urlscan.io logo urlscan.io
SecurityTrails logo

playerwish.com Open in urlscan Pro
104.21.96.1  Public Scan

Go To Rescan Add Verdict Report
URL: https://playerwish.com/f/5hxi3otzlc19
Submission Tags: falconsandbox
Submission: On December 28 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 17 domains to perform 39 HTTP transactions. The main IP is 104.21.96.1, located in and belongs to CLOUDFLARENET, US. The main domain is playerwish.com. The Cisco Umbrella rank of the primary domain is 620614.
TLS certificate: Issued by WE1 on October 31st 2024. Valid for: 3 months.
This is the only time playerwish.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 104.21.96.1 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 173.237.68.188 7979 (SERVERS-COM)
1 2a04:4e42:200... 54113 (FASTLY)
3 8 2a02:6b8::1:119 13238 (YANDEX YA...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 172.67.195.43 13335 (CLOUDFLAR...)
1 173.0.146.25 7979 (SERVERS-COM)
3 139.45.197.107 9002 (RETN-AS R...)
6 139.45.197.118 9002 (RETN-AS R...)
2 139.45.197.106 9002 (RETN-AS R...)
1 172.67.169.157 13335 (CLOUDFLAR...)
1 104.21.17.211 13335 (CLOUDFLAR...)
1 172.67.193.52 13335 (CLOUDFLAR...)
2 139.45.195.252 9002 (RETN-AS R...)
3 172.67.134.7 13335 (CLOUDFLAR...)
39 17
8    104.21.96.1 (None, )

ASN13335 (CLOUDFLARENET, US)
playerwish.com
1    2607:f8b0:4006:817::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    173.237.68.188 (United States)

ASN7979 (SERVERS-COM, US)
ib.spninxcuppas.com
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
8    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
mc.yandex.ru
mc.yandex.com
2    2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.67.195.43 (United States)

ASN13335 (CLOUDFLARENET, US)
jouwaikekaivep.net
1    173.0.146.25 (United States)

ASN7979 (SERVERS-COM, US)
jg.curiescores.com
3    139.45.197.107 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)
naupsakiwhy.com
6    139.45.197.118 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)
psoroumukr.com
2    139.45.197.106 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)
aiveemtomsaix.net
1    172.67.169.157 (United States)

ASN13335 (CLOUDFLARENET, US)
my.rtmark.net
1    104.21.17.211 (None, )

ASN13335 (CLOUDFLARENET, US)
bytogeticr.com
1    172.67.193.52 (United States)

ASN13335 (CLOUDFLARENET, US)
tzegilo.com
2    139.45.195.252 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)
fleraprt.com
3    172.67.134.7 (United States)

ASN13335 (CLOUDFLARENET, US)
onmanectrictor.com
Apex Domain
Subdomains		 Transfer
8 playerwish.com
playerwish.com — Cisco Umbrella Rank: 620614
198 KB
6 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9443
4 KB
6 psoroumukr.com
psoroumukr.com — Cisco Umbrella Rank: 154386
42 KB
3 onmanectrictor.com
onmanectrictor.com — Cisco Umbrella Rank: 30722
25 KB
3 naupsakiwhy.com
naupsakiwhy.com — Cisco Umbrella Rank: 199794
42 KB
2 fleraprt.com
fleraprt.com — Cisco Umbrella Rank: 19931
906 B
2 aiveemtomsaix.net
aiveemtomsaix.net — Cisco Umbrella Rank: 69060
5 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4577
76 KB
1 tzegilo.com
tzegilo.com — Cisco Umbrella Rank: 21154
9 KB
1 bytogeticr.com
bytogeticr.com — Cisco Umbrella Rank: 28203
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10565
965 B
1 curiescores.com
jg.curiescores.com
1 KB
1 jouwaikekaivep.net
jouwaikekaivep.net — Cisco Umbrella Rank: 83557
30 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
25 KB
1 spninxcuppas.com
ib.spninxcuppas.com — Cisco Umbrella Rank: 443840
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
108 KB
39 17
Domain Requested by
8 playerwish.com playerwish.com
6 mc.yandex.com 2 redirects playerwish.com
mc.yandex.ru
6 psoroumukr.com playerwish.com
psoroumukr.com
3 onmanectrictor.com psoroumukr.com
3 naupsakiwhy.com playerwish.com
naupsakiwhy.com
2 fleraprt.com tzegilo.com
2 aiveemtomsaix.net jouwaikekaivep.net
2 www.google-analytics.com www.googletagmanager.com
2 mc.yandex.ru 1 redirects playerwish.com
1 tzegilo.com naupsakiwhy.com
1 bytogeticr.com psoroumukr.com
1 my.rtmark.net jouwaikekaivep.net
1 jg.curiescores.com playerwish.com
1 jouwaikekaivep.net playerwish.com
1 cdn.jsdelivr.net playerwish.com
1 ib.spninxcuppas.com playerwish.com
1 www.googletagmanager.com playerwish.com
39 17

This site contains no links.

Subject Issuer Validity Valid
playerwish.com
WE1		 2024-10-31 -
2025-01-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
ib.spninxcuppas.com
R10		 2024-12-15 -
2025-03-15		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-10-20 -
2025-04-01		 5 months crt.sh
jouwaikekaivep.net
WE1		 2024-10-30 -
2025-01-28		 3 months crt.sh
jg.curiescores.com
R11		 2024-12-01 -
2025-03-01		 3 months crt.sh
naupsakiwhy.com
R10		 2024-10-29 -
2025-01-27		 3 months crt.sh
psoroumukr.com
R10		 2024-12-28 -
2025-03-28		 3 months crt.sh
aiveemtomsaix.net
R11		 2024-11-14 -
2025-02-12		 3 months crt.sh
my.rtmark.net
WE1		 2024-11-06 -
2025-02-04		 3 months crt.sh
bytogeticr.com
WE1		 2024-11-29 -
2025-02-27		 3 months crt.sh
tzegilo.com
WE1		 2024-11-21 -
2025-02-19		 3 months crt.sh
fleraprt.com
Sectigo RSA Domain Validation Secure Server CA		 2024-12-11 -
2026-01-11		 a year crt.sh
onmanectrictor.com
WE1		 2024-11-21 -
2025-02-19		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://playerwish.com/f/5hxi3otzlc19
Frame ID: B96243B5A50738D3790B0E5CFCF5435E
Requests: 35 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 249906A948D7CF7E4F7EE1FD1FD2DF08
Requests: 1 HTTP requests in this frame

Frame: https://onmanectrictor.com/www/images/0f829e0510ada3123df6c2b37e4c0acb.png
Frame ID: 4BBB2AE3DD3F6FB321A442CB756A080D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

04be793511d686c4d99bde7a4bb0c6cc

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

39
Requests

95 %
HTTPS

25 %
IPv6

17
Domains

17
Subdomains

17
IPs

4
Countries

573 kB
Transfer

1472 kB
Size

32
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10608.uP5G1Wy3LLY-KZu_gVcTt56XaXO9T0Tx-i2E9khUbI8o16fTgXqI1lD-1klVP_CW.5HOR3Q8S0c93Uxhdu5lMKdo05Uk%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10608.zPTjT0nQ-G5O22ZUjDcx8PYKR-laD4yI48dEGedTrL1uRiQFJc_QDscB9Re6H0Y42bNUS_fdAnaOSyivYxVB8mO7OFT1T-_vHcknZgx8ZpssDrRLA0tkEDA7j7dTJCSxl7UTPMgBfcecbIacxy5JCohtwJihRGIHj5wCiWOLAOvPb8l4VQXi9zDWqQa2AxfQvHnKdSzqKJuE4MVzNwndIOGsJ7bw5mZp9i_FuwM-XEU%2C.QG7zilCfocMC5LqB2TEQUUQbTAg%2C
Request Chain 30
  • https://mc.yandex.com/watch/93396623?wmode=7&page-url=https%3A%2F%2Fplayerwish.com%2Ff%2F5hxi3otzlc19&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1726472008771%3Ahid%3A569540717%3Az%3A-600%3Ai%3A20241228061342%3Aet%3A1735402423%3Ac%3A1%3Arn%3A31071039%3Arqn%3A1%3Au%3A1735402423171968418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1217%3Awv%3A2%3Ads%3A14%2C35%2C980%2C2%2C1%2C0%2C%2C720%2C1%2C%2C%2C%2C1752%3Aco%3A0%3Acpf%3A1%3Ans%3A1735402420711%3Agi%3AR0ExLjEuNjY5ODM4NzAwLjE3MzU0MDI0MjI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735402424%3At%3A04be793511d686c4d99bde7a4bb0c6cc&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009088)ti(1) HTTP 302
  • https://mc.yandex.com/watch/93396623/1?wmode=7&page-url=https%3A%2F%2Fplayerwish.com%2Ff%2F5hxi3otzlc19&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1726472008771%3Ahid%3A569540717%3Az%3A-600%3Ai%3A20241228061342%3Aet%3A1735402423%3Ac%3A1%3Arn%3A31071039%3Arqn%3A1%3Au%3A1735402423171968418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1217%3Awv%3A2%3Ads%3A14%2C35%2C980%2C2%2C1%2C0%2C%2C720%2C1%2C%2C%2C%2C1752%3Aco%3A0%3Acpf%3A1%3Ans%3A1735402420711%3Agi%3AR0ExLjEuNjY5ODM4NzAwLjE3MzU0MDI0MjI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735402424%3At%3A04be793511d686c4d99bde7a4bb0c6cc&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 5hxi3otzlc19
playerwish.com/f/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://playerwish.com/f/5hxi3otzlc19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8104a84948e338ff9a0350ffaf14c96350af165af2ed4d78e1f557496c0826ca
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f92d6c9d94a31fb-MIA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sat, 28 Dec 2024 16:13:41 GMT
expires
Fri, 27 Dec 2024 16:13:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ki0Z6EMALCT59pttQ4tPzLlpGVfDJvaSW6URtEc55n6%2FzcJTpRD5ERydNqqfTStmIy5MgJpkPTQCmaInn9FS6UW84RI79bxEbh9an1%2FGSD2E7FgHhkK9yMhhXyS5RKGDVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
style.css
playerwish.com/HG1/css/ 		300 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://playerwish.com/HG1/css/style.css
Requested by
Host: playerwish.com
URL: https://playerwish.com/f/5hxi3otzlc19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba94d1e713cc58c3523c9fc373b079479e7a7c675d69864928a8c1ca5513666d
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/f/5hxi3otzlc19

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"4b05c-5fdba1984cd4a"
age
6535
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0uwwMsNf4n1hSKGhsreus6LxqQ9XkRZfLIfdeTf%2FKQprwvM%2B%2BD6Ef6NnzQZ5c3F2XAsI349Fs9ZVoqiKb8GlSZnySPw4LhSUmztKOznFlO%2FZwRhI9wM8HKaM4pT%2FvR7Ygg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Dec 2024 16:13:41 GMT
content-type
text/css
last-modified
Fri, 09 Jun 2023 22:43:37 GMT
vary
Accept-Encoding
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8f92d6d0095c31fb-MIA
x-xss-protection
1; mode=block
server
cloudflare
jquery-3.2.1.min.js
playerwish.com/HG1/js/ 		85 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playerwish.com/HG1/js/jquery-3.2.1.min.js
Requested by
Host: playerwish.com
URL: https://playerwish.com/f/5hxi3otzlc19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/f/5hxi3otzlc19

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"15283-5fd365d994940"
age
2742
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kV%2BbGqTMmbihCc8Cauifm8Y%2Bs1LbAsWBiilgDVihLm4NHTBQlruZ2DhbU1BRiKG5O4zNorS79dpq8l0qoxO1yHH8N8HrkJCqXPIBZAkSrEK9ybUdZ0R0JUjgygZX9R9Y2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Dec 2024 16:13:41 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 03 Jun 2023 09:33:43 GMT
vary
Accept-Encoding
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8f92d6d0095e31fb-MIA
x-xss-protection
1; mode=block
server
cloudflare
js
www.googletagmanager.com/gtag/ 		323 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2TL7NH453R
Requested by
Host: playerwish.com
URL: https://playerwish.com/f/5hxi3otzlc19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
625c4a568de87d58b333aa7cf539c56ee94688cb690e7958508c331405391de3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 28 Dec 2024 16:13:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Dec 2024 16:13:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109848
x-xss-protection
0
server
Google Tag Manager
logo.svg
playerwish.com/HG1/images/ 		14 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://playerwish.com/HG1/images/logo.svg
Requested by
Host: playerwish.com
URL: https://playerwish.com/f/5hxi3otzlc19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c0d5b9417d7ab991e9d848f8b6dac094062f6a0e34fd14daf352da9a50793cf
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/f/5hxi3otzlc19

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"360d-5fd365d8a12b9"
age
6535
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ZIFAS1evBb6MssbXKSLXDhZwgrHBfVCuHtepfvchon7HN5QK2SCVn33NLTc6Oo3n%2BhmlpISqFL8k9qciJqk6JkrYgrrRWFnQeaqCLQmahSCiOYLtlj23O%2FoiIp7gEFdJw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Dec 2024 16:13:41 GMT
content-type
image/svg+xml
last-modified
Sat, 03 Jun 2023 09:33:42 GMT
vary
Accept-Encoding
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8f92d6d0095f31fb-MIA
x-xss-protection
1; mode=block
server
cloudflare
62124
ib.spninxcuppas.com/tQ9unxqPhae3A55/ 		5 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.spninxcuppas.com/tQ9unxqPhae3A55/62124
Requested by
Host: playerwish.com
URL: https://playerwish.com/f/5hxi3otzlc19
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
173.237.68.188 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Keep-Alive
timeout=20
Date
Sat, 28 Dec 2024 16:13:42 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://playerwish.com
Server
nginx
styledl100.js
playerwish.com/assets/jquery/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playerwish.com/assets/jquery/styledl100.js?v=1.1
Requested by
Host: playerwish.com
URL: https://playerwish.com/f/5hxi3otzlc19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29b05b6471d6c31abf8215b194ae60cfb8bc8b37fe5d5255e96b1923b7bfd35a
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/f/5hxi3otzlc19

Response headers

content-encoding
zstd
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=omIt8BDQtwf%2BDy7KDvpyh89qUwGwRpw0H3Z4eL2zmWNgRGwhdCcvlO8odqwXt2tci6cZr0lSX%2FVD7Cx8UUN1PBf3hHxDWITsp5TRzkAc5MWa0E5Oe7ZJz71LxELlCSeORA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
expires
Fri, 27 Dec 2024 16:13:42 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Dec 2024 16:13:42 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 28 Dec 2024 16:13:42 GMT
x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8f92d6d0095d31fb-MIA
x-xss-protection
1; mode=block
server
cloudflare
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/js/ 		79 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/js/bootstrap.bundle.min.js
Requested by
Host: playerwish.com
URL: https://playerwish.com/f/5hxi3otzlc19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ea8fe021a4ace4f6786fecc418f70b658fc2dc02d136e8fe5c6ab6b62a46d5d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"13ac2-jNeXExg3GrPRY3nfbPslSlxkn8o"
age
1607551
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Sat, 28 Dec 2024 16:13:41 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230059-FRA, cache-mia-kmia1760048-MIA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
24750
x-jsd-version
5.3.0-alpha3
tag.js
mc.yandex.ru/metrika/ 		222 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: playerwish.com
URL: https://playerwish.com/f/5hxi3otzlc19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
ab6f545892f640da445a4695190e0e9eab30b2119cbbb2a0e40b2d96462eb039
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"67655eba-12b7d"
expires
Sat, 28 Dec 2024 17:13:42 GMT
access-control-allow-origin
*
content-length
76669
date
Sat, 28 Dec 2024 16:13:42 GMT
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
content-type
application/javascript
Toroka-Medium.woff
playerwish.com/HG1/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://playerwish.com/HG1/fonts/Toroka-Medium.woff
Requested by
Host: playerwish.com
URL: https://playerwish.com/HG1/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ec30b02c21af727daffb6ed85cd0dda85a29f515116b801d69e4e60e2afb6d5
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://playerwish.com
Referer
https://playerwish.com/HG1/css/style.css

Response headers

cf-cache-status
HIT
etag
"d374-5fd365d856b51"
age
849
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kB1Igb7IFPW4p6HMZcmPtl%2FvQWoyET3yncm%2FPMwPWtNNFU3Qc5DGZBpkETvDFc24YxztwHou9X5YOsBKf2%2Fo0QooxEjOXkOEUC50YhTbnbeV1OBzCZk3o4V1yIdLNYnIvg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Dec 2024 16:13:41 GMT
content-type
font/woff
last-modified
Sat, 03 Jun 2023 09:33:42 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f92d6d1196131fb-MIA
accept-ranges
bytes
content-length
54132
x-xss-protection
1; mode=block
server
cloudflare
truncated
/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8399d4a03104eea0b6235bd9f8185d5cceef79d145bf32e86c76d2839621f37d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://playerwish.com
Referer

Response headers

Content-Type
application/font-woff;charset=utf-8
Toroka-Regular.woff
playerwish.com/HG1/fonts/ 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://playerwish.com/HG1/fonts/Toroka-Regular.woff
Requested by
Host: playerwish.com
URL: https://playerwish.com/HG1/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6176d18bda6fff5825e2af23ddcbcaf342b226d8c4a686f9af5d8b5a801397b4
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://playerwish.com
Referer
https://playerwish.com/HG1/css/style.css

Response headers

cf-cache-status
HIT
etag
"d194-5fd365d864229"
age
7039
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BUhusdcAZvL1yxOyka7G97pTpEc2vnWTf%2FWvIYaGYslDyL6wiPYmAR99xDUEOQ8J%2BunQMDGYk5wV0DrVO6chKB9nIbR261Nf4UActd1dw9lsqTpiHCeEqmm5QyN1EB%2FkXw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Dec 2024 16:13:41 GMT
content-type
font/woff
last-modified
Sat, 03 Jun 2023 09:33:42 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f92d6d1196031fb-MIA
accept-ranges
bytes
content-length
53652
x-xss-protection
1; mode=block
server
cloudflare
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2TL7NH453R&gtm=45je4cc1v9115843041za200&_p=1735402421905&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=669838700.1735402422&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1735402422&sct=1&seg=0&dl=https%3A%2F%2Fplayerwish.com%2Ff%2F5hxi3otzlc19&dt=04be793511d686c4d99bde7a4bb0c6cc&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1609
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2TL7NH453R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://playerwish.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Dec 2024 16:13:42 GMT
content-type
text/plain
server
Golfe2
tag.min.js
jouwaikekaivep.net/ 		70 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jouwaikekaivep.net/tag.min.js
Requested by
Host: playerwish.com
URL: https://playerwish.com/assets/jquery/styledl100.js?v=1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
760821f2acf6074d4d5198ee78f1ad94c529f1a928d0dc7f0a95e055d9576598

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

access-control-max-age
86400
content-encoding
zstd
cf-cache-status
HIT
age
15761
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nFwczft6LHGisNQi30%2F%2BYfQslPK4ou4O4gwiKVphnL7OCzzZzAokeVyjzt%2F0yL0GFJvF5JzFYFSDgKO8MClSGkccYYf%2B7VE9UR1pIGrd1sVdQFmsA6P3h1Esjm7XsUva%2FJ3d2Ec%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
expires
Sun, 29 Dec 2024 11:51:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31137&min_rtt=31136&rtt_var=11678&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4100&recv_bytes=4231&delivery_rate=105153&cwnd=12000&unsent_bytes=0&cid=f6d0d10400bb863d&ts=49&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 28 Dec 2024 16:13:42 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 23 Dec 2024 17:25:42 GMT
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
cache-control
max-age=86400
timing-allow-origin
*
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
08a1697870328c54a08958ca6653c6fd
cf-ray
8f92d6d4ca3ca4e8-MIA
access-control-allow-origin
*
server
cloudflare
40913
jg.curiescores.com/g1zk446Sr8HRXQC17/ 		6 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jg.curiescores.com/g1zk446Sr8HRXQC17/40913
Requested by
Host: playerwish.com
URL: https://playerwish.com/assets/jquery/styledl100.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
173.0.146.25 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Keep-Alive
timeout=20
Date
Sat, 28 Dec 2024 16:13:42 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://playerwish.com
Server
nginx
8450666
naupsakiwhy.com/401/ 		96 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://naupsakiwhy.com/401/8450666
Requested by
Host: playerwish.com
URL: https://playerwish.com/assets/jquery/styledl100.js?v=1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.107 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
ea663bdee1137724fa60c95058c81279c149194e6d9ed46e01dd789a129f7741
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

access-control-expose-headers
Link
content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Sat, 28 Dec 2024 16:13:42 GMT
content-type
application/javascript
vary
Origin
strict-transport-security
max-age=1
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin
*, *
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
x-trace-id
fd45919758c131206f9f536877d92ad3
access-control-allow-origin
*
server
nginx
8449621
psoroumukr.com/400/ 		90 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://psoroumukr.com/400/8449621
Requested by
Host: playerwish.com
URL: https://playerwish.com/assets/jquery/styledl100.js?v=1.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.118 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
de7d3e04bcae145781f503a66765722325ee82735cccebd4e218e886ce602d94
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

access-control-expose-headers
Link
content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Sat, 28 Dec 2024 16:13:42 GMT
content-type
application/javascript
vary
Origin
strict-transport-security
max-age=1
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin
*, *
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
x-trace-id
ea2076ad512dec3d877d3438493191db
access-control-allow-origin
*
server
nginx
/
aiveemtomsaix.net/5/8544097/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aiveemtomsaix.net/5/8544097/?oo=1&js_build=iclick-v1.1028.0&dmn=jouwaikekaivep.net&tt=2&ix=0&is_mobile=false
Requested by
Host: jouwaikekaivep.net
URL: https://jouwaikekaivep.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.106 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
d290ca0bc8b8d58ccaa781ec03cd16a199c12e8377e314f32317029b621f15f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-methods
GET, POST, OPTIONS
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
date
Sat, 28 Dec 2024 16:13:42 GMT
content-type
application/json
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch"
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache, no-cache
access-control-allow-credentials
true
x-trace-id
a6e5e141f16bbc64d6d01bf52c2c8126
access-control-allow-origin
https://playerwish.com
server
nginx
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10608.uP5G1Wy3LLY-KZu_gVcTt56XaXO9T0Tx-i2E9khUbI8o16fTgXqI1lD-1klVP_CW.5HOR3Q8S0c93Uxhdu5lMKdo05Uk%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10608.zPTjT0nQ-G5O22ZUjDcx8PYKR-laD4yI48dEGedTrL1uRiQFJc_QDscB9Re6H0Y42bNUS_fdAnaOSyivYxVB8mO7OFT1T-_vHcknZgx8ZpssDrRLA0tkEDA7j7dTJCSxl7UTPMgBfc...
43 B
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10608.zPTjT0nQ-G5O22ZUjDcx8PYKR-laD4yI48dEGedTrL1uRiQFJc_QDscB9Re6H0Y42bNUS_fdAnaOSyivYxVB8mO7OFT1T-_vHcknZgx8ZpssDrRLA0tkEDA7j7dTJCSxl7UTPMgBfcecbIacxy5JCohtwJihRGIHj5wCiWOLAOvPb8l4VQXi9zDWqQa2AxfQvHnKdSzqKJuE4MVzNwndIOGsJ7bw5mZp9i_FuwM-XEU%2C.QG7zilCfocMC5LqB2TEQUUQbTAg%2C
Requested by
Host: playerwish.com
URL: https://playerwish.com/f/5hxi3otzlc19
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
date
Sat, 28 Dec 2024 16:13:43 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://mc.yandex.com/sync_cookie_image_decide?token=10608.zPTjT0nQ-G5O22ZUjDcx8PYKR-laD4yI48dEGedTrL1uRiQFJc_QDscB9Re6H0Y42bNUS_fdAnaOSyivYxVB8mO7OFT1T-_vHcknZgx8ZpssDrRLA0tkEDA7j7dTJCSxl7UTPMgBfcecbIacxy5JCohtwJihRGIHj5wCiWOLAOvPb8l4VQXi9zDWqQa2AxfQvHnKdSzqKJuE4MVzNwndIOGsJ7bw5mZp9i_FuwM-XEU%2C.QG7zilCfocMC5LqB2TEQUUQbTAg%2C
x-xss-protection
1; mode=block
date
Sat, 28 Dec 2024 16:13:43 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: playerwish.com
URL: https://playerwish.com/f/5hxi3otzlc19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"67655eba-2b"
expires
Sat, 28 Dec 2024 17:13:43 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Sat, 28 Dec 2024 16:13:43 GMT
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
content-type
image/gif
gid.js
my.rtmark.net/ 		65 B
965 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=008140907abc41bfe9215e3fb047b20c
Requested by
Host: jouwaikekaivep.net
URL: https://jouwaikekaivep.net/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c863d76f803852cd8bc9710b16eebd1d286811926fa8d0c74686f03bb2b8cde4
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

access-control-expose-headers
Authorization
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZviX0m19YlWTqiwGr3s6PZ3BglJGrF0UBrqVOmVa2i6Udm%2BEQSUFf4uWiLPkTzAT%2Bb%2BH6Rn%2FIzbcLgn305jkGJBvX0xFfeJPxXaR2kqXNQ%2FS6eRvZL86S8RvlWvokDPy"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31344&min_rtt=31128&rtt_var=5115&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4119&recv_bytes=4436&delivery_rate=492&cwnd=12000&unsent_bytes=0&cid=3a6b4b5408db2aec&ts=157&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 28 Dec 2024 16:13:43 GMT
content-type
application/json; charset=utf-8
priority
u=1,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8f92d6d87a867416-MIA
access-control-allow-origin
https://playerwish.com
server
cloudflare
metrika_match.html
mc.yandex.com/metrika/ Frame 2499 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://playerwish.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
2080
content-type
text/html
date
Sat, 28 Dec 2024 16:13:43 GMT
etag
"67655eba-820"
expires
Sat, 28 Dec 2024 17:13:43 GMT
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
split_track
bytogeticr.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bytogeticr.com/split_track?dt=0&r=false&timeout=1000errm=
Requested by
Host: psoroumukr.com
URL: https://psoroumukr.com/400/8449621
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.17.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kNUoyb2YNcP7DYGSvHiOdYw%2B7NwL62RPZ2gX30XJ4kntOuH0zfFw8xBUoJfPaCpkYpLnn2mL0ezJGRcDUniIjozT6e4MpZBU7ibAD7HHHByvqAiXyziCm%2FtIydSJfJBzhA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS, HEAD
cf-ray
8f92d6d94a615c76-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=31340&min_rtt=30911&rtt_var=5282&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4147&recv_bytes=4435&delivery_rate=493&cwnd=12000&unsent_bytes=0&cid=491a7632fd1733ac&ts=171&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 28 Dec 2024 16:13:43 GMT
content-type
application/octet-stream
server
cloudflare
priority
u=1,i
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
stattag.js
tzegilo.com/ 		17 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tzegilo.com/stattag.js
Requested by
Host: naupsakiwhy.com
URL: https://naupsakiwhy.com/401/8450666
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"668fb2be-45d7"
age
38
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FKK1eAvQJ1ja8246arz4V1X4%2FEmA3cxYqpGsITtd0SIUz%2FCm0ZY0E7vgofaRQz0rv4tEUyBPImp%2FFGB5G%2Fs0tHyPnHzJ5k7ty6tbC5%2FhJZ%2FEZg%2B98PQxIDU3wEEqJw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31271&min_rtt=30918&rtt_var=11846&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4117&recv_bytes=4225&delivery_rate=96246&cwnd=12000&unsent_bytes=0&cid=67c2ff7b721cb814&ts=58&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 28 Dec 2024 16:13:43 GMT
content-type
application/javascript
last-modified
Thu, 11 Jul 2024 10:23:58 GMT
vary
Accept-Encoding
priority
u=3,i=?0
link
<https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f92d6d9cba8743a-MIA
server
cloudflare
/
aiveemtomsaix.net/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aiveemtomsaix.net/?rb=f5xLBravXSMsQX7k2ihsP-F3Rwv-zASxwxb6MmBaFPCgAa_u_HwCMpNT2WwzuBpygcDbcAgvLBd1phxccvLa9Ai-5jpstRfAjEStYGYf6HUqjnln7bbHfwvRuczinYw-TANAAHh002_xaCr2T1u7j2qXxu7TzDrNa3p8HSm089bqi_ONUr8Ns9EqBr6WbLR9WyV1AFYJMQZjH7JXvyXgZVu0uKGyuDdr7-xNjK54vzvnA_TgPpDeo4vYj6m-i8iqWMnZeWPDo8ZQHWjFbrdjLHZCb0CakwLuOC4-1-AEreybo5tGQKarg3IzYMLKJREJ5qFR0A%3D%3D&request_ab2=0&zoneid=8544097&js_build=iclick-v1.1028.0&jsp=1&fs=0&cf=0&sw=1600&sh=1200&wih=1200&wiw=1600&ww=1600&wh=1285&sah=1200&wx=30&wy=30&cw=1600&wfc=0&pl=https%3A%2F%2Fplayerwish.com%2Ff%2F5hxi3otzlc19&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Pacific%2FHonolulu&bto=600&tt=2&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.1028.0&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bml=1&bmi=1&bs=ad9033d3-31b3-4f70-9e06-308f8cb8c9b2&wasm=1&userId=008140907abc41bfe9215e3fb047b20c&is_mobile=false&m=link
Requested by
Host: jouwaikekaivep.net
URL: https://jouwaikekaivep.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.106 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
dbf342b91760c826177a40784ec57f47e54844dc07a508ffd4d99d9906c82a9e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Sat, 28 Dec 2024 16:13:43 GMT
content-type
application/json
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
f02b0fad97204d15d463948b0feec29c
access-control-allow-origin
https://playerwish.com
server
nginx
add
fleraprt.com/log/ 		12 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=887e04bc-bd66-431f-90da-e7b8e8493b3f
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.45.195.252 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx/1.25.5 /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://playerwish.com/

Response headers

Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://playerwish.com
Content-Length
12
Date
Sat, 28 Dec 2024 16:13:43 GMT
Content-Type
application/json; charset=utf-8
Server
nginx/1.25.5
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
8450666
naupsakiwhy.com/500/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://naupsakiwhy.com/500/8450666?excludes=&oaid=008140907abc41bfe9215e3fb047b20c&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=30&wy=30&ww=1600&wh=1285&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fplayerwish.com%2Ff%2F5hxi3otzlc19&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&btz=Pacific%2FHonolulu&bto=600&jsp=1&is_mobile=false&js_build=8&sw_version=v1.490.0&dmn=naupsakiwhy.com
Requested by
Host: naupsakiwhy.com
URL: https://naupsakiwhy.com/401/8450666
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.107 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
c6d99b33070014abf479653f89cbec9243a87f93bf8dabf9ae24ccf4108d6733
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://playerwish.com/

Response headers

access-control-expose-headers
Link
content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Sat, 28 Dec 2024 16:13:43 GMT
content-type
application/javascript
vary
Origin
strict-transport-security
max-age=1
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin
*, *
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
x-trace-id
8366d8d5c81ceb23746bc4f808a14036
access-control-allow-origin
https://playerwish.com
server
nginx
8450666
naupsakiwhy.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://naupsakiwhy.com/500/8450666?excludes=&oaid=008140907abc41bfe9215e3fb047b20c&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=30&wy=30&ww=1600&wh=1285&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fplayerwish.com%2Ff%2F5hxi3otzlc19&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&btz=Pacific%2FHonolulu&bto=600&jsp=1&is_mobile=false&js_build=8&sw_version=v1.490.0&dmn=naupsakiwhy.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.107 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://playerwish.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://playerwish.com
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Sat, 28 Dec 2024 16:13:43 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
8449621
psoroumukr.com/500/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://psoroumukr.com/500/8449621?excludes=&oaid=008140907abc41bfe9215e3fb047b20c&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=30&wy=30&ww=1600&wh=1285&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fplayerwish.com%2Ff%2F5hxi3otzlc19&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&btz=Pacific%2FHonolulu&bto=600&jsp=1&is_mobile=false&js_build=8&sw_version=v1.490.0&dmn=psoroumukr.com
Requested by
Host: psoroumukr.com
URL: https://psoroumukr.com/400/8449621
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.118 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
02b4c7e18902bb69a7f3c8eb93aed314a9f07eb5b78b80923b483e57b4427eb9
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://playerwish.com/

Response headers

access-control-expose-headers
Link
content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Sat, 28 Dec 2024 16:13:43 GMT
content-type
application/javascript
vary
Origin
strict-transport-security
max-age=1
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin
*, *
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
x-trace-id
5dbe234d64856d510363f463f40313da
access-control-allow-origin
https://playerwish.com
server
nginx
8449621
psoroumukr.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://psoroumukr.com/500/8449621?excludes=&oaid=008140907abc41bfe9215e3fb047b20c&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=30&wy=30&ww=1600&wh=1285&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fplayerwish.com%2Ff%2F5hxi3otzlc19&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&btz=Pacific%2FHonolulu&bto=600&jsp=1&is_mobile=false&js_build=8&sw_version=v1.490.0&dmn=psoroumukr.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.118 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://playerwish.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://playerwish.com
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Sat, 28 Dec 2024 16:13:43 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
add
fleraprt.com/async_log/ 		0
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=887e04bc-bd66-431f-90da-e7b8e8493b3f
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.45.195.252 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://playerwish.com/

Response headers

Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://playerwish.com
Content-Length
0
Date
Sat, 28 Dec 2024 16:13:43 GMT
Server
nginx/1.25.5
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
1
mc.yandex.com/watch/93396623/
Redirect Chain
  • https://mc.yandex.com/watch/93396623?wmode=7&page-url=https%3A%2F%2Fplayerwish.com%2Ff%2F5hxi3otzlc19&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3...
  • https://mc.yandex.com/watch/93396623/1?wmode=7&page-url=https%3A%2F%2Fplayerwish.com%2Ff%2F5hxi3otzlc19&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0...
603 B
863 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/93396623/1?wmode=7&page-url=https%3A%2F%2Fplayerwish.com%2Ff%2F5hxi3otzlc19&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1726472008771%3Ahid%3A569540717%3Az%3A-600%3Ai%3A20241228061342%3Aet%3A1735402423%3Ac%3A1%3Arn%3A31071039%3Arqn%3A1%3Au%3A1735402423171968418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1217%3Awv%3A2%3Ads%3A14%2C35%2C980%2C2%2C1%2C0%2C%2C720%2C1%2C%2C%2C%2C1752%3Aco%3A0%3Acpf%3A1%3Ans%3A1735402420711%3Agi%3AR0ExLjEuNjY5ODM4NzAwLjE3MzU0MDI0MjI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735402424%3At%3A04be793511d686c4d99bde7a4bb0c6cc&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29
Requested by
Host: playerwish.com
URL: https://playerwish.com/f/5hxi3otzlc19
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
c0538617c2033eee2fa12edc8e6add9e2dd5790b40728cf8db614df6e7e81f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Sat, 28-Dec-2024 16:13:43 GMT
access-control-allow-origin
https://playerwish.com
content-length
603
date
Sat, 28 Dec 2024 16:13:43 GMT
x-xss-protection
1; mode=block
last-modified
Sat, 28-Dec-2024 16:13:43 GMT
content-type
application/json; charset=utf-8

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/93396623/1?wmode=7&page-url=https%3A%2F%2Fplayerwish.com%2Ff%2F5hxi3otzlc19&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1726472008771%3Ahid%3A569540717%3Az%3A-600%3Ai%3A20241228061342%3Aet%3A1735402423%3Ac%3A1%3Arn%3A31071039%3Arqn%3A1%3Au%3A1735402423171968418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1217%3Awv%3A2%3Ads%3A14%2C35%2C980%2C2%2C1%2C0%2C%2C720%2C1%2C%2C%2C%2C1752%3Aco%3A0%3Acpf%3A1%3Ans%3A1735402420711%3Agi%3AR0ExLjEuNjY5ODM4NzAwLjE3MzU0MDI0MjI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735402424%3At%3A04be793511d686c4d99bde7a4bb0c6cc&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
expires
Sat, 28-Dec-2024 16:13:43 GMT
access-control-allow-origin
https://playerwish.com
date
Sat, 28 Dec 2024 16:13:43 GMT
x-xss-protection
1; mode=block
last-modified
Sat, 28-Dec-2024 16:13:43 GMT
favicon.ico
playerwish.com/HG1/images/favicon/ 		15 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://playerwish.com/HG1/images/favicon/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ce20250cd83244a68b895f2aeeba18ff240c0988cd8adba70d8afa4be0b5ff5
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/f/5hxi3otzlc19

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"3c2e-5fd365d93b778"
age
2746
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s8PFJDW6bxGIzS5LCc7rJAuHPusExWEz18dLiNDtrGetljeuoIiJv%2BwEi8zM9FWXGbpiof6a71XMB4I6qSL6mdg8l78l%2BIUuX%2FQfnSsmCrb41Ow6TujxI%2FmqHDtKXVIvAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 28 Dec 2024 16:13:43 GMT
content-type
image/vnd.microsoft.icon
last-modified
Sat, 03 Jun 2023 09:33:43 GMT
vary
Accept-Encoding
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8f92d6dc797d31fb-MIA
x-xss-protection
1; mode=block
server
cloudflare
0f829e0510ada3123df6c2b37e4c0acb.png
onmanectrictor.com/www/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onmanectrictor.com/www/images/0f829e0510ada3123df6c2b37e4c0acb.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40f68c48de3f046d5058f65aef88891fba00dc117cd5ef9aca1739d9712f0672

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

cf-cache-status
HIT
etag
"664f5eb4-ffd"
age
63798
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=asOKgIGrQTBI37xGkCfo%2BMa8dxea0%2FzDQFk3d%2FK4O6VaNBa5cVB6Y%2BSHIcBiDrX6DDiIcCkL3LYUQOUe7JmwBqn0GH1OTzeBuvKKHqABEZKDCkU7Q4N8E3sMr6syubQ%2FqL35zIw%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 28 Dec 2024 22:30:25 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31092&min_rtt=30916&rtt_var=11719&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4138&recv_bytes=4339&delivery_rate=100153&cwnd=12000&unsent_bytes=0&cid=e9d4367c0bc0763b&ts=49&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 28 Dec 2024 16:13:44 GMT
content-type
image/png
last-modified
Thu, 23 May 2024 15:20:20 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=86400
timing-allow-origin
*
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f92d6de8cbada47-MIA
accept-ranges
bytes
content-length
4093
server
cloudflare
nUnNtIR5gHILjWSJzB0JYRiQZExUWiSrL-FO6DjFMna_fOc13A5yWKaR1Zdd5wXnMi7C8WGT43-D_YXjJVGHKaICzlOWJ_skHttmQPtWKvo3EC8h3pIKeSNbT6Xahf1rXLGY-9Y2DhgN0Ru_PYRiePUQ6ZaNHQ8O59hJdTLZlKFSBXi8b6K9AEqtn2seYOLazgoRS...
psoroumukr.com/impression/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://psoroumukr.com/impression/nUnNtIR5gHILjWSJzB0JYRiQZExUWiSrL-FO6DjFMna_fOc13A5yWKaR1Zdd5wXnMi7C8WGT43-D_YXjJVGHKaICzlOWJ_skHttmQPtWKvo3EC8h3pIKeSNbT6Xahf1rXLGY-9Y2DhgN0Ru_PYRiePUQ6ZaNHQ8O59hJdTLZlKFSBXi8b6K9AEqtn2seYOLazgoRS7ooFJvwEjE85wEdIwXY41BVPKzazWnqVor5L6XhuymAqf2mSIQj75-Fm9Mjp6855WUYTYARuI65LSThi1b6OQaqpnVpgIK_alZoV7dNi-MWdfhcLVLHsHxS9FZMVv-fvmKaLDKCWALgAlYky7mUS1fbqPGDSu2VnNMwWS6rDvMGAbnVJit5kY2MVhLNgA6ET6zl8HwbRbk2CF4cz8OuCMIRvTz7CVp-_wE6_14gfTQnyKfX9EOpvF8v_nFVsVHSMNQfdwt4wlyR3qhFIqy5JbQNJx3W-h7vTiZES4pL52hJju55iPP2rLr-Jez59d46_KshynAjLYFYF4CrebGlA4RO4EwKf7qmBhaq17w-QFDcm0XTeN7owe0AxPYju-eij0nkdTenDcYN6kHQjmbd_Uaa228orVH5BG_-OLweRoRGA7OGkJPMNaYSsSw9XWZCmwXeX4Je2UoMQLxM8f-FfhNnH23wrMgh8Eez_ravW8m-rocAOCY2v0WqmHIs7JDjo7mT1X2N6FnHtqqmsQFCZvUxy-5hs8jtyc6gcMG-R7cPhQL2-POR5YHS41PnouNs0wWKbzqd3elbAUqHmCTUUC9rPXcuZqkx9TQ3TtSIlcSdX5pen9nlklWf6MFjN9qjFQh2lCVVcvMwJk3-_tqaTKCGnurdhh20dw==?_z=8449621&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=30&wy=30&ww=1600&wh=1285&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fplayerwish.com%2Ff%2F5hxi3otzlc19&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&btz=Pacific%2FHonolulu&bto=600&jsp=1&is_mobile=false&js_build=8&sw_version=v1.490.0&dmn=psoroumukr.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.118 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

access-control-expose-headers
Link
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Sat, 28 Dec 2024 16:13:45 GMT
content-type
image/gif
vary
Origin
strict-transport-security
max-age=1
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin
*, *
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
x-trace-id
c8c3233e8fd35bbf0ec53d9b9fbb8ead
access-control-allow-origin
*
content-length
43
server
nginx
0f829e0510ada3123df6c2b37e4c0acb.png
onmanectrictor.com/www/images/ Frame 4BBB 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onmanectrictor.com/www/images/0f829e0510ada3123df6c2b37e4c0acb.png
Requested by
Host: psoroumukr.com
URL: https://psoroumukr.com/400/8449621
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40f68c48de3f046d5058f65aef88891fba00dc117cd5ef9aca1739d9712f0672

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
HIT
etag
"664f5eb4-ffd"
age
63798
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=asOKgIGrQTBI37xGkCfo%2BMa8dxea0%2FzDQFk3d%2FK4O6VaNBa5cVB6Y%2BSHIcBiDrX6DDiIcCkL3LYUQOUe7JmwBqn0GH1OTzeBuvKKHqABEZKDCkU7Q4N8E3sMr6syubQ%2FqL35zIw%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 28 Dec 2024 22:30:25 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31092&min_rtt=30916&rtt_var=11719&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4138&recv_bytes=4339&delivery_rate=100153&cwnd=12000&unsent_bytes=0&cid=e9d4367c0bc0763b&ts=49&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 28 Dec 2024 16:13:44 GMT
content-type
image/png
last-modified
Thu, 23 May 2024 15:20:20 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=86400
timing-allow-origin
*
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f92d6de8cbada47-MIA
accept-ranges
bytes
content-length
4093
server
cloudflare
8449621
psoroumukr.com/500/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://psoroumukr.com/500/8449621?excludes=22833619&oaid=008140907abc41bfe9215e3fb047b20c&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=30&wy=30&ww=1600&wh=1285&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fplayerwish.com%2Ff%2F5hxi3otzlc19&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&btz=Pacific%2FHonolulu&bto=600&jsp=1&is_mobile=false&js_build=8&sw_version=v1.490.0&dmn=psoroumukr.com
Requested by
Host: psoroumukr.com
URL: https://psoroumukr.com/400/8449621
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.118 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e228b1a81f5b6db65d4098ce8d26a79b36b3943146a7589a475521a2e5661b8
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://playerwish.com/

Response headers

access-control-expose-headers
Link
content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Sat, 28 Dec 2024 16:13:45 GMT
content-type
application/javascript
vary
Origin
strict-transport-security
max-age=1
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin
*, *
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
x-trace-id
254bedc094335c750e006919bba3e86f
access-control-allow-origin
https://playerwish.com
server
nginx
8449621
psoroumukr.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://psoroumukr.com/500/8449621?excludes=22833619&oaid=008140907abc41bfe9215e3fb047b20c&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=30&wy=30&ww=1600&wh=1285&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fplayerwish.com%2Ff%2F5hxi3otzlc19&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=-600&btz=Pacific%2FHonolulu&bto=600&jsp=1&is_mobile=false&js_build=8&sw_version=v1.490.0&dmn=psoroumukr.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.118 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://playerwish.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://playerwish.com
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Sat, 28 Dec 2024 16:13:45 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
987f39a26e2421b1923e3d4251704672.png
onmanectrictor.com/www/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onmanectrictor.com/www/images/987f39a26e2421b1923e3d4251704672.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c263808a6e88a285aee3f6d81dfe00f7433480930c42d0605c7a0f4ab3534ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

cf-cache-status
HIT
etag
"664e10af-4c81"
age
30134
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PxzU1PPs%2FPuggI0YDTwEkOyDAFrPdvYmmzp1F0ceJwbr%2FR%2FeUN3j9RcAf8tB8MlAfid55dN7VujXBP9NqwyrgxzfMnikBZv%2FNqTxI9sek2dsJ2buRAJF50kFwNy%2Fi75Wx4WOQiY%3D"}],"group":"cf-nel","max_age":604800}
expires
Sun, 29 Dec 2024 07:51:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33494&min_rtt=30851&rtt_var=7139&sent=18&recv=13&lost=0&retrans=0&sent_bytes=9150&recv_bytes=4919&delivery_rate=159835&cwnd=12000&unsent_bytes=0&cid=e9d4367c0bc0763b&ts=1754&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 28 Dec 2024 16:13:45 GMT
content-type
image/png
last-modified
Wed, 22 May 2024 15:35:11 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=86400
timing-allow-origin
*
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f92d6e93ad9da47-MIA
accept-ranges
bytes
content-length
19585
server
cloudflare
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2TL7NH453R&gtm=45je4cc1v9115843041za200&_p=1735402421905&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=669838700.1735402422&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1735402422&sct=1&seg=0&dl=https%3A%2F%2Fplayerwish.com%2Ff%2F5hxi3otzlc19&dt=04be793511d686c4d99bde7a4bb0c6cc&en=scroll&epn.percent_scrolled=90&_et=5&tfd=6616
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2TL7NH453R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://playerwish.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://playerwish.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Dec 2024 16:13:47 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| gtag object| dataLayer function| ym object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal number| uidEvent object| bootstrap object| zfgstorage object| akv4uygrc4 object| zfgformats function| onClickTrigger boolean| zfgloadedpopup object| Ya object| yaCounter93396623 boolean| zfgonclickfirst function| _1opmpytsa7q object| syncCallbacks object| webpushlogs boolean| __lwkemfd9q__ number| __qwe33wweq__ object| _shownFakepushFormats object| ippExcludes

32 Cookies

Domain/Path Name / Value
.playerwish.com/ Name: lang
Value: 1
ib.spninxcuppas.com/ Name: GL_UI4
Value: eJw9jd1Og0AQhaGwtNWCTsID%2BAhQQrWXxlvfgQzMQNfCTrNsqb69q4lenZ98OScIglX%2BAOGSbCG6Yg1PWJZ9TfhcVYeu5z3vezrWBVZ0PLz01Baw1XPjsB3ZxbCZJ7SucUsMu4ENW901nRCn8Oipv%2BZs5GZiUK1FQymoyRNjCuvWym1mm0cQG5wYkreTFa9qwg%2BxEJVV6b023ocFrGTOo%2BwO1Ls2189slwRZlgRwfxnR9WKnRpOParBIDOErbDp0PIj9gjXxfHZyAZCRmn%2F%2B91ONP2uQEC%2B681Hcie03KUxO%2BA%3D%3D
ib.spninxcuppas.com/ Name: GL_GI10
Value: eJwNzDEKg0AQBdCdAZVALD4xvScQNxaxF6ySSjzAoiIDcUfWTc4fi9c%2BYwwXV7DsyJu2ss2jsratnjVoBY8DePLIRy9xmcshurgcoADuX%2BDgkfUfDTI70ITkLW4TkODe6br4WHa6bV8vk4ui%2FgCfLp2GXcP5gPaUwFGzBHzMhQH90tsfYCUjKg%3D%3D
.playerwish.com/ Name: _ga
Value: GA1.1.669838700.1735402422
.playerwish.com/ Name: _ga_2TL7NH453R
Value: GS1.1.1735402422.1.0.1735402422.0.0.0
.yandex.ru/ Name: i
Value: 6BzxIotu5x33cVEPcSOuKGn5alj2ah+jEgTr836Luh0SAkhEkS7+mYveTeSwu/dHPiz0OFfchLzvAOKoqgeQLplrFzw=
.yandex.ru/ Name: yandexuid
Value: 9494390261735402422
.yandex.ru/ Name: yashr
Value: 533245901735402422
jg.curiescores.com/ Name: GL_UI4
Value: eJw9jd1Og0AQhaGwtNWCTsID%2BAhQQrWXxlvfgQzMQNfCTrNsqb69q4lenZ98OScIglX%2BAOGSbCG6Yg1PWJZ9TfhcVYeu5z3vezrWBVZ0PLz01Baw1XPjsB3ZxbCZJ7SucUsMu4ENW901nRCn8Oipv%2BZs5GZiUK1FQymoyRNjCuvWym1mm0cQG5wYkreTFa9qwg%2BxEJVV6b023ocFrGTOo%2BwO1Ls2189slwRZlgRwfxnR9WKnRpOParBIDOErbDp0PIj9gjXxfHZyAZCRmn%2F%2B91ONP2uQEC%2B681Hcie03KUxO%2BA%3D%3D
jg.curiescores.com/ Name: GL_GI10
Value: eJwNzDEKg0AQBdCdAZVALD4xvScQNxaxF6ySSjzAoiIDcUfWTc4fi9c%2BYwwXV7DsyJu2ss2jsratnjVoBY8DePLIRy9xmcshurgcoADuX%2BDgkfUfDTI70ITkLW4TkODe6br4WHa6bV8vk4ui%2FgCfLp2GXcP5gPaUwFGzBHzMhQH90tsfYCUjKg%3D%3D
.playerwish.com/ Name: _ym_uid
Value: 1735402423171968418
.playerwish.com/ Name: _ym_d
Value: 1735402423
aiveemtomsaix.net/ Name: OAID
Value: 008140907abc41bfe9215e3fb047b20c
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 848907483fake
.yandex.com/ Name: yashr
Value: 6649690041735402423
.playerwish.com/ Name: _ym_isad
Value: 2
my.rtmark.net/ Name: ID
Value: 008140907abc41bfe9215e3fb047b20c
playerwish.com/ Name: prefetchAd_8544097
Value: true
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3218404361fake
aiveemtomsaix.net/ Name: oaidts
Value: 1735402423
aiveemtomsaix.net/ Name: syncedCookie
Value: true
.yandex.com/ Name: yandexuid
Value: 9494390261735402422
.yandex.com/ Name: yuidss
Value: 9494390261735402422
.yandex.com/ Name: i
Value: 6BzxIotu5x33cVEPcSOuKGn5alj2ah+jEgTr836Luh0SAkhEkS7+mYveTeSwu/dHPiz0OFfchLzvAOKoqgeQLplrFzw=
.yandex.com/ Name: yp
Value: 1735488823.yu.2023867471735402423
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 2379471841735402423
.yandex.com/ Name: ymex
Value: 1737994423.oyu.2023867471735402423#1766938423.yrts.1735402423
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGC3x8C7Bg==
naupsakiwhy.com/ Name: OAID
Value: 008140907abc41bfe9215e3fb047b20c
psoroumukr.com/ Name: OAID
Value: 008140907abc41bfe9215e3fb047b20c

2 Console Messages

Source Level URL
Text
rendering warning URL: https://playerwish.com/f/5hxi3otzlc19
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0301D007C3E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://playerwish.com/f/5hxi3otzlc19
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0601D007C3E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aiveemtomsaix.net
bytogeticr.com
cdn.jsdelivr.net
fleraprt.com
ib.spninxcuppas.com
jg.curiescores.com
jouwaikekaivep.net
mc.yandex.com
mc.yandex.ru
my.rtmark.net
naupsakiwhy.com
onmanectrictor.com
playerwish.com
psoroumukr.com
tzegilo.com
www.google-analytics.com
www.googletagmanager.com
104.21.17.211
104.21.96.1
139.45.195.252
139.45.197.106
139.45.197.107
139.45.197.118
172.67.134.7
172.67.169.157
172.67.193.52
172.67.195.43
173.0.146.25
173.237.68.188
2607:f8b0:4006:817::2008
2607:f8b0:4006:81f::200e
2a02:6b8::1:119
2a04:4e42:200::485
02b4c7e18902bb69a7f3c8eb93aed314a9f07eb5b78b80923b483e57b4427eb9
29b05b6471d6c31abf8215b194ae60cfb8bc8b37fe5d5255e96b1923b7bfd35a
40f68c48de3f046d5058f65aef88891fba00dc117cd5ef9aca1739d9712f0672
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e228b1a81f5b6db65d4098ce8d26a79b36b3943146a7589a475521a2e5661b8
4ec30b02c21af727daffb6ed85cd0dda85a29f515116b801d69e4e60e2afb6d5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
6176d18bda6fff5825e2af23ddcbcaf342b226d8c4a686f9af5d8b5a801397b4
625c4a568de87d58b333aa7cf539c56ee94688cb690e7958508c331405391de3
6c0d5b9417d7ab991e9d848f8b6dac094062f6a0e34fd14daf352da9a50793cf
6c263808a6e88a285aee3f6d81dfe00f7433480930c42d0605c7a0f4ab3534ab
6ce20250cd83244a68b895f2aeeba18ff240c0988cd8adba70d8afa4be0b5ff5
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2
760821f2acf6074d4d5198ee78f1ad94c529f1a928d0dc7f0a95e055d9576598
8104a84948e338ff9a0350ffaf14c96350af165af2ed4d78e1f557496c0826ca
8399d4a03104eea0b6235bd9f8185d5cceef79d145bf32e86c76d2839621f37d
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
ab6f545892f640da445a4695190e0e9eab30b2119cbbb2a0e40b2d96462eb039
ba94d1e713cc58c3523c9fc373b079479e7a7c675d69864928a8c1ca5513666d
c0538617c2033eee2fa12edc8e6add9e2dd5790b40728cf8db614df6e7e81f8e
c6d99b33070014abf479653f89cbec9243a87f93bf8dabf9ae24ccf4108d6733
c863d76f803852cd8bc9710b16eebd1d286811926fa8d0c74686f03bb2b8cde4
d290ca0bc8b8d58ccaa781ec03cd16a199c12e8377e314f32317029b621f15f1
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
dbf342b91760c826177a40784ec57f47e54844dc07a508ffd4d99d9906c82a9e
de7d3e04bcae145781f503a66765722325ee82735cccebd4e218e886ce602d94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea663bdee1137724fa60c95058c81279c149194e6d9ed46e01dd789a129f7741
ea8fe021a4ace4f6786fecc418f70b658fc2dc02d136e8fe5c6ab6b62a46d5d0