urlscan.io logo urlscan.io
SecurityTrails logo

1wjxec.top Open in urlscan Pro
190.115.24.78  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1win.pink/
Effective URL: https://1wjxec.top/
Submission: On August 29 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 12 domains to perform 62 HTTP transactions. The main IP is 190.115.24.78, located in Belize and belongs to IQWEB, AE. The main domain is 1wjxec.top.
TLS certificate: Issued by R3 on August 3rd 2023. Valid for: 3 months.
This is the only time 1wjxec.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2606:4700:3030::6815:5f06 (United States)

ASN13335 (CLOUDFLARENET, US)
1win.pink
6    190.115.24.78 (Belize)

ASN59692 (IQWEB, AE)
PTR: ddos-guard.net
1wjxec.top
29    2606:4700:e2::ac40:8617 (United States)

ASN13335 (CLOUDFLARENET, US)
1win-cdn.com
2    151.101.194.132 (United States)

ASN54113 (FASTLY, US)
api.lab.amplitude.com
2    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    142.250.74.198 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
12688802.fls.doubleclick.net
4    216.58.212.134 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f134.1e100.net
12572451.fls.doubleclick.net
1    18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net
static.hotjar.com
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
1    52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net
script.hotjar.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    44.238.215.160 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-215-160.us-west-2.compute.amazonaws.com
api2.amplitude.com
Apex Domain
Subdomains		 Transfer
29 1win-cdn.com
1win-cdn.com — Cisco Umbrella Rank: 362876
714 KB
8 doubleclick.net
12688802.fls.doubleclick.net — Cisco Umbrella Rank: 404451
12572451.fls.doubleclick.net — Cisco Umbrella Rank: 405465
4 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 11632
3 KB
6 1wjxec.top
1wjxec.top
135 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 13913
965 B
4 google.com
adservice.google.com — Cisco Umbrella Rank: 100
2 KB
4 amplitude.com
api.lab.amplitude.com — Cisco Umbrella Rank: 4289
api2.amplitude.com — Cisco Umbrella Rank: 1454
440 B
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4306
75 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 740
script.hotjar.com — Cisco Umbrella Rank: 946
59 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
162 KB
2 1win.pink
1win.pink
1 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2412
250 B
62 12
Domain Requested by
29 1win-cdn.com 1wjxec.top
1win-cdn.com
7 mc.yandex.com 3 redirects 1wjxec.top
6 1wjxec.top 1win.pink
1wjxec.top
1win-cdn.com
4 adservice.google.de adservice.google.com
4 adservice.google.com 12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
4 12572451.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 12688802.fls.doubleclick.net 2 redirects www.googletagmanager.com
3 mc.yandex.ru 2 redirects 1win.pink
2 api2.amplitude.com 1win-cdn.com
2 www.googletagmanager.com 1win.pink
www.googletagmanager.com
2 api.lab.amplitude.com 1win-cdn.com
2 1win.pink 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com 1win.pink
62 15

This site contains no links.

Subject Issuer Validity Valid
1win.pink
GTS CA 1P5		 2023-08-22 -
2023-11-20		 3 months crt.sh
1wjxec.top
R3		 2023-08-03 -
2023-11-01		 3 months crt.sh
1win-cdn.com
GTS CA 1P5		 2023-08-06 -
2023-11-04		 3 months crt.sh
*.lab.amplitude.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-02-25 -
2024-03-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2023-01-23 -
2024-02-14		 a year crt.sh

This page contains 13 frames:

Primary Page: https://1wjxec.top/
Frame ID: 4735056E4CB0241552F9F0E407ACDF3B
Requests: 49 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=CK3V-9engYEDFckIogMdZkID5w;src=12688802;type=actio0;cat=allpa0;ord=1;num=8792627418777;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F
Frame ID: 2A64C4ACC11F4D89A1CFE9C85E555D3B
Requests: 1 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=COnM-dengYEDFVZUkQUdmPYENg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2175192871769.1338
Frame ID: 8B9C898AB82DB46960503593E3D171E2
Requests: 1 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=CI3W-9engYEDFQxTGAodzhkD4g;src=12688802;type=actio0;cat=allpa0;ord=1;num=6540083442890;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome
Frame ID: 6052CBEDDB31DE730C1FC3A905F923A9
Requests: 1 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CMzR-dengYEDFZQB5god6b0OAw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=3587170215258.506
Frame ID: 458A146E5EEF69A3FE024B807693B826
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COnM-dengYEDFVZUkQUdmPYENg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2175192871769.1338;~oref=https://1wjxec.top/
Frame ID: 32714895E1D17EFCBB399B084923027C
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMzR-dengYEDFZQB5god6b0OAw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=3587170215258.506;~oref=https://1wjxec.top/
Frame ID: 4240EF3677F0839FE6225794383060DA
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CI3W-9engYEDFQxTGAodzhkD4g;src=12688802;type=actio0;cat=allpa0;ord=1;num=6540083442890;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome
Frame ID: 3AC009C38158A8F0468EDB5B741B421E
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CK3V-9engYEDFckIogMdZkID5w;src=12688802;type=actio0;cat=allpa0;ord=1;num=8792627418777;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F
Frame ID: 659A90B8FC52EBC1FD8A1AD128ADFAF3
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COnM-dengYEDFVZUkQUdmPYENg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2175192871769.1338;~oref=https://1wjxec.top/
Frame ID: 5A664D95184E6564A111FA888B1C3CB9
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CMzR-dengYEDFZQB5god6b0OAw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=3587170215258.506;~oref=https://1wjxec.top/
Frame ID: E14F91803E50FEDC1BD3940100B649E1
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CK3V-9engYEDFckIogMdZkID5w;src=12688802;type=actio0;cat=allpa0;ord=1;num=8792627418777;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F
Frame ID: 616FC53E190CE82582259924C4292810
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CI3W-9engYEDFQxTGAodzhkD4g;src=12688802;type=actio0;cat=allpa0;ord=1;num=6540083442890;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome
Frame ID: AA34F51281428C4BD1054D07E387F8E0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1win

Page URL History Show full URLs

  1. http://1win.pink/ HTTP 301
    https://1win.pink/ Page URL
  2. https://1wjxec.top/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

62
Requests

95 %
HTTPS

50 %
IPv6

12
Domains

15
Subdomains

15
IPs

4
Countries

1151 kB
Transfer

3595 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1win.pink/ HTTP 301
    https://1win.pink/ Page URL
  2. https://1wjxec.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://1win.pink/ HTTP 301
  • https://1win.pink/
Request Chain 36
  • https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=8792627418777;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F HTTP 302
  • https://12688802.fls.doubleclick.net/activityi;dc_pre=CK3V-9engYEDFckIogMdZkID5w;src=12688802;type=actio0;cat=allpa0;ord=1;num=8792627418777;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F
Request Chain 37
  • https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2175192871769.1338 HTTP 302
  • https://12572451.fls.doubleclick.net/activityi;dc_pre=COnM-dengYEDFVZUkQUdmPYENg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2175192871769.1338
Request Chain 41
  • https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=6540083442890;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome HTTP 302
  • https://12688802.fls.doubleclick.net/activityi;dc_pre=CI3W-9engYEDFQxTGAodzhkD4g;src=12688802;type=actio0;cat=allpa0;ord=1;num=6540083442890;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome
Request Chain 42
  • https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=3587170215258.506 HTTP 302
  • https://12572451.fls.doubleclick.net/activityi;dc_pre=CMzR-dengYEDFZQB5god6b0OAw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=3587170215258.506
Request Chain 56
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10110.9prmFzXflFcUpEgGv1sUxB29MKN_mBYYybLSZCc_9Ujbji8MKV5DEdZfIJN1SXSS.NYSQEdNOk9VHLJcRUIgnvnl9q_k%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10110.E0WNTy03Qzw6t96hFflQby81-Ba8HAvnWZ3bofW7hIeJDIRi5LEELP3ZCvmGRROzbqHMFnEcr60UVMOVzqJnBstxd9kuU6CgJyKsRdwVLDg%2C.5NoOKG71slV-2lAxIm_mDaFKrT8%2C
Request Chain 58
  • https://mc.yandex.com/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome&page-ref=https%3A%2F%2F1win.pink%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A1094%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A131259261895%3Ahid%3A710660791%3Az%3A120%3Ai%3A20230829090840%3Aet%3A1693292920%3Ac%3A1%3Arn%3A992222764%3Arqn%3A1%3Au%3A169329292035769893%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A320%2C33%2C626%2C25%2C0%2C0%2C%2C61%2C0%2C%2C%2C%2C1185%3Aco%3A0%3Acpf%3A1%3Ans%3A1693292918234%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1693292920%3At%3A1win&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome&page-ref=https%3A%2F%2F1win.pink%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A1094%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A131259261895%3Ahid%3A710660791%3Az%3A120%3Ai%3A20230829090840%3Aet%3A1693292920%3Ac%3A1%3Arn%3A992222764%3Arqn%3A1%3Au%3A169329292035769893%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A320%2C33%2C626%2C25%2C0%2C0%2C%2C61%2C0%2C%2C%2C%2C1185%3Aco%3A0%3Acpf%3A1%3Ans%3A1693292918234%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1693292920%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
Request Chain 59
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10110.1x8AuYlmHho0Cmo6oXgg_bQyxwLcuRmjmYFf1WZpIHJxjYkzTy2-PsPAx07WNru5.h4d0Qy_xvQwopaDsnt12tDYXvSU%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10110.k1j-eNyv1GaQXsP_ye_HhGCzoCjdivKuvsUufCwrQwpI8G9LBSKAFYYO2I1ikQUUEoN7boar-jHmX6NfJwo4Cr4NopUSmoGrxJolBad2pUo%2C.N1_QaoD9vxu21zlcQNgtAzpOxpw%2C

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
1win.pink/
Redirect Chain
  • http://1win.pink/
  • https://1win.pink/
340 B
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://1win.pink/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5f06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7fe2f6c1f9642c79-FRA
content-encoding
br
content-type
text/html
date
Tue, 29 Aug 2023 07:08:38 GMT
last-modified
Thu, 29 Dec 2022 12:43:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WI2m6%2BSozG14SM9B%2BdAipHMKSu9zrL6X7TJUYPGjFB5EoMeK2zaujCp6ZEq0lJ9mg1jh4d%2BqdNwNm8TRSnYRPUf%2FSDx%2BUHiBigCZavtQAuO7T5o6M1eJ%2Bc%2B0nXqC0Y2TMi%2B9qojkAXo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
7fe2f6c1b8b29131-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 29 Aug 2023 07:08:38 GMT
Expires
Tue, 29 Aug 2023 08:08:38 GMT
Location
https://1win.pink/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vw2nWnrvFfVZGOcjVyjs7PZWbt2IfC4njXV0Up8VLndqrb0w5auEOJIlvqZM7TVD%2BYgHz3FoQ%2B2mRSbFviCt6YCFVBzboHyGu0ooMqfNvjYBUT3XjcRwX1N1QQQJ%2FLcxdBVoBQQ14QI%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
Primary Request /
1wjxec.top/ 		336 KB
113 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1wjxec.top/
Requested by
Host: 1win.pink
URL: https://1win.pink/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.24.78 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
openresty/1.19.9.1 /
Resource Hash
0b4a8b6cb476b10487cf7f7129126078a7a55b6b4f7bd669648a047d83f49541
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://1win.pink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 29 Aug 2023 07:08:39 GMT
server
openresty/1.19.9.1
x-frame-options
DENY
x-match-domain
1wjxec.top
x-request-id
ToVGsPN9qxYmRnCD
SFNSDisplay-latin.50a4eaff3.woff2
1win-cdn.com/font/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/font/SFNSDisplay-latin.50a4eaff3.woff2
Requested by
Host: 1wjxec.top
URL: https://1wjxec.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68

Request headers

Referer
https://1wjxec.top/
Origin
https://1wjxec.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2985387
alt-svc
h3=":443"; ma=86400
content-length
33064
last-modified
Tue, 25 Jul 2023 13:47:16 GMT
server
cloudflare
etag
"64bfd264-8128"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKjTg4vYyivBSU7okKOBqh5XPGznq9%2BwGeUXxPTv6foZYSN33UH%2B8yF3oVBGi4l%2Bv7cNH9IO8Ier1YUEHadkmfI82D2X%2BkzJapPhCIYlmDDFLF2qZBRDxZZC%2Fl6v0eSwvMJW%2Bhew0O0OlKE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7fe2f6c9afb02bcd-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
SFNSText-latin.f09aa5229.woff2
1win-cdn.com/font/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/font/SFNSText-latin.f09aa5229.woff2
Requested by
Host: 1wjxec.top
URL: https://1wjxec.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6

Request headers

Referer
https://1wjxec.top/
Origin
https://1wjxec.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2985387
alt-svc
h3=":443"; ma=86400
content-length
43512
last-modified
Tue, 25 Jul 2023 13:47:16 GMT
server
cloudflare
etag
"64bfd264-a9f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dq1LAImg58GxnedPEF5%2Bt3TAGXP4vgSqmPs3C%2Bxoqz5Pa6JEkDnFLN7KvypGxGrrDLCJ32kouvLyWgD7z2TJXsXn1%2FquJtEbhllPK6OYWPDJR7pGr7kxapk0Ulhmtpa4HnOG6feliZSAME%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7fe2f6c9afb62bcd-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
desktop.c497eb17a.js
1win-cdn.com/js/ 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/desktop.c497eb17a.js
Requested by
Host: 1wjxec.top
URL: https://1wjxec.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f32f25e2bd79b08a0861ef8bce062caba11b1678e9965e53cee4230ca3dfac74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
68392
cf-polished
origSize=121639
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 28 Aug 2023 11:39:49 GMT
server
cloudflare
etag
W/"64ec8785-1db27"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quTIOnqBpZrDhExWui8DHxrCj1Oi%2FFZFTTUuu50my89KaHkrJEIqNHsnEzq9twAgmCki83GUORIOFFFvmAR68N0z9CuDAO930Z3AyC7t%2BE1kGZYbnRKu6vPRfdIRVFoXDpm6Z78xtKFqosA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6c9a9d9bb5c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
desktop.41da5b8bd.css
1win-cdn.com/css/ 		68 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/css/desktop.41da5b8bd.css
Requested by
Host: 1wjxec.top
URL: https://1wjxec.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d902090b8d5215fd510ba73aa0a07bcc75d3a1bc85fb2c30acffda7a44c6f41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336597
cf-polished
origSize=69494
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 09:29:08 GMT
server
cloudflare
etag
W/"64e87464-10f76"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxmsQHIY8uS4wTXgT27JZu7JB9V7T%2BpHwToMTmL1ezgWR%2FJ6eoScz1uXzJ2wfINKSI%2B8h%2FkA1vu%2Fl30x%2Fsi3gvozL8YaodlsYL4CfAOo8isCFvU%2BWvd%2BjC6alGj6GP5J8JAEFjzhyz2Kk1c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6c9a9d4bb5c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
6610.c485cb188.js
1win-cdn.com/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/6610.c485cb188.js
Requested by
Host: 1wjxec.top
URL: https://1wjxec.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8713fde6ab8806bf491eec5beecc50512a173ef587790d2d2c59c759e500a089

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336606
cf-polished
origSize=5058
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 09:29:09 GMT
server
cloudflare
etag
W/"64e87465-13c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4uiUipFeoTSjsNqZOWtjEgWyWzfhhiETGDNi3beaQdTF8NSFxf9WKkzksG2g2D%2Fcdn87IL0yUto4YAxgXs67iVjABFEC6vbrGORLiRAd0pSZ50Ynq4HN3znQ%2FtGIjRF5pTim8xe1tJiE1kA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6c9a9dcbb5c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
6610.7c787ee3c.css
1win-cdn.com/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/css/6610.7c787ee3c.css
Requested by
Host: 1wjxec.top
URL: https://1wjxec.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b528cece86c2e55368671a69a72481f9cc83407dadd0235b6279ab77a22c2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336606
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 09:29:09 GMT
server
cloudflare
etag
W/"64e87465-16ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Khq%2B9pksff4SIcY00%2BIuNjmQ%2BDdhQLxWAkcwa7YMYfkfGiQZxn636aaUcUHytS1iyTZwTt%2BujwppnHjHbAsCaIPW%2BzdfnKOSKT2tL%2B7zmwHRpFyZ4j78gbnvoK37qaN82%2FrXF2FkTNHuD4E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6c9a9d7bb5c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
chunk-vendors.1a89db500.js
1win-cdn.com/js/ 		429 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/chunk-vendors.1a89db500.js
Requested by
Host: 1wjxec.top
URL: https://1wjxec.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a44d8a39c24fca535a8d9c030ea37a3b4cb0d84714f10de0745ca6becd0784b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
68416
cf-polished
origSize=439814
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 28 Aug 2023 11:39:49 GMT
server
cloudflare
etag
W/"64ec8785-6b606"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RStW9N9pSi8J0YHoIWRx%2FtNl7fEPKaUczV51EqSafD0N5zoLA7F%2BiCu7OIgnWawuNEkDk5jd8aB051qIsIZSNqnoWCQ6Ta2VM6xsXHMAdh%2F3DNilA6nNXYVPj4JHuxi8C8TXwoOsuACk9tE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6c9ca03bb5c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
chunk-common.2fea14296.js
1win-cdn.com/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/chunk-common.2fea14296.js
Requested by
Host: 1wjxec.top
URL: https://1wjxec.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6ff9d2d8684185b25d5ddfc948f40495eaacc2c77f3e36009621a40df3c6f4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336605
cf-polished
origSize=24149
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 09:29:10 GMT
server
cloudflare
etag
W/"64e87466-5e55"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGg0R63VnlQLgnphu8I2uoUmveDyDPYwsUsrrKkcGCnaB7wCHsufJIE44Un3zNV427dq3eYPm8%2FyD9FRiZu%2FlRibdm%2FgZBjY5z5HSIC9bajX3xHAufaKkiF9fInHBeygUh9sA6Hxbj%2FwmHg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6c9ca06bb5c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.da2823563.js
1win-cdn.com/js/ 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/index.da2823563.js
Requested by
Host: 1wjxec.top
URL: https://1wjxec.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca2742d32f230afb46762f378311c6b3532b10a57f99e1ee17762e3c1b31f7e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
68416
cf-polished
origSize=77625
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 28 Aug 2023 11:39:49 GMT
server
cloudflare
etag
W/"64ec8785-12f39"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7izkgoBHohoPceJ9IB77To7qNHuMJkgPUpTxRLTiV1YyLlK3g5HL8a0EdLU1yNfAtkWfjnJ0ustMGmWAEPeuBLnHcQVYy5o54Aw9kMkRaWF1NTJe2XIz67EJ%2FJp0j2%2BsJYZQlHyH%2BWjyu0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6c9ca08bb5c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
1win-normal.svg
1wjxec.top/img/logo/main/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1wjxec.top/img/logo/main/1win-normal.svg
Requested by
Host: 1wjxec.top
URL: https://1wjxec.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.24.78 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
openresty/1.19.9.1 /
Resource Hash
a5cb3d03f299b837679eaa793491a03acc5fc1afdbc7f207b7566646f3bd2ecb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
gzip
last-modified
Mon, 28 Aug 2023 11:39:49 GMT
server
openresty/1.19.9.1
etag
W/"64ec8785-1221"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
affiliate:link_visit
1wjxec.top/ 		15 B
425 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1wjxec.top/affiliate:link_visit?visit_domain=1wjxec.top&sub_ids=undefined
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/chunk-vendors.1a89db500.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.24.78 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
openresty/1.19.9.1 / Express
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
server
openresty/1.19.9.1
etag
W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
x-powered-by
Express
access-control-max-age
7200
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
undefined
access-control-expose-headers
Authorization
x-frame-options
DENY
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
content-length
15
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/webp
icons-common.a6cc6a237.js
1win-cdn.com/js/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/icons-common.a6cc6a237.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.da2823563.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04eb095e7fd3f0d87c2de1c19749f6460d3319efcd5a4022d4244edee0576fc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336599
cf-polished
origSize=218833
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 09:29:09 GMT
server
cloudflare
etag
W/"64e87465-356d1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fntxsKBrMeyoHRa5x6Dj4GiopBfM7HLtQz7vELhAN95YG9IVjMyuSpEGWRs0pawJ%2F6IFu0CUUmPr%2FaNSzYoxzK3c3Dl1ji9hF4CjNQawBzJLR5N2%2Frm8LxTiUvkkWSTfPC76XUNiWhNe2kY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6ca5acebb5c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
3234.ea739d1d1.js
1win-cdn.com/js/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/3234.ea739d1d1.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.da2823563.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
887d06fe93a8cabd59ae2d1924a5c225959bfc551e0945c9c68a133663599396

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336599
cf-polished
origSize=28313
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 09:29:09 GMT
server
cloudflare
etag
W/"64e87465-6e99"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CG4ojWidCHQ3mF8T3b07GyhjYNce0wJQH1Y6U27AvM57fv0terqEyzZ5SRh9S9yBmkGaQ8wbgO40kGYmGrMPu9HU7k3JbcXke49H1jMmFMVEaBQ1SS%2FUcrcR2XFXL8fRDPxe7d2GyJftPO4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6ca5ad0bb5c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
80967.95ebfa799.js
1win-cdn.com/js/ 		42 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/80967.95ebfa799.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.da2823563.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ad0d0d4f2e44425892847675ffca2dbd524773a8d0d637b11631299ed1acb28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
68415
cf-polished
origSize=43073
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 28 Aug 2023 11:39:49 GMT
server
cloudflare
etag
W/"64ec8785-a841"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1jvur1HhBHJLivanBj2Q4uST8XsgnbIP19w45RFHn2JFKd2TYUiuocSV3JoyYjudRaasnvh1%2FtjEqN0QneXhiyt5T5I9lnBTgDE4EwKgomwCuCZEM5Cz%2B3CHAA174N5eysPv%2Fj9JGu6INI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6ca5ad3bb5c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
75078.6923a4a30.js
1win-cdn.com/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/75078.6923a4a30.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.da2823563.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c43bdea39e91c3f05149d309eed4a1b8aeb9435820b448f91e972138776825a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336599
cf-polished
origSize=7625
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 09:29:10 GMT
server
cloudflare
etag
W/"64e87466-1dc9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHvkrHDp0kWJsBibgDK0r6TdbVwh9rLpJf%2BrcPlpD43pQFElOwXStniH44zpOfLFkKgHQQM6pNRhieUQIVipIv%2BFy2QboDwHPKSKS3cXsmUzt%2BUcQa2cy9wMPzyXEzxhRCf1cMJCpqWWOwI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6ca5ad5bb5c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
14283.267403935.css
1win-cdn.com/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/css/14283.267403935.css
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.da2823563.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2679e019a88309a172469f4d43aab1da76e63457d5dc5b54e5dc348297282029

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
333059
cf-polished
origSize=19174
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 10:32:53 GMT
server
cloudflare
etag
W/"64e88355-4ae6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKNN4ir4FhFRxV69vZDMHa9ZN5T19NIrVE%2FjQtaOveJ7JxdhL2%2BV1lX0tP7YA80nR7PGvMT5R9Wa8bhSpmLVjlC55TDZ7xY9TGya1mBv7b%2BC7otXhDbg4lzBOJVEGLiwkVj8wawuU78XnWA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6ca6ad7bb5c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
14283.c3bd23b61.js
1win-cdn.com/js/ 		728 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/14283.c3bd23b61.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.da2823563.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82ddc1d7473e8414d4950988851796a15d24a79b5d4d89c4d5d09ce845db78d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
68415
cf-polished
origSize=745968
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 28 Aug 2023 11:39:49 GMT
server
cloudflare
etag
W/"64ec8785-b61f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVIJ%2BfrjaAmuak5cuk857hILlumii2%2Bx2THu3Sghh4JhA53El%2Fmd0Pdc82NdfmsU1609NlIJEYJWLHtgrpjjj8zXuPqZWdEVEkxOwnr1Tk8opvcSPyZcs4Y%2FJwtgPtQEGdyuFRaoJ2gzo8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6ca6ad8bb5c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
vardata
api.lab.amplitude.com/sdk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.lab.amplitude.com/sdk/vardata
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amp-exp-user
Access-Control-Request-Method
GET
Origin
https://1wjxec.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization,x-amp-exp-user
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
https://1wjxec.top
access-control-max-age
1800
cache-control
no-store
date
Tue, 29 Aug 2023 07:08:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin
x-amzn-trace-id
Root=1-64ed9977-16e9e2780f1ed8071493e58d
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-fra-eddf8230043-FRA
x-timer
S1693292920.783614,VS0,VE167
firebase-app.js
1wjxec.top/firebase/8.1.1/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1wjxec.top/firebase/8.1.1/firebase-app.js
Requested by
Host: 1wjxec.top
URL: https://1wjxec.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.24.78 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
openresty/1.19.9.1 /
Resource Hash
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
gzip
last-modified
Mon, 28 Aug 2023 11:39:49 GMT
server
openresty/1.19.9.1
etag
W/"64ec8785-4ded"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		288 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Requested by
Host: 1win.pink
URL: https://1win.pink/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1becb1014cf5c0e813bed0bd73ddcb7bd08fd06277b891b643d0eead2a0ecf2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85192
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 29 Aug 2023 07:08:39 GMT
vardata
api.lab.amplitude.com/sdk/ 		2 B
153 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.lab.amplitude.com/sdk/vardata
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/14283.c3bd23b61.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://1wjxec.top/
accept-language
de-DE,de;q=0.9
Authorization
Api-Key client-Ss5BFx7UDrTj948TJHfc5ZUoTW67EjvZ
X-Amp-Exp-User
eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjEiLCJkZXZpY2VfaWQiOiIyZWNkNTA0NC1kZjQ0LTQ4YWQtOTk3MS03MzZkOGUzZTUwMmMiLCJ1c2VyX3Byb3BlcnRpZXMiOnt9fQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
0
x-cache
MISS
content-length
2
x-served-by
cache-fra-eddf8230043-FRA
x-timer
S1693292920.962499,VS0,VE202
x-amzn-trace-id
Root=1-64ed9978-05fd9f935089fc023296134b
vary
Origin, Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://1wjxec.top
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
title
1wjxec.top/common/ 		29 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1wjxec.top/common/title?path=bets&lang=de
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/chunk-vendors.1a89db500.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.24.78 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
openresty/1.19.9.1 /
Resource Hash
c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://1wjxec.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
server
openresty/1.19.9.1
etag
"25-bM/5z02X/xOkKbh8eZCiJpcKcd0"
vary
Origin
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, stale-while-revalidate=300
content-length
29
84131.74d7d3ee6.css
1win-cdn.com/css/ 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/css/84131.74d7d3ee6.css
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.da2823563.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1452e31b2a3b0f0003a4fb3ccf10e452ccec959503b1d3a75a4de56ad977424b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336594
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 09:29:09 GMT
server
cloudflare
etag
W/"64e87465-5121"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSmu3FQF9epGGdd6Xe03Okl9hUHeuMEEPZ1eptcwaL907rXMeL98ogEg8Do3wkMyODsZKtJBls3quLJz8xDgLhDuwoUeoAb1%2B3ZEU%2F%2B7tnbV3QsFe4E0BBa%2BxxFrTQW7hKDQJ6NY9N%2FO8nw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6cc9b0c68f5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
27638.a9104aa3c.js
1win-cdn.com/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/27638.a9104aa3c.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.da2823563.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37c69ba1a850d62743d30e114337105a1520e6338db7e389b628c39705e60340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336594
cf-polished
origSize=10810
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 09:29:09 GMT
server
cloudflare
etag
W/"64e87465-2a3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNRjpXpG0DVATBXWBkrZ0BqdJCGpoxXubPjgFHSXecKEkh2C2e6J2W%2FpKtx%2BXgbky6KLxA9L3vhLXqUpPWtNU5hm2YOzoXT%2BavOTCMeuY9xNdUR6CYkzJrQ6YW0oPRBWOXawtetZYPvZnHs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6cc9b0d68f5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
87724.5703f7bc3.js
1win-cdn.com/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/87724.5703f7bc3.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.da2823563.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
437715e9466b7d51463a8ad8c1174e2cda8458003db1ec973c45dc7d1f6557d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336602
cf-polished
origSize=12290
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 09:29:09 GMT
server
cloudflare
etag
W/"64e87465-3002"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfFH9CnC77CNqwvV8Q5rby7NEdo39vU93Dc1M6W2%2BQZ28iaB1PN4nY7r6atUIeA0vCDc37hvyHTFI15nig7B1Y4qMR%2BO80GO5IN0j%2BhrwZlGErDVB5Qm7x2XcMPIidaDJ0yBZdNKMRItiwA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6cc9b0e68f5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
89260.c436d6424.js
1win-cdn.com/js/ 		97 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/89260.c436d6424.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.da2823563.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfaf69957a35b6bbdbc637a308a138ddb20acf374c5a8fbe96b165a21d4ce7cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336594
cf-polished
origSize=99198
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 09:29:09 GMT
server
cloudflare
etag
W/"64e87465-1837e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KtH94eKXhdzPuELTeJb7hSq3oXnragJUDD9Q8qWBzXntX6Fp5gk7krn6%2BZ83W6FClXzsS6b6A9WMU5jhH4gCmnyKCIDqmMiwYKOW1HgPdZ5rFCjgzDcH3Gm6v33yw6MfzEShi21rIRHX6I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6cc9b0f68f5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
90923.083eaea75.js
1win-cdn.com/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/90923.083eaea75.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.da2823563.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86b3224e91ee129633a4526794858a4b0093d09b02c8a801cf9b371aac98a4bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336602
cf-polished
origSize=11983
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 09:29:10 GMT
server
cloudflare
etag
W/"64e87466-2ecf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gepkGiDVfD27aiyGAeJ6oB0ZwZzLpDhI8sagqgM6%2FaeCoVGvL7mYSqSlS%2BFkAiqr6C0lFqplSJBB3ej%2BhytbV8S1p2RbrfINvk9dzwrMLx99uaRRp1X0LlhhTVr9ozJh6Q%2F4%2Bm3hS4Ig3c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6cc9b1068f5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
49582.5a28e7a40.js
1win-cdn.com/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/49582.5a28e7a40.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.da2823563.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea841282e65b0cb71c3f4825a949d12bb50996cfa497a3739695b6cd2cb287a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336583
cf-polished
origSize=10481
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 09:29:10 GMT
server
cloudflare
etag
W/"64e87466-28f1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDwDkGozL53%2FLavJyMYrzjJFqw6ToS3hAZCzKVCWls%2FDx0KTtJVYMBstC2C3KP6a7dpIHgRkg%2F9jQvEORDo3pDvL2StgDQCH2STHhejsjFiCD9Egemb%2FhYktPkoxNjWpAupb3M3negPjwPc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6ccab1168f5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
23116.bc8a47589.css
1win-cdn.com/css/ 		57 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/css/23116.bc8a47589.css
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.da2823563.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af3d0ccea3671f23872b646d2f329354bd81645f7d1b8b9414a210e1d31dc0ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336583
cf-polished
origSize=58029
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 09:29:09 GMT
server
cloudflare
etag
W/"64e87465-e2ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzYs6ZNf9BLzz42jyCX6bxEuFSXAZR0LqYDTr3cbTjH%2BedCjCt4yqLGEy1SF6%2BT%2FOp287alZQD0u%2FVLenHZIQPwcC7T0tkg7Dwsvr1Ljk0U83037iFqvbIu1PDYIK9yNw1llOxiDCTp2qKw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6ccab1468f5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
23116.dbdfa723d.js
1win-cdn.com/js/ 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/23116.dbdfa723d.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.da2823563.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f38d410b465b1ac545b6661ce8539a6ffd2ef3f1215f71b93f561a2a2cb7d200

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
333048
cf-polished
origSize=104703
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 10:32:53 GMT
server
cloudflare
etag
W/"64e88355-198ff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BDX2VBosCXQPaJS63WiVkrmIgPjFDByvwnWmhwveMpH%2BYH7mjD3Agc2YZ8F4WetuaBMnAXUQh8Dr7pi5vPmtWgaW5ZuOtXsbvhZzqxGTQC%2FO9MtbEzuTSteHmTL9noLa%2FQcHz8lARYGoPk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6ccab1568f5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
7725.1ef60ea43.js
1win-cdn.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/7725.1ef60ea43.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.da2823563.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb49e592bdddf08711063d58bd6208ca168b3b66c2479ded606b0232a21a7328

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336602
cf-polished
origSize=8041
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 09:29:09 GMT
server
cloudflare
etag
W/"64e87465-1f69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9p8m%2BTIGZTNRefwN6YErgo3MmsEPgKw3LuVheAsmWNPqh%2B9ctClGzQkFJxrxYeNMFFRcDH2Jp4KuZublyetDMvCAlbGj0CalEdywckYRkP0Hd%2BLtzjQUuff%2BobMzL77O2j%2F3XQ82NhGP7g8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6ccab1668f5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
9921.4a53b0354.js
1win-cdn.com/js/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/js/9921.4a53b0354.js
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.da2823563.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
687c77568ea8c4e230a79b36d2759347f99b10dbcad7a71032906907f4270cb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
333048
cf-polished
origSize=30243
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 10:32:53 GMT
server
cloudflare
etag
W/"64e88355-7623"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBHp6zGG8LdfogvNcCuyswFndQ1FaYGutc%2BZnlQmWqLYjiTctCRfN13%2FBORtiG1puCmW1AbrLz93j8iL%2BujvrogHI765IPsnGWvTDjOxuhzInLoXx71awQz7yymYSVQTOuWUx0B%2BX6jlT3A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6ccab1868f5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
84758.9a6de51fe.css
1win-cdn.com/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1win-cdn.com/css/84758.9a6de51fe.css
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.da2823563.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2abe1b262de3e8212b87fb1a3065787ae66bef248170eb9cb185c999ccaf979e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
336594
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 25 Aug 2023 09:29:09 GMT
server
cloudflare
etag
W/"64e87465-209e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqTHzEgBDxu15CP40FI2Rjvs4AmNo%2FlBT4vFY72jswYjWhkUbRFYoi4J%2FTySKnumWp2jkIKwYuPS7Bu7LAjeMkemnY5R%2F8JVyi6x2rKMJx%2Fqsdkkjui54x4rCEoAoH2%2Bo8u%2FPwvdAyV0h1A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6ccab1a68f5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
firebase-messaging.js
1wjxec.top/firebase/8.1.1/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1wjxec.top/firebase/8.1.1/firebase-messaging.js
Requested by
Host: 1wjxec.top
URL: https://1wjxec.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.24.78 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
openresty/1.19.9.1 /
Resource Hash
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
gzip
last-modified
Mon, 28 Aug 2023 11:39:49 GMT
server
openresty/1.19.9.1
etag
W/"64ec8785-9f25"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
activityi;dc_pre=CK3V-9engYEDFckIogMdZkID5w;src=12688802;type=actio0;cat=allpa0;ord=1;num=8792627418777;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver...
12688802.fls.doubleclick.net/ Frame 2A64
Redirect Chain
  • https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=8792627418777;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ep...
  • https://12688802.fls.doubleclick.net/activityi;dc_pre=CK3V-9engYEDFckIogMdZkID5w;src=12688802;type=actio0;cat=allpa0;ord=1;num=8792627418777;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafv...
538 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12688802.fls.doubleclick.net/activityi;dc_pre=CK3V-9engYEDFckIogMdZkID5w;src=12688802;type=actio0;cat=allpa0;ord=1;num=8792627418777;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
4bcfbb84080a5bf71f656119cf666f969927d3f37271669f5847e1965e637208
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wjxec.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
307
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 07:08:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 07:08:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12688802.fls.doubleclick.net/activityi;dc_pre=CK3V-9engYEDFckIogMdZkID5w;src=12688802;type=actio0;cat=allpa0;ord=1;num=8792627418777;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=COnM-dengYEDFVZUkQUdmPYENg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
12572451.fls.doubleclick.net/ Frame 8B9C
Redirect Chain
  • https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
  • https://12572451.fls.doubleclick.net/activityi;dc_pre=COnM-dengYEDFVZUkQUdmPYENg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...
555 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12572451.fls.doubleclick.net/activityi;dc_pre=COnM-dengYEDFVZUkQUdmPYENg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2175192871769.1338?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f134.1e100.net
Software
cafe /
Resource Hash
503f0cf34efc68effe991db2adb41f9a4976cfc6aa25d5b739ffc7b1dae48f11
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wjxec.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
306
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 07:08:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 07:08:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12572451.fls.doubleclick.net/activityi;dc_pre=COnM-dengYEDFVZUkQUdmPYENg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2175192871769.1338?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
hotjar-2606090.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2606090.js?sv=6
Requested by
Host: 1win.pink
URL: https://1win.pink/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-37.fra56.r.cloudfront.net
Software
/
Resource Hash
ffdf4b817d0cf39d24a9fedf987d53957e4c72ade871c6a5918682e4edf8fb38
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Tue, 29 Aug 2023 07:08:12 GMT
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
28
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/4856cd4241f733c8401050aed53c5ade
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
SfATL6S463daFU5N75Fuel71ajBqrE0tG7U7k4o4Jm7HPFckv_RcSw==
tag.js
mc.yandex.ru/metrika/ 		216 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: 1win.pink
URL: https://1win.pink/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
fd4c6ff2e56afccc04586f39418bb8f2d6003dee723968161440bc425a183758
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 22 Aug 2023 14:02:29 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64e495c5-127ae"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
75694
expires
Tue, 29 Aug 2023 08:08:40 GMT
js
www.googletagmanager.com/gtag/ 		222 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b79beda8f5cc5b5679595baced6ed54c08ba73134c88b0902b95680a4b293d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80032
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 29 Aug 2023 07:08:39 GMT
activityi;dc_pre=CI3W-9engYEDFQxTGAodzhkD4g;src=12688802;type=actio0;cat=allpa0;ord=1;num=6540083442890;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver...
12688802.fls.doubleclick.net/ Frame 6052
Redirect Chain
  • https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=6540083442890;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ep...
  • https://12688802.fls.doubleclick.net/activityi;dc_pre=CI3W-9engYEDFQxTGAodzhkD4g;src=12688802;type=actio0;cat=allpa0;ord=1;num=6540083442890;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafv...
549 B
491 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12688802.fls.doubleclick.net/activityi;dc_pre=CI3W-9engYEDFQxTGAodzhkD4g;src=12688802;type=actio0;cat=allpa0;ord=1;num=6540083442890;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
1119b90681a052e1ee8ff6b192f58f16a25a4fd27d003b929713bdc1000dafd8
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wjxec.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
315
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 07:08:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 07:08:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12688802.fls.doubleclick.net/activityi;dc_pre=CI3W-9engYEDFQxTGAodzhkD4g;src=12688802;type=actio0;cat=allpa0;ord=1;num=6540083442890;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CMzR-dengYEDFZQB5god6b0OAw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
12572451.fls.doubleclick.net/ Frame 458A
Redirect Chain
  • https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
  • https://12572451.fls.doubleclick.net/activityi;dc_pre=CMzR-dengYEDFZQB5god6b0OAw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...
554 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12572451.fls.doubleclick.net/activityi;dc_pre=CMzR-dengYEDFZQB5god6b0OAw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=3587170215258.506?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f134.1e100.net
Software
cafe /
Resource Hash
2a3b0efaa5181847d254bfa1f149c61dedf3589efb1739145c848697878f3d69
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wjxec.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
307
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 07:08:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 07:08:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12572451.fls.doubleclick.net/activityi;dc_pre=CMzR-dengYEDFZQB5god6b0OAw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=3587170215258.506?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1win-normal.34748aac6.svg
1win-cdn.com/img/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-cdn.com/img/1win-normal.34748aac6.svg
Requested by
Host: 1wjxec.top
URL: https://1wjxec.top/bets/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5cb3d03f299b837679eaa793491a03acc5fc1afdbc7f207b7566646f3bd2ecb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2999322
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 25 Jul 2023 13:47:16 GMT
server
cloudflare
etag
W/"64bfd264-1221"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrTa97OKE25GN1ok2WWIMM3a8DcS8KUwNKtJL2PHzY%2FHP7rQlh%2FLhcbZE37SvNPFKqDIoRViybbnizbu1f%2FxmVkBCqJM9xSAlubE58S%2BsxmyLJpz5Xk%2BOrNpTZhV5Wj936mDTsFtRe%2FAs0U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6cd8bd468f5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
de.svg
1win-cdn.com/img/flags/ 		272 B
665 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-cdn.com/img/flags/de.svg
Requested by
Host: 1wjxec.top
URL: https://1wjxec.top/bets/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e24a688017c0d2b6a65390caf35350cae86094372366b4be62767040d4b1c2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2999268
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 25 Jul 2023 13:47:16 GMT
server
cloudflare
etag
W/"64bfd264-110"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQC1%2F7u1Shm%2Fy2BfYKYJ2I3t1cGXU4CGmL6I3yPP%2BQE7tRxBIUSL1nrUsHlI0j5lGJ9S7qEMhyuWBjZXuhg8UPXwHKhR9MWkGVb5heIaqNHAGJg5L2%2BZJRdhzN%2BKLN%2BREvtGZ9%2FiH1d72vY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
7fe2f6cd8bd668f5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
bear.09894b84b-290.webp
1win-cdn.com/img/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1win-cdn.com/img/bear.09894b84b-290.webp
Requested by
Host: 1wjxec.top
URL: https://1wjxec.top/bets/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8617 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4010cd904385baf40748bc00e7ae96604ab7dbb0aa6b3c359d79e8a09d9b8b9
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2593
alt-svc
h3=":443"; ma=86400
content-length
21260
last-modified
Mon, 28 Aug 2023 11:39:49 GMT
server
cloudflare
etag
"64ec8785-530c"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pa0vqiu9JH7KO9Gs77tJKOi8umQd8JKIRfP9O2TZgJlhe2C%2Bq8AUOXOeeSdRq6mvSX43o3nTzL3498fT2cETtnH32LDX55jcst%2F5yNWcSQa%2FlH2ZbQyQxvbMCY5k%2FuBJ6zgwc2fvdHz4FFA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7fe2f6cd9be968f5-FRA
modules.1cfaab4c8cd12d2d55e6.js
script.hotjar.com/ 		223 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.1cfaab4c8cd12d2d55e6.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-122.fra56.r.cloudfront.net
Software
/
Resource Hash
a0cd3e612d572a75068d14e2792b7e7acc7751603846d82343baffa8caa64c3a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 15:20:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
316113
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55616
last-modified
Fri, 25 Aug 2023 15:19:13 GMT
etag
"b2ccfe0674387307eb50dd2e6c57d8fa"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
MtNI9d6Q4LTJhpOHfKdBOmegu8WoYCTWAz_3Ty8KGHy_EGNVTd58RA==
collect
region1.google-analytics.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-548949LWLW&gtm=45je38n0&_p=442579853&cid=608407492.1693292920&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&sid=1693292919&sct=1&seg=0&dl=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome&dr=https%3A%2F%2F1win.pink%2F&dt=1win&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_url=https%3A%2F%2F1wjxec.top%2F&up.platform_language=de&up.device_type=desktop&up.platform=web&up.os=windows
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 07:08:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://1wjxec.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adservice.google.com/ddm/fls/i/dc_pre=COnM-dengYEDFVZUkQUdmPYENg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame 3271 		554 B
681 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=COnM-dengYEDFVZUkQUdmPYENg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2175192871769.1338;~oref=https://1wjxec.top/
Requested by
Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=COnM-dengYEDFVZUkQUdmPYENg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2175192871769.1338?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
224079340fbb2cfa5e5a13315089a53471051b1783d1ec421a59df9f4cc203e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
306
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 07:08:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
adservice.google.com/ddm/fls/i/dc_pre=CMzR-dengYEDFZQB5god6b0OAw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame 4240 		553 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CMzR-dengYEDFZQB5god6b0OAw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=3587170215258.506;~oref=https://1wjxec.top/
Requested by
Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=CMzR-dengYEDFZQB5god6b0OAw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=3587170215258.506?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92b89718257952e0db48b8b26c660924555edb79d3244448ff2272e51b387468
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
307
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 07:08:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CI3W-9engYEDFQxTGAodzhkD4g;src=12688802;type=actio0;cat=allpa0;ord=1;num=6540083442890;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=h...
adservice.google.com/ddm/fls/i/ Frame 3AC0 		548 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CI3W-9engYEDFQxTGAodzhkD4g;src=12688802;type=actio0;cat=allpa0;ord=1;num=6540083442890;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome
Requested by
Host: 12688802.fls.doubleclick.net
URL: https://12688802.fls.doubleclick.net/activityi;dc_pre=CI3W-9engYEDFQxTGAodzhkD4g;src=12688802;type=actio0;cat=allpa0;ord=1;num=6540083442890;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043941468fdb27d3620d4c32cb5b5d5aeedff84fb08d3965c56a1ba9dcc42dab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12688802.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
313
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 07:08:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CK3V-9engYEDFckIogMdZkID5w;src=12688802;type=actio0;cat=allpa0;ord=1;num=8792627418777;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=h...
adservice.google.com/ddm/fls/i/ Frame 659A 		537 B
373 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CK3V-9engYEDFckIogMdZkID5w;src=12688802;type=actio0;cat=allpa0;ord=1;num=8792627418777;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F
Requested by
Host: 12688802.fls.doubleclick.net
URL: https://12688802.fls.doubleclick.net/activityi;dc_pre=CK3V-9engYEDFckIogMdZkID5w;src=12688802;type=actio0;cat=allpa0;ord=1;num=8792627418777;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d787046a337ace55ea7a3484628250f5d0036f74996d187d3b8486ca68697b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12688802.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
307
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 07:08:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
adservice.google.de/ddm/fls/i/dc_pre=COnM-dengYEDFVZUkQUdmPYENg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BG... Frame 5A66 		194 B
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=COnM-dengYEDFVZUkQUdmPYENg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2175192871769.1338;~oref=https://1wjxec.top/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COnM-dengYEDFVZUkQUdmPYENg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2175192871769.1338;~oref=https://1wjxec.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 07:08:40 GMT
expires
Tue, 29 Aug 2023 07:08:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
adservice.google.de/ddm/fls/i/dc_pre=CMzR-dengYEDFZQB5god6b0OAw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BG... Frame E14F 		194 B
515 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CMzR-dengYEDFZQB5god6b0OAw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=3587170215258.506;~oref=https://1wjxec.top/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMzR-dengYEDFZQB5god6b0OAw;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=3587170215258.506;~oref=https://1wjxec.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 07:08:40 GMT
expires
Tue, 29 Aug 2023 07:08:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CK3V-9engYEDFckIogMdZkID5w;src=12688802;type=actio0;cat=allpa0;ord=1;num=8792627418777;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=h...
adservice.google.de/ddm/fls/i/ Frame 616F 		194 B
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CK3V-9engYEDFckIogMdZkID5w;src=12688802;type=actio0;cat=allpa0;ord=1;num=8792627418777;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CK3V-9engYEDFckIogMdZkID5w;src=12688802;type=actio0;cat=allpa0;ord=1;num=8792627418777;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 07:08:40 GMT
expires
Tue, 29 Aug 2023 07:08:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CI3W-9engYEDFQxTGAodzhkD4g;src=12688802;type=actio0;cat=allpa0;ord=1;num=6540083442890;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=h...
adservice.google.de/ddm/fls/i/ Frame AA34 		194 B
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CI3W-9engYEDFQxTGAodzhkD4g;src=12688802;type=actio0;cat=allpa0;ord=1;num=6540083442890;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CI3W-9engYEDFQxTGAodzhkD4g;src=12688802;type=actio0;cat=allpa0;ord=1;num=6540083442890;auiddc=1630924280.1693292920;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 07:08:40 GMT
expires
Tue, 29 Aug 2023 07:08:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10110.9prmFzXflFcUpEgGv1sUxB29MKN_mBYYybLSZCc_9Ujbji8MKV5DEdZfIJN1SXSS.NYSQEdNOk9VHLJcRUIgnvnl9q_k%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10110.E0WNTy03Qzw6t96hFflQby81-Ba8HAvnWZ3bofW7hIeJDIRi5LEELP3ZCvmGRROzbqHMFnEcr60UVMOVzqJnBstxd9kuU6CgJyKsRdwVLDg%2C.5NoOKG71slV-2lAxIm_mDaFKrT8%2C
43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10110.E0WNTy03Qzw6t96hFflQby81-Ba8HAvnWZ3bofW7hIeJDIRi5LEELP3ZCvmGRROzbqHMFnEcr60UVMOVzqJnBstxd9kuU6CgJyKsRdwVLDg%2C.5NoOKG71slV-2lAxIm_mDaFKrT8%2C
Requested by
Host: 1wjxec.top
URL: https://1wjxec.top/bets/home
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:40 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10110.E0WNTy03Qzw6t96hFflQby81-Ba8HAvnWZ3bofW7hIeJDIRi5LEELP3ZCvmGRROzbqHMFnEcr60UVMOVzqJnBstxd9kuU6CgJyKsRdwVLDg%2C.5NoOKG71slV-2lAxIm_mDaFKrT8%2C
date
Tue, 29 Aug 2023 07:08:40 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: 1wjxec.top
URL: https://1wjxec.top/bets/home
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:40 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 22 Aug 2023 14:02:29 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64e495c5-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 29 Aug 2023 08:08:40 GMT
1
mc.yandex.com/watch/92006234/
Redirect Chain
  • https://mc.yandex.com/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome&page-ref=https%3A%2F%2F1win.pink%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixa...
  • https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome&page-ref=https%3A%2F%2F1win.pink%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5si...
435 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome&page-ref=https%3A%2F%2F1win.pink%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A1094%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A131259261895%3Ahid%3A710660791%3Az%3A120%3Ai%3A20230829090840%3Aet%3A1693292920%3Ac%3A1%3Arn%3A992222764%3Arqn%3A1%3Au%3A169329292035769893%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A320%2C33%2C626%2C25%2C0%2C0%2C%2C61%2C0%2C%2C%2C%2C1185%3Aco%3A0%3Acpf%3A1%3Ans%3A1693292918234%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1693292920%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
a33dd9972f57407c2164729ddfbfd5edecb7fd23889a8f16ddda76482a07f6e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 07:08:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 29-Aug-2023 07:08:40 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1wjxec.top
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Tue, 29-Aug-2023 07:08:40 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Aug 2023 07:08:40 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 29-Aug-2023 07:08:40 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome&page-ref=https%3A%2F%2F1win.pink%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A1094%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A131259261895%3Ahid%3A710660791%3Az%3A120%3Ai%3A20230829090840%3Aet%3A1693292920%3Ac%3A1%3Arn%3A992222764%3Arqn%3A1%3Au%3A169329292035769893%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A320%2C33%2C626%2C25%2C0%2C0%2C%2C61%2C0%2C%2C%2C%2C1185%3Aco%3A0%3Acpf%3A1%3Ans%3A1693292918234%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1693292920%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
access-control-allow-origin
https://1wjxec.top
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 29-Aug-2023 07:08:40 GMT
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10110.1x8AuYlmHho0Cmo6oXgg_bQyxwLcuRmjmYFf1WZpIHJxjYkzTy2-PsPAx07WNru5.h4d0Qy_xvQwopaDsnt12tDYXvSU%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10110.k1j-eNyv1GaQXsP_ye_HhGCzoCjdivKuvsUufCwrQwpI8G9LBSKAFYYO2I1ikQUUEoN7boar-jHmX6NfJwo4Cr4NopUSmoGrxJolBad2pUo%2C.N1_QaoD9vxu21zlcQ...
43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10110.k1j-eNyv1GaQXsP_ye_HhGCzoCjdivKuvsUufCwrQwpI8G9LBSKAFYYO2I1ikQUUEoN7boar-jHmX6NfJwo4Cr4NopUSmoGrxJolBad2pUo%2C.N1_QaoD9vxu21zlcQNgtAzpOxpw%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1wjxec.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:08:40 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10110.k1j-eNyv1GaQXsP_ye_HhGCzoCjdivKuvsUufCwrQwpI8G9LBSKAFYYO2I1ikQUUEoN7boar-jHmX6NfJwo4Cr4NopUSmoGrxJolBad2pUo%2C.N1_QaoD9vxu21zlcQNgtAzpOxpw%2C
date
Tue, 29 Aug 2023 07:08:40 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
httpapi
api2.amplitude.com/2/ 		94 B
287 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: 1win-cdn.com
URL: https://1win-cdn.com/js/14283.c3bd23b61.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.215.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-215-160.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
952cb8794b89eaadfd8e4e5f134515803b0dcd7fa5c47777684c6876a1a76917
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://1wjxec.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 29 Aug 2023 07:08:41 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-64ed9979-70e0325009bdea765394d029
content-length
94
access-control-allow-methods
GET, POST
content-type
application/json
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.215.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-215-160.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1wjxec.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Tue, 29 Aug 2023 07:08:41 GMT
strict-transport-security
max-age=15768000

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| INITIAL_DATA object| _chunksDictionary string| appTitle function| deepFreeze object| LangEnum object| lang string| releaseTag string| gtmKey string| debugDomain object| supportChatConfig function| prefetchAllDynamicLogos function| getNextDynamicLogoIndex function| getLogoPath function| performTransition function| showLogo function| subscribeToLogoUpdate function| startUpdateDynamicLogosInterval object| webim object| webimHandlers function| initOrGetInstanceOfSupportChat function| loadScript string| vipDomain object| webpackChunk_1win_frontend_main object| SENTRY_RELEASE object| SENTRY_RELEASES object| dataLayer object| buildConfig object| __VUE_INSTANCE_SETTERS__ object| amplitude boolean| __VUE__ object| analyticsConnectorInstances object| socket object| firebase object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| axel number| a string| userId function| hj object| _hjSettings function| ym object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaGlobal object| Ya object| yaCounter92006234

27 Cookies

Domain/Path Name / Value
1wjxec.top/ Name: visit_domain
Value: 1wjxec.top
1wjxec.top/ Name: core-sticky
Value: http://10.233.94.83:80
1wjxec.top/ Name: 1w_lang
Value: de
.1wjxec.top/ Name: AMP_MKTG_494cccfe21
Value: JTdCJTIycmVmZXJyZXIlMjIlM0ElMjJodHRwcyUzQSUyRiUyRjF3aW4ucGluayUyRiUyMiUyQyUyMnJlZmVycmluZ19kb21haW4lMjIlM0ElMjIxd2luLnBpbmslMjIlN0Q=
.1wjxec.top/ Name: _gcl_au
Value: 1.1.1630924280.1693292920
1wjxec.top/ Name: 1w_locale
Value: 26
.1wjxec.top/ Name: _ga_548949LWLW
Value: GS1.1.1693292919.1.0.1693292919.0.0.0
.1wjxec.top/ Name: _ga
Value: GA1.1.608407492.1693292920
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.1wjxec.top/ Name: AMP_494cccfe21
Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjIyZWNkNTA0NC1kZjQ0LTQ4YWQtOTk3MS03MzZkOGUzZTUwMmMlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNjkzMjkyOTE5NzMzJTJDJTIyb3B0T3V0JTIyJTNBdHJ1ZSUyQyUyMmxhc3RFdmVudFRpbWUlMjIlM0ExNjkzMjkyOTIwMDI5JTJDJTIybGFzdEV2ZW50SWQlMjIlM0E1JTdE
.1wjxec.top/ Name: _hjSessionUser_2606090
Value: eyJpZCI6ImMxN2ExMzc4LTc1MDQtNTgxMS05Y2YwLTVlMGMyMmUyMDQzNiIsImNyZWF0ZWQiOjE2OTMyOTI5MjAwNjQsImV4aXN0aW5nIjpmYWxzZX0=
.1wjxec.top/ Name: _hjFirstSeen
Value: 1
.1wjxec.top/ Name: _hjIncludedInSessionSample_2606090
Value: 0
.1wjxec.top/ Name: _hjSession_2606090
Value: eyJpZCI6IjIwYmUyNjNlLWQ2OTItNDIzNy1hOTY0LTIxZTVhY2VkMDQzZCIsImNyZWF0ZWQiOjE2OTMyOTI5MjAwNzUsImluU2FtcGxlIjpmYWxzZX0=
.1wjxec.top/ Name: _hjAbsoluteSessionInProgress
Value: 0
1wjxec.top/ Name: _hjHasCachedUserAttributes
Value: true
.1wjxec.top/ Name: _ym_uid
Value: 169329292035769893
.1wjxec.top/ Name: _ym_d
Value: 1693292920
.1wjxec.top/ Name: _ym_isad
Value: 2
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2836874314fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 609222020fake
mc.yandex.com/ Name: yabs-sid
Value: 189129191693292920
.yandex.com/ Name: i
Value: sVUDKTyMd7UY8vVsSn5Arpf3e4kx+SdM7AGKX5hIMZgXEcCABBa24F1Vj/49X5KqtRV4y9+XQbmmuRJwKGvena/pIoQ=
.yandex.com/ Name: yandexuid
Value: 7689615141693292920
.yandex.com/ Name: yuidss
Value: 7689615141693292920
.yandex.com/ Name: ymex
Value: 1724828920.yrts.1693292920#1724828920.yrtsi.1693292920
.yandex.com/ Name: bh
Value: KgI/MA==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
1win-cdn.com
1win.pink
1wjxec.top
adservice.google.com
adservice.google.de
api.lab.amplitude.com
api2.amplitude.com
mc.yandex.com
mc.yandex.ru
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
www.googletagmanager.com
142.250.74.198
151.101.194.132
18.66.97.37
190.115.24.78
2001:4860:4802:32::36
216.58.212.134
2606:4700:3030::6815:5f06
2606:4700:e2::ac40:8617
2a00:1450:4001:800::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:81c::2008
2a02:6b8::1:119
44.238.215.160
52.222.236.122
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
043941468fdb27d3620d4c32cb5b5d5aeedff84fb08d3965c56a1ba9dcc42dab
04eb095e7fd3f0d87c2de1c19749f6460d3319efcd5a4022d4244edee0576fc8
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6
0ad0d0d4f2e44425892847675ffca2dbd524773a8d0d637b11631299ed1acb28
0b4a8b6cb476b10487cf7f7129126078a7a55b6b4f7bd669648a047d83f49541
1119b90681a052e1ee8ff6b192f58f16a25a4fd27d003b929713bdc1000dafd8
1452e31b2a3b0f0003a4fb3ccf10e452ccec959503b1d3a75a4de56ad977424b
1becb1014cf5c0e813bed0bd73ddcb7bd08fd06277b891b643d0eead2a0ecf2a
224079340fbb2cfa5e5a13315089a53471051b1783d1ec421a59df9f4cc203e4
2679e019a88309a172469f4d43aab1da76e63457d5dc5b54e5dc348297282029
2a3b0efaa5181847d254bfa1f149c61dedf3589efb1739145c848697878f3d69
2abe1b262de3e8212b87fb1a3065787ae66bef248170eb9cb185c999ccaf979e
2b79beda8f5cc5b5679595baced6ed54c08ba73134c88b0902b95680a4b293d1
2d902090b8d5215fd510ba73aa0a07bcc75d3a1bc85fb2c30acffda7a44c6f41
37c69ba1a850d62743d30e114337105a1520e6338db7e389b628c39705e60340
437715e9466b7d51463a8ad8c1174e2cda8458003db1ec973c45dc7d1f6557d7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b528cece86c2e55368671a69a72481f9cc83407dadd0235b6279ab77a22c2f
4bcfbb84080a5bf71f656119cf666f969927d3f37271669f5847e1965e637208
503f0cf34efc68effe991db2adb41f9a4976cfc6aa25d5b739ffc7b1dae48f11
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
687c77568ea8c4e230a79b36d2759347f99b10dbcad7a71032906907f4270cb5
7d787046a337ace55ea7a3484628250f5d0036f74996d187d3b8486ca68697b2
82ddc1d7473e8414d4950988851796a15d24a79b5d4d89c4d5d09ce845db78d8
86b3224e91ee129633a4526794858a4b0093d09b02c8a801cf9b371aac98a4bd
8713fde6ab8806bf491eec5beecc50512a173ef587790d2d2c59c759e500a089
887d06fe93a8cabd59ae2d1924a5c225959bfc551e0945c9c68a133663599396
8a44d8a39c24fca535a8d9c030ea37a3b4cb0d84714f10de0745ca6becd0784b
8ea841282e65b0cb71c3f4825a949d12bb50996cfa497a3739695b6cd2cb287a
92b89718257952e0db48b8b26c660924555edb79d3244448ff2272e51b387468
952cb8794b89eaadfd8e4e5f134515803b0dcd7fa5c47777684c6876a1a76917
9e24a688017c0d2b6a65390caf35350cae86094372366b4be62767040d4b1c2e
a0cd3e612d572a75068d14e2792b7e7acc7751603846d82343baffa8caa64c3a
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a33dd9972f57407c2164729ddfbfd5edecb7fd23889a8f16ddda76482a07f6e4
a4010cd904385baf40748bc00e7ae96604ab7dbb0aa6b3c359d79e8a09d9b8b9
a5cb3d03f299b837679eaa793491a03acc5fc1afdbc7f207b7566646f3bd2ecb
af3d0ccea3671f23872b646d2f329354bd81645f7d1b8b9414a210e1d31dc0ac
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bfaf69957a35b6bbdbc637a308a138ddb20acf374c5a8fbe96b165a21d4ce7cd
c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a
c43bdea39e91c3f05149d309eed4a1b8aeb9435820b448f91e972138776825a9
c6ff9d2d8684185b25d5ddfc948f40495eaacc2c77f3e36009621a40df3c6f4c
ca2742d32f230afb46762f378311c6b3532b10a57f99e1ee17762e3c1b31f7e6
df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb49e592bdddf08711063d58bd6208ca168b3b66c2479ded606b0232a21a7328
f32f25e2bd79b08a0861ef8bce062caba11b1678e9965e53cee4230ca3dfac74
f38d410b465b1ac545b6661ce8539a6ffd2ef3f1215f71b93f561a2a2cb7d200
fd4c6ff2e56afccc04586f39418bb8f2d6003dee723968161440bc425a183758
ffdf4b817d0cf39d24a9fedf987d53957e4c72ade871c6a5918682e4edf8fb38