1wmgfq.top Open in urlscan Pro
190.115.19.43 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://kasino-fortuna-official.fun/go/play
Effective URL:
https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd
Submission: On July 27 via manual (July 27th 2022, 6:22:09 pm UTC) from IN — Scanned from NL

Summary HTTP 76 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 18 IPs in 6 countries across 14 domains to perform 76 HTTP transactions. The main IP is 190.115.19.43, located in Belize City, Belize and belongs to DDOS-GUARD CORP., BZ. The main domain is 1wmgfq.top.
TLS certificate: Issued by R3 on July 6th 2022. Valid for: 3 months.

This is the only time 1wmgfq.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	45.82.68.15 45.82.68.15	204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands)
1 1	162.55.137.158 162.55.137.158	24940 (HETZNER-AS) (HETZNER-AS)
11	190.115.19.43 190.115.19.43	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
27	2606:4700:20:... 2606:4700:20::ac43:4ae2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.123 65.9.66.123	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.102 143.204.215.102	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.118 143.204.215.118	16509 (AMAZON-02) (AMAZON-02)
2	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	13.32.23.71 13.32.23.71	16509 (AMAZON-02) (AMAZON-02)
2 8	185.39.80.168 185.39.80.168	200015 (LIVETEX) (LIVETEX)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
10	2606:4700:20:... 2606:4700:20::ac43:4a03	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	185.39.80.58 185.39.80.58	200015 (LIVETEX) (LIVETEX)
1	185.39.80.40 185.39.80.40	200015 (LIVETEX) (LIVETEX)
76	18

2 45.82.68.15 (Netherlands) 2 redirects

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: peshechka.0

kasino-fortuna-official.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kasino-fortuna-official.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.137.158 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.158.137.55.162.clients.your-server.de

inkeytarowetrust.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 190.115.19.43 (Belize City, Belize)

ASN262254 (DDOS-GUARD CORP., BZ)

1wmgfq.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:20::ac43:4ae2 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-1win.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-123.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-102.fra53.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-118.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.132 (United States)

ASN54113 (FASTLY, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.23.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-71.fra56.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.39.80.168 (Russian Federation) 2 redirects

ASN200015 (LIVETEX, RU)

cs15.livetex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
balancer-cloud.livetex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widgets-2-omni-iframe.livetex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::ac43:4a03 (United States)

ASN13335 (CLOUDFLARENET, US)

widgets-2-omni-iframe.livetex.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.39.80.58 (Russian Federation)

ASN200015 (LIVETEX, RU)

io4-production-2-ltx227.livetex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wapi-02.livetex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.39.80.40 (Russian Federation)

ASN200015 (LIVETEX, RU)

vnds-production-2-i4.livetex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	cdn-1win.xyz cdn-1win.xyz — Cisco Umbrella Rank: 666681	1 MB
14	livetex.ru 2 redirects cs15.livetex.ru — Cisco Umbrella Rank: 185661 balancer-cloud.livetex.ru — Cisco Umbrella Rank: 158890 widgets-2-omni-iframe.livetex.ru — Cisco Umbrella Rank: 311177 io4-production-2-ltx227.livetex.ru — Cisco Umbrella Rank: 947383 vnds-production-2-i4.livetex.ru — Cisco Umbrella Rank: 524931 wapi-02.livetex.ru — Cisco Umbrella Rank: 402143	35 KB
11	1wmgfq.top 1wmgfq.top	1 MB
10	livetex.me widgets-2-omni-iframe.livetex.me — Cisco Umbrella Rank: 304382	464 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 2841	20 KB
3	amplitude.com api.lab.amplitude.com — Cisco Umbrella Rank: 7777 cdn.amplitude.com — Cisco Umbrella Rank: 4126	19 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 637 script.hotjar.com — Cisco Umbrella Rank: 795 vars.hotjar.com — Cisco Umbrella Rank: 874	68 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	113 KB
1	google.nl www.google.nl — Cisco Umbrella Rank: 8803	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 10	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 117	439 B
1	inkeytarowetrust.ru 1 redirects inkeytarowetrust.ru	978 B
1	kasino-fortuna-official.top 1 redirects kasino-fortuna-official.top	145 B
1	kasino-fortuna-official.fun 1 redirects kasino-fortuna-official.fun	133 B
76	14

	Domain	Requested by
27	cdn-1win.xyz	1wmgfq.top cdn-1win.xyz
11	1wmgfq.top	1wmgfq.top
10	widgets-2-omni-iframe.livetex.me	balancer-cloud.livetex.ru widgets-2-omni-iframe.livetex.me
5	balancer-cloud.livetex.ru	2 redirects balancer-cloud.livetex.ru widgets-2-omni-iframe.livetex.me
3	io4-production-2-ltx227.livetex.ru	widgets-2-omni-iframe.livetex.me
2	wapi-02.livetex.ru	widgets-2-omni-iframe.livetex.me
2	widgets-2-omni-iframe.livetex.ru
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	1wmgfq.top www.googletagmanager.com
2	api.lab.amplitude.com	cdn-1win.xyz
1	vnds-production-2-i4.livetex.ru	widgets-2-omni-iframe.livetex.me
1	www.google.nl
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cs15.livetex.ru	1wmgfq.top
1	cdn.amplitude.com	1wmgfq.top
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	1wmgfq.top
1	inkeytarowetrust.ru	1 redirects
1	kasino-fortuna-official.top	1 redirects
1	kasino-fortuna-official.fun	1 redirects
76	23

This site contains links to these domains. Also see Links.

Domain
livetex.ru

Subject Issuer	Validity	Valid
1wmgfq.top R3	`2022-07-06` - `2022-10-04`	3 months	crt.sh
*.cdn-1win.xyz GTS CA 1P5	`2022-07-22` - `2022-10-20`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-05-24` - `2023-06-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.livetex.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-05-21` - `2023-06-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.livetex.me E1	`2022-07-19` - `2022-10-17`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd
Frame ID: BE28B62DFAA5317208EF103791F5DCF1
Requests: 63 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html
Frame ID: D3476DDF91F6801A94747422ADF84229
Requests: 1 HTTP requests in this frame

Frame: https://widgets-2-omni-iframe.livetex.me/js/iframe.html?host-page-origin=https://1wmgfq.top
Frame ID: DDBBCC479039CE274BD458AB71FB047D
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1win

Page URL History Show full URLs

https://kasino-fortuna-official.fun/go/play HTTP 301
https://kasino-fortuna-official.top/go/play HTTP 301
https://inkeytarowetrust.ru/nxzBpn?chain=Play_Fortuna-3&brand=Play-Fortuna HTTP 302
https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd Page URL

Detected technologies

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

76
Requests

95 %
HTTPS

42 %
IPv6

14
Domains

23
Subdomains

18
IPs

6
Countries

3119 kB
Transfer

9467 kB
Size

18
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://livetex.ru/online_consultant/?utm_source=clients&utm_medium=chatlink&utm_campaign=chatlink
Title: LiveTex

Search URL Search Domain Scan URL

URL: https://livetex.ru/lead_generator/%20%20%20%20%20%20%20%20%20%20?utm_source=clients&utm_medium=chatlink&utm_campaign=chatlink
Title: LiveTex

Search URL Search Domain Scan URL

URL: https://livetex.ru/generat/?utm_source=clients&utm_medium=chatlink&utm_campaign=chatlink
Title: LiveTex

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://kasino-fortuna-official.fun/go/play HTTP 301
https://kasino-fortuna-official.top/go/play HTTP 301
https://inkeytarowetrust.ru/nxzBpn?chain=Play_Fortuna-3&brand=Play-Fortuna HTTP 302
https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://balancer-cloud.livetex.ru/get-client/?site_id=171205&version=1.2.36&target=settings_path&rnd=4d13bfp4ot4 HTTP 302
https://widgets-2-omni-iframe.livetex.ru/js/widgetsSettings.json

Request Chain 54

https://balancer-cloud.livetex.ru/get-client/?site_id=171205&version=1.2.36&target=path&rnd=f44aoaw0mkl HTTP 302
https://widgets-2-omni-iframe.livetex.ru/js/app3.js

76 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request list Show response
1wmgfq.top/casino/
Redirect Chain

https://kasino-fortuna-official.fun/go/play
https://kasino-fortuna-official.top/go/play
https://inkeytarowetrust.ru/nxzBpn?chain=Play_Fortuna-3&brand=Play-Fortuna
https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd

18 KB
8 KB

3323ms
3096ms

Document
text/html

190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: 3053e023ba0970ba7113a3250b7051d80fd2cb83efc3c77fba29e6b04fc4c0ce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Wed, 27 Jul 2022 18:22:03 GMT
etag: W/"62e11562-48dc"
last-modified: Wed, 27 Jul 2022 10:37:22 GMT
server: nginx/1.22.0

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 27 Jul 2022 18:21:59 GMT
Expires: 0
Last-Modified: Wed, 27 Jul 2022 18:21:59 GMT
Location: https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding

GET
H2 200 chunk-vendors.6ea27ee4.js Show response
1wmgfq.top/js/ 390 KB
142 KB 129ms
129ms Script
application/javascript 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wmgfq.top/js/chunk-vendors.6ea27ee4.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

bba116b962c3db8776c04ffe6caec6759247a2363faf7955b37a2a251db71979

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd
Origin: https://1wmgfq.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:03 GMT
content-encoding: gzip
last-modified: Wed, 27 Jul 2022 10:37:22 GMT
server: nginx/1.22.0
etag: W/"62e11562-619d5"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chunk-common.31afd071.js Show response
1wmgfq.top/js/ 13 KB
5 KB 188ms
188ms Script
application/javascript 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wmgfq.top/js/chunk-common.31afd071.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

70fabdfb780aee006e3f8c2b1789aaa59b52f3d1de5baa44a0a0c07d6ebec8aa

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd
Origin: https://1wmgfq.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:03 GMT
content-encoding: gzip
last-modified: Wed, 27 Jul 2022 10:37:22 GMT
server: nginx/1.22.0
etag: W/"62e11562-3381"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.4daad0d7.js Show response
1wmgfq.top/js/ 86 KB
33 KB 169ms
168ms Script
application/javascript 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wmgfq.top/js/index.4daad0d7.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

17f96708490bd58b158534e69187bfb0cb88e6eb893e938960b22c0b9b339371

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd
Origin: https://1wmgfq.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:03 GMT
content-encoding: gzip
last-modified: Wed, 27 Jul 2022 10:37:22 GMT
server: nginx/1.22.0
etag: W/"62e11562-159ae"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.3d5f81a8.js Show response
1wmgfq.top/js/ 123 KB
37 KB 171ms
171ms Script
application/javascript 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wmgfq.top/js/desktop.3d5f81a8.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

53542b86398858a65542d11a5bdec1e484949ffdd6eabfa310457e5b3f4b850f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:03 GMT
content-encoding: gzip
last-modified: Wed, 27 Jul 2022 10:37:22 GMT
server: nginx/1.22.0
etag: W/"62e11562-1edac"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.txt Show response
cdn-1win.xyz/ 8 B
545 B 116ms
43ms Fetch
text/plain 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/1.txt?1658946123329
Requested by: Host: 1wmgfq.top
URL: https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d2c759213949af96fbdcd756a5146f64a9acadf9625bd7a9feb04bb4517b4f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:03 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 27 Jul 2022 10:36:55 GMT
server: cloudflare
etag: "62e11547-8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNEqscqeYuuKTs7y9GG5oBSezDNWdCdI2P2yiZA93uomlXWL6aAFyAKF8%2BlpdJBWHrwjNCxJ8UGkMp8GdERjM%2FIm6t4dJzmGAXuh%2F3farb2Br%2BZYj%2BaEFkCcuRjCXhNJZmixbG73k0%2FrWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 731765f76d62b8be-AMS
content-length: 8

GET
H2 200 hotjar-2606090.js Show response
static.hotjar.com/c/ 6 KB
3 KB 112ms
34ms Script
application/javascript 65.9.66.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-123.fra56.r.cloudfront.net

Software

Resource Hash

eba6af8af136759e1eb402fe2a91208178f379e13829a68ffbd267ebcbffd426

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
age: 30
x-cache: Hit from cloudfront
date: Wed, 27 Jul 2022 18:21:34 GMT
cross-origin-resource-policy: cross-origin
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
cache-control: max-age=60
etag: W/523c84fbb3b1ef8dd903588c7d2c7316
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: XpPrN2tF8kzPSAqzs5TS5fe1g3DysUwdYQpnQBVtKlmWsxdF0fDjtA==

GET
H2 200 modules.6a5da0d590df764ca613.js Show response
script.hotjar.com/ 247 KB
64 KB 113ms
38ms Script
application/javascript 143.204.215.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6a5da0d590df764ca613.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-102.fra53.r.cloudfront.net

Software

Resource Hash

eea54a25d415f4abf48a1e89d7a6d9211b65986bb081de9ad324dcbb103db9b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:39:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 549777
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64657
access-control-allow-origin: *
last-modified: Thu, 21 Jul 2022 09:39:03 GMT
etag: "2bddb6ee72f2a47166ed0f5f35ee713b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: beOI6vuSgQv-2a4-PIqBdfuXXgr4qdEfn5RO-TXz3XfmP63Pz9Zu-Q==

GET
H2 200 box-0004cb77850b00d4aa7e1e08ff61e8f0.html Show response
vars.hotjar.com/ Frame D347 2 KB
1 KB 113ms
35ms Document
text/html 143.204.215.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-118.fra53.r.cloudfront.net

Software

Resource Hash

cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://1wmgfq.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1051796
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 14:12:07 GMT
etag: "d2caf2e569940c65a88268a169f3facf"
last-modified: Fri, 15 Jul 2022 14:11:55 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-id: 6dGYqXrolClYQh1CERGRjY76WGWa1j3QKAXsGYCHmK5HBgVI4n-ohA==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 affiliate:link_visit Show response
1wmgfq.top/ 15 B
400 B 2796ms
2796ms XHR
application/json 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wmgfq.top/affiliate:link_visit?visit_domain=1wmgfq.top&sub_ids=sub1%3D2dit711edgd

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/chunk-vendors.6ea27ee4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 / Express

Resource Hash

a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/casino/list?open=register&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:06 GMT
etag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
server: nginx/1.22.0
x-powered-by: Express
x-frame-options: DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: undefined
access-control-expose-headers: Authorization
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 15

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 icons-common.f683f0a0.js Show response
cdn-1win.xyz/js/ 218 KB
59 KB 107ms
50ms Script
application/javascript 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/icons-common.f683f0a0.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4efe789040a8fa9e9aa637066ae2e832957643babfec5e6d0f68ffd7d25ff081

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449603
cf-bgj: minify
last-modified: Thu, 21 Jul 2022 12:58:49 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62d94d89-366f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70b9hPIUKHVsmis747IQKmtOKaIciBRUhUpojLqt7sFgiGAJx9OA0xI5PPam0JDVfbt4SDWJkN3O9p%2B6XW8J2OIOogH667h4CPfiai4egqaqsveoQHdq3AD%2F4aAe%2FslEGngbypuRsvXkCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 731765f9088bb73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2615.6c71218f.js Show response
cdn-1win.xyz/js/ 27 KB
10 KB 100ms
43ms Script
application/javascript 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/2615.6c71218f.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

062e846f4bce055e041d039dad659e444f45e878f48efd041199668d761f76dd

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449603
cf-bgj: minify
last-modified: Thu, 21 Jul 2022 12:58:49 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62d94d89-6d63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGxRf0g%2BwQGlkxlwFaKPEEjECc4MMYolJx6A5t8WRihKuWlEjvpD7DzA5IPjPfNn3WwOcalFEn3uuGEKV%2FKKoe7O3I06aeG%2BTIyJztXgvDW7Y4ZyhTCLpXOfojKVkJtlqWd9AZjbWXhLKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 731765f90895b73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9320.9262b17e.js Show response
cdn-1win.xyz/js/ 54 KB
15 KB 100ms
45ms Script
application/javascript 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/9320.9262b17e.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07b7171fa7afc1c2bdb4d126338177285b093c804ecbfe43b63221ba274a8a8a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449603
cf-bgj: minify
last-modified: Thu, 21 Jul 2022 12:58:49 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62d94d89-d63a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYW0f%2BWOoIG3C1nPyEkgvdNIMeE9tfpY4dKdQfbUbeQcduI%2F3ayiwul33Er1iZvXSy4LQIxJiPDskfMLUycUYDsAN%2FYAN5%2FbKZDT7iU1e%2BH%2F6NEkt9T7rRs9EsyNeO3wttPaks6rFhEq0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 731765f90891b73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3133.8464d79f.js Show response
cdn-1win.xyz/js/ 502 KB
135 KB 132ms
76ms Script
application/javascript 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/3133.8464d79f.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b671efb339239f8419779f87e9cbfb3ec54f8dff68a8414a0fc40c2118c40c6

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27849
cf-polished: origSize=514049
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:36:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62e11546-7d801"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQVnSaL9s6RSZGz0h3AkLMf8nO%2FTF5wl1KJsQIdJnVJQgokVLML%2BUy4xNM5gzbaUJ%2FhFXhtO01LdnHv1kSFCrEjvBUSXtyGWt0hFnmTMrmDwGTVEFkR6EBA013wuP4t7xzasZoJzEHbicg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 731765f9088fb73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.061c3522.css
cdn-1win.xyz/css/ 111 KB
19 KB 97ms
44ms Stylesheet
text/css 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/css/desktop.061c3522.css

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f8d8feee0fa74383292acd2431c7dae4701c73bd57a351303d26777b0454193

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449602
cf-polished: origSize=113838
cf-bgj: minify
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62d94d8b-1bcae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIMYGwnk4AxLs1hixORJI4UXFO%2BETL%2Ff07e1fDY4s0GsP1OlhzOAhBzBIFRXKr3R%2FYvxXpVdtzbVlFp%2FvpigOoX0YsWfAfmjfmbC3dkUdu%2B3YwSBnyfiQ8Z1JqEvRC5kHRqLNtVilZcZ1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 731765f90888b73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.3d5f81a8.js Show response
cdn-1win.xyz/js/ 123 KB
32 KB 129ms
76ms Script
application/javascript 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/desktop.3d5f81a8.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53542b86398858a65542d11a5bdec1e484949ffdd6eabfa310457e5b3f4b850f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196379
cf-bgj: minify
last-modified: Mon, 25 Jul 2022 11:45:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62de8255-1edac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Plh5bolm0KvsDqng%2FLF70apEM5rHsUq%2FLINSYTSGZmJwJbL08qVnCPotbBr%2FWsofS67hAIEAizK6%2FqJ7kFTCLkApMFG1OAuJ3W6tuyL7Ft7iPdFYs9XxuPlf2pyq2zOvraBYAaUaxWNUUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 731765f90893b73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFNSText.c652402c.woff2
cdn-1win.xyz/fonts/ 370 KB
371 KB 65ms
64ms Font
application/octet-stream 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/fonts/SFNSText.c652402c.woff2
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/desktop.061c3522.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49073903870a8bb345c24e632270bc480dde66725f0af85c66df5cb7269c4214

Request headers

Referer: https://cdn-1win.xyz/css/desktop.061c3522.css
Origin: https://1wmgfq.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 379312
last-modified: Wed, 27 Jul 2022 10:36:55 GMT
server: cloudflare
etag: "62e11547-5c9b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QA9YglfEZrXR1tojOILCUDCn09n7r%2FmvXBNzZwJQNeE11Fk3xJhQSm8L50SLhWpd5Ah8iOP0l%2FKT6oQ1QKOHPWWwmlxn2e2lkgMhVEbYp5rxB0tfbh%2FAaJFiVN1GV56hzYESdqto4PvEQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 731765f95a8eb8be-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 367ms
158ms Preflight 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://1wmgfq.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://1wmgfq.top
access-control-max-age: 1800
date: Wed, 27 Jul 2022 18:22:04 GMT
vary: Origin
x-amzn-trace-id: Root=1-62e1824c-3762308617d83826083d668d
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-ewr18146-EWR
x-timer: S1658946124.116967,VS0,VE61

GET
H2 200 1959.c307bf93.js Show response
cdn-1win.xyz/js/ 192 KB
44 KB 47ms
47ms Script
application/javascript 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/1959.c307bf93.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a80e828d38a3bcd538602c347de067809481044d7857046104c5ad4d1d1813f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449602
cf-bgj: minify
last-modified: Thu, 21 Jul 2022 12:58:49 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62d94d89-2fe26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67fQsP404xNUPiMG5DGIYQ%2BOUXad9ozDQzchoo4cwtNJ0ZknpR%2Bpf8HC%2B6WzEaBy6Kv9%2BjECfH5ioCNiLt98bc5P26j8ihFWzSmOqDkGNQjdCcM3%2BA7p%2BFNUD4WmqThRFgjscsAOp5%2FRKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 731765f9fb0db73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6791.7955db8c.js Show response
cdn-1win.xyz/js/ 70 KB
23 KB 37ms
37ms Script
application/javascript 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/6791.7955db8c.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04c9defda1aa69f6bd5d6035389b796366886d3e00d64042e71ed22b713336b1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449601
cf-polished: origSize=71272
cf-bgj: minify
last-modified: Thu, 21 Jul 2022 12:58:49 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62d94d89-11668"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZN23NyBQjcLMT250AoFMAty3a4WUZNCTXnlaC51t8AfqOwkXe%2FDOmpgQuJ413CmjXQgwBdrH1IRsbAWhh46BkEDO6dIdYcZNTunGz9Itcf78Kh%2Fq81LB5TYW%2BK0IDkMSaueEiRqdybTvGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 731765fa1b3db73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 2 B
127 B 163ms
163ms Fetch
application/json 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/js/3133.8464d79f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS40LjEiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMDMiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwidXNlcl9wcm9wZXJ0aWVzIjp7fX0
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9
Authorization: Api-Key client-utHKVjcfmBn9NBTv9TXTB9Qo2likMJCV

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
x-content-type-options: nosniff
age: 0
x-amzn-trace-id: Root=1-62e1824c-5599c93b73b69e2c31e9a27a
x-served-by: cache-ewr18146-EWR
vary: Origin, Origin
x-cache: MISS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://1wmgfq.top
access-control-allow-credentials: true
accept-ranges: bytes
x-timer: S1658946124.276897,VS0,VE65
content-length: 2
x-cache-hits: 0

GET
H2 200 en Show response
1wmgfq.top/lang/site/ 3 MB
1 MB 155ms
155ms XHR
application/json 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wmgfq.top/lang/site/en?tag=

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/chunk-vendors.6ea27ee4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

b9a0257d638a43359c9803657f5805e87588f4f9918a2b8df694f55ad032eec4

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wmgfq.top/casino/list?open=register&
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:03 GMT
content-encoding: gzip
server: nginx/1.22.0
x-frame-options: DENY
content-type: application/json; charset=utf-8

GET
H2 200 get-authorization Show response
1wmgfq.top/ 19 B
183 B 178ms
178ms XHR
application/json 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wmgfq.top/get-authorization?random=1658946123856-0.2055325959413925

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/chunk-vendors.6ea27ee4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

759315d5ae8c31136d2a7bc803e591554894987559325cdf7e0b5965bec0eaca

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wmgfq.top/casino/list?open=register&
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: https://1wmgfq.top
date: Wed, 27 Jul 2022 18:22:04 GMT
access-control-allow-credentials: true
server: nginx/1.22.0
content-length: 19
x-frame-options: DENY
content-type: application/json; charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
42 KB 119ms
45ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174162538-1

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d5d5edbb0edaf06db54c346c92475a4893e73d4567db1fd53c738ba67d62ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42709
x-xss-protection: 0
expires: Wed, 27 Jul 2022 18:22:04 GMT

GET
H2 200 amplitude-7.2.1-min.gz.js Show response
cdn.amplitude.com/libs/ 59 KB
19 KB 116ms
35ms Script
application/javascript 13.32.23.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js
Requested by: Host: 1wmgfq.top
URL: https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-71.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8

Request headers

Referer: https://1wmgfq.top/
Origin: https://1wmgfq.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 08:39:57 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 1417328
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 19222
access-control-allow-origin: *
last-modified: Tue, 22 Sep 2020 19:51:25 GMT
server: AmazonS3
etag: "e7ee6bc7f428f90fb1b1ed0e94b9f835"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: rtLe8nVXDx8sL7XBGT5sDlFBE.TwGFEn
via: 1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: c9hkEnXWMptba7tToEpb4BT4hxEDO05hsMgV8RKM94m-fy6poRIezg==

GET
H2 200 firebase-app.js Show response
1wmgfq.top/firebase/8.1.1/ 19 KB
7 KB 61ms
61ms Script
application/javascript 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wmgfq.top/firebase/8.1.1/firebase-app.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/casino/list?open=register&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
content-encoding: gzip
last-modified: Wed, 27 Jul 2022 10:37:22 GMT
server: nginx/1.22.0
etag: W/"62e11562-4ded"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 client.js Show response
cs15.livetex.ru/js/ 2 KB
1 KB 287ms
56ms Script
application/javascript 185.39.80.168
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://cs15.livetex.ru/js/client.js
Requested by: Host: 1wmgfq.top
URL: https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.80.168 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 11628576aa0c8af216a2a18bd48baef78a9dff831ac706699313abbbcfbd0506

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 15:23:51 GMT
server: nginx
etag: W/"62d03507-690"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
expires: Thu, 28 Jul 2022 18:22:04 GMT

GET
H2 200 2423.d3e0dcb8.js Show response
cdn-1win.xyz/js/ 12 KB
4 KB 35ms
35ms Script
application/javascript 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/2423.d3e0dcb8.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

129f6e839a326af49d3d581f2761a1f3c64f97a7e7df73b515ccb7e84f37bf2f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449603
cf-bgj: minify
last-modified: Thu, 21 Jul 2022 12:58:50 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62d94d8a-2e63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94yAW%2Fl%2FLzBChP8mngb742ismw2%2BN8giulfu9aN9F70OTbYQ84XJ2HJKzHPD1Bd8bw43MKlJ8K%2FW6y5zGOVpOHhZipSoi%2BzyZ4rRY6O3DTq2RYr0d25L7my0NGRmCks8XN8Bd%2BzUY8AJeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 731765feac5eb73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2244.51bfefa1.css
cdn-1win.xyz/css/ 25 KB
4 KB 36ms
36ms Stylesheet
text/css 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/css/2244.51bfefa1.css

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5abc5ca16eb2e09b6e30a07848c64ed7dcd0eac9f1e4ed4c89c59e69bef28928

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449464
cf-bgj: minify
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62d94d8b-64f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rz5TVSzQUx9TctIRb8lMFlj2GbNPfK%2F7QrRltjtNvn19boQELnW%2F4Uoz7iZVSVk%2FrhvFvnq9CPB500GHKXG4xZqAGDfssBUzjMXNzvkMqAJ%2BYmjRP0hK%2F4aq7YPX7vmrwbVqLei3xoVtIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 731765feac61b73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2244.f95ced66.js Show response
cdn-1win.xyz/js/ 15 KB
5 KB 47ms
46ms Script
application/javascript 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/2244.f95ced66.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14739702bcfcb5c7289b20bce40141cbe5a043c2701afb7a27de45db545e8caf

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449464
cf-bgj: minify
last-modified: Thu, 21 Jul 2022 12:58:49 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62d94d89-3d77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfAFVCwXGjEqZ%2FgEMoqgAgUgGtWUbBy3TLr%2BTKLsJ1i7JgmN06k45GkooTQUo16z1x8Fh%2BNMH41UY7GJ6RNVuA2rXno13e80ejZmMS%2BVQIEqGRzyvfHB7nEqQlMCzdFwwurDk8xOGsPAlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 731765feac62b73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7810.1ebfdd6f.js Show response
cdn-1win.xyz/js/ 9 KB
4 KB 36ms
36ms Script
application/javascript 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/7810.1ebfdd6f.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a80c329e6197f42a7754fe970fcccb956385c8e91515593409fd200df1fe099

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 194518
cf-bgj: minify
last-modified: Mon, 25 Jul 2022 11:45:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62de8255-22aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLnfA7DiobajjOP%2Fu48D5AbkoWJqo3BAS%2FVkA5n6umOXq%2FPoaT5UfPm6LV05%2FkXLY9zLAxlwC%2F3Pd2dmNJ7BYBv%2BlEte%2Be2iF2likQ9gLiEYL3jLNhBiQKz4uw7nSW3NdCSUAHwRnWS4KA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 731765feac64b73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2217.5ffa24cb.css
cdn-1win.xyz/css/ 4 KB
1 KB 62ms
62ms Stylesheet
text/css 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/css/2217.5ffa24cb.css

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d933cea4bac3449e789974039ff6839d3551900a0c3ddc5a61deda98d2eeb6ee

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 194518
cf-bgj: minify
last-modified: Mon, 25 Jul 2022 11:45:26 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62de8256-1156"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dokZb0SpGmnN98dwYGl4nG1FQmVzYD7xUIU5S8yRIFDMUmUDl9MO3UvGovf7DA0yjqesA2XMZBc7%2BH5QfSFeJuovvktBb%2BKTfsVtXwIEiv45Gxm1j7aalo2RQ19gT%2FOXjz%2Ba2sWiUJdrWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 731765feac67b73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2217.1da72f13.js Show response
cdn-1win.xyz/js/ 3 KB
2 KB 37ms
37ms Script
application/javascript 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/2217.1da72f13.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

853e169d5067b9d760668a95e2079ecd83c21bf54ce5c19c7d27b4d715bd003e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 194518
cf-bgj: minify
last-modified: Mon, 25 Jul 2022 11:45:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62de8255-cf2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NsylzMp5WjSoF%2FVd1oByNXrClRcs67m6IMylMpkX7PoJfwVEwuOC%2BD7h5ysdDi2qTajbIrQhlHPP%2FTo1G6WP6ugDKj%2Bib2sjSLj2WC8k%2BOzgFbx4I9nGGt%2BrzPCGsgrGHvBlQvd8ewlVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 731765feac68b73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7919.cb6397ee.js Show response
cdn-1win.xyz/js/ 81 KB
17 KB 36ms
36ms Script
application/javascript 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/7919.cb6397ee.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85f84932578e80246ce2184e232ea31e3e1aee7f687dc1624084ee39635dd10f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449602
cf-bgj: minify
last-modified: Thu, 21 Jul 2022 12:58:49 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62d94d89-14474"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzyGGz%2B87IaVTDHfx3KbnSQOq8foMwmWedpvGxznx%2Bt1C4hGgi1i%2Fd2xL8nffKgVP1oq8tiq%2BEBampculChINnv8qa2z1rM8VR4PmDmpn5dwaTPzQvflEGAfAwy2hrHSEMiVX2p478pNAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 731765feac6ab73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5017.3e57d49e.css
cdn-1win.xyz/css/ 29 KB
5 KB 41ms
40ms Stylesheet
text/css 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/css/5017.3e57d49e.css

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe0d62d42feb82bd1747e5f9550eb886025a16eaff376f74993bd0d6686e26c8

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 194518
cf-polished: origSize=29739
cf-bgj: minify
last-modified: Mon, 25 Jul 2022 11:45:26 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62de8256-742b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NdQQuFQSJ%2Fu3figEFk7Dh3rDCAt0Hcqy9Ru7YK%2FcQwz6PxPs9%2BW1Vii%2B4VB9PSJ0uBuEO7cBqyt%2Bxsx7Pc6RC96cEEeygxhq85lobZMNPEO5y1o9rQCxWK4aSEqEgH060ijKVKGHWQ7bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 731765febc73b73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5017.c063914e.js Show response
cdn-1win.xyz/js/ 20 KB
7 KB 38ms
38ms Script
application/javascript 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/5017.c063914e.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3867184d1617efc5911f9d46b268efff4d1f063f4beae01d7161c712ab5018ec

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 194575
cf-bgj: minify
last-modified: Mon, 25 Jul 2022 11:45:24 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62de8254-4e11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4RR1DSOwlyo%2FxzaQaNz8w6GCr3VksSTcy01psYWXkRQafERGYdp6v09jB191DnlqU4B8LJ2ll7X7uqFst07hwtQDiviCmZe2KAZTCJJH9otbfhSJsBNHiGLCMxDkJaWgsG0aHuVT23FSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 731765febc75b73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4801.f2395fc8.js Show response
cdn-1win.xyz/js/ 25 KB
9 KB 37ms
37ms Script
application/javascript 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/4801.f2395fc8.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a641ca550feaba10b7f24ee2d1a7d9b49a27fdf3999b5f2cec882f288e979a2c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449587
cf-bgj: minify
last-modified: Thu, 21 Jul 2022 12:58:50 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62d94d8a-63a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Nj0NJLJX7rAWOTZYUm%2BGymLO7d0ZfJ164ysTcKdnccxYue3sXspOFbPo1Iv3%2F4V15vc5E3ov8VcihukqoN7%2FQ4hwge%2BUPx8nQQfe8W%2FkeQwaw8Z2L6kAnTe21i5H0W3k3mfJ5UK%2BNxcUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 731765febc78b73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3046.41f81f85.js Show response
cdn-1win.xyz/js/ 26 KB
8 KB 61ms
61ms Script
application/javascript 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/3046.41f81f85.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9979d39669d123fc393fa8837b3a00848f76d058e9828c0bab9060b4ec760de4

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449464
cf-bgj: minify
last-modified: Thu, 21 Jul 2022 12:58:49 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62d94d89-68be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjbtMHLsAQzZh6HMTg5qDMWQY7yfhR4T%2Bg9zctUDT7UQf3r7nuOmWbfMm74dqF349PV5hBTr5LbAjtTRkprhSHozTgs%2B7Js%2B1peb%2FKCP20zLYCDUZf4SsT7oWsfQfn6%2BPJlaIbz3VlRV%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 731765fedce1b73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9668.8d229202.css
cdn-1win.xyz/css/ 30 KB
6 KB 69ms
69ms Stylesheet
text/css 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/css/9668.8d229202.css

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d06d5d3e2db3e97bba3800f8ec3cf27c58aa56fff63b83edb8d40d96f57ddf70

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449464
cf-polished: origSize=30575
cf-bgj: minify
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62d94d8b-776f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qvru6rA1mOYp8E%2FMcumokbMZuiGfABqTuFU3E%2BTMlx%2B4aFaU7WuWryFlyMr6mHFQHD%2FZyIVccnQNAS%2B2uTi5ZSiHaVp%2FmtLsD6Oi%2BcTaAfPQvlnwe%2FauJisf2UuNBEyQCuWXnHVH0vnIVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 731765fedce6b73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9668.8632658c.js Show response
cdn-1win.xyz/js/ 45 KB
13 KB 70ms
70ms Script
application/javascript 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-1win.xyz/js/9668.8632658c.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/index.4daad0d7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c66120c6f15bf10cf2861796970eb3238ee49e4416b10b06b251ea7c0985262b

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449464
cf-bgj: minify
last-modified: Thu, 21 Jul 2022 12:58:50 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62d94d8a-b22d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDm1ykvwxGRc%2BWkaaqqTi5N2%2F3Py%2B%2BUkW6%2Fa45iDbFCIjw3UBJfIhkv4nGQOaI8BQT0jfC6m2lKF42czgnZ9RDl%2FiRP0cntadhf6XGMEwhCAd2BR%2BKjOk38CTx4Yb1WQIZnnffqdzRresg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 731765fedce9b73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 title Show response
1wmgfq.top/common/ 16 B
128 B 68ms
67ms XHR
application/json 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wmgfq.top/common/title?path=casino&lang=en

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/js/chunk-vendors.6ea27ee4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wmgfq.top/casino/list?open=register&
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
vary: Origin
server: nginx/1.22.0
content-length: 16
x-frame-options: DENY
content-type: application/json; charset=utf-8

GET
H2 200 firebase-messaging.js Show response
1wmgfq.top/firebase/8.1.1/ 40 KB
12 KB 64ms
64ms Script
application/javascript 190.115.19.43
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wmgfq.top/firebase/8.1.1/firebase-messaging.js

Requested by

Host: 1wmgfq.top
URL: https://1wmgfq.top/casino/list?open=register&sub1=2dit711edgd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/casino/list?open=register&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
content-encoding: gzip
last-modified: Wed, 27 Jul 2022 10:37:22 GMT
server: nginx/1.22.0
etag: W/"62e11562-9f25"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 emoji-soccer.33e7e9d9-160.png
cdn-1win.xyz/img/ 20 KB
21 KB 44ms
44ms Image
image/png 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/emoji-soccer.33e7e9d9-160.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3702711cd5dab90eb3aa05778ed6c306c69635e453dcf8943c0a9e43ea128bc4

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449609
content-length: 20719
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
server: cloudflare
etag: "62d94d8b-50ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hAv1a9nBV8PJ9hKLbhItpDiCSkz2TFm49L8IBzJhCXmsrzGF7nBL%2Bt6NmciYjbpIcmHVTHTWWvSSm0SX3SRYmvyUm6P3OoSk%2Flj92b2jNmjKH%2F2AqVrX4okN5wSUr9Iebez2t4nr11bCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 731765ff4e5bb73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 emoji-slots.479437fd-160.png
cdn-1win.xyz/img/ 13 KB
13 KB 46ms
46ms Image
image/png 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-1win.xyz/img/emoji-slots.479437fd-160.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

364313c95a97e2d61942149a9dd9c42062bb4e0da86de9bd22b8cdc16c30dbed

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449609
content-length: 13240
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
server: cloudflare
etag: "62d94d8b-33b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFMeAelzSsorA1hKqYKJ66gKsVDwizY%2BYoEM3y2TvPPl2HJme4mamS4nqkTqZc1CanLuA2uJfI6M0vePjYiJM2ZMM9qrqTFmnnidZy0JP33jkdUIysf7uJhkGhhTGrDZs9z0ZiOgMnOOCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 731765ff4e60b73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cashback.12a56595.svg
cdn-1win.xyz/img/ 2 KB
1 KB 42ms
42ms Image
image/svg+xml 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1win.xyz/img/cashback.12a56595.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8492b63b2d1147503ddb11a27f119e5287c5ae6f02f37e51ad6ae769af970658

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449464
last-modified: Thu, 21 Jul 2022 12:58:51 GMT
server: cloudflare
etag: W/"62d94d8b-851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sImEtepvBk1nwVQwBfX%2Fw6c3Aei35KabNlvIlx8Ac1HcyaGxAg8xj3ZB8fIxd0yccJSfz6JV%2B8EC6QMTUC6Q3sPi5ggQHAg4zjuw8A0tcKp9Bmo7%2FqM9GpoTW4snsX9D2iXFKyEbbv%2Bp4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 731765ff4e63b73a-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFNSDisplay.2b5dc965.woff2
cdn-1win.xyz/fonts/ 288 KB
289 KB 75ms
75ms Font
application/octet-stream 2606:4700:20::ac43:4ae2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/fonts/SFNSDisplay.2b5dc965.woff2
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/desktop.061c3522.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:20::ac43:4ae2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efdc0e9caf5e1b3f650e8ecd022ecd000bb070e1b0cf359eeb228603c325384b

Request headers

Referer: https://cdn-1win.xyz/css/desktop.061c3522.css
Origin: https://1wmgfq.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 295048
last-modified: Wed, 27 Jul 2022 10:36:55 GMT
server: cloudflare
etag: "62e11547-48088"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mg%2BuXhTWPYLxQYW6rwdZPnOOdZ06lcZ9KEsgE2IdEjRjv2KwLwURlMFCytjk2jeBpjP7IlZJOiVTj%2BZauX2ZCuAMYg5yssK50nVZ4HhlHXnbVRS3BrtO%2BGTfo8NconFyPqjwebqhw9OFOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 731765ff496cb8be-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
71 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0QLHZPHB9W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174162538-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3722253fb4fab29863fa47d7704180054900570a2626357da88317958373402d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72723
x-xss-protection: 0
expires: Wed, 27 Jul 2022 18:22:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 109ms
33ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174162538-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4804
date: Wed, 27 Jul 2022 17:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 27 Jul 2022 19:02:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
344 B 102ms
32ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0QLHZPHB9W&gtm=2oe7p0&_p=1635001623&_z=ccd.v9B&cid=444816002.1658946125&ul=en-us&sr=1600x1200&_s=1&sid=1658946124&sct=1&seg=0&dl=https%3A%2F%2F1wmgfq.top%2Fcasino%2Flist%3Fopen%3Dregister&dt=1win&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0QLHZPHB9W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 18:22:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1wmgfq.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

widgetsSettings.json Show response
widgets-2-omni-iframe.livetex.ru/js/
Redirect Chain

https://balancer-cloud.livetex.ru/get-client/?site_id=171205&version=1.2.36&target=settings_path&rnd=4d13bfp4ot4
https://widgets-2-omni-iframe.livetex.ru/js/widgetsSettings.json

1020 B
1 KB

62ms
55ms

XHR
application/json

185.39.80.168
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-2-omni-iframe.livetex.ru/js/widgetsSettings.json
Protocol: H2
Server: 185.39.80.168 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: e6d2e447997a58043ecdc6e4534ebd9cb98f0576bfee7b82a4d8d2e357968d62

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:05 GMT
last-modified: Tue, 07 Jul 2020 12:19:07 GMT
server: nginx
etag: "5f04683b-3fc"
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1020

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 18:22:05 GMT
server: nginx
location: //widgets-2-omni-iframe.livetex.ru/js/widgetsSettings.json
access-control-allow-origin: https://1wmgfq.top
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
access-control-allow-credentials: true
content-length: 0
expires: Wed, 27 Jul 2022 18:22:04 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 110ms
40ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1635001623&t=pageview&_s=1&dl=https%3A%2F%2F1wmgfq.top%2Fcasino%2Flist%3Fopen%3Dregister&ul=en-us&de=UTF-8&dt=1win&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABCAAAAC~&jid=1393328637&gjid=946135186&cid=444816002.1658946125&tid=UA-174162538-1&_gid=538553734.1658946125&_r=1&gtm=2ou7p0&z=1369399041

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wmgfq.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 18:22:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1wmgfq.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 106ms
37ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-174162538-1&cid=444816002.1658946125&jid=1393328637&gjid=946135186&_gid=538553734.1658946125&_u=YADAAUAACAAAAC~&z=664824729

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wmgfq.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 27 Jul 2022 18:22:05 GMT
content-type: text/plain
access-control-allow-origin: https://1wmgfq.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 148ms
71ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-174162538-1&cid=444816002.1658946125&jid=1393328637&_u=YADAAUAACAAAAC~&z=1595157633

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 18:22:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
501 B 148ms
71ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-174162538-1&cid=444816002.1658946125&jid=1393328637&_u=YADAAUAACAAAAC~&z=1595157633

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 18:22:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

app3.js Show response
widgets-2-omni-iframe.livetex.ru/js/
Redirect Chain

https://balancer-cloud.livetex.ru/get-client/?site_id=171205&version=1.2.36&target=path&rnd=f44aoaw0mkl
https://widgets-2-omni-iframe.livetex.ru/js/app3.js

114 KB
27 KB

116ms
116ms

Script
application/javascript

185.39.80.168
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-2-omni-iframe.livetex.ru/js/app3.js
Protocol: H2
Server: 185.39.80.168 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: c102e4a5bee2f4e028bb8df0f3758091abab7ffbfb1d2e8f3299a03803da046f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:05 GMT
content-encoding: gzip
server: nginx
etag: W/"62e00da4-1c873"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: no-cache
access-control-allow-credentials: true

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 18:22:05 GMT
server: nginx
location: //widgets-2-omni-iframe.livetex.ru/js/app3.js
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
access-control-allow-credentials: true
content-length: 0
expires: Wed, 27 Jul 2022 18:22:04 GMT

HEAD
H2 200 iframe.html
widgets-2-omni-iframe.livetex.me/js/ 0
0 543ms
78ms Fetch
text/html 2606:4700:20::ac43:4a03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-2-omni-iframe.livetex.me/js/iframe.html
Requested by: Host: balancer-cloud.livetex.ru
URL: https://balancer-cloud.livetex.ru/get-client/?site_id=171205&version=1.2.36&target=path&rnd=f44aoaw0mkl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXb8aX9NY7c3SEpH8ohbAW7ORcdt56ptXTy%2BmOZ%2B2Twm7AhjnBCbVEo0KQNd943moEZMEg0KiOPv3X5zL7XYhazltz4la4ntCmKYW5QrNGDQJFgc%2FLiH7cPDFNPG3n9PNAwVZ1tu4PeXDY1qLdvlmBQcEMzUm%2F84JtLNseZI"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://1wmgfq.top
cache-control: no-cache
cf-ray: 731766066cfab89c-AMS

GET
H2 200 iframe.html Show response
widgets-2-omni-iframe.livetex.me/js/ Frame DDBB 2 KB
1 KB 160ms
106ms Document
text/html 2606:4700:20::ac43:4a03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-2-omni-iframe.livetex.me/js/iframe.html?host-page-origin=https://1wmgfq.top
Requested by: Host: balancer-cloud.livetex.ru
URL: https://balancer-cloud.livetex.ru/get-client/?site_id=171205&version=1.2.36&target=path&rnd=f44aoaw0mkl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e30c51430842f40c5da930754c5e1e1f61bc5117cae2fe2b346ba59c45941a9

Request headers

Referer: https://1wmgfq.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 731766073dccb785-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 27 Jul 2022 18:22:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDjVfDdbm7dTm%2FEz4156lE%2BXR6DegcZgPJGwFqgjHaKCTqpOiC6wb84perekZU%2BEMmdXAxzJnD3fMNmM%2FiRoVUOTxFDy5e1rbHcRn5cohf%2FaBp%2B4hh7eFht62OgtuJiFE5MINRfMfGWOuNyKxiNB96zs%2FEmvC8kue1lal%2FP%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 ui.7.1.1182.js Show response
widgets-2-omni-iframe.livetex.me/js/ 1 MB
261 KB 104ms
50ms Script
application/javascript 2606:4700:20::ac43:4a03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-2-omni-iframe.livetex.me/js/ui.7.1.1182.js
Requested by: Host: balancer-cloud.livetex.ru
URL: https://balancer-cloud.livetex.ru/get-client/?site_id=171205&version=1.2.36&target=path&rnd=f44aoaw0mkl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ab845160f8db0e8ec51d76896f5aa704c32d1a6ed30a7469bea3e10ce9786a9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:05 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 95128
etag: W/"62e00d9b-11a2a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5ekMBZzsrCLg%2FWGIxtX2pWSjZLWOYad%2BxpnacAUwHyGwlIKDN7eWFxTYe%2Bj4aBoUp4slpA4KVvUxpCjOtTYlcx8a%2Bf79EDnxWiJ%2BzfbEX85S45XCwmv4RgoPNLLk8hr1B9rG0hM25yZ1M1Bmp3REo2Jspr0UtbiBjERhEvI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
cf-polished: origSize=1155751
cf-ray: 731766073dd3b785-AMS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H2 200 / Show response
balancer-cloud.livetex.ru/services/ 2 KB
677 B 56ms
56ms Fetch
text/plain 185.39.80.168
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://balancer-cloud.livetex.ru/services/?site_id=171205&ids=widgets-api-service2-app.thrift-http,widgets-api-service2-app.http,event-service-app.widgets-thrift-http&client=widget&version=7.1.1182
Requested by: Host: balancer-cloud.livetex.ru
URL: https://balancer-cloud.livetex.ru/get-client/?site_id=171205&version=1.2.36&target=path&rnd=f44aoaw0mkl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.80.168 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: d3572b8276133f6bf73a90f10bac43628dced224501868fb48143112bd61055f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 18:22:05 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://1wmgfq.top
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-TOKEN
expires: Wed, 27 Jul 2022 18:22:04 GMT

GET
H2 200 vendor.b4481d.js Show response
widgets-2-omni-iframe.livetex.me/js/ Frame DDBB 467 KB
79 KB 47ms
46ms Script
application/javascript 2606:4700:20::ac43:4a03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-2-omni-iframe.livetex.me/js/vendor.b4481d.js
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/iframe.html?host-page-origin=https://1wmgfq.top
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c02737c1f46fd97a5042fc8e4f9b7d5992a9548cad4d27a8a45c078d181c0a8e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widgets-2-omni-iframe.livetex.me/js/iframe.html?host-page-origin=https://1wmgfq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 121320
etag: W/"62dea43c-74c44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BJ3cdHSmG%2F%2B1ivTN6vhX1PRfpkRb6cMFwWI%2BSpZ2WnjUVfw4J%2BTldxhezjzsJXfWadWwGq7F2wSduIq8HLryENxFc%2Be8thyC8ovq7aQSjD0qNyLRpqDN%2BVyutJwsPWu6HGtMrB1x0KAFHfR9XMcX%2BalAKQRjV60MVcrRGO4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73176607ff5fb785-AMS

GET
H2 200 services.494d56.js Show response
widgets-2-omni-iframe.livetex.me/js/ Frame DDBB 349 KB
75 KB 44ms
44ms Script
application/javascript 2606:4700:20::ac43:4a03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-2-omni-iframe.livetex.me/js/services.494d56.js
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/iframe.html?host-page-origin=https://1wmgfq.top
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 808b081a02692a095fcee8563dec3bcfc5262f4ee6ba1039dbd1a6188c73a2c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widgets-2-omni-iframe.livetex.me/js/iframe.html?host-page-origin=https://1wmgfq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 95129
etag: W/"62e00dba-57313"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cD0kYdWoqE1Ct0PKqrUyiBOpXTd%2Fmu%2Bo2CWhDysrSf3bApzgE7e4bWRphstuQHrYyRO%2B4cxlBJY4BruM2m3AtpfN691rXRg0YEbZmYY6tGHceO%2BviEmNEVQcCzOvGYnypNcN3idhsd64A03Fs1XV0CFCikIULBNZVa%2B%2BRFLm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73176607ff62b785-AMS

GET
H2 200 171205.js Show response
widgets-2-omni-iframe.livetex.me/js/settings/v3/ Frame DDBB 6 KB
2 KB 38ms
37ms Fetch
application/json 2606:4700:20::ac43:4a03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-2-omni-iframe.livetex.me/js/settings/v3/171205.js
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/services.494d56.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67aed5265518d9c08683b2347cf0d80ad1db2859145bdef45147938d6b76058a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widgets-2-omni-iframe.livetex.me/js/iframe.html?host-page-origin=https://1wmgfq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 Jul 2022 17:16:31 GMT
server: cloudflare
age: 2078
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AI5%2FTzLJX69AjSBnu6Ap0p2Qqzcqa7E9Sqdy88Q5io1eGz8lAF2w9XyR%2F%2BGy26uGV4s15fVAomqPFRRRnqptIj45L%2BI%2F6TW9NwfirwdJzxuy55NrSVjPerpOuDINJgU0aFPvpd6e7DXM1fliwKQT7xTt9KR%2Fh7TYeGULY9wl"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7317660888c0b785-AMS
expires: Wed, 27 Jul 2022 18:16:31 GMT

GET
H2 200 171205.css Show response
widgets-2-omni-iframe.livetex.me/css/widgets/ 268 KB
33 KB 93ms
93ms XHR
text/css 2606:4700:20::ac43:4a03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-2-omni-iframe.livetex.me/css/widgets/171205.css
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/ui.7.1.1182.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b9c37f456ccfde6bc0bf2483e1c29f677d950b9368199e8a80be1e1e28bf17d

Request headers

Referer: https://1wmgfq.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Jul 2022 18:22:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=274612
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 17:45:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBQwLACfYYoRGRdwK2lXaesAlw6uyehuK%2Ft2sp3MC%2Bb55b%2BrnTUvRePWFHytgjYsWQNU7bMmvg7V7cbVfBPPYYPNzrcoH0fFg3I%2FjXiTl9XfYTp2rwzeKmjH3ip1sKAnybRT8ppX%2F1eJhkMYigijeKSVJI51rpF0knGV9Gyy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 73176608db09b89c-AMS
expires: Wed, 27 Jul 2022 18:45:23 GMT

GET
H2 200 / Show response
balancer-cloud.livetex.ru/get-server/ Frame DDBB 165 B
443 B 56ms
56ms Script
text/plain 185.39.80.168
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://balancer-cloud.livetex.ru/get-server/?site_id=171205&__fallback__&=&_m=GET&_c=njr_1_callback&_t=jsonp&_rnd=e2vyckxwe44&_h[lt-origin]=account%3A281894%3Asite%3A171205
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/vendor.b4481d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.80.168 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 67946a9c34f7ef6c17d6995126859f693051318ffb6456743bd588f7996c9fa1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widgets-2-omni-iframe.livetex.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 18:22:06 GMT
server: nginx
content-type: text/plain; charset=UTF-8
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
access-control-allow-credentials: true
content-length: 165
expires: Wed, 27 Jul 2022 18:22:05 GMT

GET
H/1.1 200
OK auth Show response
io4-production-2-ltx227.livetex.ru/visitor/ Frame DDBB 551 B
1 KB 282ms
59ms Script
text/javascript 185.39.80.58
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://io4-production-2-ltx227.livetex.ru/visitor/auth?__fallback__&=&_m=POST&_c=njr_2_callback&_t=jsonp&_=%7B%22is_mobile%22%3Afalse%7D&_rnd=80y1b30ni1e&_h[lt-origin]=account%3A281894%3Asite%3A171205
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/vendor.b4481d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.39.80.58 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6838916d248be0ee80b146d9f2d8a30a02035729d498e0fff1351000d94e9259

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widgets-2-omni-iframe.livetex.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 18:22:06 GMT
Server: nginx
Content-Type: text/javascript
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
Connection: keep-alive
Content-Length: 551
Expires: Wed, 27 Jul 2022 18:22:05 GMT

GET
H2 200 / Show response
balancer-cloud.livetex.ru/services/ Frame DDBB 2 KB
650 B 56ms
56ms XHR
text/plain 185.39.80.168
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://balancer-cloud.livetex.ru/services/?account_id=281894&ids=visitor-notification-delivery-service-app.thrift-http&client=widget&version=7.1.1182&0.12650426790741198
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/vendor.b4481d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.80.168 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: a437f596b41c53cf457611b67bb3b8ba114be2ea6a848d067b87ce9183006a4b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widgets-2-omni-iframe.livetex.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 18:22:06 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://widgets-2-omni-iframe.livetex.me
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-TOKEN
expires: Wed, 27 Jul 2022 18:22:05 GMT

GET
H/1.1 200
OK add-page Show response
io4-production-2-ltx227.livetex.ru/site/ Frame DDBB 265 B
597 B 59ms
59ms Script
text/javascript 185.39.80.58
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://io4-production-2-ltx227.livetex.ru/site/add-page?__fallback__&=&_m=POST&_c=njr_5_callback&_t=jsonp&_=%7B%22page%22%3A%7B%22account%3A281894%3Asite%3A171205%3Apage%3Aopxq8hp07gc%22%3A%7B%22seo_referrer%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22page_title%22%3A%22MXdpbg%3D%3D%22%2C%22page_url%22%3A%22aHR0cHM6Ly8xd21nZnEudG9wL2Nhc2luby9saXN0P29wZW49cmVnaXN0ZXI%3D%22%7D%7D%7D&_rnd=nhdd4vj9m18&_h[lt-origin]=account%3A281894%3Asite%3A171205&_h[cookie]=zk8im5%3Dio%3Aio-4-ltx227-livetex-ru%3Asession%3A1jbztbegu8cipnip4uc8fr
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/vendor.b4481d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.39.80.58 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0171050720312a69e45d34b83fb51e8652d0576630f21c6e4c8ed3d8e9b991a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widgets-2-omni-iframe.livetex.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 18:22:06 GMT
Server: nginx
Content-Type: text/javascript
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
Connection: keep-alive
Content-Length: 265
Expires: Wed, 27 Jul 2022 18:22:05 GMT

GET
H/1.1 200
OK 1658946126673 Show response
io4-production-2-ltx227.livetex.ru/poll/0/ Frame DDBB 102 B
434 B 115ms
55ms Script
text/javascript 185.39.80.58
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://io4-production-2-ltx227.livetex.ru/poll/0/1658946126673?__fallback__&=&_m=GET&_c=njr_4_callback&_t=jsonp&_rnd=8m3jfchf6cl&_h[lt-origin]=account%3A281894%3Asite%3A171205&_h[x-hold-timeout]=20000&_h[x-destroy-timeout]=40000&_h[cookie]=zk8im5%3Dio%3Aio-4-ltx227-livetex-ru%3Asession%3A1jbztbegu8cipnip4uc8fr
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/vendor.b4481d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.39.80.58 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: b372a998a4726d790cb1aa76201a66a72339f37fef2335a4e196ce551420e2fd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widgets-2-omni-iframe.livetex.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 18:22:06 GMT
Server: nginx
Content-Type: text/javascript
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
Connection: keep-alive
Content-Length: 102
Expires: Wed, 27 Jul 2022 18:22:05 GMT

POST
H/1.1 200
OK visitor-notification-delivery-service-app-production-2-i4.thrift-http Show response
vnds-production-2-i4.livetex.ru/ Frame DDBB 110 B
428 B 226ms
56ms XHR
text/plain 185.39.80.40
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://vnds-production-2-i4.livetex.ru/visitor-notification-delivery-service-app-production-2-i4.thrift-http
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/vendor.b4481d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.80.40 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: a2ca423a27a6f2207020a865ab0ec31ab6ee756481e8cb712bd9d21e0285048a

Request headers

Referer: https://widgets-2-omni-iframe.livetex.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

Date: Wed, 27 Jul 2022 18:22:06 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://widgets-2-omni-iframe.livetex.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 110

POST
H/1.1 200
OK widgets-api-service2-app-production-2-i1.thrift-http Show response
wapi-02.livetex.ru/ Frame DDBB 45 B
362 B 176ms
56ms XHR
text/plain 185.39.80.58
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://wapi-02.livetex.ru/widgets-api-service2-app-production-2-i1.thrift-http
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/vendor.b4481d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.39.80.58 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: eb90dc9fa1cc7f148c99ec84a6a8d4b959b5a13a241105895cd4b0a9c45c3cdb

Request headers

Referer: https://widgets-2-omni-iframe.livetex.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

Date: Wed, 27 Jul 2022 18:22:06 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://widgets-2-omni-iframe.livetex.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 45

GET
H2 200 footer_bg.png
widgets-2-omni-iframe.livetex.me/images/ 547 B
940 B 33ms
33ms Image
image/png 2606:4700:20::ac43:4a03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets-2-omni-iframe.livetex.me/images/footer_bg.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2a1b8d81d0c8cb8f69b1ce1f3ad8ee2a795f5d9befa267b9fd54892c76c91b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34896
content-length: 547
last-modified: Tue, 26 Jul 2022 15:50:03 GMT
server: cloudflare
etag: "62e00d2b-223"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FheNI1LKbbvrACq5lyKL967y%2BABj6Izuwz9Zf0g5gUr6%2FBgsY8pKwr46gfFRtu3zLha6QdFn72MjmRkhVvvNUpMExeoo7i%2FSztvhQchu4TIue9QrGO2dmSrx9%2BqN%2BtqfXNEtl%2Borf2s%2F0Arq38lKgoad1YDEps8osQYYoPH0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7317660c5a27b785-AMS
expires: Thu, 28 Jul 2022 08:40:07 GMT

GET
H2 200 icons.ttf
widgets-2-omni-iframe.livetex.me/fonts/ 7 KB
7 KB 63ms
63ms Font
application/octet-stream 2606:4700:20::ac43:4a03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-2-omni-iframe.livetex.me/fonts/icons.ttf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d4050ea709bb28a0f3a6b01528958bdb8e9375aa2fdcc3e111821531125a7fb

Request headers

Referer: https://1wmgfq.top/
Origin: https://1wmgfq.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 7156
last-modified: Mon, 25 Jul 2022 14:07:35 GMT
server: cloudflare
etag: "62dea3a7-1bf4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyg%2Fjn1nL5%2FtsigsakCU1ap4LM4jUHoCJR51GDLITJI9S9HJLbmlB%2Bp4KmlXt0OMZykTeR6jLRF4PbgF9WPwboKiTPRhKzCkqVH4OQmyGCOM%2F%2BDYE4L%2BvHNe31esxUY18YvBv%2BkC78Q8%2BV1ifrMGW45bFXXi54DK%2B6Dd05iS"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7317660c6b92b89c-AMS
expires: Tue, 02 Aug 2022 08:41:08 GMT

GET
H2 200 preloader.gif
widgets-2-omni-iframe.livetex.me/images/ 4 KB
4 KB 40ms
40ms Image
image/gif 2606:4700:20::ac43:4a03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets-2-omni-iframe.livetex.me/images/preloader.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67efea367418257aaa5cd14e446ef9b6d48231fef881ac1a5b9f39732911e918

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://1wmgfq.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 18:22:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34895
content-length: 3960
last-modified: Tue, 26 Jul 2022 15:50:03 GMT
server: cloudflare
etag: "62e00d2b-f78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhhFk6gUoqF6evHhjglTb3ZWJNEbTMlxkJrIpBxM2PtChMwbXuKac5ZttvIg9%2FTbv1C3cLn%2BZVMXDxmO8%2BscE18uW0%2Bm6hz9gvfELGfPgGSQmgppPiIFSdhIhExSaFP4qaDg5WFGHUMueG37mPBmuN8n7y5oI48OhIRPg4PI"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7317660cfbe1b785-AMS
expires: Thu, 28 Jul 2022 08:40:07 GMT

GET 1658946126886
io4-production-2-ltx227.livetex.ru/poll/1o2wes/ Frame DDBB 0
0

POST
H/1.1 200
OK widgets-api-service2-app-production-2-i1.thrift-http Show response
wapi-02.livetex.ru/ Frame DDBB 41 B
358 B 63ms
63ms XHR
text/plain 185.39.80.58
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://wapi-02.livetex.ru/widgets-api-service2-app-production-2-i1.thrift-http
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/vendor.b4481d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.39.80.58 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 95153539d8161d8b2e007095b96934f9213296ef1441c528f07c9c3a6912bddb

Request headers

Referer: https://widgets-2-omni-iframe.livetex.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

Date: Wed, 27 Jul 2022 18:22:06 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://widgets-2-omni-iframe.livetex.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 41

POST visitor-notification-delivery-service-app-production-2-i4.thrift-http
vnds-production-2-i4.livetex.ru/ Frame DDBB 0
0

GET
DATA 200
OK truncated
/ 855 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4b0814ddb7d026f97299e4455c0016622ae4ee9efaa4d8c5640643265de9417

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 882 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0316eaf7f780bba871772a47fc0df43a1a06d30901532d1cc4a1dd14c7c70027

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: io4-production-2-ltx227.livetex.ru
URL: https://io4-production-2-ltx227.livetex.ru/poll/1o2wes/1658946126886?__fallback__&=&_m=GET&_c=njr_4_callback&_t=jsonp&_rnd=f677g2h8snp&_h[lt-origin]=account%3A281894%3Asite%3A171205&_h[cookie]=zk8im5%3Dio%3Aio-4-ltx227-livetex-ru%3Asession%3A1jbztbegu8cipnip4uc8fr

Domain: vnds-production-2-i4.livetex.ru
URL: https://vnds-production-2-i4.livetex.ru/visitor-notification-delivery-service-app-production-2-i4.thrift-http

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
inkeytarowetrust.ru/	1970-01-20 05:33:44	Name: _subid Value: 2dit711edgd
inkeytarowetrust.ru/	1970-01-20 05:33:44	Name: _token Value: uuid_2dit711edgd_2dit711edgd62e18247e9a4e9.08190939
inkeytarowetrust.ru/	1970-02-08 09:39:38	Name: 4ef07 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2OVwiOjE2NTg5NDYxMTl9LFwiY2FtcGFpZ25zXCI6e1wiMTU1XCI6MTY1ODk0NjExOX0sXCJ0aW1lXCI6MTY1ODk0NjExOX0ifQ.G9wmA9Pebn6lrPs7JwkRr4VpQQOcaFtr8moZqgwDjE4
1wmgfq.top/	1970-01-20 05:33:44	Name: sub_ids Value: sub1=2dit711edgd
1wmgfq.top/	1970-01-20 05:33:44	Name: visit_domain Value: 1wmgfq.top
.1wmgfq.top/	1970-01-20 13:34:42	Name: _hjSessionUser_2606090 Value: eyJpZCI6IjQzMTM2ZGZkLTRhZTYtNTI5YS1hYTNhLWE2YTEyZmY1Mzc2YyIsImNyZWF0ZWQiOjE2NTg5NDYxMjM2NjAsImV4aXN0aW5nIjpmYWxzZX0=
.1wmgfq.top/	1970-01-20 04:49:07	Name: _hjFirstSeen Value: 1
1wmgfq.top/	1970-01-20 04:49:06	Name: _hjIncludedInSessionSample Value: 0
.1wmgfq.top/	1970-01-20 04:49:07	Name: _hjSession_2606090 Value: eyJpZCI6Ijk3MDU2MTY5LTBjMDgtNGQ5NC05MzhjLWU2ZTVlZjgwOTlmOSIsImNyZWF0ZWQiOjE2NTg5NDYxMjM2NzgsImluU2FtcGxlIjpmYWxzZX0=
.1wmgfq.top/	1970-01-20 04:49:07	Name: _hjAbsoluteSessionInProgress Value: 0
1wmgfq.top/	1970-01-20 13:34:42	Name: 1w_lang Value: en
1wmgfq.top/	1969-12-31 23:59:59	Name: 1w_locale Value: 9
.1wmgfq.top/	1970-01-23 20:25:06	Name: amp_c644f1 Value: moYmpkXnTwgJf7pDeI45T_...1g90e9u47.1g90e9ut3.0.0.0
.1wmgfq.top/	1970-01-20 22:20:18	Name: _ga_0QLHZPHB9W Value: GS1.1.1658946124.1.0.1658946124.0
.1wmgfq.top/	1970-01-20 22:20:18	Name: _ga Value: GA1.2.444816002.1658946125
.1wmgfq.top/	1970-01-20 04:50:32	Name: _gid Value: GA1.2.538553734.1658946125
.1wmgfq.top/	1970-01-20 04:49:06	Name: _gat_gtag_UA_174162538_1 Value: 1
1wmgfq.top/	1969-12-31 23:59:59	Name: core-sticky Value: http://10.233.95.136:80

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1wmgfq.top
api.lab.amplitude.com
balancer-cloud.livetex.ru
cdn-1win.xyz
cdn.amplitude.com
cs15.livetex.ru
inkeytarowetrust.ru
io4-production-2-ltx227.livetex.ru
kasino-fortuna-official.fun
kasino-fortuna-official.top
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
vnds-production-2-i4.livetex.ru
wapi-02.livetex.ru
widgets-2-omni-iframe.livetex.me
widgets-2-omni-iframe.livetex.ru
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
io4-production-2-ltx227.livetex.ru
vnds-production-2-i4.livetex.ru
13.32.23.71
143.204.215.102
143.204.215.118
151.101.194.132
162.55.137.158
185.39.80.168
185.39.80.40
185.39.80.58
190.115.19.43
2001:4860:4802:32::36
2606:4700:20::ac43:4a03
2606:4700:20::ac43:4ae2
2a00:1450:4001:80b::2003
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:827::2004
2a00:1450:400c:c07::9d
45.82.68.15
65.9.66.123
0171050720312a69e45d34b83fb51e8652d0576630f21c6e4c8ed3d8e9b991a6
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
0316eaf7f780bba871772a47fc0df43a1a06d30901532d1cc4a1dd14c7c70027
04c9defda1aa69f6bd5d6035389b796366886d3e00d64042e71ed22b713336b1
062e846f4bce055e041d039dad659e444f45e878f48efd041199668d761f76dd
07b7171fa7afc1c2bdb4d126338177285b093c804ecbfe43b63221ba274a8a8a
0a80e828d38a3bcd538602c347de067809481044d7857046104c5ad4d1d1813f
0f8d8feee0fa74383292acd2431c7dae4701c73bd57a351303d26777b0454193
11628576aa0c8af216a2a18bd48baef78a9dff831ac706699313abbbcfbd0506
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
129f6e839a326af49d3d581f2761a1f3c64f97a7e7df73b515ccb7e84f37bf2f
14739702bcfcb5c7289b20bce40141cbe5a043c2701afb7a27de45db545e8caf
17f96708490bd58b158534e69187bfb0cb88e6eb893e938960b22c0b9b339371
1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8
3053e023ba0970ba7113a3250b7051d80fd2cb83efc3c77fba29e6b04fc4c0ce
364313c95a97e2d61942149a9dd9c42062bb4e0da86de9bd22b8cdc16c30dbed
3702711cd5dab90eb3aa05778ed6c306c69635e453dcf8943c0a9e43ea128bc4
3722253fb4fab29863fa47d7704180054900570a2626357da88317958373402d
3867184d1617efc5911f9d46b268efff4d1f063f4beae01d7161c712ab5018ec
3d2c759213949af96fbdcd756a5146f64a9acadf9625bd7a9feb04bb4517b4f9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49073903870a8bb345c24e632270bc480dde66725f0af85c66df5cb7269c4214
4efe789040a8fa9e9aa637066ae2e832957643babfec5e6d0f68ffd7d25ff081
53542b86398858a65542d11a5bdec1e484949ffdd6eabfa310457e5b3f4b850f
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
5abc5ca16eb2e09b6e30a07848c64ed7dcd0eac9f1e4ed4c89c59e69bef28928
5b671efb339239f8419779f87e9cbfb3ec54f8dff68a8414a0fc40c2118c40c6
67946a9c34f7ef6c17d6995126859f693051318ffb6456743bd588f7996c9fa1
67aed5265518d9c08683b2347cf0d80ad1db2859145bdef45147938d6b76058a
67efea367418257aaa5cd14e446ef9b6d48231fef881ac1a5b9f39732911e918
6838916d248be0ee80b146d9f2d8a30a02035729d498e0fff1351000d94e9259
6ab845160f8db0e8ec51d76896f5aa704c32d1a6ed30a7469bea3e10ce9786a9
6e30c51430842f40c5da930754c5e1e1f61bc5117cae2fe2b346ba59c45941a9
70fabdfb780aee006e3f8c2b1789aaa59b52f3d1de5baa44a0a0c07d6ebec8aa
759315d5ae8c31136d2a7bc803e591554894987559325cdf7e0b5965bec0eaca
7d5d5edbb0edaf06db54c346c92475a4893e73d4567db1fd53c738ba67d62ab2
808b081a02692a095fcee8563dec3bcfc5262f4ee6ba1039dbd1a6188c73a2c3
8492b63b2d1147503ddb11a27f119e5287c5ae6f02f37e51ad6ae769af970658
853e169d5067b9d760668a95e2079ecd83c21bf54ce5c19c7d27b4d715bd003e
85f84932578e80246ce2184e232ea31e3e1aee7f687dc1624084ee39635dd10f
8a80c329e6197f42a7754fe970fcccb956385c8e91515593409fd200df1fe099
95153539d8161d8b2e007095b96934f9213296ef1441c528f07c9c3a6912bddb
9979d39669d123fc393fa8837b3a00848f76d058e9828c0bab9060b4ec760de4
9b9c37f456ccfde6bc0bf2483e1c29f677d950b9368199e8a80be1e1e28bf17d
9d4050ea709bb28a0f3a6b01528958bdb8e9375aa2fdcc3e111821531125a7fb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2ca423a27a6f2207020a865ab0ec31ab6ee756481e8cb712bd9d21e0285048a
a437f596b41c53cf457611b67bb3b8ba114be2ea6a848d067b87ce9183006a4b
a641ca550feaba10b7f24ee2d1a7d9b49a27fdf3999b5f2cec882f288e979a2c
b372a998a4726d790cb1aa76201a66a72339f37fef2335a4e196ce551420e2fd
b4b0814ddb7d026f97299e4455c0016622ae4ee9efaa4d8c5640643265de9417
b9a0257d638a43359c9803657f5805e87588f4f9918a2b8df694f55ad032eec4
bba116b962c3db8776c04ffe6caec6759247a2363faf7955b37a2a251db71979
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c02737c1f46fd97a5042fc8e4f9b7d5992a9548cad4d27a8a45c078d181c0a8e
c102e4a5bee2f4e028bb8df0f3758091abab7ffbfb1d2e8f3299a03803da046f
c66120c6f15bf10cf2861796970eb3238ee49e4416b10b06b251ea7c0985262b
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489
d06d5d3e2db3e97bba3800f8ec3cf27c58aa56fff63b83edb8d40d96f57ddf70
d3572b8276133f6bf73a90f10bac43628dced224501868fb48143112bd61055f
d933cea4bac3449e789974039ff6839d3551900a0c3ddc5a61deda98d2eeb6ee
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d2e447997a58043ecdc6e4534ebd9cb98f0576bfee7b82a4d8d2e357968d62
eb90dc9fa1cc7f148c99ec84a6a8d4b959b5a13a241105895cd4b0a9c45c3cdb
eba6af8af136759e1eb402fe2a91208178f379e13829a68ffbd267ebcbffd426
eea54a25d415f4abf48a1e89d7a6d9211b65986bb081de9ad324dcbb103db9b8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdc0e9caf5e1b3f650e8ecd022ecd000bb070e1b0cf359eeb228603c325384b
f2a1b8d81d0c8cb8f69b1ce1f3ad8ee2a795f5d9befa267b9fd54892c76c91b5
fe0d62d42feb82bd1747e5f9550eb886025a16eaff376f74993bd0d6686e26c8

1wmgfq.top Open in urlscan Pro 190.115.19.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

95 %HTTPS

42 %IPv6

14 Domains

23 Subdomains

18 IPs

6 Countries

3119 kBTransfer

9467 kBSize

18 Cookies

3 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

1wmgfq.top Open in urlscan Pro
190.115.19.43 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

95 %
HTTPS

42 %
IPv6

14
Domains

23
Subdomains

18
IPs

6
Countries

3119 kB
Transfer

9467 kB
Size

18
Cookies

76 HTTP transactions
3 data transactions