa7250a65af5ae2aaef57649

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 206 agent_message.mp3
code.jivosite.com/sounds/ 4 KB
4 KB 12ms
12ms Media
audio/mpeg 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/sounds/agent_message.mp3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

x-id: nkf-up-gc13, cec-up-gc11
date: Fri, 13 Dec 2019 02:35:23 GMT
via: 1.1 sharxy
x-cached-since: 2019-12-09T14:50:58+00:00, 2019-12-09T14:51:04+00:00
status: 206
x-shard: shieldShard0_80
Content-Length: 3760
Content-Range: bytes 0-3759/3760
last-modified: Mon, 09 Dec 2019 07:26:33 GMT
server: nginx
etag: "5dedf729-eb0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=864000
cache: HIT, HIT
expires: Thu, 19 Dec 2019 14:50:58 GMT

GET
H2 206 notification.mp3
code.jivosite.com/sounds/ 6 KB
6 KB 12ms
12ms Media
audio/mpeg 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/sounds/notification.mp3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: 1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

x-id: nkf-up-gc12, cec-up-gc11
date: Fri, 13 Dec 2019 02:35:23 GMT
via: 1.1 sharxy
x-cached-since: 2019-12-09T14:50:58+00:00, 2019-12-09T14:51:04+00:00
status: 206
x-shard: shieldShard0_80
Content-Length: 5808
Content-Range: bytes 0-5807/5808
last-modified: Mon, 09 Dec 2019 07:26:33 GMT
server: nginx
etag: "5dedf729-16b0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=864000
cache: HIT, HIT
expires: Thu, 19 Dec 2019 14:50:58 GMT

GET
H2 206 outgoing_message.mp3
code.jivosite.com/sounds/ 5 KB
5 KB 12ms
12ms Media
audio/mpeg 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/sounds/outgoing_message.mp3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

x-id: nkf-up-gc9, cec-up-gc11
date: Fri, 13 Dec 2019 02:35:23 GMT
via: 1.1 sharxy
x-cached-since: 2019-12-09T14:50:58+00:00, 2019-12-09T14:51:04+00:00
status: 206
x-shard: shieldShard0_80
Content-Length: 5014
Content-Range: bytes 0-5013/5014
last-modified: Mon, 09 Dec 2019 07:26:33 GMT
server: nginx
etag: "5dedf729-1396"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=864000
cache: HIT, HIT
expires: Thu, 19 Dec 2019 14:50:58 GMT

GET
H2 200 chat.js Show response
link1.take-win.online/d/lotos/scripts/ 2 KB
865 B 24ms
23ms Script
application/javascript 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/lotos/scripts/chat.js

Requested by

Host: link1.take-win.online
URL: https://link1.take-win.online/d/lotos/loading.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

3faf563dae08e36602b11cc515f06d588834d4762d9f97f64a439aa15f2d64f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
content-encoding: br
last-modified: Sun, 01 Dec 2019 20:48:45 GMT
server: ngjit
age: 19652
etag: W/"5de4272d-91a"
vary: Accept-Encoding
content-type: application/javascript
status: 200
date: Thu, 12 Dec 2019 21:07:52 GMT
accept-ranges: bytes

GET
H2 404 chat.mp3
link1.take-win.online/d/ 808 B
901 B 29ms
28ms Media
text/html 185.129.100.43
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://link1.take-win.online/d/chat.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.129.100.43 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ngjit /

Resource Hash

b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://link1.take-win.online/d/lotos/loading.html
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 24 Sep 2019 11:44:33 GMT
server: ngjit
age: 0
etag: "328-5934b0f5e1d89"
content-type: text/html
status: 404
date: Fri, 13 Dec 2019 02:35:24 GMT
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.take-win.online/	1970-01-19 14:35:40	Name: __ddg1 Value: F1F1413A097D14A8A6705DBA29BD8033AAAA8736

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jivosite.com
connect.facebook.net
ib-api.online
link1.take-win.online
meclick.online
node132.jivosite.com
p.typekit.net
webfonts.creativecloud.com
185.129.100.37
185.129.100.38
185.129.100.43
23.38.53.224
2a02:26f0:6c00:196::19fd
2a03:2880:f01c:8012:face:b00c:0:3
2a03:90c0:9997::9997
54.155.68.125
08d45225d90e5d49d3aed49079775e970f07ab2136d7057849c5adb8ed2b89de
09b744c047bf3d9438d9695d6a86f891794f03530438e953501950baf8880720
0ae410568d650ba6f070e4a4c557f38d55ee53f21c10593b1f281231a9ab2e78
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
13181d834f10fe00e17cfed0a7e54e070581ca03eb4ed4c6c40e5f2a18c221e6
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
1db927f39129c9fb9038d16827daf8c50390384639466f1b9a78d9d7b38a707f
1ebf862f64b4551bfddf3acd365cc55cf286923ba1ff8a3fc804dcd6a14aac99
2602bb40f4de922df0876fc7ef2aa16fcee62a6e02a5b25f02847101c3630110
26651d9beac50e81ca7208f7051a9bca216814e8214c93ccb963a25a25cb6be8
3751ba44c64b64a284c0bba5dfc1e55076f623cae5c02a8b7321e980c9ed47a6
3faf563dae08e36602b11cc515f06d588834d4762d9f97f64a439aa15f2d64f1
41a856fd66cd63fdbbafcfba775fb913b8706effb7b48a89171d696f586e8bbe
53ba1545cae9088d2f3e4bddcc31515d909087f38c13c03bc9bd3119c6f81fa4
54091ee37bab0b715566ffd5a7d46ba5f3fcff8e781708af2f6d57cca34e524d
59612d69a54875f28dbb4a065627b03b42a65f6872f01e335ed1e94ef6eb6a61
5cc85bd5254347e92ab185678342624e8a4769ab6516fece1a2d883b8ab5a52b
5cfb3f8545f09a608105b33480315ddf444a2518d07a4487cc1528c1d18a5d52
60904061bf15f12e2865d56209617a4cac443a34d5d45a240a8f5b5cabdd98ba
60f5f8e31b1f1bb171f10d096ddfc8a9210bee8ea787969c9a96ee0cc1ab2a7b
6d34c213b455e9b664a514bdf0b0c4e0cc6f6998889193a9404a0d16558c73ce
6dfbece17ed6fc93a37b7dda83dcbfeb7fcaa555ca3e438d056af1e364c40537
771d7512e004b04f2472e9a9bd5f0b731d062108b49b1aa813ec07bf4e419d27
77e83427001f5875cd40cb1b22294be5edacdab5fa7250a65af5ae2aaef57649
7c0e4025d5f2a316c95580a659fc5c41da5a52ea44dcaebb3f57f2c92fc39c69
7e3941fb0ec3e1cba847c9dc98997bb1dbdbeb556231d72dd91a22b00b5370ee
841c8b73cb9a92f13ada9174433d21159719fb7810abe72c6d6c73e83f92bf84
88fe87dc60adeebfc2a7c0037a5f68abfac35a422670717909982c74d34af72f
8b4507ad2677bc9668ee296a3b44db60aea2134e6ca3c76131c0f7f24b5788db
8eb6903b2a9618d5fe8dbb117c7dccea37efbbc17cb3d8a60cd2f5c426b2b6cf
92f0ae9a6f9c5239f6a98d0f904f680e896f52e39b30b90420d4b8cbe4ad7a62
9700582911d8d7c914527ea3371c6361475cef077025b208394941f8b048eaca
979bd0d566d117f28c3b4edcf5a5e278cbcb06d08cdc943e3226c354f10342f8
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d247c2b691076aab85df0dc9f4922ddb3d628f15c7d11ed9ad104dea3dc5c4c
9da8657b6d7d7aad21d001303e0b87a8ab6a7dda4580e79d436feb346e3bbed2
a4d4b63436969c1ef6ae3b220f3011be040a2ecbe9d8bb6675aec722ca9465ad
a959b0ba6f89288acf0969fdb5b0ae3fe4cd3a3bb7e70479f2023b3c0047beb5
af4173498e9ac13b961c00d3c60dd2acc7409827abf7e344d7aac17579d69580
afcaecfadec98772e5c3614a7244deed0cb7f9856c0624e6ac305f8597916aeb
b020c35500d46bb15e25bfc8054ebe307031bc28028743c7e60e5b02a75a8e29
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
bab32181e9d025908cd9fa8e1a99d38dbe9aa3ac93e1bbd9feacce5c71e46c41
bc5227cb3ea5fbef2fca192723505acf7258d49a9ba47e95ed93fce3a837d9db
c035648500f21eceabf84195667831b33dd0c1866585126066587e8704a5ae8e
c66b5eadbc121cef27de174430ad219f445c82ff938916a34582c712d4bf76d5
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
d44fda742037a89599fdf7f77f9ceb059fffa8c600c94bf7fa281ea952c0a87d
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

link1.take-win.online Open in urlscan Pro 185.129.100.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

100 %HTTPS

38 %IPv6

7 Domains

8 Subdomains

8 IPs

5 Countries

1992 kBTransfer

3638 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

link1.take-win.online Open in urlscan Pro
185.129.100.43 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

8
Subdomains

8
IPs

5
Countries

1992 kB
Transfer

3638 kB
Size

1
Cookies

67 HTTP transactions
9 data transactions