1weiyw.top Open in urlscan Pro
190.115.24.78 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://refpaadrbxof.top/
Effective URL:
https://1weiyw.top/?open=register&sub2=2899
Submission Tags: phish.gg anti.fish automated Search All
Submission: On August 19 via api (August 19th 2023, 10:11:47 am UTC) from DE — Scanned from DE

Summary HTTP 73 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 13 domains to perform 73 HTTP transactions. The main IP is 190.115.24.78, located in Belize City, Belize and belongs to DDOS-GUARD CORP., BZ. The main domain is 1weiyw.top.
TLS certificate: Issued by R3 on August 1st 2023. Valid for: 3 months.

This is the only time 1weiyw.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::ac43:c0d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	190.115.24.78 190.115.24.78	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
35	2606:4700:e2:... 2606:4700:e2::ac40:8717	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
6 12	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	18.66.248.117 18.66.248.117	16509 (AMAZON-02) (AMAZON-02)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	18.173.233.11 18.173.233.11	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	52.13.180.254 52.13.180.254	16509 (AMAZON-02) (AMAZON-02)
73	13

1 2606:4700:3037::ac43:c0d2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

refpaadrbxof.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 190.115.24.78 (Belize City, Belize) 1 redirects

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: ddos-guard.net

1wqqws.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1weiyw.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2606:4700:e2::ac40:8717 (United States)

ASN13335 (CLOUDFLARENET, US)

1win-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.166 (Grosse Pointe, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

12688802.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
12572451.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-117.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.233.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-11.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.13.180.254 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-13-180-254.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	1win-cdn.com 1win-cdn.com — Cisco Umbrella Rank: 312413	729 KB
12	doubleclick.net 6 redirects 12688802.fls.doubleclick.net — Cisco Umbrella Rank: 371580 12572451.fls.doubleclick.net — Cisco Umbrella Rank: 369349	5 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 10691	2 KB
6	google.de adservice.google.de — Cisco Umbrella Rank: 11469	1 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 126	3 KB
6	1weiyw.top 1weiyw.top	128 KB
4	amplitude.com api.lab.amplitude.com — Cisco Umbrella Rank: 4846 api2.amplitude.com — Cisco Umbrella Rank: 1637	417 B
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3768	75 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 991 script.hotjar.com — Cisco Umbrella Rank: 1166	59 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	161 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2102	250 B
1	1wqqws.top 1 redirects 1wqqws.top	120 B
1	refpaadrbxof.top 1 redirects refpaadrbxof.top	688 B
73	13

	Domain	Requested by
35	1win-cdn.com	1weiyw.top 1win-cdn.com
7	mc.yandex.com	3 redirects 1weiyw.top
6	adservice.google.de	adservice.google.com
6	adservice.google.com	12688802.fls.doubleclick.net 12572451.fls.doubleclick.net
6	12572451.fls.doubleclick.net	3 redirects www.googletagmanager.com
6	12688802.fls.doubleclick.net	3 redirects www.googletagmanager.com
6	1weiyw.top	1weiyw.top 1win-cdn.com
3	mc.yandex.ru	2 redirects 1weiyw.top
2	api2.amplitude.com	1win-cdn.com
2	www.googletagmanager.com	1weiyw.top www.googletagmanager.com
2	api.lab.amplitude.com	1win-cdn.com
1	region1.google-analytics.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	1weiyw.top
1	1wqqws.top	1 redirects
1	refpaadrbxof.top	1 redirects
73	16

This site contains no links.

Subject Issuer	Validity	Valid
1weiyw.top R3	`2023-08-01` - `2023-10-30`	3 months	crt.sh
1win-cdn.com GTS CA 1P5	`2023-08-06` - `2023-11-04`	3 months	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-25` - `2024-03-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-14`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://1weiyw.top/?open=register&sub2=2899
Frame ID: A9638A20C8FD325C30E2CD24660C9E58
Requests: 54 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=COmny_m96IADFVWqmgodoAwBbA;src=12688802;type=actio0;cat=allpa0;ord=1;num=5943000920470;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26
Frame ID: C425FA129B9776192302F30DC5A76A54
Requests: 1 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CISLzPm96IADFT_YOwId4VkItQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4049231612418.5933
Frame ID: 5162DC1F2A81402C41D8CD9C2E05C5BF
Requests: 1 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=CLGry_m96IADFazKOwIdLQEOSg;src=12688802;type=actio0;cat=allpa0;ord=1;num=3881691395018;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26
Frame ID: 5EB04993FCB40D7EACB04060F678617E
Requests: 1 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CNaMzPm96IADFcKomgodn9IIAQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7149948549502.787
Frame ID: BD936BC479D659D74CCCC3F2ADF0B72D
Requests: 1 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=CJqry_m96IADFYGumgodtJEO_w;src=12688802;type=actio0;cat=allpa0;ord=1;num=2282187520879;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2Fbets%2Fhome%3Fopen%3Dregister
Frame ID: A6E97FE5B85D3CFDDD9D896E0A65F2FA
Requests: 1 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CLmPzPm96IADFcLdOwId3Z4IZg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1978524294212.4204
Frame ID: 513E4772F8C018484357C04F8308AF32
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COmny_m96IADFVWqmgodoAwBbA;src=12688802;type=actio0;cat=allpa0;ord=1;num=5943000920470;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26
Frame ID: 42710F01AD49490C560ABC8D4F27BDD1
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLGry_m96IADFazKOwIdLQEOSg;src=12688802;type=actio0;cat=allpa0;ord=1;num=3881691395018;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26
Frame ID: 6E5AF440F6FF29983CD12B01BA16829B
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJqry_m96IADFYGumgodtJEO_w;src=12688802;type=actio0;cat=allpa0;ord=1;num=2282187520879;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2Fbets%2Fhome%3Fopen%3Dregister
Frame ID: 82C0AD24558C15CD6CDF1A64129BCBFA
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNaMzPm96IADFcKomgodn9IIAQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7149948549502.787;~oref=https://1weiyw.top/
Frame ID: FBBD4010EBA9F915CD55685CED2ABFD3
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COmny_m96IADFVWqmgodoAwBbA;src=12688802;type=actio0;cat=allpa0;ord=1;num=5943000920470;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26
Frame ID: 80EADC6BF5F16B9E41F41088E1417561
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CLGry_m96IADFazKOwIdLQEOSg;src=12688802;type=actio0;cat=allpa0;ord=1;num=3881691395018;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26
Frame ID: 5755C9A10C7321F8A25AF90E067C4592
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJqry_m96IADFYGumgodtJEO_w;src=12688802;type=actio0;cat=allpa0;ord=1;num=2282187520879;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2Fbets%2Fhome%3Fopen%3Dregister
Frame ID: 3953FAADAC388481D1CCAB2FFCB5D5C7
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CNaMzPm96IADFcKomgodn9IIAQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7149948549502.787;~oref=https://1weiyw.top/
Frame ID: DFB6FD44804E3E1E697B5EB2AFA0DC71
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CISLzPm96IADFT_YOwId4VkItQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4049231612418.5933;~oref=https://1weiyw.top/
Frame ID: C7CC42B1AE3F0ED5EAF1C2CADD515AA3
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLmPzPm96IADFcLdOwId3Z4IZg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1978524294212.4204;~oref=https://1weiyw.top/
Frame ID: F93CA0AFC31D4B2BF11B8D6B5997676B
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CISLzPm96IADFT_YOwId4VkItQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4049231612418.5933;~oref=https://1weiyw.top/
Frame ID: FD4B502EF518D73B7DB6E819F611E93F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CLmPzPm96IADFcLdOwId3Z4IZg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1978524294212.4204;~oref=https://1weiyw.top/
Frame ID: 33D630C5256B5DB6B5483A1AE0D11783
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1win

Page URL History Show full URLs

http://refpaadrbxof.top/ HTTP 303
https://1wqqws.top/?open=register&sub2=2899 HTTP 301
https://1weiyw.top/?open=register&sub2=2899 Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

73
Requests

96 %
HTTPS

54 %
IPv6

13
Domains

16
Subdomains

13
IPs

4
Countries

1159 kB
Transfer

3626 kB
Size

29
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://refpaadrbxof.top/ HTTP 303
https://1wqqws.top/?open=register&sub2=2899 HTTP 301
https://1weiyw.top/?open=register&sub2=2899 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=5943000920470;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26 HTTP 302
https://12688802.fls.doubleclick.net/activityi;dc_pre=COmny_m96IADFVWqmgodoAwBbA;src=12688802;type=actio0;cat=allpa0;ord=1;num=5943000920470;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26

Request Chain 39

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4049231612418.5933 HTTP 302
https://12572451.fls.doubleclick.net/activityi;dc_pre=CISLzPm96IADFT_YOwId4VkItQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4049231612418.5933

Request Chain 43

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=3881691395018;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26 HTTP 302
https://12688802.fls.doubleclick.net/activityi;dc_pre=CLGry_m96IADFazKOwIdLQEOSg;src=12688802;type=actio0;cat=allpa0;ord=1;num=3881691395018;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26

Request Chain 44

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7149948549502.787 HTTP 302
https://12572451.fls.doubleclick.net/activityi;dc_pre=CNaMzPm96IADFcKomgodn9IIAQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7149948549502.787

Request Chain 45

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=2282187520879;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2Fbets%2Fhome%3Fopen%3Dregister HTTP 302
https://12688802.fls.doubleclick.net/activityi;dc_pre=CJqry_m96IADFYGumgodtJEO_w;src=12688802;type=actio0;cat=allpa0;ord=1;num=2282187520879;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2Fbets%2Fhome%3Fopen%3Dregister

Request Chain 46

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1978524294212.4204 HTTP 302
https://12572451.fls.doubleclick.net/activityi;dc_pre=CLmPzPm96IADFcLdOwId3Z4IZg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1978524294212.4204

Request Chain 63

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10100.LExh5lYoXGNB0cPVNLuLfnD7bi07hBs-aOm0hP40ARj7ijJF9a7IOiCrpP00Juts.9XjuiDjBhT_TiXFHGERRezy_zxs%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10100.dIm0UvCffcVpNeWrIuzQfaoyNu3DrsF4L9yX0X04afBUdDhGELaosLsJ1v9qyakGKulLmrakWS2pXiNXg7SfJwk24FrYUb0NDs0RiUtVxmo%2C.VHD8wGALbdwWh3pQoKYuguDQvDw%2C

Request Chain 69

https://mc.yandex.com/watch/92006234?wmode=7&page-url=https%3A%2F%2F1weiyw.top%2Fbets%2Fhome%3Fopen%3Dregister&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A4711%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A1539843185756%3Ahid%3A705922621%3Az%3A120%3Ai%3A20230819121142%3Aet%3A1692439903%3Ac%3A1%3Arn%3A636358273%3Arqn%3A1%3Au%3A1692439903191815928%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A425%2C47%2C3153%2C39%2C961%2C0%2C%2C39%2C0%2C%2C%2C%2C4772%3Aco%3A0%3Acpf%3A1%3Ans%3A1692439897521%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1692439903%3At%3A1win&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1weiyw.top%2Fbets%2Fhome%3Fopen%3Dregister&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A4711%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A1539843185756%3Ahid%3A705922621%3Az%3A120%3Ai%3A20230819121142%3Aet%3A1692439903%3Ac%3A1%3Arn%3A636358273%3Arqn%3A1%3Au%3A1692439903191815928%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A425%2C47%2C3153%2C39%2C961%2C0%2C%2C39%2C0%2C%2C%2C%2C4772%3Aco%3A0%3Acpf%3A1%3Ans%3A1692439897521%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1692439903%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1

Request Chain 70

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10100.JBSgXitnotwFPu5PLun51B5HUV5bpvWJ8lBeCzzoxPvFP38fiP7llmiXZ5FBdzyc.VBvH63IHZvvRppY6DZDNEa5QiEA%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10100.FZojjDHz2uDKCJy79JaZt0c71k402p4VlJAb1_NaUc9o3WAlhqldHaqDsFQuGm2gQRsw3Gx-Y2huAaREY3ob0a9D1vuERZCq9CMvleFgVjw%2C.aSVmsEq2V904x-kq6GXKxAkURVo%2C

73 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
1weiyw.top/
Redirect Chain

http://refpaadrbxof.top/
https://1wqqws.top/?open=register&sub2=2899
https://1weiyw.top/?open=register&sub2=2899

319 KB
106 KB

3625ms
3153ms

Document
text/html

190.115.24.78
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1weiyw.top/?open=register&sub2=2899

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.24.78 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

ddos-guard.net

Software

openresty/1.19.9.1 /

Resource Hash

7b303ea7df100db60bb773fc70b3b3bb63b8299dd340f60a19be51ca3840b34f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 19 Aug 2023 10:11:39 GMT
server: openresty/1.19.9.1
x-frame-options: DENY
x-match-domain: 1weiyw.top
x-request-id: v6toYfztJupTn4wz

Redirect headers

content-length: 175
content-type: text/html
date: Sat, 19 Aug 2023 10:11:38 GMT
location: https://1weiyw.top/?open=register&sub2=2899
server: openresty/1.19.9.1
x-frame-options: DENY

GET
H2 200 SFNSDisplay-latin.50a4eaff3.woff2
1win-cdn.com/font/ 32 KB
33 KB 43ms
15ms Font
application/octet-stream 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/font/SFNSDisplay-latin.50a4eaff3.woff2
Requested by: Host: 1weiyw.top
URL: https://1weiyw.top/?open=register&sub2=2899
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68

Request headers

Referer: https://1weiyw.top/
Origin: https://1weiyw.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9520
alt-svc: h3=":443"; ma=86400
content-length: 33064
last-modified: Fri, 18 Aug 2023 11:16:04 GMT
server: cloudflare
etag: "64df52f4-8128"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5uCI7ELY1aNNjnbnewgL%2BAODLpd9EdmqLgd2DuxmEJBDMUPf1v%2B7jgqYUJgwc3H5RkhaFyHep9eFCsWvm3BfjCM5qrtlR%2F4dxkJ1pDsRnPezwkbaBmu9F0zIFI82SMD0vtpf5z8YhocnMdU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7f919d2cce521c42-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFNSText-latin.f09aa5229.woff2
1win-cdn.com/font/ 42 KB
43 KB 46ms
18ms Font
application/octet-stream 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/font/SFNSText-latin.f09aa5229.woff2
Requested by: Host: 1weiyw.top
URL: https://1weiyw.top/?open=register&sub2=2899
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6

Request headers

Referer: https://1weiyw.top/
Origin: https://1weiyw.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9520
alt-svc: h3=":443"; ma=86400
content-length: 43512
last-modified: Fri, 18 Aug 2023 11:16:04 GMT
server: cloudflare
etag: "64df52f4-a9f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4er%2BI8EDr%2F8rzyqQdR1h2o%2BRT%2FL4uHqxzTnG%2FGPRX5QqWReJ1HNsLG49ayhYExyVbMGfL%2BGJlEkj%2BlziMTY8%2FxIvUE98FIwJGMtw8n%2BydUbhqb%2BtuXdPnIMoj5IGZUfDOP7N3Lmtm85NGdg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7f919d2cce541c42-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.d311fc4b4.js Show response
1win-cdn.com/js/ 110 KB
29 KB 40ms
19ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/desktop.d311fc4b4.js
Requested by: Host: 1weiyw.top
URL: https://1weiyw.top/?open=register&sub2=2899
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68a4d160d8c135959d5b6265c9131566585cfe3c7e1763a016204629d7b9e218

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86684
cf-polished: origSize=113072
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Aug 2023 09:56:03 GMT
server: cloudflare
etag: W/"64df4033-1b9b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mem7JTilSEjT9%2Bxyx%2BZzrieDUNgbmWmoHCH9M%2BTIdiulKOoOnxHNJ%2Fdm%2BrakfVzR5N6SSX8HsANnnM88cqPDYX%2FrH%2BK88mEtOw6bkzfJeZzXf%2FEERskFLs6RUwNk6O6SWY%2BoFzmO6iqlq5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2ccc62bba3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.c5cd72e9d.css
1win-cdn.com/css/ 68 KB
14 KB 38ms
18ms Stylesheet
text/css 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/desktop.c5cd72e9d.css
Requested by: Host: 1weiyw.top
URL: https://1weiyw.top/?open=register&sub2=2899
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1df41ee0b64399dffa0f3e5ef5259ec3dbba78273e7129c6577dfdcedc5116cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 775201
cf-polished: origSize=69575
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 10 Aug 2023 10:37:14 GMT
server: cloudflare
etag: W/"64d4bdda-10fc7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmXTcYtpxUf5Gooq0W%2FysP3SyKODY54ZE2bc5u0YX9IvNmFqHAyhwdKtLO9ag22woy7RWVN7IOVj5lKLFH%2FmuHghblx48Zi3Xd59qfKyVnfbBQ4AqvgURi2lySbc322aUnJ3WTCjC1DgkPw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2ccc5fbba3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chunk-vendors.b8c11a4d0.js Show response
1win-cdn.com/js/ 446 KB
143 KB 47ms
27ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/chunk-vendors.b8c11a4d0.js
Requested by: Host: 1weiyw.top
URL: https://1weiyw.top/?open=register&sub2=2899
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a20c91d7dd39dc68265222f1b5b5c2eae1f95f37e677f46f398685b715c9bb3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82122
cf-polished: origSize=456923
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Aug 2023 11:16:04 GMT
server: cloudflare
etag: W/"64df52f4-6f8db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7UxCLRR7gQ1zX6aNBi85PuMnfMVv2a7D%2Bm9qCaTre4QztBu%2BL4G7fH%2BRgX2PDFjnTDtIKIHu3tszM5IVDyesFbYKmo8OAWkDgC00fVMQBKTaLjid8%2FqaFoawvhuAEa651eF3X4BIS4Myug%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2ccc63bba3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chunk-common.fc41f332f.js Show response
1win-cdn.com/js/ 21 KB
6 KB 36ms
16ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/chunk-common.fc41f332f.js
Requested by: Host: 1weiyw.top
URL: https://1weiyw.top/?open=register&sub2=2899
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10993dbb9f581ed96fea12e37345b478a8d11c5779eaddcebfe0fb07641ac31b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1468173
cf-polished: origSize=21401
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 02 Aug 2023 09:49:47 GMT
server: cloudflare
etag: W/"64ca26bb-5399"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDAfU4ynblZ%2FEQaurU%2B35R9qPZzecI54YWRhTgT7Xp1tk%2FTYoUmFB7HYHbwa4OtD5DLcdGssTJO8ghiuOXaGq3EgV70589zty0uw7jfpYqPI5RAlpOToAX64IHoC6vnTrhCvt946r26WC1U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2ccc65bba3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.72333ebd8.js Show response
1win-cdn.com/js/ 79 KB
31 KB 21ms
17ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/index.72333ebd8.js
Requested by: Host: 1weiyw.top
URL: https://1weiyw.top/?open=register&sub2=2899
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 012c3aab8922aef4eab34b5a9233be50c4e4970f3305a7b03ca00b2b59be0e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82122
cf-polished: origSize=81284
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Aug 2023 11:16:04 GMT
server: cloudflare
etag: W/"64df52f4-13d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5IXdhL%2FQiAN4210Y2keXYCvzzWf54Fk94Pc5VTfMk796Na1lSRQJCzGW87If6loTfDkmEiI2Tx37WNgoqMMxDtMQcXKEQd4uRPhMtRK1p9s0w3%2ByMR0%2BXUXb4SKTQEpU84Nuon7BYc8A374%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2cec90bba3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1win-normal.svg
1weiyw.top/img/logo/main/ 5 KB
2 KB 31ms
31ms Image
image/svg+xml 190.115.24.78
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1weiyw.top/img/logo/main/1win-normal.svg
Requested by: Host: 1weiyw.top
URL: https://1weiyw.top/?open=register&sub2=2899
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.115.24.78 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: openresty/1.19.9.1 /
Resource Hash: a5cb3d03f299b837679eaa793491a03acc5fc1afdbc7f207b7566646f3bd2ecb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/?open=register&sub2=2899
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 11:16:05 GMT
server: openresty/1.19.9.1
etag: W/"64df52f5-1221"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 affiliate:link_visit Show response
1weiyw.top/ 15 B
425 B 35ms
34ms Fetch
application/json 190.115.24.78
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1weiyw.top/affiliate:link_visit?partner_key=79i6&sub_ids=sub2%3D2899

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/chunk-vendors.b8c11a4d0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.24.78 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

ddos-guard.net

Software

openresty/1.19.9.1 / Express

Resource Hash

a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/?open=register&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
server: openresty/1.19.9.1
etag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
x-powered-by: Express
access-control-max-age: 7200
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: undefined
access-control-expose-headers: Authorization
x-frame-options: DENY
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 15

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 icons-common.60a632eea.js Show response
1win-cdn.com/js/ 217 KB
57 KB 24ms
24ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/icons-common.60a632eea.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914d10e22c1c806a4f8a3d20bc6ba0ae0a24f59c2c97127fe569451b52bb9977

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 343858
cf-polished: origSize=222202
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 15 Aug 2023 10:35:54 GMT
server: cloudflare
etag: W/"64db550a-363fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3oZX8l4eSCs7kf9QtbB4bL2jj7yNgAQ%2FDQXArh3uRCT6h4desPaXBEN8DJVKGpZDOEAG%2F3cxGj%2F95IV0PQEWukTdoeSdjso2%2FPejPUKc05ykwpdr6DJbG4D9lTMJHEQlB7Aw%2FysqD4GPvg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2d4e621e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 98937.011b3251e.js Show response
1win-cdn.com/js/ 28 KB
10 KB 31ms
31ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/98937.011b3251e.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a550ce3a870078ff16c823c7d9d84312f32a545a41619f9c01aff6ce5a5ae03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 343858
cf-polished: origSize=28227
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 15 Aug 2023 10:35:54 GMT
server: cloudflare
etag: W/"64db550a-6e43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BJx44rjVX%2FqCJxB%2F8YwnJ6cFY%2FRn2zKFEQaeHogjDL5DGF%2F1UNPk%2Fqaocfy8dehFyWMXgqeYwkevEt6Mg%2F2F4ZRYqujxH%2Fln06iktmGJ5gCiWy9D073SVdMXZxOutxp0eXYBi%2F16B3gTt8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2d4e641e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 67342.7a5c4c91a.js Show response
1win-cdn.com/js/ 51 KB
12 KB 16ms
16ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/67342.7a5c4c91a.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f42a718f05f8c221dcb658daad070a200835959e06ebf59c12a7f0247b9705ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86683
cf-polished: origSize=52592
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Aug 2023 09:56:04 GMT
server: cloudflare
etag: W/"64df4034-cd70"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VpbbpQQcFEw42L8UXV%2Bl928qwGk7JvNYqcgWm0xNfiBvajE6FCz98keCydpZDl3Ht3wAEvTmTDyewvwhIxxEC65QDG%2B4P8EpD2UKpKl53VFhcPWtfwDKnzIz3d%2B4YPj9A85OO2J6rM3MaM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2d4e671e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 76658.5f3db1a27.js Show response
1win-cdn.com/js/ 6 KB
3 KB 31ms
31ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/76658.5f3db1a27.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ee83b21be95ed60228137d9a51726d3d52c0b5bea95a0c053f1eb2df7622490

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2146315
cf-polished: origSize=6024
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 25 Jul 2023 13:47:16 GMT
server: cloudflare
etag: W/"64bfd264-1788"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ug%2FM2dcg8AXxu5HWgB5Ib0Lvb9na4t5%2FI%2BKX%2B0XoKUt%2BxZWbOgmai9uEM4V4e7Zfy%2FLpwkmBul2NAcsL52e0ZRW3W0zD%2BDlkQ9OnCYgBcDqjiSjzByYwOu6zvMRbDN2BXYOSWoMcvgpNWCs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2d4e691e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 94336.dcc4342b2.css
1win-cdn.com/css/ 19 KB
5 KB 34ms
34ms Stylesheet
text/css 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/94336.dcc4342b2.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89231e3e46eda90ab1341590b389b2f1c49d01d43c1e96c91fd4bb14b851b506

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 343858
cf-polished: origSize=18986
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 15 Aug 2023 10:35:54 GMT
server: cloudflare
etag: W/"64db550a-4a2a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qg6s9WrbHLKqpqVZmyPSlExWC23IBPX8IsYNuq6%2FfcBT924f%2BXlrNGuKR6crlAyHplVFodFKVr2Dlum%2BBbKB7k3L9l2ID%2BGJCl1IDw81M3Q1UsTIZUH%2FSOfas3a%2FverpYrH5FzCG2GvcXrU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2d5e6c1e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 94336.11672c257.js Show response
1win-cdn.com/js/ 631 KB
176 KB 34ms
34ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/94336.11672c257.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ceff4ea7a4395690e7689a81b4951a2863ac1d1cb3d0e8c67a6603ac520e1a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82120
cf-polished: origSize=646336
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Aug 2023 11:16:04 GMT
server: cloudflare
etag: W/"64df52f4-9dcc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VphFt02%2F%2B%2FXJbzdpwXvYrGDVfSx5DkeS58TshvL97QINCH8M6%2Fq7muH1VuYZwqqaTXzACsl81mO54aRAYrlpNBUqDRUNwjo3J49p%2F0I0W8FdfZu65nxwyQmV140Nq1Xoq%2B76PdbkMuzvTJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2d5e6e1e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 217ms
176ms Preflight 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://1weiyw.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://1weiyw.top
access-control-max-age: 1800
cache-control: no-store
date: Sat, 19 Aug 2023 10:11:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-amzn-trace-id: Root=1-64e0955e-4d1237407e8f44b76b44598b
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230128-FRA
x-timer: S1692439902.480327,VS0,VE169

GET
H2 200 firebase-app.js Show response
1weiyw.top/firebase/8.1.1/ 19 KB
7 KB 23ms
22ms Script
application/javascript 190.115.24.78
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1weiyw.top/firebase/8.1.1/firebase-app.js

Requested by

Host: 1weiyw.top
URL: https://1weiyw.top/?open=register&sub2=2899

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.24.78 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

ddos-guard.net

Software

openresty/1.19.9.1 /

Resource Hash

01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/?open=register&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 11:16:05 GMT
server: openresty/1.19.9.1
etag: W/"64df52f5-4ded"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 286 KB
83 KB 54ms
31ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Requested by

Host: 1weiyw.top
URL: https://1weiyw.top/?open=register&sub2=2899

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

528c271b9bf694b79836f9b97249211e0a6e80e055ac436a92cf67330a1f12e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84694
x-xss-protection: 0
last-modified: Sat, 19 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 19 Aug 2023 10:11:42 GMT

GET
H3 200 38965.2ac71fb8e.js Show response
1win-cdn.com/js/ 730 B
1011 B 14ms
13ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/38965.2ac71fb8e.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 360fb4ea61ac694e0b25aba5fab3dfea8aa5fffc929c4da4e6c5591135af2b3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81954
cf-polished: origSize=774
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Aug 2023 11:16:04 GMT
server: cloudflare
etag: W/"64df52f4-306"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6%2FY%2BCwbwgnvHRcPLGNABfqHiFzZAq0JR0pw4YImGcf24bqGQEl8E3SvqtPE%2FCdQL9u%2FDWMHpU1X9%2BqKRWg1ZXE8mZVdVwRu%2BLO9D%2BqOthrOPdMkEY5QCgSDG%2BgJP8Dx3dvJqxhq%2BYUlFN0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2e3fa91e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 2 B
131 B 206ms
206ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/94336.11672c257.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1weiyw.top/
accept-language: de-DE,de;q=0.9
Authorization: Api-Key client-Ss5BFx7UDrTj948TJHfc5ZUoTW67EjvZ
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjEiLCJkZXZpY2VfaWQiOiJjOGQ4NzU2My02YzkzLTQwMTktOGEyZC04OTgxNTMxZTllZDkiLCJ1c2VyX3Byb3BlcnRpZXMiOnt9fQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 0
x-cache: MISS
content-length: 2
x-served-by: cache-fra-eddf8230128-FRA
x-timer: S1692439903.656955,VS0,VE200
x-amzn-trace-id: Root=1-64e0955e-027ee6936494b5bb7572dc12
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://1weiyw.top
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 6759.74d7d3ee6.css
1win-cdn.com/css/ 20 KB
3 KB 14ms
13ms Stylesheet
text/css 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/6759.74d7d3ee6.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1452e31b2a3b0f0003a4fb3ccf10e452ccec959503b1d3a75a4de56ad977424b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2146233
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 25 Jul 2023 13:47:16 GMT
server: cloudflare
etag: W/"64bfd264-5121"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lW5SnrmnEsheZBspeQknsHiAfH79KHf3ialc27JL8nYWhMNZSAo3FqpmLWhcwBaUtPmTKsMgFO%2FyQ%2BdHI73%2FgPPgBNwqFELWAnUWKfz9FC2IPtZ2yLyBR%2Bvkw2nUSNrWtahxDFYnTNa4RQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2e6fe61e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 61845.ad5039314.js Show response
1win-cdn.com/js/ 10 KB
4 KB 14ms
14ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/61845.ad5039314.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02ed50337f3b42eb01b27b554f89fdda1d8cdb256602edf6f48cfc458b3eb59b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 343858
cf-polished: origSize=10457
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 15 Aug 2023 10:35:54 GMT
server: cloudflare
etag: W/"64db550a-28d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AxuxfG3%2FBRMT8bW7Omtb0otkVEbkTb32P4eDY0ZRkQ5TnPpA6r7Wl5IkPKiNjvV1vTA9HhOrcPJYVevkvKUnwpR8NN7PCavmiKtVRPpFnM1Dq8N2TnVfN9UsmIb7iToVQ%2FtjML7fhUGoXqY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2e7fe81e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 3859.c55978c42.js Show response
1win-cdn.com/js/ 12 KB
3 KB 16ms
15ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/3859.c55978c42.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b2d5e454cfbf809589a2d77f6dffb57681641d625b7bb71ca4edd4637797b80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1076803
cf-polished: origSize=12289
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 26 Jul 2023 09:18:43 GMT
server: cloudflare
etag: W/"64c0e4f3-3001"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PoRSjbiPp2zj7Xs3egwGxb%2F73yDLZAaRHDW%2FhPO%2FludVonG27kIRi%2FG8NC8McPQ6gAJGu%2BgCvJCHqNpXWH6cmcJjC8rmTyLQypmF3dC4Y9WULgZKFR5Bf52fS1afX5K5nNpH%2Bi4MOIJfXck%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2e7fea1e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 62895.ebe34c727.js Show response
1win-cdn.com/js/ 96 KB
17 KB 24ms
22ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/62895.ebe34c727.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39dbfdd9602bd806cd532aeb213229c53f1e3e739df5a042aab54a61286c3b62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 343857
cf-polished: origSize=97966
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 15 Aug 2023 10:35:54 GMT
server: cloudflare
etag: W/"64db550a-17eae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQis5GHI%2BRlrtR9gDd9ZXJgmO2bghJkFGfzmHyypwKgzgD7UjDrGXerVqf%2BuVuaPPGBZUD9vxZNvaG%2BNT6Q9s7nTc1YKFi3vCpzjZWobDtFQYn6gRYUlidpW6uPcNWXsELR76bYckJmIUqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2e7fec1e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 14450.56ed9fe0f.js Show response
1win-cdn.com/js/ 11 KB
4 KB 16ms
14ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/14450.56ed9fe0f.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dabee13f8b3125e98d0b088b3f4ff3ed80c1ed028b1db45bed0b9f1a4c81197a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 342025
cf-polished: origSize=10971
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 15 Aug 2023 11:02:20 GMT
server: cloudflare
etag: W/"64db5b3c-2adb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2Bl0U9%2FOhkKpWPctL0wcn68HtjgGol6QxrXgAejYBziLpd1eEUU7a68%2B9yK2FXAT8ElxK3FZ4dLTQW6rNDXhtiKo%2BoGGDvq4yq3NxiYQruAlPlTAD25ueCKXioPpf1ffVMOf5LM%2BNq0CBgY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2e7fee1e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2709.0da68fce8.js Show response
1win-cdn.com/js/ 9 KB
4 KB 21ms
20ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/2709.0da68fce8.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 909740114f94c7424e118f9642e1d79f6dc96adaf5d96aa0028fb5087c516fd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 343807
cf-polished: origSize=9533
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 15 Aug 2023 10:35:54 GMT
server: cloudflare
etag: W/"64db550a-253d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bwe4HU49b%2BrAmnBbXxNhKRLP5iQ3phkma1DvoHsbOYs4CqrkHhTEHmhRvMpo2f80vFhk3Roptp7mU1gtPmVyyOUVRbAUGO4dIYAdgvc0aUf6C3VJZLYtlagtKo6%2FN6cONgehb%2FjW5cXxPws%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2e7ff01e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 10580.64464e6f7.css
1win-cdn.com/css/ 57 KB
11 KB 19ms
18ms Stylesheet
text/css 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/10580.64464e6f7.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 618867fc13c15e8744650c168c285a4f8a4e919f6688348262c066083fe7f51f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 341973
cf-polished: origSize=58679
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 15 Aug 2023 11:02:19 GMT
server: cloudflare
etag: W/"64db5b3b-e537"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPdX8s6GdWw4Pxp9l9m0pFhP%2B4%2Fvdj1%2FF%2F63s0bPFeYzxgxjlONSpRZnVredvSuDbpkhxXBimZfRJBOh0SBi8YrIj2nNMi9Ni9j88G4ETACqbWD2A8EVqzsHaQ5VQ5RrJ3eK6FxUj9A1HsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2e7ff11e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 10580.c3c18860b.js Show response
1win-cdn.com/js/ 97 KB
26 KB 20ms
18ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/10580.c3c18860b.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ffc1331c364200db0b71d1fd6f6baf03a35f427951d95c3df5685bb4d2e330a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 341973
cf-polished: origSize=99506
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 15 Aug 2023 11:02:19 GMT
server: cloudflare
etag: W/"64db5b3b-184b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cn9eiqhU6651F%2FCjQkuJw0pGIVwjY2wSuvyLkX%2Bm1ZREexB53ug44JWiikP3DDJdlLtrdw0QYGHhzp6JkDhO3Otc34%2FDWzTl651WuE3i14BhwycpPHFX3OgNxh4VqCE8vohmo%2BltnI4fNM4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2e7ff31e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2835.a05a433f7.js Show response
1win-cdn.com/js/ 8 KB
3 KB 16ms
15ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/2835.a05a433f7.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca01e550ae44bb8b1c84355ce711aaf3b412b9ac2a2ab96d9f7554564e8d3ccc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86683
cf-polished: origSize=8313
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Aug 2023 09:56:04 GMT
server: cloudflare
etag: W/"64df4034-2079"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3P6iTbIienZSqvZFlvn2nhNx4YHG%2FGpebjDh3G9Dc9Vn75uNR8LrXfhBtyyKs21y1VwJffmaawQ888M0X9ng7CD7jZuHusZjaVEjR1v1fShm%2BEshzzhX29ER6neekMhGCKpHbDzq7j6DUIA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2e7ff41e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 86098.c9ae9a551.js Show response
1win-cdn.com/js/ 27 KB
9 KB 46ms
44ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/86098.c9ae9a551.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 871a697aae54ef05fa03e68eda159055c6437251469150ce3dc8ac0cc0832b66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86675
cf-polished: origSize=27664
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Aug 2023 09:56:04 GMT
server: cloudflare
etag: W/"64df4034-6c10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmWwZTMon3%2FOgiBdkuDme3H%2BUH%2F1ZALJ7y45mi%2FStG3095RdGCqDN%2FqNdKD5mt19VyJFM6lTNHzc88eREAkb0No%2Fav2U1LeRT3%2B4NB4W4Mz2m7b40uTSV72BJazKWYeQ%2BkD8%2Bzhf2jtlq1g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2e7ff51e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 39492.9a6de51fe.css
1win-cdn.com/css/ 8 KB
3 KB 18ms
16ms Stylesheet
text/css 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/39492.9a6de51fe.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2abe1b262de3e8212b87fb1a3065787ae66bef248170eb9cb185c999ccaf979e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86675
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Aug 2023 09:56:04 GMT
server: cloudflare
etag: W/"64df4034-209e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rff2ByrSfe67n7VFKa2VYpVSl4mCl21pe00CxYE9pphTBA0JqpXBHvnE1WoGdC%2BcWM0EcMKlJg7lL8iO8XJjS5Vc2663KCz0sWk2mwaldGnYJayZ9%2FojQmsW0Nnh7iHPBcXGo0TP5H4ukfY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2e7ff71e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 title Show response
1weiyw.top/common/ 29 B
247 B 27ms
26ms XHR
application/json 190.115.24.78
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1weiyw.top/common/title?path=bets&lang=de

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/chunk-vendors.b8c11a4d0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.24.78 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

ddos-guard.net

Software

openresty/1.19.9.1 /

Resource Hash

c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1weiyw.top/?open=register&
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
server: openresty/1.19.9.1
etag: "25-bM/5z02X/xOkKbh8eZCiJpcKcd0"
vary: Origin
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=300
content-length: 29

GET
H2 200 firebase-messaging.js Show response
1weiyw.top/firebase/8.1.1/ 40 KB
12 KB 22ms
21ms Script
application/javascript 190.115.24.78
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1weiyw.top/firebase/8.1.1/firebase-messaging.js

Requested by

Host: 1weiyw.top
URL: https://1weiyw.top/?open=register&sub2=2899

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.24.78 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

ddos-guard.net

Software

openresty/1.19.9.1 /

Resource Hash

58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/?open=register&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 11:16:05 GMT
server: openresty/1.19.9.1
etag: W/"64df52f5-9f25"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 54801.e813453b9.js Show response
1win-cdn.com/js/ 25 KB
9 KB 20ms
15ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/54801.e813453b9.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18d730cf82d58e5eed438a162d3c6250b8802ed015a76101499a166c65c2fb91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2146302
cf-polished: origSize=25522
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 25 Jul 2023 13:47:16 GMT
server: cloudflare
etag: W/"64bfd264-63b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cxM2lquN0b5h8dl5oPHBbj%2BG4Y8el4RP1401gk8UrcwLTBGpkN%2Fbip3Fi6o4VNA9wdvX22RvUEK9qv0%2B4NTFA%2Brm4pD29t5huZdvRWjvHAMa64JzDioPq2oSQ0bx2gMspwp4%2B7IH8UrlCE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2e98251e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 59279.914a0fecd.js Show response
1win-cdn.com/js/ 36 KB
12 KB 31ms
26ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/59279.914a0fecd.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f9952976963c3ec9f602857c63343b93c03427d348521657b1664af7d69e9a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 343807
cf-polished: origSize=37414
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 15 Aug 2023 10:35:54 GMT
server: cloudflare
etag: W/"64db550a-9226"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzc6mHtD%2BUTCtKjQ7nv%2FCbGXT%2F7bViOjuU1XvQu0D6moBoAzr60XstTJsHarrnpZ0dbThcUm3nF%2FQI%2FaUPsRDFIcVx248h7qZpBPWQIzq4SJ1E40if9yDoDyoSbdgjxVyLQMxspiiiRlWsE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2e98271e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 69713.5e892fefe.css
1win-cdn.com/css/ 27 KB
6 KB 19ms
13ms Stylesheet
text/css 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/69713.5e892fefe.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e550c09db78994bf63ada4848faf417070f1915ac58ef0771d0f1ab9000c98f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81954
cf-polished: origSize=28146
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Aug 2023 11:16:04 GMT
server: cloudflare
etag: W/"64df52f4-6df2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nl1UBfl02tGP22uBvn3zBEtr%2FnrYc46SUKqJI8GuKEMVDG%2FGG8qhtFp8LGKWEKSKKU5Jv81zeX0SmyVM7daHaLwPm3IitGOZAnzhJE0%2FRRGF4OjaUZFkPzULSxEtc5WVVKqlZK3nkgm%2BIQc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2e98291e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 69713.84297b126.js Show response
1win-cdn.com/js/ 39 KB
10 KB 20ms
15ms Script
application/javascript 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/69713.84297b126.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.72333ebd8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85d0ff58e376b7e2e69b40f45d1cb0edc96886a3705d2f90930f30bcc5176868

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81954
cf-polished: origSize=40354
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Aug 2023 11:16:04 GMT
server: cloudflare
etag: W/"64df52f4-9da2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=na%2FWuPX%2F1KWj%2BnL0d86Z6do5a7zAiL6VrIB5YjN%2FL5uumtAxT6t7nxV6tMnFdY%2Fho3XcA9JkpUeun9%2FCZAsJHsOp4XsRVVWEWX%2B7Cb%2F2%2FGIdmoQYfmb0hPEFKsZhSY44FMHK0TF6cwU1cMU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2e982a1e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

activityi;dc_pre=COmny_m96IADFVWqmgodoAwBbA;src=12688802;type=actio0;cat=allpa0;ord=1;num=5943000920470;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver... Show response
12688802.fls.doubleclick.net/ Frame C425
Redirect Chain

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=5943000920470;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ep...
https://12688802.fls.doubleclick.net/activityi;dc_pre=COmny_m96IADFVWqmgodoAwBbA;src=12688802;type=actio0;cat=allpa0;ord=1;num=5943000920470;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafv...

559 B
520 B

46ms
44ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12688802.fls.doubleclick.net/activityi;dc_pre=COmny_m96IADFVWqmgodoAwBbA;src=12688802;type=actio0;cat=allpa0;ord=1;num=5943000920470;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

8ce389005cce0b2bc395ecfe03d5dc7abcd35fa0c6e8ae8909743c0a6d8ac83c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1weiyw.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 344
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12688802.fls.doubleclick.net/activityi;dc_pre=COmny_m96IADFVWqmgodoAwBbA;src=12688802;type=actio0;cat=allpa0;ord=1;num=5943000920470;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CISLzPm96IADFT_YOwId4VkItQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o... Show response
12572451.fls.doubleclick.net/ Frame 5162
Redirect Chain

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://12572451.fls.doubleclick.net/activityi;dc_pre=CISLzPm96IADFT_YOwId4VkItQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

555 B
333 B

211ms
210ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12572451.fls.doubleclick.net/activityi;dc_pre=CISLzPm96IADFT_YOwId4VkItQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4049231612418.5933?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

85692b68711a13bc8b0be454cfd80d5c191b6c20c43dc42515792cd35026d928

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1weiyw.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 308
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12572451.fls.doubleclick.net/activityi;dc_pre=CISLzPm96IADFT_YOwId4VkItQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4049231612418.5933?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hotjar-2606090.js Show response
static.hotjar.com/c/ 9 KB
4 KB 52ms
12ms Script
application/javascript 18.66.248.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Requested by

Host: 1weiyw.top
URL: https://1weiyw.top/?open=register&sub2=2899

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-117.dus51.r.cloudfront.net

Software

Resource Hash

4fac12b37fecb5617755262a749245167b0a04a3aa249741f554864f203a1afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sat, 19 Aug 2023 10:11:15 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 30
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/d22dec6032bcd7f786fef34aa23e02d0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: j-EOrvA1QN_PPThuaYhrdl2Etknk4BHCAN90pjW3MCKA9XV34gCL6w==

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 216 KB
74 KB 199ms
92ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: 1weiyw.top
URL: https://1weiyw.top/?open=register&sub2=2899

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fd4c6ff2e56afccc04586f39418bb8f2d6003dee723968161440bc425a183758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 10 Aug 2023 13:02:56 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64d4b5d0-127ae"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 75694
expires: Sat, 19 Aug 2023 11:11:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f569e7ddff8d35645867f4c7a89d4b2096f54a1cba899f2ec073966bb24934f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79512
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 19 Aug 2023 10:11:42 GMT

GET
H2

200

activityi;dc_pre=CLGry_m96IADFazKOwIdLQEOSg;src=12688802;type=actio0;cat=allpa0;ord=1;num=3881691395018;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver... Show response
12688802.fls.doubleclick.net/ Frame 5EB0
Redirect Chain

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=3881691395018;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ep...
https://12688802.fls.doubleclick.net/activityi;dc_pre=CLGry_m96IADFazKOwIdLQEOSg;src=12688802;type=actio0;cat=allpa0;ord=1;num=3881691395018;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafv...

559 B
519 B

47ms
47ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12688802.fls.doubleclick.net/activityi;dc_pre=CLGry_m96IADFazKOwIdLQEOSg;src=12688802;type=actio0;cat=allpa0;ord=1;num=3881691395018;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

8d2dcf85f7cf0be1a04c9d55702856289a9c3a44929faa2efc05e80c8c7b390e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1weiyw.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 346
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12688802.fls.doubleclick.net/activityi;dc_pre=CLGry_m96IADFazKOwIdLQEOSg;src=12688802;type=actio0;cat=allpa0;ord=1;num=3881691395018;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CNaMzPm96IADFcKomgodn9IIAQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o... Show response
12572451.fls.doubleclick.net/ Frame BD93
Redirect Chain

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://12572451.fls.doubleclick.net/activityi;dc_pre=CNaMzPm96IADFcKomgodn9IIAQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

554 B
330 B

45ms
44ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12572451.fls.doubleclick.net/activityi;dc_pre=CNaMzPm96IADFcKomgodn9IIAQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7149948549502.787?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

bb890ca2734a625b6b75b6e1f16a6ae876324d9df124c9230d659ac2981fcd42

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1weiyw.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 305
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12572451.fls.doubleclick.net/activityi;dc_pre=CNaMzPm96IADFcKomgodn9IIAQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7149948549502.787?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CJqry_m96IADFYGumgodtJEO_w;src=12688802;type=actio0;cat=allpa0;ord=1;num=2282187520879;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver... Show response
12688802.fls.doubleclick.net/ Frame A6E9
Redirect Chain

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=2282187520879;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ep...
https://12688802.fls.doubleclick.net/activityi;dc_pre=CJqry_m96IADFYGumgodtJEO_w;src=12688802;type=actio0;cat=allpa0;ord=1;num=2282187520879;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafv...

567 B
498 B

48ms
47ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12688802.fls.doubleclick.net/activityi;dc_pre=CJqry_m96IADFYGumgodtJEO_w;src=12688802;type=actio0;cat=allpa0;ord=1;num=2282187520879;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2Fbets%2Fhome%3Fopen%3Dregister?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

0a7f0f93456df63a94ba923d0ec888e2387c38fef0c3c12e0055f586516522e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1weiyw.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 325
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12688802.fls.doubleclick.net/activityi;dc_pre=CJqry_m96IADFYGumgodtJEO_w;src=12688802;type=actio0;cat=allpa0;ord=1;num=2282187520879;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2Fbets%2Fhome%3Fopen%3Dregister?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CLmPzPm96IADFcLdOwId3Z4IZg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o... Show response
12572451.fls.doubleclick.net/ Frame 513E
Redirect Chain

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://12572451.fls.doubleclick.net/activityi;dc_pre=CLmPzPm96IADFcLdOwId3Z4IZg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

555 B
333 B

213ms
212ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12572451.fls.doubleclick.net/activityi;dc_pre=CLmPzPm96IADFcLdOwId3Z4IZg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1978524294212.4204?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

8cc2f7e2ccb4208bda4976b1a6c84c59a2f7ca1b618e46ea84cb32f99f2630fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1weiyw.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 308
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12572451.fls.doubleclick.net/activityi;dc_pre=CLmPzPm96IADFcLdOwId3Z4IZg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1978524294212.4204?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1win-normal.34748aac6.svg
1win-cdn.com/img/ 5 KB
2 KB 16ms
16ms Image
image/svg+xml 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-cdn.com/img/1win-normal.34748aac6.svg
Requested by: Host: 1weiyw.top
URL: https://1weiyw.top/bets/home?open=register
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5cb3d03f299b837679eaa793491a03acc5fc1afdbc7f207b7566646f3bd2ecb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2146304
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 13:47:16 GMT
server: cloudflare
etag: W/"64bfd264-1221"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THeQ4PaR8xubaG2vMpr6v1gyDNDvnkAmCxerlkxoGJqTzDRS6wWqaZ24%2B7cB389JIjqb771D%2B2PsMi7cP0zfvN4TX7eC9RDYCXn83Nx0lfjSIt57EqLM1iCnZeN54dI9gS3biY%2FinRNx%2FnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2f28ce1e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 de.svg
1win-cdn.com/img/flags/ 272 B
660 B 17ms
17ms Image
image/svg+xml 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-cdn.com/img/flags/de.svg
Requested by: Host: 1weiyw.top
URL: https://1weiyw.top/bets/home?open=register
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e24a688017c0d2b6a65390caf35350cae86094372366b4be62767040d4b1c2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2146303
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 13:47:16 GMT
server: cloudflare
etag: W/"64bfd264-110"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrEIf6ewDCP%2F3iBVo2N%2BXKLFTwfv7YLL38EtYBlT2yGuZLCTdPxo8qk960vAtnMGJv%2B1BAjjyZAcIkgsvMaedJ7Xs9KIdM2mJJzUcAgJi2am90TDfW%2B2hGqfIerEAW5MwWgsHIF8GJdkPlw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2f28d01e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bear.09894b84b-290.webp
1win-cdn.com/img/ 21 KB
21 KB 16ms
15ms Image
image/webp 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-cdn.com/img/bear.09894b84b-290.webp

Requested by

Host: 1weiyw.top
URL: https://1weiyw.top/bets/home?open=register

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4010cd904385baf40748bc00e7ae96604ab7dbb0aa6b3c359d79e8a09d9b8b9

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2833
alt-svc: h3=":443"; ma=86400
content-length: 21260
last-modified: Fri, 18 Aug 2023 11:16:04 GMT
server: cloudflare
etag: "64df52f4-530c"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kHlKaW2YwBYlDfn6sLCldoiWDgku9zWhPDZoX9z2rizovCYoUlfzVtkEKfALVGgfVOlkkbhAphN%2Bzs7DY0RsB8c5n2QGNWMS5ieebyc0CO1ImrBGQtsKanLWF9z0k156YJZ6VII5yK8JnxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7f919d2f38e11e45-FRA

GET
H3 200 emoji-soccer.1a6d4ecac-160.png
1win-cdn.com/img/ 8 KB
8 KB 16ms
15ms Image
image/png 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-cdn.com/img/emoji-soccer.1a6d4ecac-160.png
Requested by: Host: 1weiyw.top
URL: https://1weiyw.top/bets/home?open=register
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 575412b54e344b5f40a21bb5b799f0430919cfb4ba807f9832c040e13711dc8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2146250
alt-svc: h3=":443"; ma=86400
content-length: 7896
last-modified: Tue, 25 Jul 2023 13:47:16 GMT
server: cloudflare
etag: "64bfd264-1ed8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Evuv56FYyUkzvmRjxKxU4I68Lj8uU4m%2Fyvkp%2F5E6gyiq0P73ASAOZxpj8YrDy7RlNlddxSPXhk99bwwfnYILgrmmY%2BvEArMdenM8wzUvFvjAC3XADSzUk0b4RUtQUMDsw1UGi1xQgTV%2Br9g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7f919d2f48fc1e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 emoji-slots.1c6e965b9-160.png
1win-cdn.com/img/ 9 KB
9 KB 15ms
15ms Image
image/png 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-cdn.com/img/emoji-slots.1c6e965b9-160.png
Requested by: Host: 1weiyw.top
URL: https://1weiyw.top/bets/home?open=register
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2fc8f2712717b32157f7741b1c723d6fe1d430c41652cfafd39c68980db20bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2146250
alt-svc: h3=":443"; ma=86400
content-length: 8977
last-modified: Tue, 25 Jul 2023 13:47:16 GMT
server: cloudflare
etag: "64bfd264-2311"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXWdan3hptIG82FV1BUehKTEngniifMhteF1mNCKAkjXe32SoAeFaXzly3EB%2BaiMDt0kwtc6UWcdxiarnvP6Ij44YdFsvc5OGeFFH35u%2F8JaZV0Rvqn9ZGbNSirQKlh%2FDXSl5PuxShraTIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7f919d2f48fe1e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cashback.12a565952.svg
1win-cdn.com/img/ 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2606:4700:e2::ac40:8717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-cdn.com/img/cashback.12a565952.svg
Requested by: Host: 1weiyw.top
URL: https://1weiyw.top/bets/home?open=register
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8492b63b2d1147503ddb11a27f119e5287c5ae6f02f37e51ad6ae769af970658

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2145608
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 13:47:16 GMT
server: cloudflare
etag: W/"64bfd264-851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOWjQ8EMhMfbaK%2FMDAhVKAZDwblTmkJr5SaxvwPdDys2zv8neN0kIB%2BF9Z%2BfZNRwcz1iwF8A84lgwO%2FDnVJYzjXKReZFVY6pv62jU8pqHHkfZ2pzEVsiX9xIsd%2FnVcYIQUeHve%2FVzeBVOGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f919d2f49001e45-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 modules.be28aa100b6c5e9c734a.js Show response
script.hotjar.com/ 223 KB
55 KB 51ms
10ms Script
application/javascript 18.173.233.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.be28aa100b6c5e9c734a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.233.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-233-11.dus51.r.cloudfront.net

Software

Resource Hash

b76eb0fb853247a10ef2d06dd156815be1d8ae1d5e6fc23db338968e133006ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:10:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 029240073e9896e5a27397d88f3dcfc2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
age: 90066
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55605
last-modified: Fri, 18 Aug 2023 09:05:29 GMT
etag: "452f7cb7245126a3677ef01e073b98fc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: hL7ps_MSKqxUvFJqZrM6j_6kd78DsEcZr0yam0UoA1INxNyCzd_kpA==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 43ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-548949LWLW&gtm=45je38g0&_p=1135947560&cid=832559801.1692439903&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&sid=1692439902&sct=1&seg=0&dl=https%3A%2F%2F1weiyw.top%2Fbets%2Fhome%3Fopen%3Dregister&dt=1win&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_url=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26&up.platform_language=de&up.device_type=desktop&up.platform=web&up.os=windows
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 10:11:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1weiyw.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=COmny_m96IADFVWqmgodoAwBbA;src=12688802;type=actio0;cat=allpa0;ord=1;num=5943000920470;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=h... Show response
adservice.google.com/ddm/fls/i/ Frame 4271 558 B
719 B 67ms
45ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COmny_m96IADFVWqmgodoAwBbA;src=12688802;type=actio0;cat=allpa0;ord=1;num=5943000920470;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26

Requested by

Host: 12688802.fls.doubleclick.net
URL: https://12688802.fls.doubleclick.net/activityi;dc_pre=COmny_m96IADFVWqmgodoAwBbA;src=12688802;type=actio0;cat=allpa0;ord=1;num=5943000920470;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0797c8767f46e987e23723cb287c6a685914c6e0512636be13b6cd6aa5b269c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12688802.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 344
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CLGry_m96IADFazKOwIdLQEOSg;src=12688802;type=actio0;cat=allpa0;ord=1;num=3881691395018;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=h... Show response
adservice.google.com/ddm/fls/i/ Frame 6E5A 558 B
413 B 46ms
45ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLGry_m96IADFazKOwIdLQEOSg;src=12688802;type=actio0;cat=allpa0;ord=1;num=3881691395018;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26

Requested by

Host: 12688802.fls.doubleclick.net
URL: https://12688802.fls.doubleclick.net/activityi;dc_pre=CLGry_m96IADFazKOwIdLQEOSg;src=12688802;type=actio0;cat=allpa0;ord=1;num=3881691395018;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7f601b5f7424b1c3ecdc4cd6b9d0d81516cdac732a7b5fed6b4cbafee10f394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12688802.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 343
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CJqry_m96IADFYGumgodtJEO_w;src=12688802;type=actio0;cat=allpa0;ord=1;num=2282187520879;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=h... Show response
adservice.google.com/ddm/fls/i/ Frame 82C0 566 B
396 B 46ms
45ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJqry_m96IADFYGumgodtJEO_w;src=12688802;type=actio0;cat=allpa0;ord=1;num=2282187520879;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2Fbets%2Fhome%3Fopen%3Dregister

Requested by

Host: 12688802.fls.doubleclick.net
URL: https://12688802.fls.doubleclick.net/activityi;dc_pre=CJqry_m96IADFYGumgodtJEO_w;src=12688802;type=actio0;cat=allpa0;ord=1;num=2282187520879;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2Fbets%2Fhome%3Fopen%3Dregister?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4e5d773bce39f990d6f203efcd0573dd1501342af84cdc0f4001a3d4a8b676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12688802.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 326
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CNaMzPm96IADFcKomgodn9IIAQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame FBBD 553 B
376 B 45ms
45ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNaMzPm96IADFcKomgodn9IIAQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7149948549502.787;~oref=https://1weiyw.top/

Requested by

Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=CNaMzPm96IADFcKomgodn9IIAQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7149948549502.787?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e4ce1ad48f5bc3f0f8778023be01b1b3f1e5af91d95594e641e4e1bc4bb9b97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 306
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=COmny_m96IADFVWqmgodoAwBbA;src=12688802;type=actio0;cat=allpa0;ord=1;num=5943000920470;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=h... Show response
adservice.google.de/ddm/fls/i/ Frame 80EA 194 B
150 B 68ms
45ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=COmny_m96IADFVWqmgodoAwBbA;src=12688802;type=actio0;cat=allpa0;ord=1;num=5943000920470;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COmny_m96IADFVWqmgodoAwBbA;src=12688802;type=actio0;cat=allpa0;ord=1;num=5943000920470;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Sat, 19 Aug 2023 10:11:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CLGry_m96IADFazKOwIdLQEOSg;src=12688802;type=actio0;cat=allpa0;ord=1;num=3881691395018;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=h... Show response
adservice.google.de/ddm/fls/i/ Frame 5755 194 B
515 B 60ms
45ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CLGry_m96IADFazKOwIdLQEOSg;src=12688802;type=actio0;cat=allpa0;ord=1;num=3881691395018;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLGry_m96IADFazKOwIdLQEOSg;src=12688802;type=actio0;cat=allpa0;ord=1;num=3881691395018;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2F%3Fopen%3Dregister%26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Sat, 19 Aug 2023 10:11:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CJqry_m96IADFYGumgodtJEO_w;src=12688802;type=actio0;cat=allpa0;ord=1;num=2282187520879;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=h... Show response
adservice.google.de/ddm/fls/i/ Frame 3953 194 B
150 B 59ms
46ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CJqry_m96IADFYGumgodtJEO_w;src=12688802;type=actio0;cat=allpa0;ord=1;num=2282187520879;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2Fbets%2Fhome%3Fopen%3Dregister

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJqry_m96IADFYGumgodtJEO_w;src=12688802;type=actio0;cat=allpa0;ord=1;num=2282187520879;auiddc=1944539781.1692439903;gtm=45He38g0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1weiyw.top%2Fbets%2Fhome%3Fopen%3Dregister

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Sat, 19 Aug 2023 10:11:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CNaMzPm96IADFcKomgodn9IIAQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BG... Frame DFB6 194 B
150 B 57ms
45ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CNaMzPm96IADFcKomgodn9IIAQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7149948549502.787;~oref=https://1weiyw.top/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNaMzPm96IADFcKomgodn9IIAQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7149948549502.787;~oref=https://1weiyw.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Sat, 19 Aug 2023 10:11:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10100.LExh5lYoXGNB0cPVNLuLfnD7bi07hBs-aOm0hP40ARj7ijJF9a7IOiCrpP00Juts.9XjuiDjBhT_TiXFHGERRezy_zxs%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10100.dIm0UvCffcVpNeWrIuzQfaoyNu3DrsF4L9yX0X04afBUdDhGELaosLsJ1v9qyakGKulLmrakWS2pXiNXg7SfJwk24FrYUb0NDs0RiUtVxmo%2C.VHD8wGALbdwWh3pQoKYuguDQvDw%2C

43 B
67 B

49ms
48ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10100.dIm0UvCffcVpNeWrIuzQfaoyNu3DrsF4L9yX0X04afBUdDhGELaosLsJ1v9qyakGKulLmrakWS2pXiNXg7SfJwk24FrYUb0NDs0RiUtVxmo%2C.VHD8wGALbdwWh3pQoKYuguDQvDw%2C

Requested by

Host: 1weiyw.top
URL: https://1weiyw.top/bets/home?open=register

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10100.dIm0UvCffcVpNeWrIuzQfaoyNu3DrsF4L9yX0X04afBUdDhGELaosLsJ1v9qyakGKulLmrakWS2pXiNXg7SfJwk24FrYUb0NDs0RiUtVxmo%2C.VHD8wGALbdwWh3pQoKYuguDQvDw%2C
date: Sat, 19 Aug 2023 10:11:42 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
114 B 55ms
47ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: 1weiyw.top
URL: https://1weiyw.top/bets/home?open=register

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:42 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 10 Aug 2023 13:02:56 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64d4b5d0-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 19 Aug 2023 11:11:42 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CISLzPm96IADFT_YOwId4VkItQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame C7CC 554 B
379 B 46ms
44ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CISLzPm96IADFT_YOwId4VkItQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4049231612418.5933;~oref=https://1weiyw.top/

Requested by

Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=CISLzPm96IADFT_YOwId4VkItQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4049231612418.5933?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9272d819b6c1144a1f116d8d2f390907af42e71d52caeabb80497d0ca61616ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 309
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CLmPzPm96IADFcLdOwId3Z4IZg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame F93C 554 B
375 B 45ms
45ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLmPzPm96IADFcLdOwId3Z4IZg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1978524294212.4204;~oref=https://1weiyw.top/

Requested by

Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=CLmPzPm96IADFcLdOwId3Z4IZg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1978524294212.4204?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3828f7e5c1d6036d64f17e1c806abf287d020422469e52bb09733be50cafc0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 309
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CISLzPm96IADFT_YOwId4VkItQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BG... Frame FD4B 194 B
150 B 48ms
46ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CISLzPm96IADFT_YOwId4VkItQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4049231612418.5933;~oref=https://1weiyw.top/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CISLzPm96IADFT_YOwId4VkItQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4049231612418.5933;~oref=https://1weiyw.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Sat, 19 Aug 2023 10:11:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CLmPzPm96IADFcLdOwId3Z4IZg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BG... Frame 33D6 194 B
150 B 47ms
46ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CLmPzPm96IADFcLdOwId3Z4IZg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1978524294212.4204;~oref=https://1weiyw.top/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLmPzPm96IADFcLdOwId3Z4IZg;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1978524294212.4204;~oref=https://1weiyw.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 10:11:42 GMT
expires: Sat, 19 Aug 2023 10:11:42 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/92006234/
Redirect Chain

https://mc.yandex.com/watch/92006234?wmode=7&page-url=https%3A%2F%2F1weiyw.top%2Fbets%2Fhome%3Fopen%3Dregister&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3...
https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1weiyw.top%2Fbets%2Fhome%3Fopen%3Dregister&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp...

435 B
518 B

51ms
51ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1weiyw.top%2Fbets%2Fhome%3Fopen%3Dregister&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A4711%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A1539843185756%3Ahid%3A705922621%3Az%3A120%3Ai%3A20230819121142%3Aet%3A1692439903%3Ac%3A1%3Arn%3A636358273%3Arqn%3A1%3Au%3A1692439903191815928%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A425%2C47%2C3153%2C39%2C961%2C0%2C%2C39%2C0%2C%2C%2C%2C4772%3Aco%3A0%3Acpf%3A1%3Ans%3A1692439897521%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1692439903%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

3d90b3b14f4869d23c65be477137df0688b2c6acc02813e53d5d48601fcb5b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 10:11:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 19-Aug-2023 10:11:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1weiyw.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Sat, 19-Aug-2023 10:11:43 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Aug 2023 10:11:43 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 19-Aug-2023 10:11:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1weiyw.top%2Fbets%2Fhome%3Fopen%3Dregister&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiugyrqh3hb%3Afp%3A4711%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A1539843185756%3Ahid%3A705922621%3Az%3A120%3Ai%3A20230819121142%3Aet%3A1692439903%3Ac%3A1%3Arn%3A636358273%3Arqn%3A1%3Au%3A1692439903191815928%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A425%2C47%2C3153%2C39%2C961%2C0%2C%2C39%2C0%2C%2C%2C%2C4772%3Aco%3A0%3Acpf%3A1%3Ans%3A1692439897521%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1692439903%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
access-control-allow-origin: https://1weiyw.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 19-Aug-2023 10:11:43 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10100.JBSgXitnotwFPu5PLun51B5HUV5bpvWJ8lBeCzzoxPvFP38fiP7llmiXZ5FBdzyc.VBvH63IHZvvRppY6DZDNEa5QiEA%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10100.FZojjDHz2uDKCJy79JaZt0c71k402p4VlJAb1_NaUc9o3WAlhqldHaqDsFQuGm2gQRsw3Gx-Y2huAaREY3ob0a9D1vuERZCq9CMvleFgVjw%2C.aSVmsEq2V904x-kq6...

43 B
67 B

49ms
48ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10100.FZojjDHz2uDKCJy79JaZt0c71k402p4VlJAb1_NaUc9o3WAlhqldHaqDsFQuGm2gQRsw3Gx-Y2huAaREY3ob0a9D1vuERZCq9CMvleFgVjw%2C.aSVmsEq2V904x-kq6GXKxAkURVo%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1weiyw.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 10:11:43 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10100.FZojjDHz2uDKCJy79JaZt0c71k402p4VlJAb1_NaUc9o3WAlhqldHaqDsFQuGm2gQRsw3Gx-Y2huAaREY3ob0a9D1vuERZCq9CMvleFgVjw%2C.aSVmsEq2V904x-kq6GXKxAkURVo%2C
date: Sat, 19 Aug 2023 10:11:43 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 549ms
178ms Preflight 52.13.180.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.180.254 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-180-254.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://1weiyw.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Sat, 19 Aug 2023 10:11:43 GMT
strict-transport-security: max-age=15768000

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
286 B 183ms
182ms Fetch
application/json 52.13.180.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/94336.11672c257.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.180.254 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-180-254.us-west-2.compute.amazonaws.com

Software

Resource Hash

e48001abbed7edd0279ee2b031eaea7e5a98340349aa53055a8e711d927b3377

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://1weiyw.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sat, 19 Aug 2023 10:11:44 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-64e09560-6aa199f61a719ef14d348e1d
content-length: 94
access-control-allow-methods: GET, POST
content-type: application/json

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1weiyw.top/	1970-01-20 14:51:58	Name: sub_ids Value: sub2=2899
1weiyw.top/	1970-01-20 14:51:58	Name: partner_key Value: 79i6
1weiyw.top/	1970-01-20 14:51:58	Name: visit_domain Value: 1weiyw.top
1weiyw.top/	1969-12-31 23:59:59	Name: core-sticky Value: http://10.233.94.33:80
1weiyw.top/	1970-01-20 22:52:55	Name: 1w_lang Value: de
.1weiyw.top/	1970-01-20 22:52:55	Name: AMP_MKTG_494cccfe21 Value: JTdCJTdE
.1weiyw.top/	1970-01-20 16:16:55	Name: _gcl_au Value: 1.1.1944539781.1692439903
1weiyw.top/	1969-12-31 23:59:59	Name: 1w_locale Value: 26
.1weiyw.top/	1970-01-20 23:43:19	Name: _ga Value: GA1.1.832559801.1692439903
.doubleclick.net/	1970-01-20 14:07:20	Name: test_cookie Value: CheckForPermission
.1weiyw.top/	1970-01-20 22:52:55	Name: _hjSessionUser_2606090 Value: eyJpZCI6IjMxNTE5NzJlLWNjNWEtNWQ3MS04MjEyLThkYTUxOTZhZmRiMyIsImNyZWF0ZWQiOjE2OTI0Mzk5MDI3NDgsImV4aXN0aW5nIjpmYWxzZX0=
.1weiyw.top/	1970-01-20 14:07:21	Name: _hjFirstSeen Value: 1
.1weiyw.top/	1970-01-20 14:07:20	Name: _hjIncludedInSessionSample_2606090 Value: 0
.1weiyw.top/	1970-01-20 14:07:21	Name: _hjSession_2606090 Value: eyJpZCI6IjU0MWE3ZjEyLTliOWItNDZiZS04MTg5LWE5N2Q4ODkwNTZkZCIsImNyZWF0ZWQiOjE2OTI0Mzk5MDI3NTMsImluU2FtcGxlIjpmYWxzZX0=
.1weiyw.top/	1970-01-20 14:07:21	Name: _hjAbsoluteSessionInProgress Value: 0
1weiyw.top/	1969-12-31 23:59:59	Name: _hjHasCachedUserAttributes Value: true
.1weiyw.top/	1970-01-20 23:43:19	Name: _ga_548949LWLW Value: GS1.1.1692439902.1.0.1692439902.0.0.0
.1weiyw.top/	1970-01-20 22:52:55	Name: _ym_uid Value: 1692439903191815928
.1weiyw.top/	1970-01-20 22:52:55	Name: _ym_d Value: 1692439903
.1weiyw.top/	1970-01-20 22:52:55	Name: AMP_494cccfe21 Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjJjOGQ4NzU2My02YzkzLTQwMTktOGEyZC04OTgxNTMxZTllZDklMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNjkyNDM5OTAyNDM3JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTY5MjQzOTkwMjg2NCUyQyUyMmxhc3RFdmVudElkJTIyJTNBNyU3RA==
.mc.yandex.com/	1970-01-20 14:07:20	Name: sync_cookie_csrf Value: 2082712918fake
.1weiyw.top/	1970-01-20 14:08:31	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 14:07:20	Name: sync_cookie_csrf Value: 1350727182fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2387955571692439903
.yandex.com/	1970-01-20 23:43:19	Name: i Value: +ukQuIy5++VzPYKKK5DfJZDLuNnt2zTeYw6wGuC5yIK0nU4anKrcAxtV+BTVonONhF/3LxbQWXiOgLteYJgp2uE8y7Y=
.yandex.com/	1970-01-20 23:43:19	Name: yandexuid Value: 4029284231692439903
.yandex.com/	1970-01-20 22:52:55	Name: yuidss Value: 4029284231692439903
.yandex.com/	1970-01-20 22:52:55	Name: ymex Value: 1723975903.yrts.1692439903#1723975903.yrtsi.1692439903
.yandex.com/	1970-01-20 22:52:55	Name: bh Value: KgI/MA==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
1weiyw.top
1win-cdn.com
1wqqws.top
adservice.google.com
adservice.google.de
api.lab.amplitude.com
api2.amplitude.com
mc.yandex.com
mc.yandex.ru
refpaadrbxof.top
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
www.googletagmanager.com
142.250.186.166
151.101.130.132
18.173.233.11
18.66.248.117
190.115.24.78
2001:4860:4802:32::36
2606:4700:3037::ac43:c0d2
2606:4700:e2::ac40:8717
2a00:1450:4001:81c::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82f::2002
2a02:6b8::1:119
52.13.180.254
012c3aab8922aef4eab34b5a9233be50c4e4970f3305a7b03ca00b2b59be0e49
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
02ed50337f3b42eb01b27b554f89fdda1d8cdb256602edf6f48cfc458b3eb59b
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6
0797c8767f46e987e23723cb287c6a685914c6e0512636be13b6cd6aa5b269c0
0a7f0f93456df63a94ba923d0ec888e2387c38fef0c3c12e0055f586516522e3
0f9952976963c3ec9f602857c63343b93c03427d348521657b1664af7d69e9a2
10993dbb9f581ed96fea12e37345b478a8d11c5779eaddcebfe0fb07641ac31b
1452e31b2a3b0f0003a4fb3ccf10e452ccec959503b1d3a75a4de56ad977424b
18d730cf82d58e5eed438a162d3c6250b8802ed015a76101499a166c65c2fb91
1df41ee0b64399dffa0f3e5ef5259ec3dbba78273e7129c6577dfdcedc5116cd
2abe1b262de3e8212b87fb1a3065787ae66bef248170eb9cb185c999ccaf979e
360fb4ea61ac694e0b25aba5fab3dfea8aa5fffc929c4da4e6c5591135af2b3b
39dbfdd9602bd806cd532aeb213229c53f1e3e739df5a042aab54a61286c3b62
3d90b3b14f4869d23c65be477137df0688b2c6acc02813e53d5d48601fcb5b4e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4fac12b37fecb5617755262a749245167b0a04a3aa249741f554864f203a1afd
528c271b9bf694b79836f9b97249211e0a6e80e055ac436a92cf67330a1f12e7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
575412b54e344b5f40a21bb5b799f0430919cfb4ba807f9832c040e13711dc8e
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
5f569e7ddff8d35645867f4c7a89d4b2096f54a1cba899f2ec073966bb24934f
5ffc1331c364200db0b71d1fd6f6baf03a35f427951d95c3df5685bb4d2e330a
618867fc13c15e8744650c168c285a4f8a4e919f6688348262c066083fe7f51f
68a4d160d8c135959d5b6265c9131566585cfe3c7e1763a016204629d7b9e218
6ceff4ea7a4395690e7689a81b4951a2863ac1d1cb3d0e8c67a6603ac520e1a6
7b303ea7df100db60bb773fc70b3b3bb63b8299dd340f60a19be51ca3840b34f
7e4ce1ad48f5bc3f0f8778023be01b1b3f1e5af91d95594e641e4e1bc4bb9b97
8492b63b2d1147503ddb11a27f119e5287c5ae6f02f37e51ad6ae769af970658
85692b68711a13bc8b0be454cfd80d5c191b6c20c43dc42515792cd35026d928
85d0ff58e376b7e2e69b40f45d1cb0edc96886a3705d2f90930f30bcc5176868
871a697aae54ef05fa03e68eda159055c6437251469150ce3dc8ac0cc0832b66
89231e3e46eda90ab1341590b389b2f1c49d01d43c1e96c91fd4bb14b851b506
8cc2f7e2ccb4208bda4976b1a6c84c59a2f7ca1b618e46ea84cb32f99f2630fd
8ce389005cce0b2bc395ecfe03d5dc7abcd35fa0c6e8ae8909743c0a6d8ac83c
8d2dcf85f7cf0be1a04c9d55702856289a9c3a44929faa2efc05e80c8c7b390e
909740114f94c7424e118f9642e1d79f6dc96adaf5d96aa0028fb5087c516fd1
914d10e22c1c806a4f8a3d20bc6ba0ae0a24f59c2c97127fe569451b52bb9977
9272d819b6c1144a1f116d8d2f390907af42e71d52caeabb80497d0ca61616ba
9a550ce3a870078ff16c823c7d9d84312f32a545a41619f9c01aff6ce5a5ae03
9b2d5e454cfbf809589a2d77f6dffb57681641d625b7bb71ca4edd4637797b80
9e24a688017c0d2b6a65390caf35350cae86094372366b4be62767040d4b1c2e
9e550c09db78994bf63ada4848faf417070f1915ac58ef0771d0f1ab9000c98f
9ee83b21be95ed60228137d9a51726d3d52c0b5bea95a0c053f1eb2df7622490
a20c91d7dd39dc68265222f1b5b5c2eae1f95f37e677f46f398685b715c9bb3a
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4010cd904385baf40748bc00e7ae96604ab7dbb0aa6b3c359d79e8a09d9b8b9
a5cb3d03f299b837679eaa793491a03acc5fc1afdbc7f207b7566646f3bd2ecb
a7f601b5f7424b1c3ecdc4cd6b9d0d81516cdac732a7b5fed6b4cbafee10f394
b76eb0fb853247a10ef2d06dd156815be1d8ae1d5e6fc23db338968e133006ef
bb890ca2734a625b6b75b6e1f16a6ae876324d9df124c9230d659ac2981fcd42
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a
ca01e550ae44bb8b1c84355ce711aaf3b412b9ac2a2ab96d9f7554564e8d3ccc
d3828f7e5c1d6036d64f17e1c806abf287d020422469e52bb09733be50cafc0d
dabee13f8b3125e98d0b088b3f4ff3ed80c1ed028b1db45bed0b9f1a4c81197a
df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48001abbed7edd0279ee2b031eaea7e5a98340349aa53055a8e711d927b3377
f2fc8f2712717b32157f7741b1c723d6fe1d430c41652cfafd39c68980db20bd
f42a718f05f8c221dcb658daad070a200835959e06ebf59c12a7f0247b9705ab
f4e5d773bce39f990d6f203efcd0573dd1501342af84cdc0f4001a3d4a8b676f
fd4c6ff2e56afccc04586f39418bb8f2d6003dee723968161440bc425a183758

1weiyw.top Open in urlscan Pro 190.115.24.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

96 %HTTPS

54 %IPv6

13 Domains

16 Subdomains

13 IPs

4 Countries

1159 kBTransfer

3626 kBSize

29 Cookies

0 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

1weiyw.top Open in urlscan Pro
190.115.24.78 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

96 %
HTTPS

54 %
IPv6

13
Domains

16
Subdomains

13
IPs

4
Countries

1159 kB
Transfer

3626 kB
Size

29
Cookies

73 HTTP transactions
1 data transactions