1wbre.com Open in urlscan Pro
186.2.162.102 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://1wbre.com/
Submission Tags: @phish_report
Submission: On September 12 via api (September 12th 2024, 4:40:59 pm UTC) from FI — Scanned from FI

Summary HTTP 70 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 6 countries across 13 domains to perform 70 HTTP transactions. The main IP is 186.2.162.102, located in Belize and belongs to IQWEB, AE. The main domain is 1wbre.com.
TLS certificate: Issued by R11 on September 3rd 2024. Valid for: 3 months.

This is the only time 1wbre.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	186.2.162.102 186.2.162.102	59692 (IQWEB) (IQWEB)
29	154.197.121.128 154.197.121.128	328608 (Africa-on...) (Africa-on-Cloud-AS)
2	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3	172.217.23.100 172.217.23.100	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2 4	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
3 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	34.213.139.248 34.213.139.248	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1d::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	18.66.112.15 18.66.112.15	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
70	20

6 186.2.162.102 (Belize)

ASN59692 (IQWEB, AE)
PTR: ddos-guard.net

1wbre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 154.197.121.128 (Seychelles)

ASN328608 (Africa-on-Cloud-AS, ZA)

v1.bundlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.132 (San Francisco, United States)

ASN54113 (FASTLY, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.100 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f100.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.6 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f6.1e100.net

12572451.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
12688802.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.213.139.248 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-139-248.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net

www.google.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-15.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	bundlecdn.com v1.bundlecdn.com	702 KB
10	doubleclick.net 2 redirects 12572451.fls.doubleclick.net — Cisco Umbrella Rank: 335755 stats.g.doubleclick.net — Cisco Umbrella Rank: 252 td.doubleclick.net — Cisco Umbrella Rank: 481 12688802.fls.doubleclick.net — Cisco Umbrella Rank: 340553 ad.doubleclick.net — Cisco Umbrella Rank: 210 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	3 KB
6	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 6787	4 KB
6	1wbre.com 1wbre.com	230 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	466 KB
4	google.com www.google.com — Cisco Umbrella Rank: 10 analytics.google.com — Cisco Umbrella Rank: 238	1 KB
4	amplitude.com api.lab.amplitude.com — Cisco Umbrella Rank: 5321 api2.amplitude.com — Cisco Umbrella Rank: 1505	989 B
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2503	71 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	61 KB
1	google.fi www.google.fi — Cisco Umbrella Rank: 20823	455 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 4716	233 B
1	google.ru www.google.ru — Cisco Umbrella Rank: 8663	63 B
1	gstatic.com www.gstatic.com	214 KB
70	13

	Domain	Requested by
29	v1.bundlecdn.com	1wbre.com v1.bundlecdn.com
6	mc.yandex.com	2 redirects mc.yandex.ru
6	1wbre.com	1wbre.com v1.bundlecdn.com
5	www.googletagmanager.com	1wbre.com www.googletagmanager.com
3	td.doubleclick.net	www.googletagmanager.com
3	www.google.com	v1.bundlecdn.com www.googletagmanager.com
2	12688802.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	api2.amplitude.com	v1.bundlecdn.com
2	mc.yandex.ru	1 redirects 1wbre.com
2	12572451.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	api.lab.amplitude.com	v1.bundlecdn.com
1	www.google.fi
1	vc.hotjar.io	script.hotjar.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	ad.doubleclick.net
1	www.google.ru
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	static.hotjar.com	1wbre.com
1	www.gstatic.com	www.google.com
70	21

This site contains no links.

Subject Issuer	Validity	Valid
1wbre.com R11	`2024-09-03` - `2024-12-02`	3 months	crt.sh
v1.bundlecdn.com WE1	`2024-07-24` - `2024-10-22`	3 months	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-29` - `2024-12-30`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2024-01-31` - `2025-03-02`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.com.ru WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.google.fi WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://1wbre.com/
Frame ID: 95319BED4175BF3A93585BF0F01B59A8
Requests: 63 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CKDO3KnsvYgDFeSIgwcdz8IJPQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7594728006837.361
Frame ID: 282B42B036BAFE2D39810A2C643C874F
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-548949LWLW&gacid=2073301836.1726159255&gtm=45je4990v894728184z8894400803za200zb894400803&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1696934667
Frame ID: 86D4E6EFE401FEB2CE10BEDA559FDF93
Requests: 1 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=CN-E5qnsvYgDFeSqgwcdxD4gPg;src=12688802;type=actio0;cat=allpa0;ord=1;num=6497112506146;npa=0;auiddc=968414781.1726159255;ps=1;pcor=1192774987;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4990v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wbre.com%2F
Frame ID: 51D0228AB0532CC307A49B186F78F584
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=6497112506146;npa=0;auiddc=968414781.1726159255;ps=1;pcor=1192774987;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4990v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wbre.com%2F
Frame ID: A75F04B674F974BA74B96DB79B49C752
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16482547739?random=1726159255048&cv=11&fst=1726159255048&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4990v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2F1wbre.com%2F&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=968414781.1726159255&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 6175C26BE1DE2F6BE82D9A8EAC116D1B
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: B7C0434AB866C03E7E6BF13F8EC6A54B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1win

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

70
Requests

93 %
HTTPS

37 %
IPv6

13
Domains

21
Subdomains

20
IPs

6
Countries

1751 kB
Transfer

5257 kB
Size

32
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7594728006837.361 HTTP 302
https://12572451.fls.doubleclick.net/activityi;dc_pre=CKDO3KnsvYgDFeSIgwcdz8IJPQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7594728006837.361

Request Chain 57

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=6497112506146;npa=0;auiddc=968414781.1726159255;ps=1;pcor=1192774987;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4990v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wbre.com%2F HTTP 302
https://12688802.fls.doubleclick.net/activityi;dc_pre=CN-E5qnsvYgDFeSqgwcdxD4gPg;src=12688802;type=actio0;cat=allpa0;ord=1;num=6497112506146;npa=0;auiddc=968414781.1726159255;ps=1;pcor=1192774987;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4990v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wbre.com%2F

Request Chain 63

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10490.c-J5QcbjVXupd7Ibg16J-LMWye5F1yDDpUDHyuIRHQtCELsAxI50tYK-XQ8uG925.Az9J1GawhQBtZyjT6caBe3y9Ya0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10490.e2szXzHR3JdnEPKVl3Pbecoc6p4iEsRZv-19vWQmgeTyr-T3-AeDg9kz6sNf-Z3zpRW0AyH4W09Vu42jZb-sAegjfrbC6IlE_RcmMg0gO4KmBikcEhVHrXJYlVL9rRLCYNyXVsg4cfAaEUifDz-pZ_S4O0Gy13pc_uGNVTodeyiyFnqIw0JUDrCxx3co33WilQNYjqkFLCnTxeMKJ0dhlE_oLZweMBDwLDUp9rf-rtQ%2C.RSlMTJgShGLnhJsoOh4ktif4Kio%2C

Request Chain 69

https://mc.yandex.com/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wbre.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ac4o2nplw0gn9nduetxpw3hlsrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A1440%3Acn%3A1%3Adp%3A0%3Als%3A1408097301256%3Ahid%3A656613207%3Az%3A180%3Ai%3A20240912194055%3Aet%3A1726159255%3Ac%3A1%3Arn%3A665699561%3Arqn%3A1%3Au%3A1726159255645449615%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A834%3Awv%3A2%3Ads%3A36%2C204%2C205%2C64%2C1%2C0%2C%2C310%2C0%2C1234%2C1234%2C0%2C1022%3Aco%3A0%3Acpf%3A1%3Ans%3A1726159252554%3Agi%3AR0ExLjEuMjA3MzMwMTgzNi4xNzI2MTU5MjU1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1726159255%3At%3A1win&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037568)ti(1) HTTP 302
https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wbre.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ac4o2nplw0gn9nduetxpw3hlsrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A1440%3Acn%3A1%3Adp%3A0%3Als%3A1408097301256%3Ahid%3A656613207%3Az%3A180%3Ai%3A20240912194055%3Aet%3A1726159255%3Ac%3A1%3Arn%3A665699561%3Arqn%3A1%3Au%3A1726159255645449615%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A834%3Awv%3A2%3Ads%3A36%2C204%2C205%2C64%2C1%2C0%2C%2C310%2C0%2C1234%2C1234%2C0%2C1022%3Aco%3A0%3Acpf%3A1%3Ans%3A1726159252554%3Agi%3AR0ExLjEuMjA3MzMwMTgzNi4xNzI2MTU5MjU1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1726159255%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29

70 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
1wbre.com/ 63 KB
27 KB 445ms
205ms Document
text/html 186.2.162.102
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1wbre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

186.2.162.102 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

cfb10d4592ef6175cba4a53f1718a771f4ab766deae5bce165308d7031ebc05b

Security Headers

Name

Value

X-Frame-Options

ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 12 Sep 2024 16:40:52 GMT
server: ddos-guard
vary: Origin
x-app-version: v2.112.0
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
x-match-domain: 1wbre.com
x-request-id: fQZ2ShWqVuI76sRp

GET
H2 200 SFNSDisplay-latin.50a4eaff3.woff2
v1.bundlecdn.com/font/ 32 KB
33 KB 127ms
42ms Font
application/octet-stream 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/font/SFNSDisplay-latin.50a4eaff3.woff2
Requested by: Host: 1wbre.com
URL: https://1wbre.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68

Request headers

Referer: https://1wbre.com/
Origin: https://1wbre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:53 GMT
cf-cache-status: HIT
last-modified: Wed, 11 Sep 2024 18:15:19 GMT
server: cloudflare
age: 49395
etag: "66e1de37-8128"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8c215783eaf64e14-HEL
content-length: 33064
expires: Sun, 10 Sep 2034 16:40:53 GMT

GET
H2 200 SFNSText-latin.f09aa5229.woff2
v1.bundlecdn.com/font/ 42 KB
43 KB 131ms
47ms Font
application/octet-stream 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/font/SFNSText-latin.f09aa5229.woff2
Requested by: Host: 1wbre.com
URL: https://1wbre.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6

Request headers

Referer: https://1wbre.com/
Origin: https://1wbre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:53 GMT
cf-cache-status: HIT
last-modified: Wed, 11 Sep 2024 18:15:19 GMT
server: cloudflare
age: 49395
etag: "66e1de37-a9f8"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8c215783eaf44e14-HEL
content-length: 43512
expires: Sun, 10 Sep 2034 16:40:53 GMT

GET
H2 200 minified.js Show response
1wbre.com/core-js/3.33.3/ 238 KB
89 KB 124ms
123ms Script
application/javascript 186.2.162.102
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1wbre.com/core-js/3.33.3/minified.js

Requested by

Host: 1wbre.com
URL: https://1wbre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

186.2.162.102 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

ce68e1614ab493deaecfa6eb9711736de0348248e1d559b5f6dfb5dc4c29b459

Security Headers

Name

Value

X-Frame-Options

ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 15:14:45 GMT
content-encoding: gzip
last-modified: Wed, 11 Sep 2024 13:44:00 GMT
server: ddos-guard
age: 91568
etag: W/"66e19ea0-3b989"
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
content-type: application/javascript
ddg-cache-status: HIT
cache-control: max-age=315360000
content-length: 90567
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chunk-vendors.b5eb4d992.js Show response
v1.bundlecdn.com/js/ 247 KB
83 KB 48ms
48ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/chunk-vendors.b5eb4d992.js
Requested by: Host: 1wbre.com
URL: https://1wbre.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: f007c721f3891c6fbc6555f58faf308a9187968bfca7439dd601ae93b621649b

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Sep 2024 13:22:20 GMT
server: cloudflare
age: 702595
etag: W/"66d85f0c-3dbdd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c2157850fec8dc3-HEL
expires: Sun, 10 Sep 2034 16:40:53 GMT

GET
H2 200 chunk-common.40b815f88.js Show response
v1.bundlecdn.com/js/ 383 KB
115 KB 44ms
44ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/chunk-common.40b815f88.js
Requested by: Host: 1wbre.com
URL: https://1wbre.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: e37d5e0b111cffcf22eea39ed78b82bfc4467c0458c7b1665bd0214868df6a8b

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Sep 2024 10:55:43 GMT
server: cloudflare
age: 20406
etag: W/"66e2c8af-5fcf5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c2157850fef8dc3-HEL
expires: Sun, 10 Sep 2034 16:40:53 GMT

GET
H2 200 index.f4eac73f7.js Show response
v1.bundlecdn.com/js/ 386 KB
126 KB 66ms
66ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/index.f4eac73f7.js
Requested by: Host: 1wbre.com
URL: https://1wbre.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: fe4c230084774ecbf2fb3ae9b70a6ada0a54dfeba6e4ade346f6dce68ddb2f0a

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Sep 2024 10:55:42 GMT
server: cloudflare
age: 20406
etag: W/"66e2c8ae-6072d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c215785a8738dc3-HEL
expires: Sun, 10 Sep 2034 16:40:53 GMT

GET
H2 200 index.aedf85995.css
v1.bundlecdn.com/css/ 6 KB
1 KB 114ms
42ms Stylesheet
text/css 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/css/index.aedf85995.css
Requested by: Host: 1wbre.com
URL: https://1wbre.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 9be12e59a210d45411e025096615d4308c44a0cffeb791dd452e443c675e8481

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 26 Jul 2024 11:07:50 GMT
server: cloudflare
age: 4160576
etag: W/"66a38386-185b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c2157843f1c8dc3-HEL
expires: Sun, 10 Sep 2034 16:40:53 GMT

GET
H2 200 1win-normal.svg
1wbre.com/img/logo/main/ 5 KB
2 KB 185ms
185ms Image
image/svg+xml 186.2.162.102
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1wbre.com/img/logo/main/1win-normal.svg

Requested by

Host: 1wbre.com
URL: https://1wbre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

186.2.162.102 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

a5cb3d03f299b837679eaa793491a03acc5fc1afdbc7f207b7566646f3bd2ecb

Security Headers

Name

Value

X-Frame-Options

ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 17:52:16 GMT
content-encoding: br
last-modified: Tue, 10 Sep 2024 14:27:03 GMT
server: ddos-guard
age: 168517
etag: W/"66e05737-1221"
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
ddg-cache-status: HIT
cache-control: max-age=315360000
content-length: 1474
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.a95143398.js Show response
v1.bundlecdn.com/js/ 115 KB
32 KB 48ms
47ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/desktop.a95143398.js
Requested by: Host: 1wbre.com
URL: https://1wbre.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: e827d116b753e5f146db5b68f7370812413450caf10adb21d25da2a95f66a127

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Sep 2024 10:55:42 GMT
server: cloudflare
age: 20362
etag: W/"66e2c8ae-1cad1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c215785a8728dc3-HEL
expires: Sun, 10 Sep 2034 16:40:53 GMT

GET
H2 200 desktop.f2c7d307d.css
v1.bundlecdn.com/css/ 64 KB
12 KB 45ms
44ms Stylesheet
text/css 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/css/desktop.f2c7d307d.css
Requested by: Host: 1wbre.com
URL: https://1wbre.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f87ad06cc9ed9ee43362260fb7b3de880f89a89a88dd0fe3b69e6aca09a710d

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Sep 2024 10:55:42 GMT
server: cloudflare
age: 20362
etag: W/"66e2c8ae-1007d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c215785a86f8dc3-HEL
expires: Sun, 10 Sep 2034 16:40:53 GMT

POST
H2 200 affiliate:link_visit
1wbre.com/ 37 B
368 B 133ms
130ms Ping
application/json 186.2.162.102
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1wbre.com/affiliate:link_visit

Requested by

Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.40b815f88.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

186.2.162.102 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard / Express

Resource Hash

9c3b25f260defd6991608963a30a67cad0981ecce13e5975b1a6304887514d7f

Security Headers

Name

Value

X-Frame-Options

ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 12 Sep 2024 16:40:53 GMT
content-encoding: gzip
server: ddos-guard
x-powered-by: Express
etag: W/"25-Zj67mG54TfZ031q1ea2QwFUXWX4"
access-control-max-age: 7200
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wbre.com
access-control-expose-headers: Authorization
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Origin

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 18860.1f1e193d8.js Show response
v1.bundlecdn.com/js/ 28 KB
10 KB 43ms
42ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/18860.1f1e193d8.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.f4eac73f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f6e3e5c53c730a88de6f874ab17cb1283f0ed8580bb22b57578f4f0d601f700

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Aug 2024 12:57:34 GMT
server: cloudflare
age: 1827478
etag: W/"66c735be-6ea0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c215786e9ba8dc3-HEL
expires: Sun, 10 Sep 2034 16:40:53 GMT

GET
H2 200 60215.0b99a6255.js Show response
v1.bundlecdn.com/js/ 76 KB
18 KB 45ms
44ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/60215.0b99a6255.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.f4eac73f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: bf7f6339a1fab6dddab6749b03f7096a44b33109e3e52757b112e75cb1577f0d

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Sep 2024 10:55:43 GMT
server: cloudflare
age: 20404
etag: W/"66e2c8af-12f06"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c215786e9bb8dc3-HEL
expires: Sun, 10 Sep 2034 16:40:53 GMT

GET
H2 200 47904.b8027b5a4.css
v1.bundlecdn.com/css/ 53 KB
10 KB 44ms
43ms Stylesheet
text/css 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/css/47904.b8027b5a4.css
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.f4eac73f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 394daf2ca11c67f7a6188bc8e31f5dd7e2985db4de06dbc67ab4db2c0886cb7c

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Sep 2024 10:55:43 GMT
server: cloudflare
age: 20404
etag: W/"66e2c8af-d4aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c215786e9b98dc3-HEL
expires: Sun, 10 Sep 2034 16:40:53 GMT

GET
H2 200 47904.007eab80b.js Show response
v1.bundlecdn.com/js/ 372 KB
111 KB 51ms
50ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/47904.007eab80b.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.f4eac73f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 05e4ad16d71817cf8601ebe24c73c3a5ede251fb9d76f15f97e18ca0407976ea

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Sep 2024 10:55:43 GMT
server: cloudflare
age: 20404
etag: W/"66e2c8af-5d1fe"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c215786f9bc8dc3-HEL
expires: Sun, 10 Sep 2034 16:40:53 GMT

GET
H2 200 84167.25b407024.js Show response
v1.bundlecdn.com/js/ 8 KB
3 KB 46ms
45ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/84167.25b407024.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.f4eac73f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 92ea9bd64fc986968b38a1003174a422f7ea9ff287f3e60257c88edd3577882b

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Sep 2024 09:30:01 GMT
server: cloudflare
age: 25527
etag: W/"66e2b499-1e3a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c215786f9bd8dc3-HEL
expires: Sun, 10 Sep 2034 16:40:53 GMT

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/v2/ Frame 0
0 124ms
36ms Preflight 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/v2/vardata?v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://1wbre.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://1wbre.com
access-control-max-age: 1800
age: 2475
cache-control: no-store
content-length: 0
date: Thu, 12 Sep 2024 16:40:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-66e30fea-70fd58bf63540dcd44434399
x-cache: HIT
x-cache-hits: 1052
x-content-type-options: nosniff
x-served-by: cache-hel1410034-HEL
x-timer: S1726159254.881136,VS0,VE0

GET
H2 200 en Show response
1wbre.com/fss/translations/ 377 KB
112 KB 353ms
352ms XHR
application/json 186.2.162.102
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1wbre.com/fss/translations/en?domain=1wbre.com&appName=web

Requested by

Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.40b815f88.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

186.2.162.102 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

884b0636bfcba946d4894118ab54dc5e2a6392806ca443310505a190ad7b5b58

Security Headers

Name

Value

X-Frame-Options

ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wbre.com/
X-Origin: 1wbre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: gzip
x-app-version: v2.112.0
server: ddos-guard
etag: W/"a0cce-Lyy7OC7fkbQxZanC136KoSrYM54"
vary: Origin
x-match-domain: 1wbre.com
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
x-request-id: GrBdCMP4XZR2WJZX

GET
H2 200 allv4 Show response
v1.bundlecdn.com/common/banners/ 21 KB
5 KB 161ms
161ms XHR
application/json 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://v1.bundlecdn.com/common/banners/allv4?localeId=14&lang=en&tzOffset=180

Requested by

Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.40b815f88.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

cloudflare /

Resource Hash

55f211fb2164530f93b74b1bc07e624036f0d002aad5a461c5992c7d369e5389

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"6bf7-2OGzPboLhhLQXV8GhLI/FxeI2q4"
vary: Origin
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=300
cf-ray: 8c2157882e124e14-HEL

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/v2/ 2 KB
771 B 253ms
252ms Fetch
application/json 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/v2/vardata?v=0

Requested by

Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.40b815f88.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bbe8f034cf83f8e2b54538d197f9a6b4e03e91c080413ff309da07efd8277a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wbre.com/
Authorization: Api-Key client-Ss5BFx7UDrTj948TJHfc5ZUoTW67EjvZ
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS4xMC4wIiwibGFuZ3VhZ2UiOiJlbi1VUyIsInBsYXRmb3JtIjoiV2ViIiwib3MiOiJDaHJvbWUgMTI4IiwiZGV2aWNlX21vZGVsIjoiTGludXgiLCJkZXZpY2VfaWQiOiI3OWFjNDY5Ni00ZTBhLTQ2ZjEtYWE2YS0zYjRkNTMyZjUwMWUiLCJ1c2VyX3Byb3BlcnRpZXMiOnsiZGV2aWNlX3R5cGUiOiJkZXNrdG9wIiwicGxhdGZvcm0iOiJ3ZWIiLCJvcyI6Im90aGVyIiwicGxhdGZvcm1fbGFuZ3VhZ2UiOiJlbiIsImRvbWFpbiI6IjF3YnJlLmNvbSIsInRpbWVfem9uZSI6IkV1cm9wZS9IZWxzaW5raSIsInJlZmVycmluZ19kb21haW4iOiIifX0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
cache-tag: client-Ss5BFx7UDrTj948TJHfc5ZUoTW67EjvZ
content-length: 558
x-served-by: cache-hel1410034-HEL
x-timer: S1726159254.915745,VS0,VE216
x-amzn-trace-id: Root=1-66e31996-32bb2d9d312cd25217059c44
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://1wbre.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 favicon-32x32.png
1wbre.com/img/icons/ 536 B
628 B 101ms
101ms Other
image/png 186.2.162.102
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1wbre.com/img/icons/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

186.2.162.102 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

82dcbd3db370fd49d3a130886970cfd48796750ab3767c8b6985a2bf825b250b

Security Headers

Name

Value

X-Frame-Options

ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 14:41:58 GMT
last-modified: Wed, 11 Sep 2024 13:44:00 GMT
server: ddos-guard
age: 93535
etag: "66e19ea0-218"
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
content-type: image/png
ddg-cache-status: HIT
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 536
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 firebase-app.js Show response
1wbre.com/firebase/8.1.1/ 19 KB
0 108ms
108ms Script
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://1wbre.com/firebase/8.1.1/firebase-app.js

Requested by

Host: 1wbre.com
URL: https://1wbre.com/

Protocol

Server

-, , ASN (),

Reverse DNS

Software

ddos-guard /

Resource Hash

01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce

Security Headers

Name

Value

X-Frame-Options

ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 17:52:16 GMT
content-encoding: br
last-modified: Tue, 10 Sep 2024 14:27:03 GMT
server: ddos-guard
age: 168517
etag: W/"66e05737-4ded"
vary: Accept-Encoding
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
content-type: application/javascript
ddg-cache-status: HIT
cache-control: max-age=315360000
content-length: 6578
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 369 KB
110 KB 225ms
91ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Requested by

Host: 1wbre.com
URL: https://1wbre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3fa886b467480681926f64b9b344e9e58fa4432d5a053098c33d06b5863c2cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112610
x-xss-protection: 0
last-modified: Thu, 12 Sep 2024 16:14:29 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 12 Sep 2024 16:40:54 GMT

GET
H2 200 24179.d55208029.js Show response
v1.bundlecdn.com/js/ 28 KB
7 KB 44ms
44ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/24179.d55208029.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.f4eac73f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 107e4f2aa932ded604151c11aefd3e5471af520c26c503938aa99184b83adba4

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Sep 2024 09:30:01 GMT
server: cloudflare
age: 25526
etag: W/"66e2b499-6e0c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c21578b4e178dc3-HEL
expires: Sun, 10 Sep 2034 16:40:54 GMT

GET
H2 200 55032.211ffa07a.js Show response
v1.bundlecdn.com/js/ 7 KB
3 KB 42ms
42ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/55032.211ffa07a.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.f4eac73f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 3df4b3bf9f6db36c6b9f30b956f88320e05d824152e4c0c5f8cab550e930d5f9

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Sep 2024 08:34:50 GMT
server: cloudflare
age: 632084
etag: W/"66d96d2a-1bd6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c21578b4e198dc3-HEL
expires: Sun, 10 Sep 2034 16:40:54 GMT

GET
H2 200 58183.6a2f83b21.js Show response
v1.bundlecdn.com/js/ 82 KB
24 KB 46ms
45ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/58183.6a2f83b21.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.f4eac73f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 4742a7c7bbc3c690cd8bebf51d127b5ef9197fb49313a15ece626a4972c10aa8

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Aug 2024 12:57:34 GMT
server: cloudflare
age: 1827478
etag: W/"66c735be-148e5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c21578b4e1c8dc3-HEL
expires: Sun, 10 Sep 2034 16:40:54 GMT

GET
H2 200 68618.d62065178.js Show response
v1.bundlecdn.com/js/ 10 KB
4 KB 49ms
49ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/68618.d62065178.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.f4eac73f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 13b15f93eb2d98d4f7e9d58c481b6e04e54a0caed2b0b19a51cfb2a61adc8449

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Aug 2024 09:42:11 GMT
server: cloudflare
age: 1406632
etag: W/"66cd9f73-272d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c21578b5e218dc3-HEL
expires: Sun, 10 Sep 2034 16:40:54 GMT

GET
H2 200 60385.06f32d4d1.js Show response
v1.bundlecdn.com/js/ 9 KB
3 KB 46ms
46ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/60385.06f32d4d1.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.f4eac73f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: a7cc97d5681d6d3e5921465551231c25df6ea5dec92aeb116e7dd146daef4565

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Aug 2024 12:57:34 GMT
server: cloudflare
age: 1827479
etag: W/"66c735be-241d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c21578b5e248dc3-HEL
expires: Sun, 10 Sep 2034 16:40:54 GMT

GET
H2 200 3403.fdf5a2524.js Show response
v1.bundlecdn.com/js/ 10 KB
4 KB 45ms
44ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/3403.fdf5a2524.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.f4eac73f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: b0c06e8d6ffe3aa5720ec0b9802044e4badd2edb2513437e5c5fdaa5b6592689

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 10 Sep 2024 14:27:03 GMT
server: cloudflare
age: 180554
etag: W/"66e05737-29a6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c21578b5e268dc3-HEL
expires: Sun, 10 Sep 2034 16:40:54 GMT

GET
H2 200 41014.76d9b4079.css
v1.bundlecdn.com/css/ 45 KB
10 KB 46ms
44ms Stylesheet
text/css 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/css/41014.76d9b4079.css
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.f4eac73f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a32624aa552d924b6fc5334ffe646524e0bc3e5a510a24712d324d50806baa2

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 10 Sep 2024 14:27:03 GMT
server: cloudflare
age: 180469
etag: W/"66e05737-b4ab"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c21578b5e288dc3-HEL
expires: Sun, 10 Sep 2034 16:40:54 GMT

GET
H2 200 41014.1b30f798e.js Show response
v1.bundlecdn.com/js/ 53 KB
14 KB 48ms
45ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/41014.1b30f798e.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.f4eac73f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 67fcfdb76fab63a1032de55bdf6289e3b6ccf64c3afcacaf89076cf211daf44f

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 10 Sep 2024 14:27:03 GMT
server: cloudflare
age: 180469
etag: W/"66e05737-d4f7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c21578b5e2d8dc3-HEL
expires: Sun, 10 Sep 2034 16:40:54 GMT

GET
H2 200 756.cfe432ea5.js Show response
v1.bundlecdn.com/js/ 9 KB
3 KB 44ms
41ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/756.cfe432ea5.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.f4eac73f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 9123cebe41c1fc2c79b22d627451ea38662dc1933286f0bd7ff7a03721821bf1

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 06 Sep 2024 13:02:44 GMT
server: cloudflare
age: 530996
etag: W/"66dafd74-23e1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c21578b5e2f8dc3-HEL
expires: Sun, 10 Sep 2034 16:40:54 GMT

GET
H2 200 21003.08220e38d.js Show response
v1.bundlecdn.com/js/ 25 KB
7 KB 46ms
43ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/21003.08220e38d.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.f4eac73f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: dfbc03c9abeb9b5a91be7afb101f70b860b65717f399e8b844a4412189450507

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Sep 2024 09:30:01 GMT
server: cloudflare
age: 25526
etag: W/"66e2b499-62ee"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c21578b5e318dc3-HEL
expires: Sun, 10 Sep 2034 16:40:54 GMT

GET
H2 200 18145.14110b342.css
v1.bundlecdn.com/css/ 8 KB
3 KB 73ms
71ms Stylesheet
text/css 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/css/18145.14110b342.css
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.f4eac73f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ed1066c3c6947d7a10e0413d11f5c453bd20068061e25a4a3b9c1f5d78e8a90

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 06 Sep 2024 13:02:44 GMT
server: cloudflare
age: 531001
etag: W/"66dafd74-21e6"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c21578b8e5c8dc3-HEL
expires: Sun, 10 Sep 2034 16:40:54 GMT

GET
H2 200 1279.2ddf52e8a.js Show response
v1.bundlecdn.com/js/ 911 B
721 B 45ms
45ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/1279.2ddf52e8a.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.f4eac73f7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: b563de728f7ad9022ef94968360931749d32898f02f524b66a73c2630126f4a3

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Aug 2024 12:57:33 GMT
server: cloudflare
age: 1827476
etag: W/"66c735bd-38f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8c21578beed38dc3-HEL
expires: Sun, 10 Sep 2034 16:40:54 GMT

GET
H2 200 1win-normal.34748aac6.svg
v1.bundlecdn.com/img/ 5 KB
2 KB 42ms
41ms Image
image/svg+xml 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v1.bundlecdn.com/img/1win-normal.34748aac6.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: a5cb3d03f299b837679eaa793491a03acc5fc1afdbc7f207b7566646f3bd2ecb

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Sep 2024 10:55:42 GMT
server: cloudflare
age: 4553
etag: W/"66e2c8ae-1221"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8c21578bfed78dc3-HEL
expires: Thu, 12 Sep 2024 20:40:54 GMT

GET
H2 200 fi.svg
v1.bundlecdn.com/img/flags/ 207 B
268 B 46ms
46ms Image
image/svg+xml 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v1.bundlecdn.com/img/flags/fi.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 86a11ca8f8761ee42f5ad8f3ec57fed81d52d3b809ce86d9209305dc5c0fb0be

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Sep 2024 10:55:43 GMT
server: cloudflare
age: 1216
etag: W/"66e2c8af-cf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8c21578bfed98dc3-HEL
expires: Thu, 12 Sep 2024 20:40:54 GMT

GET
H2 200 title Show response
1wbre.com/common/ 29 B
0 123ms
123ms XHR
application/json

General

Check archive.org

Show headers Download Go to

Full URL

https://1wbre.com/common/title?path=bets&lang=en

Requested by

Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.40b815f88.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

ddos-guard /

Resource Hash

c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a

Security Headers

Name

Value

X-Frame-Options

ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: gzip
server: ddos-guard
etag: W/"25-bM/5z02X/xOkKbh8eZCiJpcKcd0"
vary: Origin, Accept-Encoding
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=300

GET
H2 200 bear.7b736fe37-290.webp
v1.bundlecdn.com/img/ 15 KB
15 KB 47ms
45ms Image
image/webp 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v1.bundlecdn.com/img/bear.7b736fe37-290.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 66c4135905d8889570877f8bf74d092dbcda1ec84d16791a9eab736415fd396c

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
cf-cache-status: HIT
last-modified: Thu, 12 Sep 2024 10:55:42 GMT
server: cloudflare
age: 299
etag: "66e2c8ae-3adc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8c21578c0eea8dc3-HEL
content-length: 15068
expires: Thu, 12 Sep 2024 20:40:54 GMT

GET
H2 200 firebase-messaging.js Show response
1wbre.com/firebase/8.1.1/ 40 KB
0 2ms
2ms Script
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://1wbre.com/firebase/8.1.1/firebase-messaging.js

Requested by

Host: 1wbre.com
URL: https://1wbre.com/

Protocol

Server

-, , ASN (),

Reverse DNS

Software

ddos-guard /

Resource Hash

58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f

Security Headers

Name

Value

X-Frame-Options

ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 10 Sep 2024 17:52:16 GMT
content-encoding: br
last-modified: Tue, 10 Sep 2024 14:27:03 GMT
server: ddos-guard
age: 168517
etag: W/"66e05737-9f25"
vary: Accept-Encoding
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
content-type: application/javascript
ddg-cache-status: HIT
cache-control: max-age=315360000
content-length: 10915
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
967 B 201ms
73ms Script
text/javascript 172.217.23.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.f4eac73f7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f100.1e100.net

Software

ESF /

Resource Hash

af0a1041be52852f255661c3fd8566b9fe9c99d0391f11fb0a03eaa3bf1a5543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
expires: Thu, 12 Sep 2024 16:40:54 GMT

GET
H2 200 recaptcha__fi.js Show response
www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/ 540 KB
214 KB 202ms
63ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__fi.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e021ef9edf3b2db8151fa1fccc8f46fa13aecc81a8bcfffdde84606b0232811d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wbre.com/
Origin: https://1wbre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 19:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 218670
x-xss-protection: 0
last-modified: Tue, 03 Sep 2024 02:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Sep 2025 19:09:21 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 268 KB
93 KB 75ms
74ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-548949LWLW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f7b5293f835c63101dc3ef89944249cb1ed03683d606cc367ef96266daf58fdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94996
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 12 Sep 2024 16:40:54 GMT

POST
H3 200 collect
www.google.com/ccm/ 0
0 72ms
71ms Ping
text/html 172.217.23.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2F1wbre.com%2F&frm=0&rnd=1220674201.1726159255&auid=968414781.1726159255&npa=0&gtm=45He4990v894400803za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&tft=1726159254697&tfd=2143&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f100.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
93 KB 93ms
92ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9dd5b5a07081ac6982dd9d84e1b0fe1d2573c5af897f6c8c4039289182b594b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95036
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 12 Sep 2024 16:40:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
92 KB 154ms
154ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-16482547739&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a91ea4d68f67eb05a05e88ec360da6dc5dc01a25a0653e6a3609d353792c7f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94564
x-xss-protection: 0
last-modified: Thu, 12 Sep 2024 16:14:29 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 12 Sep 2024 16:40:54 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 215 KB
77 KB 147ms
147ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c8882ff02608304ddcb41b2081d5d62cb17a54f246ed8e45b6ff2936091381a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78973
x-xss-protection: 0
last-modified: Thu, 12 Sep 2024 16:14:29 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 12 Sep 2024 16:40:54 GMT

GET
H2

200

activityi;dc_pre=CKDO3KnsvYgDFeSIgwcdz8IJPQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
12572451.fls.doubleclick.net/ Frame 282B
Redirect Chain

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://12572451.fls.doubleclick.net/activityi;dc_pre=CKDO3KnsvYgDFeSIgwcdz8IJPQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

0
0

80ms
79ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12572451.fls.doubleclick.net/activityi;dc_pre=CKDO3KnsvYgDFeSIgwcdz8IJPQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7594728006837.361?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wbre.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 1041
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Sep 2024 16:40:55 GMT
expires: Thu, 12 Sep 2024 16:40:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Sep 2024 16:40:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12572451.fls.doubleclick.net/activityi;dc_pre=CKDO3KnsvYgDFeSIgwcdz8IJPQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7594728006837.361?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hotjar-2606090.js Show response
static.hotjar.com/c/ 12 KB
5 KB 224ms
69ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Requested by

Host: 1wbre.com
URL: https://1wbre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

dc321abe6e401ff4da32df89e44f7f276605787134dbf37ee5b3cc6083a7f109

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 12 Sep 2024 16:40:53 GMT
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/c9fcd92900eac806dae65dc6e66b0891
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: bz-cobh3JW98YJ2k1Wau8lTGma_O8JUGnrRKUOld7LMhPVpP4tBOYw==

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 237ms
115ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: 1wbre.com
URL: https://1wbre.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

67ab4d98aed56f1b5b2453b5ff76e7b29ee1f07a79639d79e76698cdf0f3d8b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 16:40:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 10 Sep 2024 15:12:57 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66e061f9-11574"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71028
expires: Thu, 12 Sep 2024 17:40:54 GMT

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 636ms
191ms Preflight 34.213.139.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.213.139.248 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-213-139-248.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://1wbre.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Thu, 12 Sep 2024 16:40:55 GMT
strict-transport-security: max-age=15768000

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
218 B 211ms
209ms Fetch
application/json 34.213.139.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.40b815f88.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.213.139.248 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-213-139-248.us-west-2.compute.amazonaws.com

Software

Resource Hash

bdb4a96ac25bbbd5362e9300acd4092bf2586b524d3e4382022b1c5a70196c4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 12 Sep 2024 16:40:55 GMT
strict-transport-security: max-age=15768000
content-length: 94
content-type: application/json

POST
H2 204 collect
analytics.google.com/g/ 0
0 244ms
75ms Fetch
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-548949LWLW&gtm=45je4990v894728184z8894400803za200zb894400803&_p=1726159254265&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=2073301836.1726159255&ul=fi-fi&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1726159254&sct=1&seg=0&dl=https%3A%2F%2F1wbre.com%2F&dt=1win&en=socket_connection_attempt&_fv=1&_nsi=1&_ss=1&tfd=2303
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-548949LWLW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Sep 2024 16:40:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1wbre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 232ms
68ms Ping
text/plain 2a00:1450:400c:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-548949LWLW&cid=2073301836.1726159255&gtm=45je4990v894728184z8894400803za200zb894400803&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-548949LWLW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Sep 2024 16:40:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1wbre.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 86D4 0
0 236ms
76ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-548949LWLW&gacid=2073301836.1726159255&gtm=45je4990v894728184z8894400803za200zb894400803&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1696934667

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-548949LWLW&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wbre.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Sep 2024 16:40:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ru/ads/ 42 B
63 B 1062ms
959ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ru/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-548949LWLW&cid=2073301836.1726159255&gtm=45je4990v894728184z8894400803za200zb894400803&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=453522644

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Sep 2024 16:40:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CN-E5qnsvYgDFeSqgwcdxD4gPg;src=12688802;type=actio0;cat=allpa0;ord=1;num=6497112506146;npa=0;auiddc=968414781.1726159255;ps=1;pcor=1192774987;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
12688802.fls.doubleclick.net/ Frame 51D0
Redirect Chain

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=6497112506146;npa=0;auiddc=968414781.1726159255;ps=1;pcor=1192774987;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;u...
https://12688802.fls.doubleclick.net/activityi;dc_pre=CN-E5qnsvYgDFeSqgwcdxD4gPg;src=12688802;type=actio0;cat=allpa0;ord=1;num=6497112506146;npa=0;auiddc=968414781.1726159255;ps=1;pcor=1192774987;u...

0
0

76ms
76ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12688802.fls.doubleclick.net/activityi;dc_pre=CN-E5qnsvYgDFeSqgwcdxD4gPg;src=12688802;type=actio0;cat=allpa0;ord=1;num=6497112506146;npa=0;auiddc=968414781.1726159255;ps=1;pcor=1192774987;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4990v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wbre.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wbre.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 338
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Sep 2024 16:40:55 GMT
expires: Thu, 12 Sep 2024 16:40:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Sep 2024 16:40:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12688802.fls.doubleclick.net/activityi;dc_pre=CN-E5qnsvYgDFeSqgwcdxD4gPg;src=12688802;type=actio0;cat=allpa0;ord=1;num=6497112506146;npa=0;auiddc=968414781.1726159255;ps=1;pcor=1192774987;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4990v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wbre.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi;fledge=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=6497112506146;npa=0;auiddc=968414781.1726159255;ps=1;pcor=1192774987;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0...
td.doubleclick.net/td/fls/rul/ Frame A75F 0
0 124ms
77ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=6497112506146;npa=0;auiddc=968414781.1726159255;ps=1;pcor=1192774987;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4990v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wbre.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wbre.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Sep 2024 16:40:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=6497112506146;npa=0;auiddc=968414781.1726159255;ps=1;pcor=1192774987;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl...
ad.doubleclick.net/ 0
23 B 189ms
105ms Image
image/png 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=6497112506146;npa=0;auiddc=968414781.1726159255;ps=1;pcor=1192774987;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4990v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wbre.com%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Sep 2024 16:40:55 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"12757535757657410667"}],"aggregatable_trigger_data":[{"filters":[{"14":["13647302"]}],"key_piece":"0x1d0754e0d1dc50a9","source_keys":["12","13","14","15","16","17","18","19","20","21","20557008","20557009","20557010","20557011","638603056","638603057","638603058","638603059"]},{"key_piece":"0x37d040cd11b7c1d0","not_filters":{"14":["13647302"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","20557008","20557009","20557010","20557011","638603056","638603057","638603058","638603059"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"20557008":36,"20557009":36,"20557010":36,"20557011":3530,"21":6356,"638603056":32,"638603057":32,"638603058":32,"638603059":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"16942222078886924538","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"12757535757657410667","filters":[{"14":["13647302"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"12757535757657410667","filters":[{"14":["13647302"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"12757535757657410667","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"12757535757657410667","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12688802"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.6e8cbd39caed17f0d1c0.js Show response
script.hotjar.com/ 223 KB
56 KB 209ms
67ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6e8cbd39caed17f0d1c0.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

448797aade8c774bb0d8bf418eb7469865095c4e9016fc13095204ba2b6dc3e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 11 Sep 2024 14:41:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 93589
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56449
last-modified: Wed, 11 Sep 2024 14:40:34 GMT
etag: "92b2dc3a86a608117dd7c4d6660c942b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: TcWppr9FbflJAciFEK-7_CCaWYNZ-ZzhbaCe8Ig66YH3vYbGpUZCZA==

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/16482547739/ 5 KB
2 KB 215ms
82ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16482547739/?random=1726159255048&cv=11&fst=1726159255048&bg=ffffff&guid=ON&async=1&gtm=45be4990v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2F1wbre.com%2F&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=968414781.1726159255&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16482547739&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

2cf59e78f8148c9c1955165638b6e95109982594f106b0dd4ccaff3270b16db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Sep 2024 16:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2307
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 16482547739
td.doubleclick.net/td/rul/ Frame 6175 0
0 97ms
96ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/16482547739?random=1726159255048&cv=11&fst=1726159255048&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4990v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2F1wbre.com%2F&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=968414781.1726159255&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16482547739&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wbre.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 12 Sep 2024 16:40:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10490.c-J5QcbjVXupd7Ibg16J-LMWye5F1yDDpUDHyuIRHQtCELsAxI50tYK-XQ8uG925.Az9J1GawhQBtZyjT6caBe3y9Ya0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10490.e2szXzHR3JdnEPKVl3Pbecoc6p4iEsRZv-19vWQmgeTyr-T3-AeDg9kz6sNf-Z3zpRW0AyH4W09Vu42jZb-sAegjfrbC6IlE_RcmMg0gO4KmBikcEhVHrXJYlVL9rRLCYNyXVsg4cf...

43 B
674 B

66ms
66ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10490.e2szXzHR3JdnEPKVl3Pbecoc6p4iEsRZv-19vWQmgeTyr-T3-AeDg9kz6sNf-Z3zpRW0AyH4W09Vu42jZb-sAegjfrbC6IlE_RcmMg0gO4KmBikcEhVHrXJYlVL9rRLCYNyXVsg4cfAaEUifDz-pZ_S4O0Gy13pc_uGNVTodeyiyFnqIw0JUDrCxx3co33WilQNYjqkFLCnTxeMKJ0dhlE_oLZweMBDwLDUp9rf-rtQ%2C.RSlMTJgShGLnhJsoOh4ktif4Kio%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Sep 2024 16:40:55 GMT
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10490.e2szXzHR3JdnEPKVl3Pbecoc6p4iEsRZv-19vWQmgeTyr-T3-AeDg9kz6sNf-Z3zpRW0AyH4W09Vu42jZb-sAegjfrbC6IlE_RcmMg0gO4KmBikcEhVHrXJYlVL9rRLCYNyXVsg4cfAaEUifDz-pZ_S4O0Gy13pc_uGNVTodeyiyFnqIw0JUDrCxx3co33WilQNYjqkFLCnTxeMKJ0dhlE_oLZweMBDwLDUp9rf-rtQ%2C.RSlMTJgShGLnhJsoOh4ktif4Kio%2C
date: Thu, 12 Sep 2024 16:40:55 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
593 B 68ms
67ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Sep 2024 16:40:55 GMT
last-modified: Tue, 10 Sep 2024 15:12:57 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66e061f9-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 12 Sep 2024 17:40:55 GMT

GET
H2 204 2606090 Show response
vc.hotjar.io/sessions/ 0
233 B 234ms
91ms XHR
text/plain 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2606090?s=0.25&r=0.011340595028699774
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.6e8cbd39caed17f0d1c0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 12 Sep 2024 16:40:55 GMT
cache-control: no-store
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: D9mXYoJO7kGOHDIFZMcZBUHJpODTBhJe9bOuXz1zM-MeTGy48e0iSA==
x-cache: Miss from cloudfront

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame B7C0 0
0 172ms
65ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://1wbre.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1046
content-type: text/html
date: Thu, 12 Sep 2024 16:40:55 GMT
etag: "66e061f9-416"
expires: Thu, 12 Sep 2024 17:40:55 GMT
last-modified: Tue, 10 Sep 2024 15:12:57 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H3 200 /
www.google.com/pagead/1p-user-list/16482547739/ 42 B
64 B 78ms
74ms Image
image/gif 172.217.23.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16482547739/?random=1726159255048&cv=11&fst=1726156800000&bg=ffffff&guid=ON&async=1&gtm=45be4990v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2F1wbre.com%2F&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=968414781.1726159255&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfriyyAjqH2U0qQ49bKqstUyZNnQ-Fw5byLeL6IZ5myfenSrN_&random=4058193273&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f100.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Sep 2024 16:40:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fi/pagead/1p-user-list/16482547739/ 42 B
455 B 241ms
75ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/pagead/1p-user-list/16482547739/?random=1726159255048&cv=11&fst=1726156800000&bg=ffffff&guid=ON&async=1&gtm=45be4990v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2F1wbre.com%2F&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=968414781.1726159255&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfriyyAjqH2U0qQ49bKqstUyZNnQ-Fw5byLeL6IZ5myfenSrN_&random=4058193273&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Sep 2024 16:40:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/92006234/
Redirect Chain

https://mc.yandex.com/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wbre.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ac4o2nplw0gn9nduetxpw3hlsrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-F...
https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wbre.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ac4o2nplw0gn9nduetxpw3hlsrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi...

583 B
785 B

57ms
57ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wbre.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ac4o2nplw0gn9nduetxpw3hlsrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A1440%3Acn%3A1%3Adp%3A0%3Als%3A1408097301256%3Ahid%3A656613207%3Az%3A180%3Ai%3A20240912194055%3Aet%3A1726159255%3Ac%3A1%3Arn%3A665699561%3Arqn%3A1%3Au%3A1726159255645449615%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A834%3Awv%3A2%3Ads%3A36%2C204%2C205%2C64%2C1%2C0%2C%2C310%2C0%2C1234%2C1234%2C0%2C1022%3Aco%3A0%3Acpf%3A1%3Ans%3A1726159252554%3Agi%3AR0ExLjEuMjA3MzMwMTgzNi4xNzI2MTU5MjU1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1726159255%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

092961973008f2364177751283ebd1d1c1ec5df38b08c8542ec3744ab7cd4f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1wbre.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 12 Sep 2024 16:40:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 12-Sep-2024 16:40:55 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wbre.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 583
x-xss-protection: 1; mode=block
expires: Thu, 12-Sep-2024 16:40:55 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Sep 2024 16:40:55 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 12-Sep-2024 16:40:55 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wbre.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ac4o2nplw0gn9nduetxpw3hlsrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A1440%3Acn%3A1%3Adp%3A0%3Als%3A1408097301256%3Ahid%3A656613207%3Az%3A180%3Ai%3A20240912194055%3Aet%3A1726159255%3Ac%3A1%3Arn%3A665699561%3Arqn%3A1%3Au%3A1726159255645449615%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A834%3Awv%3A2%3Ads%3A36%2C204%2C205%2C64%2C1%2C0%2C%2C310%2C0%2C1234%2C1234%2C0%2C1022%3Aco%3A0%3Acpf%3A1%3Ans%3A1726159252554%3Agi%3AR0ExLjEuMjA3MzMwMTgzNi4xNzI2MTU5MjU1%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1726159255%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29
access-control-allow-origin: https://1wbre.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 12-Sep-2024 16:40:55 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.1wbre.com/	1970-01-21 08:14:55	Name: __ddg1_ Value: byCFmkbZt3ShhOYKbj8a
1wbre.com/	1970-01-21 00:13:57	Name: visit_domain Value: 1wbre.com
1wbre.com/	1970-01-21 08:14:55	Name: 1w_lang Value: en
1wbre.com/	1969-12-31 23:59:59	Name: 1w_locale Value: 14
.1wbre.com/	1970-01-21 01:38:55	Name: _gcl_au Value: 1.1.968414781.1726159255
.1wbre.com/	1970-01-21 08:14:55	Name: AMP_494cccfe21 Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjI3OWFjNDY5Ni00ZTBhLTQ2ZjEtYWE2YS0zYjRkNTMyZjUwMWUlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzI2MTU5MjUzNzczJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcyNjE1OTI1NDczMiUyQyUyMmxhc3RFdmVudElkJTIyJTNBNiUyQyUyMnBhZ2VDb3VudGVyJTIyJTNBMCU3RA==
.1wbre.com/	1970-01-21 09:05:19	Name: _ga Value: GA1.1.2073301836.1726159255
.1wbre.com/	1970-01-21 09:05:19	Name: _ga_548949LWLW Value: GS1.1.1726159254.1.1.1726159254.60.0.0
.yandex.ru/	1970-01-21 09:05:19	Name: i Value: PO253aKWQbN6qkpq7Qq0CeA0+RYE1pMz3wyQvnHfBCsESwc71kgeKZvv/8S8Dqb69b5Wsch3LQUrqo4GqjJ1Tnbi/h4=
.yandex.ru/	1970-01-21 09:05:19	Name: yandexuid Value: 9003382811726159254
.yandex.ru/	1970-01-21 08:14:55	Name: yashr Value: 8768829091726159254
.doubleclick.net/	1970-01-21 03:48:31	Name: receive-cookie-deprecation Value: 1
.1wbre.com/	1970-01-21 08:14:55	Name: _ym_uid Value: 1726159255645449615
.1wbre.com/	1970-01-21 08:14:55	Name: _ym_d Value: 1726159255
.doubleclick.net/	1970-01-21 00:12:31	Name: ar_debug Value: 1
.mc.yandex.com/	1970-01-20 23:29:19	Name: sync_cookie_csrf Value: 3159700446fake
.yandex.com/	1970-01-21 08:14:55	Name: yashr Value: 7361329971726159255
.1wbre.com/	1970-01-20 23:30:31	Name: _ym_isad Value: 2
.doubleclick.net/	1970-01-21 08:50:55	Name: IDE Value: AHWqTUk4N_iJpdVPrtyZXE_SByDyJP7xHGBLYe9Jn6hGZP--mY4DIkoy4vFiSUZf
.mc.yandex.ru/	1970-01-20 23:29:19	Name: sync_cookie_csrf Value: 588728705fake
.1wbre.com/	1970-01-21 08:14:55	Name: _hjSessionUser_2606090 Value: eyJpZCI6ImNkMjhmN2ViLTRlNDktNTBmZC1hOTA5LTZlNWY3ODhjYmJlOCIsImNyZWF0ZWQiOjE3MjYxNTkyNTUzNDAsImV4aXN0aW5nIjpmYWxzZX0=
.1wbre.com/	1970-01-20 23:29:21	Name: _hjSession_2606090 Value: eyJpZCI6ImE4ZjQ4Y2QwLTZhYjQtNGU5NC1hM2EyLWFlODEyYTgyNWY4OCIsImMiOjE3MjYxNTkyNTUzNDIsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
1wbre.com/	1969-12-31 23:59:59	Name: _hjHasCachedUserAttributes Value: true
.yandex.com/	1970-01-21 08:14:55	Name: yandexuid Value: 9003382811726159254
.yandex.com/	1970-01-21 08:14:55	Name: yuidss Value: 9003382811726159254
.yandex.com/	1970-01-21 09:05:19	Name: i Value: PO253aKWQbN6qkpq7Qq0CeA0+RYE1pMz3wyQvnHfBCsESwc71kgeKZvv/8S8Dqb69b5Wsch3LQUrqo4GqjJ1Tnbi/h4=
.yandex.com/	1970-01-21 09:05:19	Name: yp Value: 1726245655.yu.8688664581726159255
.mc.yandex.com/	1970-01-20 23:30:45	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2039738131726159255
.yandex.com/	1970-01-21 08:14:55	Name: ymex Value: 1728751255.oyu.8688664581726159255#1757695255.yrts.1726159255
.yandex.com/	1970-01-21 08:14:55	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 09:05:19	Name: bh Value: KgI/MGCXs4y3Bg==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header

Value

X-Frame-Options

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
1wbre.com
ad.doubleclick.net
analytics.google.com
api.lab.amplitude.com
api2.amplitude.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
td.doubleclick.net
v1.bundlecdn.com
vc.hotjar.io
www.google.com
www.google.fi
www.google.ru
www.googletagmanager.com
www.gstatic.com
13.32.27.107
142.250.186.34
142.250.186.70
151.101.194.132
154.197.121.128
172.217.18.3
172.217.18.6
172.217.23.100
18.66.102.53
18.66.112.15
186.2.162.102
2a00:1450:4001:801::2003
2a00:1450:4001:808::2008
2a00:1450:4001:810::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c1d::9a
2a02:6b8::1:119
34.213.139.248
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
05e4ad16d71817cf8601ebe24c73c3a5ede251fb9d76f15f97e18ca0407976ea
06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6
092961973008f2364177751283ebd1d1c1ec5df38b08c8542ec3744ab7cd4f25
0a32624aa552d924b6fc5334ffe646524e0bc3e5a510a24712d324d50806baa2
0c8882ff02608304ddcb41b2081d5d62cb17a54f246ed8e45b6ff2936091381a
0f6e3e5c53c730a88de6f874ab17cb1283f0ed8580bb22b57578f4f0d601f700
0f87ad06cc9ed9ee43362260fb7b3de880f89a89a88dd0fe3b69e6aca09a710d
107e4f2aa932ded604151c11aefd3e5471af520c26c503938aa99184b83adba4
13b15f93eb2d98d4f7e9d58c481b6e04e54a0caed2b0b19a51cfb2a61adc8449
2cf59e78f8148c9c1955165638b6e95109982594f106b0dd4ccaff3270b16db0
394daf2ca11c67f7a6188bc8e31f5dd7e2985db4de06dbc67ab4db2c0886cb7c
3df4b3bf9f6db36c6b9f30b956f88320e05d824152e4c0c5f8cab550e930d5f9
3fa886b467480681926f64b9b344e9e58fa4432d5a053098c33d06b5863c2cde
448797aade8c774bb0d8bf418eb7469865095c4e9016fc13095204ba2b6dc3e3
4742a7c7bbc3c690cd8bebf51d127b5ef9197fb49313a15ece626a4972c10aa8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55f211fb2164530f93b74b1bc07e624036f0d002aad5a461c5992c7d369e5389
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
66c4135905d8889570877f8bf74d092dbcda1ec84d16791a9eab736415fd396c
67ab4d98aed56f1b5b2453b5ff76e7b29ee1f07a79639d79e76698cdf0f3d8b0
67fcfdb76fab63a1032de55bdf6289e3b6ccf64c3afcacaf89076cf211daf44f
6ed1066c3c6947d7a10e0413d11f5c453bd20068061e25a4a3b9c1f5d78e8a90
82dcbd3db370fd49d3a130886970cfd48796750ab3767c8b6985a2bf825b250b
86a11ca8f8761ee42f5ad8f3ec57fed81d52d3b809ce86d9209305dc5c0fb0be
884b0636bfcba946d4894118ab54dc5e2a6392806ca443310505a190ad7b5b58
9123cebe41c1fc2c79b22d627451ea38662dc1933286f0bd7ff7a03721821bf1
92ea9bd64fc986968b38a1003174a422f7ea9ff287f3e60257c88edd3577882b
9be12e59a210d45411e025096615d4308c44a0cffeb791dd452e443c675e8481
9c3b25f260defd6991608963a30a67cad0981ecce13e5975b1a6304887514d7f
9dd5b5a07081ac6982dd9d84e1b0fe1d2573c5af897f6c8c4039289182b594b7
a5cb3d03f299b837679eaa793491a03acc5fc1afdbc7f207b7566646f3bd2ecb
a7cc97d5681d6d3e5921465551231c25df6ea5dec92aeb116e7dd146daef4565
a91ea4d68f67eb05a05e88ec360da6dc5dc01a25a0653e6a3609d353792c7f62
af0a1041be52852f255661c3fd8566b9fe9c99d0391f11fb0a03eaa3bf1a5543
b0c06e8d6ffe3aa5720ec0b9802044e4badd2edb2513437e5c5fdaa5b6592689
b563de728f7ad9022ef94968360931749d32898f02f524b66a73c2630126f4a3
bbe8f034cf83f8e2b54538d197f9a6b4e03e91c080413ff309da07efd8277a41
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bdb4a96ac25bbbd5362e9300acd4092bf2586b524d3e4382022b1c5a70196c4a
bf7f6339a1fab6dddab6749b03f7096a44b33109e3e52757b112e75cb1577f0d
c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a
ce68e1614ab493deaecfa6eb9711736de0348248e1d559b5f6dfb5dc4c29b459
cfb10d4592ef6175cba4a53f1718a771f4ab766deae5bce165308d7031ebc05b
dc321abe6e401ff4da32df89e44f7f276605787134dbf37ee5b3cc6083a7f109
df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68
dfbc03c9abeb9b5a91be7afb101f70b860b65717f399e8b844a4412189450507
e021ef9edf3b2db8151fa1fccc8f46fa13aecc81a8bcfffdde84606b0232811d
e37d5e0b111cffcf22eea39ed78b82bfc4467c0458c7b1665bd0214868df6a8b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e827d116b753e5f146db5b68f7370812413450caf10adb21d25da2a95f66a127
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f007c721f3891c6fbc6555f58faf308a9187968bfca7439dd601ae93b621649b
f7b5293f835c63101dc3ef89944249cb1ed03683d606cc367ef96266daf58fdb
fe4c230084774ecbf2fb3ae9b70a6ada0a54dfeba6e4ade346f6dce68ddb2f0a

1wbre.com Open in urlscan Pro 186.2.162.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

70 Requests

93 %HTTPS

37 %IPv6

13 Domains

21 Subdomains

20 IPs

6 Countries

1751 kBTransfer

5257 kBSize

32 Cookies

0 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

1wbre.com Open in urlscan Pro
186.2.162.102 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

93 %
HTTPS

37 %
IPv6

13
Domains

21
Subdomains

20
IPs

6
Countries

1751 kB
Transfer

5257 kB
Size

32
Cookies

70 HTTP transactions
1 data transactions