urlscan.io logo urlscan.io
SecurityTrails logo

1wxxlb.com Open in urlscan Pro
186.2.162.102  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1wxxlb.com/v3/reg-form-aviator?p%3d962n
Effective URL: https://1wxxlb.com/v3/reg-form-aviator?p%3d962n
Submission: On October 25 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 10 domains to perform 42 HTTP transactions. The main IP is 186.2.162.102, located in Belize and belongs to IQWEB, AE. The main domain is 1wxxlb.com.
TLS certificate: Issued by R10 on October 3rd 2024. Valid for: 3 months.
This is the only time 1wxxlb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 186.2.162.102 59692 (IQWEB)
1 190.115.19.14 59692 (IQWEB)
1 108.139.29.53 16509 (AMAZON-02)
5 142.251.41.40 15169 (GOOGLE)
2 4 142.250.81.230 15169 (GOOGLE)
1 13.33.252.127 16509 (AMAZON-02)
2 49.13.81.104 24940 (HETZNER-AS)
1 142.251.33.162 15169 (GOOGLE)
3 142.251.32.66 15169 (GOOGLE)
1 172.217.165.6 15169 (GOOGLE)
1 216.239.34.181 15169 (GOOGLE)
1 142.251.111.154 15169 (GOOGLE)
2 142.251.41.67 15169 (GOOGLE)
1 18.164.96.87 16509 (AMAZON-02)
1 142.251.41.68 15169 (GOOGLE)
1 18.164.96.95 16509 (AMAZON-02)
2 54.186.191.80 16509 (AMAZON-02)
42 17
16    186.2.162.102 (Belize)

ASN59692 (IQWEB, AE)
PTR: ddos-guard.net
1wxxlb.com
1    190.115.19.14 (Belize)

ASN59692 (IQWEB, AE)
partners.1win-cdn.com
1    108.139.29.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-53.jfk50.r.cloudfront.net
cdn.amplitude.com
5    142.251.41.40 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: yyz12s08-in-f8.1e100.net
www.googletagmanager.com
4    142.250.81.230 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f6.1e100.net
12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
1    13.33.252.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-252-127.jfk50.r.cloudfront.net
static.hotjar.com
2    49.13.81.104 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.104.81.13.49.clients.your-server.de
rtb-demo.ubidex.xyz
1    142.251.33.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: yyz10s17-in-f2.1e100.net
googleads.g.doubleclick.net
3    142.251.32.66 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: yyz12s07-in-f2.1e100.net
td.doubleclick.net
1    172.217.165.6 (United States)

ASN15169 (GOOGLE, US)
PTR: yyz12s06-in-f6.1e100.net
ad.doubleclick.net
1    216.239.34.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    142.251.111.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f154.1e100.net
stats.g.doubleclick.net
2    142.251.41.67 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: yyz10s20-in-f3.1e100.net
www.google.ca
1    18.164.96.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net
script.hotjar.com
1    142.251.41.68 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: yyz10s20-in-f4.1e100.net
www.google.com
1    18.164.96.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-95.jfk50.r.cloudfront.net
vc.hotjar.io
2    54.186.191.80 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-191-80.us-west-2.compute.amazonaws.com
api2.amplitude.com
Apex Domain
Subdomains		 Transfer
16 1wxxlb.com
1wxxlb.com
624 KB
10 doubleclick.net
12572451.fls.doubleclick.net — Cisco Umbrella Rank: 330391
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
td.doubleclick.net — Cisco Umbrella Rank: 192
12688802.fls.doubleclick.net — Cisco Umbrella Rank: 332055
ad.doubleclick.net — Cisco Umbrella Rank: 150
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
4 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
391 KB
3 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 2890
api2.amplitude.com — Cisco Umbrella Rank: 1159
24 KB
2 google.ca
www.google.ca — Cisco Umbrella Rank: 12143
127 B
2 google.com
analytics.google.com — Cisco Umbrella Rank: 147
www.google.com — Cisco Umbrella Rank: 3
64 B
2 ubidex.xyz
rtb-demo.ubidex.xyz
1 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 877
script.hotjar.com — Cisco Umbrella Rank: 1177
61 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3185
233 B
1 1win-cdn.com
partners.1win-cdn.com — Cisco Umbrella Rank: 543644
2 KB
42 10
Domain Requested by
16 1wxxlb.com 1wxxlb.com
partners.1win-cdn.com
5 www.googletagmanager.com 1wxxlb.com
www.googletagmanager.com
3 td.doubleclick.net www.googletagmanager.com
2 api2.amplitude.com cdn.amplitude.com
2 www.google.ca 1wxxlb.com
2 12688802.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 rtb-demo.ubidex.xyz www.googletagmanager.com
1wxxlb.com
2 12572451.fls.doubleclick.net 1 redirects www.googletagmanager.com
1 vc.hotjar.io script.hotjar.com
1 www.google.com 1wxxlb.com
1 script.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 ad.doubleclick.net 1wxxlb.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 static.hotjar.com 1wxxlb.com
1 cdn.amplitude.com 1wxxlb.com
1 partners.1win-cdn.com 1wxxlb.com
42 18

This site contains no links.

Subject Issuer Validity Valid
1wxxlb.com
R10		 2024-10-03 -
2025-01-01		 3 months crt.sh
partners.1win-cdn.com
R10		 2024-10-06 -
2025-01-04		 3 months crt.sh
cdn.amplitude.com
Amazon RSA 2048 M02		 2023-12-14 -
2025-01-12		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
rtb-demo.ubidex.xyz
R10		 2024-08-14 -
2024-11-12		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.ca
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-02-07 -
2025-03-08		 a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2024-01-31 -
2025-03-02		 a year crt.sh

This page contains 7 frames:

Primary Page: https://1wxxlb.com/v3/reg-form-aviator?p%3d962n
Frame ID: 0413850CF2A048A5D13F69070CD2D445
Requests: 35 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CLjs2OHPqYkDFQEhdgYdXTgCnA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=9942578335056.035
Frame ID: ACB0AF5F9817D2E982840E30D2F420DA
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2F1wxxlb.com
Frame ID: F11EE5D5E866A982A85C05374C8CD7C8
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16482547739?random=1729862439413&cv=11&fst=1729862439413&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101686685~101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2F1wxxlb.com%2Fv3%2Freg-form-aviator%3Fp%253d962n&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=2100673792.1729862439&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 2A6F6464BD6668B1173FDCEA321A0462
Requests: 1 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=CMD14eHPqYkDFVEydgYdmfUM5w;src=12688802;type=actio0;cat=allpa0;ord=1;num=432526021594;npa=0;auiddc=2100673792.1729862439;ps=1;pcor=1935149610;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101686685~101823848;epver=2;~oref=https%3A%2F%2F1wxxlb.com%2Fv3%2Freg-form-aviator%3Fp%253d962n
Frame ID: 4A26F00122ECB27633A66F73CBA6218B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=432526021594;npa=0;auiddc=2100673792.1729862439;ps=1;pcor=1935149610;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101686685~101823848;epver=2;~oref=https%3A%2F%2F1wxxlb.com%2Fv3%2Freg-form-aviator%3Fp%253d962n
Frame ID: 577D86E39912AC4AFBEB6413F40B16A7
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-548949LWLW&gacid=335053182.1729862440&gtm=45je4al0v894728184z8894400803za200zb894400803&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533422~101686685~101823848&z=1596569417
Frame ID: 8231DE15D444E9C7AA909FBD810DD63B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1win

Page URL History Show full URLs

  1. http://1wxxlb.com/v3/reg-form-aviator?p%3d962n HTTP 307
    https://1wxxlb.com/v3/reg-form-aviator?p%3d962n Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

42
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

18
Subdomains

17
IPs

3
Countries

1107 kB
Transfer

2169 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1wxxlb.com/v3/reg-form-aviator?p%3d962n HTTP 307
    https://1wxxlb.com/v3/reg-form-aviator?p%3d962n Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=9942578335056.035 HTTP 302
  • https://12572451.fls.doubleclick.net/activityi;dc_pre=CLjs2OHPqYkDFQEhdgYdXTgCnA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=9942578335056.035
Request Chain 25
  • https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=432526021594;npa=0;auiddc=2100673792.1729862439;ps=1;pcor=1935149610;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101686685~101823848;epver=2;~oref=https%3A%2F%2F1wxxlb.com%2Fv3%2Freg-form-aviator%3Fp%253d962n HTTP 302
  • https://12688802.fls.doubleclick.net/activityi;dc_pre=CMD14eHPqYkDFVEydgYdmfUM5w;src=12688802;type=actio0;cat=allpa0;ord=1;num=432526021594;npa=0;auiddc=2100673792.1729862439;ps=1;pcor=1935149610;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101686685~101823848;epver=2;~oref=https%3A%2F%2F1wxxlb.com%2Fv3%2Freg-form-aviator%3Fp%253d962n

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request reg-form-aviator
1wxxlb.com/v3/
Redirect Chain
  • http://1wxxlb.com/v3/reg-form-aviator?p%3d962n
  • https://1wxxlb.com/v3/reg-form-aviator?p%3d962n
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1wxxlb.com/v3/reg-form-aviator?p%3d962n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
3982962233371506e4dc88fc828ad65e5acedbe29ae37a0bac016a15ad5463c2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Fri, 25 Oct 2024 13:20:38 GMT
etag
"66f67b22-1dc7"
last-modified
Fri, 27 Sep 2024 09:30:10 GMT
server
ddos-guard
vary
Accept-Encoding

Redirect headers

Location
https://1wxxlb.com/v3/reg-form-aviator?p%3d962n
Non-Authoritative-Reason
HttpsUpgrades
index.umd.js
partners.1win-cdn.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://partners.1win-cdn.com/index.umd.js
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator?p%3d962n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.19.14 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
Software
ddos-guard /
Resource Hash
ebe9a31800face6ae77211754529d3987b4f3107de330c0d539bf26b743c979b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/

Response headers

ddg-cache-status
HIT
content-encoding
br
etag
"67163790-10f2"
age
22374
accept-ranges
bytes
access-control-allow-origin
*
content-length
2045
date
Fri, 25 Oct 2024 07:07:46 GMT
content-type
application/javascript; charset=utf-8, application/javascript
last-modified
Mon, 21 Oct 2024 11:14:24 GMT
server
ddos-guard
vary
Accept-Encoding
main.363567bbbf9968daea4a.js
1wxxlb.com/v3/reg-form-aviator/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1wxxlb.com/v3/reg-form-aviator/main.363567bbbf9968daea4a.js?4f405eecf8a3abb8a3ba
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator?p%3d962n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
7a9923a52d9824b62b4a96a746f135446f51ece317538607f330cf53030b44f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/v3/reg-form-aviator?p%3d962n

Response headers

ddg-cache-status
HIT
content-encoding
br
etag
W/"66f67b22-421e"
age
200264
accept-ranges
bytes
access-control-allow-origin
*
content-length
5898
date
Wed, 23 Oct 2024 05:42:54 GMT
content-type
application/javascript
last-modified
Fri, 27 Sep 2024 09:30:10 GMT
server
ddos-guard
vary
Accept-Encoding
main.css
1wxxlb.com/v3/reg-form-aviator/ 		31 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1wxxlb.com/v3/reg-form-aviator/main.css?4f405eecf8a3abb8a3ba
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator?p%3d962n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
ba076fdd8f661bcc7c07b28f59506c96473e66f4a3fea6e2d199c134ae3130e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/v3/reg-form-aviator?p%3d962n

Response headers

ddg-cache-status
HIT
content-encoding
br
etag
"66f67b22-7cd8"
age
108814
accept-ranges
bytes
access-control-allow-origin
*
content-length
2986
date
Thu, 24 Oct 2024 07:07:04 GMT
content-type
text/css
last-modified
Fri, 27 Sep 2024 09:30:10 GMT
server
ddos-guard
vary
Accept-Encoding
logo-1win.svg
1wxxlb.com/v3/reg-form-aviator/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1wxxlb.com/v3/reg-form-aviator/logo-1win.svg
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator?p%3d962n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
aa736e4e4a98e787ee0f973ab1b717f2a4d6b07b01f85650c20a09e9c8b98fb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/v3/reg-form-aviator?p%3d962n

Response headers

ddg-cache-status
HIT
content-encoding
br
etag
W/"66f67b22-d87"
age
27383
accept-ranges
bytes
access-control-allow-origin
*
content-length
1235
date
Fri, 25 Oct 2024 05:44:15 GMT
content-type
image/svg+xml
last-modified
Fri, 27 Sep 2024 09:30:10 GMT
server
ddos-guard
vary
Accept-Encoding
logo-aviator.svg
1wxxlb.com/v3/reg-form-aviator/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1wxxlb.com/v3/reg-form-aviator/logo-aviator.svg
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator?p%3d962n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
cebc15fd723176c94ad6d2089eaa3a96dda7e942697d4c8128018fc6a018fc40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/v3/reg-form-aviator?p%3d962n

Response headers

ddg-cache-status
HIT
content-encoding
br
etag
W/"66f67b22-13cd"
age
108814
accept-ranges
bytes
access-control-allow-origin
*
content-length
2419
date
Thu, 24 Oct 2024 07:07:05 GMT
content-type
image/svg+xml
last-modified
Fri, 27 Sep 2024 09:30:10 GMT
server
ddos-guard
vary
Accept-Encoding
analytics-browser-1.9.1-min.js.gz
cdn.amplitude.com/libs/ 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/analytics-browser-1.9.1-min.js.gz
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator?p%3d962n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-53.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
003323cb8d24bc4767961492cc2e75ca440b5e1eedecf528248345ff9e99f61c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://1wxxlb.com
Referer
https://1wxxlb.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"3f392996cd1c9b079141e6ab3151fc90"
x-amz-version-id
a2lgF8YXGboryhr.g8VsMWAXvZTQIa8E
access-control-allow-methods
GET, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
ZTIVD-y7fXtv9ikhwe_XlGuZ2XX6dTIvz48n0Q5xbfB4AT0s2LuhSw==
date
Fri, 25 Oct 2024 13:20:40 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Fri, 03 Mar 2023 20:55:00 GMT
cache-control
max-age=31536000
via
1.1 d50d90bbddca57e02d6288d86c88470a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
24161
x-amz-cf-pop
JFK50-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/ 		389 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator?p%3d962n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.40 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz12s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0c34355d1529bb9c187eed49a6a4b87ebf9a953529ac2d9cfa44cd443376d965
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 25 Oct 2024 13:20:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 13:20:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 25 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
118524
x-xss-protection
0
server
Google Tag Manager
sprite.svg
1wxxlb.com/v3/reg-form-aviator/ 		6 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://1wxxlb.com/v3/reg-form-aviator/sprite.svg
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator?p%3d962n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
10c9561b5a80516db72cc441658c7ae77ce4fab482f199f5559e7e67716b529d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/v3/reg-form-aviator?p%3d962n

Response headers

ddg-cache-status
HIT
content-encoding
br
etag
"66f67b22-1753"
age
162274
accept-ranges
bytes
access-control-allow-origin
*
content-length
2695
date
Wed, 23 Oct 2024 16:16:05 GMT
content-type
image/svg+xml
last-modified
Fri, 27 Sep 2024 09:30:10 GMT
server
ddos-guard
vary
Accept-Encoding
background-body-laptop.avif
1wxxlb.com/v3/reg-form-aviator/assets/images/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1wxxlb.com/v3/reg-form-aviator/assets/images/background-body-laptop.avif
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator/main.css?4f405eecf8a3abb8a3ba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
b4a3fb8a9028ee5ec227822b6c2af47f9edf8d5a2fa5f20c3cd85bd0c4b4148e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/v3/reg-form-aviator/main.css?4f405eecf8a3abb8a3ba

Response headers

ddg-cache-status
MISS
content-encoding
gzip
etag
"66f67b22-1ec12"
age
0
accept-ranges
bytes
access-control-allow-origin
*
date
Fri, 25 Oct 2024 13:20:39 GMT
content-type
image/avif
last-modified
Fri, 27 Sep 2024 09:30:10 GMT
server
ddos-guard
vary
Accept-Encoding
background-circle-laptop.avif
1wxxlb.com/v3/reg-form-aviator/assets/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1wxxlb.com/v3/reg-form-aviator/assets/images/background-circle-laptop.avif
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator/main.css?4f405eecf8a3abb8a3ba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
cf311b780dd8b38c6038718b017a9d5ca2764a4185d68362990b56af7bcfdb31

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/v3/reg-form-aviator/main.css?4f405eecf8a3abb8a3ba

Response headers

ddg-cache-status
MISS
content-encoding
gzip
etag
"66f67b22-14f3"
age
0
accept-ranges
bytes
access-control-allow-origin
*
date
Fri, 25 Oct 2024 13:20:39 GMT
content-type
image/avif
last-modified
Fri, 27 Sep 2024 09:30:10 GMT
server
ddos-guard
vary
Accept-Encoding
background-items_1440.avif
1wxxlb.com/v3/reg-form-aviator/assets/images/ 		185 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1wxxlb.com/v3/reg-form-aviator/assets/images/background-items_1440.avif
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator/main.css?4f405eecf8a3abb8a3ba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
2b04f2db763b34c4f177e30a0aae11149b282575a6e5c4ddd6835662f8e6d9aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/v3/reg-form-aviator/main.css?4f405eecf8a3abb8a3ba

Response headers

ddg-cache-status
MISS
content-encoding
gzip
etag
"66f67b22-2e24a"
age
0
accept-ranges
bytes
access-control-allow-origin
*
date
Fri, 25 Oct 2024 13:20:39 GMT
content-type
image/avif
last-modified
Fri, 27 Sep 2024 09:30:10 GMT
server
ddos-guard
vary
Accept-Encoding
phone_1440.avif
1wxxlb.com/v3/reg-form-aviator/assets/images/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1wxxlb.com/v3/reg-form-aviator/assets/images/phone_1440.avif
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator/main.css?4f405eecf8a3abb8a3ba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
cab754f885ecc917d06437f86633400490303bc4b2bdbefdaf7b8d9ea553c70c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/v3/reg-form-aviator/main.css?4f405eecf8a3abb8a3ba

Response headers

ddg-cache-status
MISS
content-encoding
gzip
etag
"66f67b22-aaf0"
age
0
accept-ranges
bytes
access-control-allow-origin
*
date
Fri, 25 Oct 2024 13:20:39 GMT
content-type
image/avif
last-modified
Fri, 27 Sep 2024 09:30:10 GMT
server
ddos-guard
vary
Accept-Encoding
plane_1440.avif
1wxxlb.com/v3/reg-form-aviator/assets/images/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1wxxlb.com/v3/reg-form-aviator/assets/images/plane_1440.avif
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator/main.css?4f405eecf8a3abb8a3ba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
42e683df37b0daf2a1f9502a66d6123b41c7121cab7354b89867a543d580820d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/v3/reg-form-aviator/main.css?4f405eecf8a3abb8a3ba

Response headers

ddg-cache-status
MISS
content-encoding
gzip
etag
"66f67b22-a2ac"
age
0
accept-ranges
bytes
access-control-allow-origin
*
date
Fri, 25 Oct 2024 13:20:39 GMT
content-type
image/avif
last-modified
Fri, 27 Sep 2024 09:30:10 GMT
server
ddos-guard
vary
Accept-Encoding
Inter-Black.woff2
1wxxlb.com/v3/reg-form-aviator/assets/fonts/ 		105 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1wxxlb.com/v3/reg-form-aviator/assets/fonts/Inter-Black.woff2
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator/main.css?4f405eecf8a3abb8a3ba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
41404afc75b1abc4bb4595635d820fb3ab416c0708ba6e98d27d13c0a7d6dd65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://1wxxlb.com
Referer
https://1wxxlb.com/v3/reg-form-aviator/main.css?4f405eecf8a3abb8a3ba

Response headers

ddg-cache-status
HIT
content-encoding
gzip
etag
"66f67b22-1a280"
age
108813
accept-ranges
bytes
access-control-allow-origin
*
content-length
106570
date
Thu, 24 Oct 2024 07:07:06 GMT
content-type
font/woff2
last-modified
Fri, 27 Sep 2024 09:30:10 GMT
server
ddos-guard
vary
Accept-Encoding
Inter-Regular.woff2
1wxxlb.com/v3/reg-form-aviator/assets/fonts/ 		100 KB
100 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1wxxlb.com/v3/reg-form-aviator/assets/fonts/Inter-Regular.woff2
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator/main.css?4f405eecf8a3abb8a3ba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
78302f9c9577ab7c8dd7e26e486b355ac31bbd86dc1103cd654a8eb074f52f22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://1wxxlb.com
Referer
https://1wxxlb.com/v3/reg-form-aviator/main.css?4f405eecf8a3abb8a3ba

Response headers

ddg-cache-status
HIT
content-encoding
gzip
etag
"66f67b22-190cc"
age
27383
accept-ranges
bytes
access-control-allow-origin
*
content-length
102105
date
Fri, 25 Oct 2024 05:44:16 GMT
content-type
font/woff2
last-modified
Fri, 27 Sep 2024 09:30:10 GMT
server
ddos-guard
vary
Accept-Encoding
affiliate:link_visit
1wxxlb.com/ 		37 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://1wxxlb.com/affiliate:link_visit
Requested by
Host: partners.1win-cdn.com
URL: https://partners.1win-cdn.com/index.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard / Express
Resource Hash
9c3b25f260defd6991608963a30a67cad0981ecce13e5975b1a6304887514d7f
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://1wxxlb.com/v3/reg-form-aviator?p%3d962n

Response headers

x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
access-control-max-age
7200
access-control-expose-headers
Authorization
content-encoding
gzip
etag
W/"25-Zj67mG54TfZ031q1ea2QwFUXWX4"
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://1wxxlb.com
date
Fri, 25 Oct 2024 13:20:39 GMT
content-type
application/json; charset=utf-8
x-powered-by
Express
server
ddos-guard
access-control-allow-headers
Content-Type, Authorization, X-Origin
js
www.googletagmanager.com/gtag/ 		279 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.40 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz12s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1ecfaa09c383a935e05a3aff8d6a1f0ea9cb0e7643c7cdfde59703f19e86b718
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 25 Oct 2024 13:20:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 13:20:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98990
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		280 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16482547739&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.40 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz12s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1e04f2e90f87e4932c282194915cdd461d7b70d43d2ac5b538d2c4a48201f68b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 25 Oct 2024 13:20:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 13:20:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 25 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98698
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		225 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.40 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz12s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8e12b3f872369560d608a39187cad667b4fcfd31e1c61e6e4dbae5d832feb6ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Fri, 25 Oct 2024 13:20:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 13:20:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 25 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
82877
x-xss-protection
0
server
Google Tag Manager
activityi;dc_pre=CLjs2OHPqYkDFQEhdgYdXTgCnA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
12572451.fls.doubleclick.net/ Frame ACB0
Redirect Chain
  • https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
  • https://12572451.fls.doubleclick.net/activityi;dc_pre=CLjs2OHPqYkDFQEhdgYdXTgCnA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://12572451.fls.doubleclick.net/activityi;dc_pre=CLjs2OHPqYkDFQEhdgYdXTgCnA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=9942578335056.035?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wxxlb.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1007
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Oct 2024 13:20:39 GMT
expires
Fri, 25 Oct 2024 13:20:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Oct 2024 13:20:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12572451.fls.doubleclick.net/activityi;dc_pre=CLjs2OHPqYkDFQEhdgYdXTgCnA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=9942578335056.035?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
hotjar-2606090.js
static.hotjar.com/c/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2606090.js?sv=6
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator?p%3d962n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.252.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-252-127.jfk50.r.cloudfront.net
Software
/
Resource Hash
be315af3915362aae2e3d767edd38ca329539e6e1373d5b043daff4fa8863965
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/

Response headers

content-encoding
br
etag
W/9f4ac7d71c9590730a13c03e5e15200b
age
23
x-content-type-options
nosniff
x-cache-hit
1
x-cache
Hit from cloudfront
x-amz-cf-id
0Qp7IlxvLBcVNGr6UP07BTbhzA7wc5Dkqe_hj7zfsUnGirIqhX_NKQ==
date
Fri, 25 Oct 2024 13:20:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
via
1.1 08bb3c305487b3a7b5b4360d422af708.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P10
js
rtb-demo.ubidex.xyz/pixel/ 		441 B
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb-demo.ubidex.xyz/pixel/js?auth=yreuye&event=landing_page_view&uid=undefined
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.13.81.104 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.104.81.13.49.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
adc57b25de40732df0ea15858661b98e273693c87fb7f343cab826b2d55cab6c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Sat, 01 Jan 2000 00:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
441
Date
Fri, 25 Oct 2024 13:20:39 GMT
Content-Type
text/javascript
Server
nginx/1.18.0 (Ubuntu)
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame F11E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2F1wxxlb.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.40 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz12s08-in-f8.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
85218
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 13:40:21 GMT
expires
Fri, 24 Oct 2025 13:40:21 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16482547739/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16482547739/?random=1729862439413&cv=11&fst=1729862439413&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101686685~101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2F1wxxlb.com%2Fv3%2Freg-form-aviator%3Fp%253d962n&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=2100673792.1729862439&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16482547739&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.33.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz10s17-in-f2.1e100.net
Software
cafe /
Resource Hash
559b21e6a169a62f4d89dab64b3d8747b3e5e14dc5dc7bdc17d35d567a06c600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2358
date
Fri, 25 Oct 2024 13:20:39 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16482547739
td.doubleclick.net/td/rul/ Frame 2A6F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/16482547739?random=1729862439413&cv=11&fst=1729862439413&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101686685~101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2F1wxxlb.com%2Fv3%2Freg-form-aviator%3Fp%253d962n&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=2100673792.1729862439&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16482547739&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.66 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz12s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wxxlb.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Oct 2024 13:20:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CMD14eHPqYkDFVEydgYdmfUM5w;src=12688802;type=actio0;cat=allpa0;ord=1;num=432526021594;npa=0;auiddc=2100673792.1729862439;ps=1;pcor=1935149610;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
12688802.fls.doubleclick.net/ Frame 4A26
Redirect Chain
  • https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=432526021594;npa=0;auiddc=2100673792.1729862439;ps=1;pcor=1935149610;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;u...
  • https://12688802.fls.doubleclick.net/activityi;dc_pre=CMD14eHPqYkDFVEydgYdmfUM5w;src=12688802;type=actio0;cat=allpa0;ord=1;num=432526021594;npa=0;auiddc=2100673792.1729862439;ps=1;pcor=1935149610;u...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://12688802.fls.doubleclick.net/activityi;dc_pre=CMD14eHPqYkDFVEydgYdmfUM5w;src=12688802;type=actio0;cat=allpa0;ord=1;num=432526021594;npa=0;auiddc=2100673792.1729862439;ps=1;pcor=1935149610;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101686685~101823848;epver=2;~oref=https%3A%2F%2F1wxxlb.com%2Fv3%2Freg-form-aviator%3Fp%253d962n?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wxxlb.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
387
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Oct 2024 13:20:39 GMT
expires
Fri, 25 Oct 2024 13:20:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Oct 2024 13:20:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12688802.fls.doubleclick.net/activityi;dc_pre=CMD14eHPqYkDFVEydgYdmfUM5w;src=12688802;type=actio0;cat=allpa0;ord=1;num=432526021594;npa=0;auiddc=2100673792.1729862439;ps=1;pcor=1935149610;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101686685~101823848;epver=2;~oref=https%3A%2F%2F1wxxlb.com%2Fv3%2Freg-form-aviator%3Fp%253d962n?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=432526021594;npa=0;auiddc=2100673792.1729862439;ps=1;pcor=1935149610;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0...
td.doubleclick.net/td/fls/rul/ Frame 577D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=432526021594;npa=0;auiddc=2100673792.1729862439;ps=1;pcor=1935149610;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101686685~101823848;epver=2;~oref=https%3A%2F%2F1wxxlb.com%2Fv3%2Freg-form-aviator%3Fp%253d962n?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.66 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz12s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wxxlb.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Oct 2024 13:20:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=432526021594;npa=0;auiddc=2100673792.1729862439;ps=1;pcor=1935149610;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=432526021594;npa=0;auiddc=2100673792.1729862439;ps=1;pcor=1935149610;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4al0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=101533422~101686685~101823848;epver=2;~oref=https%3A%2F%2F1wxxlb.com%2Fv3%2Freg-form-aviator%3Fp%253d962n?
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator?p%3d962n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz12s06-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Fri, 25 Oct 2024 13:20:39 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"9919325216005626137"}],"aggregatable_trigger_data":[{"filters":[{"14":["13647302"]}],"key_piece":"0x5fbb1caed53e0fd8","source_keys":["12","13","14","15","16","17","18","19","20","21","20557008","20557009","20557010","20557011","24835884","24835885","24835886","24835887"]},{"key_piece":"0x82225391a680e9e8","not_filters":{"14":["13647302"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","20557008","20557009","20557010","20557011","24835884","24835885","24835886","24835887"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"20557008":36,"20557009":36,"20557010":36,"20557011":3530,"21":6356,"24835884":32,"24835885":32,"24835886":32,"24835887":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"10974209519341629909","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"9919325216005626137","filters":[{"14":["13647302"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"9919325216005626137","filters":[{"14":["13647302"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"9919325216005626137","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"9919325216005626137","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12688802"]}}
content-type
image/png
x-xss-protection
0
server
cafe
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-548949LWLW&gtm=45je4al0v894728184z8894400803za200zb894400803&_p=1729862439035&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101686685~101823848&cid=335053182.1729862440&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&dp=%2Fv3%2Freg-form-aviator&sid=1729862439&sct=1&seg=0&dl=https%3A%2F%2F1wxxlb.com%2Fv3%2Freg-form-aviator%3Fp%253d962n&dt=1win&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_url=https%3A%2F%2F1wxxlb.com%2Fv3%2Freg-form-aviator%3Fp%253d962n&tfd=1104
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://1wxxlb.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 13:20:39 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
551 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-548949LWLW&cid=335053182.1729862440&gtm=45je4al0v894728184z8894400803za200zb894400803&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533422~101686685~101823848
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://1wxxlb.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Oct 2024 13:20:39 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 8231 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-548949LWLW&gacid=335053182.1729862440&gtm=45je4al0v894728184z8894400803za200zb894400803&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533422~101686685~101823848&z=1596569417
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.66 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz12s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wxxlb.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Oct 2024 13:20:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-548949LWLW&cid=335053182.1729862440&gtm=45je4al0v894728184z8894400803za200zb894400803&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533422~101686685~101823848&tag_exp=101533422~101686685~101823848&z=1747289098
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator?p%3d962n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.67 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz10s20-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Oct 2024 13:20:39 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
modules.67d7d905831ab88336d0.js
script.hotjar.com/ 		221 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.67d7d905831ab88336d0.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
e8d7cc2b6e93524746e8e404110e2522af2e36914863a25c68cf059c12e71c77
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/

Response headers

x-robots-tag
none
content-encoding
br
etag
"6e5092134a127e6f8514c54f7a9125c5"
age
81272
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
3mLVBCJqf9BWG0aKRTBzlccPHVtVZw4akquB1m4kzvwpCCSdCPRWhg==
date
Thu, 24 Oct 2024 14:46:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 24 Oct 2024 14:45:43 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 f5527f719bbc0d2932043daaeff80252.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56085
x-amz-cf-pop
JFK50-P5
/
www.google.com/pagead/1p-user-list/16482547739/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/16482547739/?random=1729862439413&cv=11&fst=1729861200000&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101686685~101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2F1wxxlb.com%2Fv3%2Freg-form-aviator%3Fp%253d962n&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=2100673792.1729862439&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf7Hn2iDB0-5fWbY5sXO_y4t8GPAM4aw&random=3218595954&rmt_tld=0&ipr=y
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator?p%3d962n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.68 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz10s20-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Oct 2024 13:20:39 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/16482547739/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/16482547739/?random=1729862439413&cv=11&fst=1729861200000&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101686685~101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2F1wxxlb.com%2Fv3%2Freg-form-aviator%3Fp%253d962n&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=2100673792.1729862439&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf7Hn2iDB0-5fWbY5sXO_y4t8GPAM4aw&random=3218595954&rmt_tld=1&ipr=y
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator?p%3d962n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.67 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz10s20-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Oct 2024 13:20:39 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
pixel
rtb-demo.ubidex.xyz/ 		0
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-demo.ubidex.xyz/pixel?auth=yreuye&event=landing_page_view&uid=undefined&site=1wxxlb.com&ln=en-CA
Requested by
Host: 1wxxlb.com
URL: https://1wxxlb.com/v3/reg-form-aviator?p%3d962n
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
49.13.81.104 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.104.81.13.49.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Sat, 01 Jan 2000 00:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Fri, 25 Oct 2024 13:20:39 GMT
Server
nginx/1.18.0 (Ubuntu)
2606090
vc.hotjar.io/sessions/ 		0
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/2606090?s=0.25&r=0.20336955746811913
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.67d7d905831ab88336d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-95.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/

Response headers

via
1.1 58a45bf3f07dfdca95ebcb7935e84994.cloudfront.net (CloudFront)
access-control-allow-origin
*
cache-control
no-store
x-cache
Miss from cloudfront
x-amz-cf-id
JY9uTLsz99BEWuRZk-OBkmqm_EQB0DkCU1j4a0Q0VOImmb99x79QHQ==
date
Fri, 25 Oct 2024 13:20:39 GMT
x-amz-cf-pop
JFK50-P5
favicon.svg
1wxxlb.com/v3/reg-form-aviator/ 		1 KB
776 B 		Other
General
Check archive.org
Download Go to
Full URL
https://1wxxlb.com/v3/reg-form-aviator/favicon.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
da27421d59a3829fd6292f822eed7c6b1b7a745870d6b736dc67220627d9d656

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/v3/reg-form-aviator?p%3d962n

Response headers

ddg-cache-status
HIT
content-encoding
br
etag
W/"66f67b22-5b5"
age
26531
accept-ranges
bytes
access-control-allow-origin
*
content-length
486
date
Fri, 25 Oct 2024 05:58:28 GMT
content-type
image/svg+xml
last-modified
Fri, 27 Sep 2024 09:30:10 GMT
server
ddos-guard
vary
Accept-Encoding
favicon.ico
1wxxlb.com/v3/reg-form-aviator/assets/ 		1 KB
706 B 		Other
General
Check archive.org
Download Go to
Full URL
https://1wxxlb.com/v3/reg-form-aviator/assets/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
7bf38238e9f2c2b5f670c22222d548a303085bbbf5f4fb609403b11d0fa6f1c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1wxxlb.com/v3/reg-form-aviator?p%3d962n

Response headers

ddg-cache-status
HIT
content-encoding
gzip
etag
"66f67b22-47e"
age
26531
accept-ranges
bytes
access-control-allow-origin
*
content-length
430
date
Fri, 25 Oct 2024 05:58:28 GMT
content-type
image/x-icon
last-modified
Fri, 27 Sep 2024 09:30:10 GMT
server
ddos-guard
vary
Accept-Encoding
httpapi
api2.amplitude.com/2/ 		94 B
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/analytics-browser-1.9.1-min.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.186.191.80 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-191-80.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
20416a78b857297732c4cd5811717fc4123362ad6730d9fee24295da166ebf67
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://1wxxlb.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/json

Response headers

strict-transport-security
max-age=15768000
access-control-allow-origin
*
content-length
94
date
Fri, 25 Oct 2024 13:20:40 GMT
content-type
application/json
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.186.191.80 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-191-80.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1wxxlb.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Fri, 25 Oct 2024 13:20:40 GMT
strict-transport-security
max-age=15768000

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| affiliateHook object| amplitude object| dataLayer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| axel number| a string| userId function| hj object| _hjSettings object| GooglebQhCsO object| gaGlobal object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| analyticsConnectorInstances

16 Cookies

Domain/Path Name / Value
.1wxxlb.com/ Name: __ddg9_
Value: 154.47.17.57
.1wxxlb.com/ Name: __ddg1_
Value: OfF38R87UhnkG3mgjUpj
.1wxxlb.com/ Name: __ddg10_
Value: 1729862439
1wxxlb.com/ Name: visit_domain
Value: 1wxxlb.com
.1wxxlb.com/ Name: _gcl_au
Value: 1.1.2100673792.1729862439
.1wxxlb.com/ Name: _ga
Value: GA1.1.335053182.1729862440
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.1wxxlb.com/ Name: AMP_MKTG_494cccfe21
Value: JTdCJTdE
.1wxxlb.com/ Name: AMP_494cccfe21
Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjIxMTljMDkyMi1lNjkwLTRhYzEtYTQzOS0yMzhjYTY5MzRiYjUlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzI5ODYyNDM5NTkzJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcyOTg2MjQzOTYxNCU3RA==
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUl8i6KCX1FIda1Kpp0EQS5sMxP_4PKZ2ZWRymnkV76J2PeHdxr-Vw5hkU8ZSzw
.1wxxlb.com/ Name: _hjSessionUser_2606090
Value: eyJpZCI6ImM5NzFmNDQxLWRhZTItNWIwMC04ZDViLWJlNzYxZDE0MzIxYyIsImNyZWF0ZWQiOjE3Mjk4NjI0Mzk3OTYsImV4aXN0aW5nIjpmYWxzZX0=
.1wxxlb.com/ Name: _hjSession_2606090
Value: eyJpZCI6IjFiZWJjYjIwLWNiMWYtNDkyNS05ZjJjLTQwMDdmNWJjOWViOSIsImMiOjE3Mjk4NjI0Mzk3OTcsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
1wxxlb.com/ Name: _hjHasCachedUserAttributes
Value: true
.1wxxlb.com/ Name: _ga_548949LWLW
Value: GS1.1.1729862439.1.0.1729862439.60.0.0
.1wxxlb.com/ Name: __ddg8_
Value: Rpk3Rg9S70JDxgvi

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
1wxxlb.com
ad.doubleclick.net
analytics.google.com
api2.amplitude.com
cdn.amplitude.com
googleads.g.doubleclick.net
partners.1win-cdn.com
rtb-demo.ubidex.xyz
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
td.doubleclick.net
vc.hotjar.io
www.google.ca
www.google.com
www.googletagmanager.com
108.139.29.53
13.33.252.127
142.250.81.230
142.251.111.154
142.251.32.66
142.251.33.162
142.251.41.40
142.251.41.67
142.251.41.68
172.217.165.6
18.164.96.87
18.164.96.95
186.2.162.102
190.115.19.14
216.239.34.181
49.13.81.104
54.186.191.80
003323cb8d24bc4767961492cc2e75ca440b5e1eedecf528248345ff9e99f61c
0c34355d1529bb9c187eed49a6a4b87ebf9a953529ac2d9cfa44cd443376d965
10c9561b5a80516db72cc441658c7ae77ce4fab482f199f5559e7e67716b529d
1e04f2e90f87e4932c282194915cdd461d7b70d43d2ac5b538d2c4a48201f68b
1ecfaa09c383a935e05a3aff8d6a1f0ea9cb0e7643c7cdfde59703f19e86b718
20416a78b857297732c4cd5811717fc4123362ad6730d9fee24295da166ebf67
2b04f2db763b34c4f177e30a0aae11149b282575a6e5c4ddd6835662f8e6d9aa
3982962233371506e4dc88fc828ad65e5acedbe29ae37a0bac016a15ad5463c2
41404afc75b1abc4bb4595635d820fb3ab416c0708ba6e98d27d13c0a7d6dd65
42e683df37b0daf2a1f9502a66d6123b41c7121cab7354b89867a543d580820d
559b21e6a169a62f4d89dab64b3d8747b3e5e14dc5dc7bdc17d35d567a06c600
78302f9c9577ab7c8dd7e26e486b355ac31bbd86dc1103cd654a8eb074f52f22
7a9923a52d9824b62b4a96a746f135446f51ece317538607f330cf53030b44f7
7bf38238e9f2c2b5f670c22222d548a303085bbbf5f4fb609403b11d0fa6f1c9
8e12b3f872369560d608a39187cad667b4fcfd31e1c61e6e4dbae5d832feb6ca
9c3b25f260defd6991608963a30a67cad0981ecce13e5975b1a6304887514d7f
aa736e4e4a98e787ee0f973ab1b717f2a4d6b07b01f85650c20a09e9c8b98fb3
adc57b25de40732df0ea15858661b98e273693c87fb7f343cab826b2d55cab6c
b4a3fb8a9028ee5ec227822b6c2af47f9edf8d5a2fa5f20c3cd85bd0c4b4148e
ba076fdd8f661bcc7c07b28f59506c96473e66f4a3fea6e2d199c134ae3130e0
be315af3915362aae2e3d767edd38ca329539e6e1373d5b043daff4fa8863965
cab754f885ecc917d06437f86633400490303bc4b2bdbefdaf7b8d9ea553c70c
cebc15fd723176c94ad6d2089eaa3a96dda7e942697d4c8128018fc6a018fc40
cf311b780dd8b38c6038718b017a9d5ca2764a4185d68362990b56af7bcfdb31
da27421d59a3829fd6292f822eed7c6b1b7a745870d6b736dc67220627d9d656
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d7cc2b6e93524746e8e404110e2522af2e36914863a25c68cf059c12e71c77
ebe9a31800face6ae77211754529d3987b4f3107de330c0d539bf26b743c979b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629