1wota.top Open in urlscan Pro
190.115.19.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://redoo.fun/ole60
Effective URL:
https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Submission: On July 21 via manual (July 21st 2021, 6:45:01 pm UTC) from IN

Summary HTTP 137 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 18 IPs in 6 countries across 16 domains to perform 137 HTTP transactions. The main IP is 190.115.19.14, located in Belize City, Belize and belongs to DDOS-GUARD CORP., BZ. The main domain is 1wota.top.
TLS certificate: Issued by R3 on June 16th 2021. Valid for: 3 months.

This is the only time 1wota.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	194.67.91.213 194.67.91.213	197695 (AS-REG) (AS-REG)
1 1	212.32.250.1 212.32.250.1	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 53	190.115.19.14 190.115.19.14	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
26	190.115.24.14 190.115.24.14	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	13.226.156.182 13.226.156.182	16509 (AMAZON-02) (AMAZON-02)
2 8	185.39.80.168 185.39.80.168	200015 (LIVETEX) (LIVETEX)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3 11	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
9	2606:4700:303... 2606:4700:3033::ac43:8bce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.213.181.117 54.213.181.117	16509 (AMAZON-02) (AMAZON-02)
3	185.39.80.58 185.39.80.58	200015 (LIVETEX) (LIVETEX)
2	185.39.80.57 185.39.80.57	200015 (LIVETEX) (LIVETEX)
1	185.39.80.59 185.39.80.59	200015 (LIVETEX) (LIVETEX)
137	18

1 194.67.91.213 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: 194-67-91-213.cloudvps.regruhosting.ru

redoo.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.250.1 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

leado.g2afse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 190.115.19.14 (Belize City, Belize) 1 redirects

ASN262254 (DDOS-GUARD CORP., BZ)

1wiye.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1wota.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 190.115.24.14 (Belize City, Belize)

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: ddos-guard.net

cdn-1win.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1win-auth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.156.182 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-182.dus51.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.39.80.168 (Russian Federation) 2 redirects

ASN200015 (LIVETEX, RU)

cs15.livetex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
balancer-cloud.livetex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widgets-2-omni-iframe.livetex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3033::ac43:8bce (United States)

ASN13335 (CLOUDFLARENET, US)

widgets-2-omni-iframe.livetex.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.213.181.117 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-181-117.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.39.80.58 (Russian Federation)

ASN200015 (LIVETEX, RU)

io3-production-2-ltx227.livetex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.39.80.57 (Russian Federation)

ASN200015 (LIVETEX, RU)

vnds-production-2-i2.livetex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event-service.livetex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.39.80.59 (Russian Federation)

ASN200015 (LIVETEX, RU)

wapi-02.livetex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	1wota.top 1wota.top	3 MB
25	cdn-1win.xyz cdn-1win.xyz	1002 KB
21	google-analytics.com www.google-analytics.com	20 KB
14	livetex.ru 2 redirects cs15.livetex.ru balancer-cloud.livetex.ru widgets-2-omni-iframe.livetex.ru io3-production-2-ltx227.livetex.ru vnds-production-2-i2.livetex.ru wapi-02.livetex.ru event-service.livetex.ru	15 KB
9	yandex.com 2 redirects mc.yandex.com	2 KB
9	livetex.me widgets-2-omni-iframe.livetex.me	442 KB
2	yandex.ru 1 redirects mc.yandex.ru	71 KB
2	amplitude.com cdn.amplitude.com api.amplitude.com	20 KB
1	1win-auth.com 1win-auth.com	439 B
1	google.de www.google.de	107 B
1	google.com www.google.com	108 B
1	doubleclick.net stats.g.doubleclick.net	83 B
1	googletagmanager.com www.googletagmanager.com	39 KB
1	1wiye.top 1 redirects 1wiye.top	223 B
1	g2afse.com 1 redirects leado.g2afse.com	256 B
1	redoo.fun redoo.fun	994 B
137	16

	Domain	Requested by
52	1wota.top	1wota.top cdn-1win.xyz
25	cdn-1win.xyz	1wota.top cdn-1win.xyz
21	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
9	mc.yandex.com	2 redirects mc.yandex.ru
9	widgets-2-omni-iframe.livetex.me	balancer-cloud.livetex.ru widgets-2-omni-iframe.livetex.me 1wota.top
5	balancer-cloud.livetex.ru	2 redirects balancer-cloud.livetex.ru widgets-2-omni-iframe.livetex.me
3	io3-production-2-ltx227.livetex.ru	widgets-2-omni-iframe.livetex.me
2	mc.yandex.ru	1 redirects cdn-1win.xyz
2	widgets-2-omni-iframe.livetex.ru
1	event-service.livetex.ru	widgets-2-omni-iframe.livetex.me
1	wapi-02.livetex.ru	widgets-2-omni-iframe.livetex.me
1	vnds-production-2-i2.livetex.ru	widgets-2-omni-iframe.livetex.me
1	api.amplitude.com	cdn-1win.xyz
1	1win-auth.com	cdn-1win.xyz
1	www.google.de	1wota.top
1	www.google.com	1wota.top
1	stats.g.doubleclick.net	www.google-analytics.com
1	cs15.livetex.ru	1wota.top
1	cdn.amplitude.com	1wota.top
1	www.googletagmanager.com	1wota.top
1	1wiye.top	1 redirects
1	leado.g2afse.com	1 redirects
1	redoo.fun
137	23

This site contains links to these domains. Also see Links.

Domain
livetex.ru

Subject Issuer	Validity	Valid
redoo.fun R3	`2021-05-29` - `2021-08-27`	3 months	crt.sh
1wota.top R3	`2021-06-16` - `2021-09-14`	3 months	crt.sh
cdn-1win.xyz R3	`2021-05-31` - `2021-08-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
cdn.amplitude.com Amazon	`2020-11-18` - `2021-12-17`	a year	crt.sh
*.livetex.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-04-26` - `2022-05-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
1win-auth.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-20` - `2021-10-21`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2020-02-18` - `2022-02-13`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Frame ID: F907E77E8971CD5A75533279B7051138
Requests: 126 HTTP requests in this frame

Frame: https://widgets-2-omni-iframe.livetex.me/js/iframe.html
Frame ID: 6BBF3F0C6A4859C9B9E9F098BCB3BC4A
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://redoo.fun/ole60 Page URL
https://leado.g2afse.com/click?pid=18&offer_id=18&sub3=ole60 HTTP 302
https://1wiye.top/?open=register&sub1=60f86b1b1eda6c0001c6cc9b HTTP 301
https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.amplitude\.com/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

137
Requests

99 %
HTTPS

44 %
IPv6

16
Domains

23
Subdomains

18
IPs

6
Countries

4444 kB
Transfer

6881 kB
Size

10
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://livetex.ru/online_consultant/?utm_source=clients&utm_medium=chatlink&utm_campaign=chatlink
Title: LiveTex

Search URL Search Domain Scan URL

URL: https://livetex.ru/lead_generator/%20%20%20%20%20%20%20%20%20%20?utm_source=clients&utm_medium=chatlink&utm_campaign=chatlink
Title: LiveTex

Search URL Search Domain Scan URL

URL: https://livetex.ru/generat/?utm_source=clients&utm_medium=chatlink&utm_campaign=chatlink
Title: LiveTex

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://redoo.fun/ole60 Page URL
https://leado.g2afse.com/click?pid=18&offer_id=18&sub3=ole60 HTTP 302
https://1wiye.top/?open=register&sub1=60f86b1b1eda6c0001c6cc9b HTTP 301
https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://balancer-cloud.livetex.ru/get-client/?site_id=170258&version=1.2.30-3d79ab1&target=settings_path&rnd=ku3mouywh3g HTTP 302
https://widgets-2-omni-iframe.livetex.ru/js/widgetsSettings.json

Request Chain 74

https://balancer-cloud.livetex.ru/get-client/?site_id=170258&version=1.2.30-3d79ab1&target=path&rnd=zdhnjb1fzm HTTP 302
https://widgets-2-omni-iframe.livetex.ru/js/app3.js

Request Chain 87

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9341.a3AL6hCrqtfG9bQtU3VV77HWw77SRwdIG0rDc00LT6WkZZ4Szihip4aqzXSUNZFt.59WPoAzaB-l9HFA-73NfFh5Lqpw%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9341.sAYJPVByw7L2fk1PTkj1CPhy6M5Mu7jBukhPG6qUqlrOry2XPcGltULQRqy6D6RM-mDv_1vt2CejamC9vxoq5A%2C%2C.8lsJpy5iREFKPtjVh9ktC96fTgw%2C

Request Chain 102

https://mc.yandex.com/watch/67400437?wmode=7&page-url=https%3A%2F%2F1wota.top%2F%3Fopen%3Dregister&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A471335240804%3Ahid%3A332164005%3Az%3A120%3Ai%3A20210721204444%3Aet%3A1626893085%3Ac%3A1%3Arn%3A1027138297%3Au%3A162689308519384928%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626893083022%3Ads%3A1%2C111%2C60%2C1%2C405%2C0%2C%2C220%2C0%2C1208%2C1208%2C0%2C802%3Adsn%3A1%2C110%2C61%2C0%2C406%2C0%2C%2C223%2C0%2C1208%2C1208%2C0%2C802%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626893085%3At%3A1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0 HTTP 302
https://mc.yandex.com/watch/67400437/1?wmode=7&page-url=https%3A%2F%2F1wota.top%2F%3Fopen%3Dregister&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A471335240804%3Ahid%3A332164005%3Az%3A120%3Ai%3A20210721204444%3Aet%3A1626893085%3Ac%3A1%3Arn%3A1027138297%3Au%3A162689308519384928%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626893083022%3Ads%3A1%2C111%2C60%2C1%2C405%2C0%2C%2C220%2C0%2C1208%2C1208%2C0%2C802%3Adsn%3A1%2C110%2C61%2C0%2C406%2C0%2C%2C223%2C0%2C1208%2C1208%2C0%2C802%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626893085%3At%3A1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0

137 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set ole60 Show response
redoo.fun/ 226 B
994 B 361ms
134ms Document
text/html 194.67.91.213
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://redoo.fun/ole60
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.67.91.213 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: 194-67-91-213.cloudvps.regruhosting.ru
Software: nginx /
Resource Hash: 9a883e70f59ccdb03e8dfaead298a90e0cbb39a3d99f0b53ec5942d872ce5a14

Request headers

Host: redoo.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Wed, 21 Jul 2021 18:44:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 226
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires: 0
Last-Modified: Wed, 21 Jul 2021 18:44:42 GMT
Pragma: no-cache
Set-Cookie: _subid=3q2tg2d68nuc;Expires=Saturday, 21-Aug-2021 18:44:42 GMT;Max-Age=2678400;Path=/ c9b24=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjIxNDVcIjoxNjI2ODkzMDgyfSxcImNhbXBhaWduc1wiOntcIjkwOFwiOjE2MjY4OTMwODJ9LFwidGltZVwiOjE2MjY4OTMwODJ9In0.pwLIesq5NvZbswjI1mzM2UZLh7m2JZwF37J-9YPI7PU;Expires=Thursday, 09-Feb-2073 13:29:24 GMT;Max-Age=1626979482;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

GET
H2

200

Primary Request / Show response
1wota.top/
Redirect Chain

https://leado.g2afse.com/click?pid=18&offer_id=18&sub3=ole60
https://1wiye.top/?open=register&sub1=60f86b1b1eda6c0001c6cc9b
https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register

16 KB
6 KB

172ms
60ms

Document
text/html

190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

ddos-guard /

Resource Hash

fd301e0a9a13f3d0918c58a0fe18e292e07cc3209efe080bb63e0aa22b45a66f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

:method: GET
:authority: 1wota.top
:scheme: https
:path: /?sub1=60f86b1b1eda6c0001c6cc9b&open=register
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://redoo.fun/ole60

Response headers

server: ddos-guard
set-cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; Domain=.1wota.top; HttpOnly; Path=/; Expires=Thu, 21-Jul-2022 18:44:42 GMT sub_ids=sub1=60f86b1b1eda6c0001c6cc9b; path=/; expires=Sat, 21 Aug 2021 18:44:43 GMT
date: Wed, 21 Jul 2021 18:44:43 GMT
content-type: text/html; charset=utf-8
x-frame-options: DENY
content-encoding: gzip

Redirect headers

server: ddos-guard
set-cookie: __ddg1=I2eBMVmMo36hx7QZGb6v; Domain=.1wiye.top; HttpOnly; Path=/; Expires=Thu, 21-Jul-2022 18:44:42 GMT
date: Wed, 21 Jul 2021 18:44:43 GMT
content-type: text/html
location: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
x-frame-options: DENY
content-encoding: br
vary: Accept-Encoding

GET
H2 200 chunk-vendors.eddb9db7.js Show response
1wota.top/js/ 263 KB
79 KB 66ms
65ms Script
application/javascript 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wota.top/js/chunk-vendors.eddb9db7.js

Requested by

Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

ddos-guard /

Resource Hash

477857d9744ebb246b1b3ced9dc69977db60737f0ad15a84dbe8fadbfe5bf65c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

:path: /js/chunk-vendors.eddb9db7.js
pragma: no-cache
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 02:21:00 GMT
content-encoding: br
last-modified: Fri, 16 Jul 2021 13:47:51 GMT
server: ddos-guard
age: 231823
x-frame-options: DENY
etag: W/"60f18e07-41dcc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
content-length: 80791
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.9d92e661.js Show response
1wota.top/js/ 30 KB
9 KB 119ms
118ms Script
application/javascript 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wota.top/js/index.9d92e661.js

Requested by

Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

ddos-guard /

Resource Hash

e45a1911aaa4fe56370aca534dc4b11d6feced7d0e57a74131dc31af31cc16b7

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

:path: /js/index.9d92e661.js
pragma: no-cache
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
content-encoding: br
last-modified: Wed, 21 Jul 2021 13:04:40 GMT
server: ddos-guard
age: 0
x-frame-options: DENY
etag: W/"60f81b68-7846"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFMono-Bold.a6fc7821.woff2
1wota.top/fonts/ 35 KB
36 KB 119ms
118ms Font
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFMono-Bold.a6fc7821.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: dfb88abec4164d7e48f6812051ee984ffa6f587e613d6d512bf9cce04b1190a0

Request headers

sec-fetch-mode: cors
origin: https://1wota.top
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFMono-Bold.a6fc7821.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://1wota.top
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 18:07:46 GMT
last-modified: Fri, 09 Jul 2021 15:30:25 GMT
server: ddos-guard
age: 952617
etag: "60e86b91-8db0"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 36272
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFMono-Heavy.5a5c84e9.woff2
1wota.top/fonts/ 34 KB
35 KB 122ms
120ms Font
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFMono-Heavy.5a5c84e9.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e008a35de2b440b38d36f207292432cebc485d2a069155955cb4ca54a0158c7a

Request headers

sec-fetch-mode: cors
origin: https://1wota.top
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFMono-Heavy.5a5c84e9.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://1wota.top
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-89ac"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 35244
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProDisplay-Bold.33802914.woff2
1wota.top/fonts/ 96 KB
97 KB 120ms
118ms Font
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProDisplay-Bold.33802914.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: 32b6db04338d853de4148e775afcacadfb2d0bd3e8f10192916f6688f34c6005

Request headers

sec-fetch-mode: cors
origin: https://1wota.top
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProDisplay-Bold.33802914.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://1wota.top
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 18:07:46 GMT
last-modified: Fri, 09 Jul 2021 15:30:25 GMT
server: ddos-guard
age: 952617
etag: "60e86b91-18198"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 98712
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProDisplay-Heavy.fee26660.woff2
1wota.top/fonts/ 98 KB
98 KB 123ms
122ms Font
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProDisplay-Heavy.fee26660.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: 9c8773b18df092674df6b952c940fdc72cb66c5b6f408851e66866e72743df56

Request headers

sec-fetch-mode: cors
origin: https://1wota.top
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProDisplay-Heavy.fee26660.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://1wota.top
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-18800"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 100352
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProDisplay-Semibold.af64ab08.woff2
1wota.top/fonts/ 98 KB
98 KB 120ms
118ms Font
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProDisplay-Semibold.af64ab08.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e80a61b2cbc6d6b3b3ed8b50bcd8f6a89f8f5b69460e03f47defe0554c3220d2

Request headers

sec-fetch-mode: cors
origin: https://1wota.top
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProDisplay-Semibold.af64ab08.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://1wota.top
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 19:44:31 GMT
last-modified: Fri, 16 Jul 2021 13:47:52 GMT
server: ddos-guard
age: 255612
etag: "60f18e08-18820"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 100384
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProText-Bold.8e175b47.woff2
1wota.top/fonts/ 100 KB
100 KB 121ms
119ms Font
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProText-Bold.8e175b47.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: 87189c7bda240da89b1b1d7373467142d71c103b5f619f8017104c64f4d514f1

Request headers

sec-fetch-mode: cors
origin: https://1wota.top
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProText-Bold.8e175b47.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://1wota.top
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-18fb0"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 102320
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProText-Heavy.e2a14113.woff2
1wota.top/fonts/ 101 KB
101 KB 240ms
238ms Font
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProText-Heavy.e2a14113.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: 21961c9c0cb52a74112af43f4903ab8c80feb7ebed32b192a62dc006c4f3cf74

Request headers

sec-fetch-mode: cors
origin: https://1wota.top
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProText-Heavy.e2a14113.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://1wota.top
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-19550"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 103760
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProText-Medium.09be2e2f.woff2
1wota.top/fonts/ 102 KB
102 KB 121ms
119ms Font
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProText-Medium.09be2e2f.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: 7a3e5a3f97d4a5b7422d73c10e8431e3b7ad971e81b34a671575bd5cce451a4d

Request headers

sec-fetch-mode: cors
origin: https://1wota.top
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProText-Medium.09be2e2f.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://1wota.top
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-196ec"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 104172
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProText-Regular.c7e2854d.woff2
1wota.top/fonts/ 92 KB
92 KB 120ms
119ms Font
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProText-Regular.c7e2854d.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: 8a1914bcc30c47d6f74e1b6856573bf0c3968c7ae938c6fbfe432212fe03d1da

Request headers

sec-fetch-mode: cors
origin: https://1wota.top
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProText-Regular.c7e2854d.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://1wota.top
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-170d8"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 94424
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProText-Semibold.211b9d52.woff2
1wota.top/fonts/ 102 KB
102 KB 119ms
118ms Font
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProText-Semibold.211b9d52.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: 4a9d3fc12296ec7769a6d1863f3de6daa5b7f364ac6ff2f0e9b06bcabf58a929

Request headers

sec-fetch-mode: cors
origin: https://1wota.top
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProText-Semibold.211b9d52.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://1wota.top
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 21:27:51 GMT
last-modified: Fri, 09 Jul 2021 15:30:25 GMT
server: ddos-guard
age: 940612
etag: "60e86b91-196cc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 104140
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 firebase-app.js Show response
1wota.top/firebase/8.1.1/ 20 KB
7 KB 118ms
117ms Script
application/javascript 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wota.top/firebase/8.1.1/firebase-app.js

Requested by

Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

ddos-guard /

Resource Hash

cb8b8f2c3b982cda141255fe244f16c79320fd9db76128160f859d2eac64a2bf

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

:path: /firebase/8.1.1/firebase-app.js
pragma: no-cache
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 18:33:23 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 07:34:58 GMT
server: ddos-guard
age: 1210280
etag: W/"60e55922-4e15"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
content-length: 6702
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 firebase-messaging.js Show response
1wota.top/firebase/8.1.1/ 40 KB
11 KB 117ms
117ms Script
application/javascript 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wota.top/firebase/8.1.1/firebase-messaging.js

Requested by

Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

ddos-guard /

Resource Hash

6aa847542f08697afbd3a9bba4c695d7dde1607441455938d5b93e50457e2a18

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

:path: /firebase/8.1.1/firebase-messaging.js
pragma: no-cache
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 14:19:56 GMT
content-encoding: br
last-modified: Fri, 09 Jul 2021 15:30:24 GMT
server: ddos-guard
age: 966287
x-frame-options: DENY
etag: W/"60e86b90-9f53"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
content-length: 10938
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.txt Show response
cdn-1win.xyz/ 8 B
166 B 193ms
58ms Fetch
text/plain 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/1.txt?1626893083609
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: 3d2c759213949af96fbdcd756a5146f64a9acadf9625bd7a9feb04bb4517b4f9

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: nginx/1.15.10
etag: "60f81b69-8"
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8

GET
H2 200 SFMono-BoldItalic.6896ab05.woff2
1wota.top/fonts/ 0
35 KB 114ms
108ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFMono-BoldItalic.6896ab05.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFMono-BoldItalic.6896ab05.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 23:52:17 GMT
last-modified: Fri, 16 Jul 2021 13:47:52 GMT
server: ddos-guard
age: 413546
etag: "60f18e08-8d2c"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 36140
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFMono-HeavyItalic.621ae893.woff2
1wota.top/fonts/ 0
34 KB 115ms
108ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFMono-HeavyItalic.621ae893.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFMono-HeavyItalic.621ae893.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jul 2021 14:47:23 GMT
last-modified: Fri, 16 Jul 2021 13:47:52 GMT
server: ddos-guard
age: 359840
etag: "60f18e08-8634"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 34356
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFMono-Light.80c80241.woff2
1wota.top/fonts/ 0
34 KB 117ms
110ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFMono-Light.80c80241.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFMono-Light.80c80241.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-870c"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 34572
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFMono-LightItalic.a6928e5d.woff2
1wota.top/fonts/ 0
33 KB 118ms
111ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFMono-LightItalic.a6928e5d.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFMono-LightItalic.a6928e5d.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-84cc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 33996
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFMono-Medium.f0afbb40.woff2
1wota.top/fonts/ 0
36 KB 117ms
110ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFMono-Medium.f0afbb40.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFMono-Medium.f0afbb40.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-8e40"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 36416
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFMono-MediumItalic.0f6e9216.woff2
1wota.top/fonts/ 0
35 KB 114ms
107ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFMono-MediumItalic.0f6e9216.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFMono-MediumItalic.0f6e9216.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 13:58:02 GMT
last-modified: Fri, 09 Jul 2021 15:30:25 GMT
server: ddos-guard
age: 967601
etag: "60e86b91-8d88"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 36232
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFMono-Regular.4e5f1343.woff2
1wota.top/fonts/ 0
36 KB 115ms
108ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFMono-Regular.4e5f1343.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFMono-Regular.4e5f1343.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 13:52:54 GMT
last-modified: Fri, 16 Jul 2021 13:47:52 GMT
server: ddos-guard
age: 190309
etag: "60f18e08-8da8"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 36264
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFMono-RegularItalic.dac56833.woff2
1wota.top/fonts/ 0
35 KB 113ms
106ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFMono-RegularItalic.dac56833.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFMono-RegularItalic.dac56833.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 23:52:17 GMT
last-modified: Fri, 16 Jul 2021 13:47:52 GMT
server: ddos-guard
age: 413546
etag: "60f18e08-8cc8"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 36040
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFMono-Semibold.f3e29df0.woff2
1wota.top/fonts/ 0
36 KB 234ms
227ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFMono-Semibold.f3e29df0.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFMono-Semibold.f3e29df0.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-8de0"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 36320
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFMono-SemiboldItalic.22e121a3.woff2
1wota.top/fonts/ 0
35 KB 116ms
109ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFMono-SemiboldItalic.22e121a3.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFMono-SemiboldItalic.22e121a3.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-8cc0"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 36032
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProDisplay-BoldItalic.2edb52e3.woff2
1wota.top/fonts/ 0
60 KB 115ms
108ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProDisplay-BoldItalic.2edb52e3.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProDisplay-BoldItalic.2edb52e3.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-ef84"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 61316
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProDisplay-HeavyItalic.81fa0353.woff2
1wota.top/fonts/ 0
61 KB 114ms
107ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProDisplay-HeavyItalic.81fa0353.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProDisplay-HeavyItalic.81fa0353.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:47:52 GMT
last-modified: Mon, 12 Jul 2021 12:38:37 GMT
server: ddos-guard
age: 777412
etag: "60ec37cd-f2f8"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 62200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProDisplay-Light.0229ea63.woff2
1wota.top/fonts/ 0
97 KB 113ms
107ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProDisplay-Light.0229ea63.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProDisplay-Light.0229ea63.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 23:52:17 GMT
last-modified: Fri, 16 Jul 2021 13:47:52 GMT
server: ddos-guard
age: 413546
etag: "60f18e08-18368"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 99176
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProDisplay-LightItalic.24eb4d29.woff2
1wota.top/fonts/ 0
61 KB 113ms
107ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProDisplay-LightItalic.24eb4d29.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProDisplay-LightItalic.24eb4d29.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:47:52 GMT
last-modified: Mon, 12 Jul 2021 12:38:37 GMT
server: ddos-guard
age: 777411
etag: "60ec37cd-f494"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
set-cookie: __ddgid=8fRvOCu19QqsOHD9; Domain=.1wota.top; HttpOnly; Path=/; Expires=Thu, 21-Jul-2022 18:44:42 GMT __ddgmark=z9wsjiAqwqEKCSLA; Domain=.1wota.top; HttpOnly; Path=/; Expires=Thu, 22-Jul-2021 18:44:42 GMT
accept-ranges: bytes
content-length: 62612
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProDisplay-Medium.52ea0d70.woff2
1wota.top/fonts/ 0
97 KB 116ms
110ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProDisplay-Medium.52ea0d70.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProDisplay-Medium.52ea0d70.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-184f4"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 99572
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProDisplay-MediumItalic.8047adc9.woff2
1wota.top/fonts/ 0
61 KB 114ms
109ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProDisplay-MediumItalic.8047adc9.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProDisplay-MediumItalic.8047adc9.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-f2c0"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 62144
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProDisplay-Regular.abe60269.woff2
1wota.top/fonts/ 0
88 KB 114ms
108ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProDisplay-Regular.abe60269.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProDisplay-Regular.abe60269.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-15d6c"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 89452
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProDisplay-RegularItalic.2d0b4551.woff2
1wota.top/fonts/ 0
55 KB 113ms
107ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProDisplay-RegularItalic.2d0b4551.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProDisplay-RegularItalic.2d0b4551.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:47:52 GMT
last-modified: Mon, 12 Jul 2021 12:38:37 GMT
server: ddos-guard
age: 777411
etag: "60ec37cd-dbf0"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 56304
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProDisplay-SemiboldItalic.170a61af.woff2
1wota.top/fonts/ 0
61 KB 112ms
107ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProDisplay-SemiboldItalic.170a61af.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProDisplay-SemiboldItalic.170a61af.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 23:52:17 GMT
last-modified: Fri, 16 Jul 2021 13:47:52 GMT
server: ddos-guard
age: 413546
etag: "60f18e08-f400"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 62464
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProDisplay-Thin.16e844ac.woff2
1wota.top/fonts/ 0
97 KB 112ms
107ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProDisplay-Thin.16e844ac.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProDisplay-Thin.16e844ac.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 23:52:17 GMT
last-modified: Fri, 16 Jul 2021 13:47:52 GMT
server: ddos-guard
age: 413546
etag: "60f18e08-1844c"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 99404
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProDisplay-ThinItalic.c77d26c8.woff2
1wota.top/fonts/ 0
61 KB 114ms
109ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProDisplay-ThinItalic.c77d26c8.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProDisplay-ThinItalic.c77d26c8.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-f570"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 62832
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProText-BoldItalic.aa43b00e.woff2
1wota.top/fonts/ 0
65 KB 231ms
227ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProText-BoldItalic.aa43b00e.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProText-BoldItalic.aa43b00e.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-10564"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 66916
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProText-HeavyItalic.1187d77d.woff2
1wota.top/fonts/ 0
67 KB 111ms
107ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProText-HeavyItalic.1187d77d.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProText-HeavyItalic.1187d77d.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 23:52:17 GMT
last-modified: Fri, 16 Jul 2021 13:47:52 GMT
server: ddos-guard
age: 413546
etag: "60f18e08-10b24"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 68388
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProText-Light.48e92b33.woff2
1wota.top/fonts/ 0
102 KB 231ms
227ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProText-Light.48e92b33.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProText-Light.48e92b33.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-198e4"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 104676
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProText-LightItalic.d271e6b2.woff2
1wota.top/fonts/ 0
66 KB 114ms
110ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProText-LightItalic.d271e6b2.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProText-LightItalic.d271e6b2.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-10628"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 67112
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProText-MediumItalic.6e632d20.woff2
1wota.top/fonts/ 0
67 KB 113ms
109ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProText-MediumItalic.6e632d20.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProText-MediumItalic.6e632d20.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-10bb4"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 68532
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProText-RegularItalic.f49877e0.woff2
1wota.top/fonts/ 0
60 KB 111ms
107ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProText-RegularItalic.f49877e0.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProText-RegularItalic.f49877e0.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Jul 2021 17:48:45 GMT
last-modified: Fri, 16 Jul 2021 13:47:52 GMT
server: ddos-guard
age: 348958
etag: "60f18e08-ee28"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 60968
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProText-SemiboldItalic.9aa5d618.woff2
1wota.top/fonts/ 0
67 KB 111ms
108ms Other
application/octet-stream 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/fonts/SFProText-SemiboldItalic.9aa5d618.woff2
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b
:path: /fonts/SFProText-SemiboldItalic.9aa5d618.woff2
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: "60f81b69-10c8c"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 68748
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 21ms
19ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174162538-1

Requested by

Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b24abd7f35109b02478216a4ec909efe93c0e49d171fb97969b203b87977bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39752
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jul 2021 18:44:43 GMT

GET
H2 200 amplitude-7.2.1-min.gz.js Show response
cdn.amplitude.com/libs/ 59 KB
19 KB 165ms
60ms Script
application/javascript 13.226.156.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.182 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-182.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8

Request headers

Origin: https://1wota.top
Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:31:40 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 5386384
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 19222
access-control-allow-origin: *
last-modified: Tue, 22 Sep 2020 19:51:25 GMT
server: AmazonS3
etag: "e7ee6bc7f428f90fb1b1ed0e94b9f835"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: rtLe8nVXDx8sL7XBGT5sDlFBE.TwGFEn
via: 1.1 50f438df6dbb947f3e4702890bc9cc06.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: Gia3YLu8LTL4bwVahyPZqhKxScfkYl8GNgHxtJ_52dHhteiiKgWSdg==

GET
H2 200 client.js Show response
cs15.livetex.ru/js/ 2 KB
1 KB 287ms
75ms Script
application/javascript 185.39.80.168
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://cs15.livetex.ru/js/client.js
Requested by: Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.80.168 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 203f2a16c3f446bffe78faa40b09a7c0760665a23b3809e7d2c02cd89190b85a

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
content-encoding: gzip
last-modified: Wed, 23 Jun 2021 10:36:40 GMT
server: nginx
etag: W/"60d30eb8-6d9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
expires: Thu, 22 Jul 2021 18:44:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174162538-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 2245
date: Wed, 21 Jul 2021 18:07:18 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Wed, 21 Jul 2021 20:07:18 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=341761632&t=pageview&_s=1&dl=https%3A%2F%2F1wota.top%2F%3Fsub1%3D60f86b1b1eda6c0001c6cc9b%26open%3Dregister&ul=en-us&de=UTF-8&dt=1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABCAAAAC~&jid=1274754177&gjid=1602003201&cid=1000086892.1626893084&tid=UA-174162538-1&_gid=529312922.1626893084&_r=1&gtm=2ou7j0&z=724071532

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 18:44:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1wota.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
83 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-174162538-1&cid=1000086892.1626893084&jid=1274754177&gjid=1602003201&_gid=529312922.1626893084&_u=YEBAAUAACAAAAC~&z=1310092725

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 21 Jul 2021 18:44:43 GMT
content-type: text/plain
access-control-allow-origin: https://1wota.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
108 B 23ms
23ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-174162538-1&cid=1000086892.1626893084&jid=1274754177&_u=YEBAAUAACAAAAC~&z=755874680

Requested by

Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 18:44:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 22ms
22ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-174162538-1&cid=1000086892.1626893084&jid=1274754177&_u=YEBAAUAACAAAAC~&z=755874680

Requested by

Host: 1wota.top
URL: https://1wota.top/?sub1=60f86b1b1eda6c0001c6cc9b&open=register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 18:44:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 app~vip.3a97055b.js Show response
cdn-1win.xyz/js/ 21 KB
7 KB 178ms
61ms Script
application/javascript 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/js/app~vip.3a97055b.js
Requested by: Host: 1wota.top
URL: https://1wota.top/js/index.9d92e661.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: b8dc925c5e9e5a5b9ac7ee9795d1174710121d649f09b23a759745cb98d75857

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 13:04:40 GMT
server: nginx/1.15.10
etag: W/"60f81b68-547c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.1c8b6f05.css
cdn-1win.xyz/css/ 11 KB
2 KB 175ms
58ms Stylesheet
text/css 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/css/app.1c8b6f05.css
Requested by: Host: 1wota.top
URL: https://1wota.top/js/index.9d92e661.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: 52249da2bd2f1995aa161e0f2394d17767e0211f314b6b6e61fbf4516dea6e50

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: nginx/1.15.10
etag: W/"60f81b69-2d42"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.b3308a5e.js Show response
cdn-1win.xyz/js/ 709 KB
216 KB 208ms
91ms Script
application/javascript 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/js/app.b3308a5e.js
Requested by: Host: 1wota.top
URL: https://1wota.top/js/index.9d92e661.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: 1bdd72e2b09669643d5368ee8af8ba769fd34784f0b8bd8b85a355ca4ed54396

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:43 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 13:04:40 GMT
server: nginx/1.15.10
etag: W/"60f81b68-b121f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

widgetsSettings.json Show response
widgets-2-omni-iframe.livetex.ru/js/
Redirect Chain

https://balancer-cloud.livetex.ru/get-client/?site_id=170258&version=1.2.30-3d79ab1&target=settings_path&rnd=ku3mouywh3g
https://widgets-2-omni-iframe.livetex.ru/js/widgetsSettings.json

1020 B
1 KB

73ms
70ms

XHR
application/json

185.39.80.168
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-2-omni-iframe.livetex.ru/js/widgetsSettings.json
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.80.168 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: e6d2e447997a58043ecdc6e4534ebd9cb98f0576bfee7b82a4d8d2e357968d62

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
last-modified: Tue, 07 Jul 2020 12:19:07 GMT
server: nginx
etag: "5f04683b-3fc"
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1020

Redirect headers

pragma: no-cache
date: Wed, 21 Jul 2021 18:44:44 GMT
server: nginx
location: //widgets-2-omni-iframe.livetex.ru/js/widgetsSettings.json
access-control-allow-origin: https://1wota.top
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
access-control-allow-credentials: true
content-length: 0
expires: Wed, 21 Jul 2021 18:44:43 GMT

GET
H2 200 SFProText-Regular.c7e2854d.woff2
cdn-1win.xyz/fonts/ 92 KB
93 KB 60ms
59ms Font
application/octet-stream 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/fonts/SFProText-Regular.c7e2854d.woff2
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/app.1c8b6f05.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: 8a1914bcc30c47d6f74e1b6856573bf0c3968c7ae938c6fbfe432212fe03d1da

Request headers

Origin: https://1wota.top
Referer: https://cdn-1win.xyz/css/app.1c8b6f05.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: nginx/1.15.10
etag: "60f81b69-170d8"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 94424
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 affiliate:link_visit Show response
1wota.top/ 15 B
148 B 106ms
105ms XHR
application/json 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/affiliate:link_visit?partner_key=570k&sub_ids=sub1%3D60f86b1b1eda6c0001c6cc9b%26
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/js/app.b3308a5e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard / Express
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

:path: /affiliate:link_visit?partner_key=570k&sub_ids=sub1%3D60f86b1b1eda6c0001c6cc9b%26
pragma: no-cache
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; _ga=GA1.2.1000086892.1626893084; _gid=GA1.2.529312922.1626893084; _gat_gtag_UA_174162538_1=1; __ddgid=8fRvOCu19QqsOHD9; __ddgmark=z9wsjiAqwqEKCSLA; amp_c644f1=CGqK0Y8yz7wtigiJuMD_Hg...1fb564p4q.1fb564p4q.0.0.0; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b&; visit_domain=1wota.top; partner_key=570k
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: 1wota.top
referer: https://1wota.top/?open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
etag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
server: ddos-guard
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: undefined *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: core-sticky=http://10.233.71.147:80; Path=/; HttpOnly
access-control-allow-headers: Content-Type, Authorization

GET
H2 200 en Show response
1wota.top/lang-server/langs/ 220 KB
66 KB 73ms
73ms XHR
application/json 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/lang-server/langs/en
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/js/app.b3308a5e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: 5d0aeb5992a5f890707faa4399d53bab0366e02fa3f1f8fc54f0a4926e93ace8

Request headers

:path: /lang-server/langs/en
pragma: no-cache
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; _ga=GA1.2.1000086892.1626893084; _gid=GA1.2.529312922.1626893084; _gat_gtag_UA_174162538_1=1; __ddgid=8fRvOCu19QqsOHD9; __ddgmark=z9wsjiAqwqEKCSLA; amp_c644f1=CGqK0Y8yz7wtigiJuMD_Hg...1fb564p4q.1fb564p4q.0.0.0; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b&; visit_domain=1wota.top; partner_key=570k
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: public, max-age=31536000
sec-fetch-dest: empty
:authority: 1wota.top
referer: https://1wota.top/?open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Cache-Control: public, max-age=31536000
Referer: https://1wota.top/?open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
cache-control: no-cache
server: ddos-guard
content-encoding: gzip
vary: Origin
content-type: application/json; charset=utf-8

GET
H2 200 get-authorization Show response
1win-auth.com/ 19 B
439 B 196ms
65ms XHR
application/json 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-auth.com/get-authorization?random=1626893084213-0.7720911046442875
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/js/app.b3308a5e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 / Express
Resource Hash: 759315d5ae8c31136d2a7bc803e591554894987559325cdf7e0b5965bec0eaca

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
etag: W/"13-s4irxbhWs8tlAyz2jRLN7icHP8c"
server: nginx/1.15.10
x-powered-by: Express
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wota.top
access-control-expose-headers: Authorization
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 19
expires: Wed, 21 Jul 2021 18:44:43 GMT

GET
H2 200 get-authorization Show response
1wota.top/ 19 B
363 B 62ms
62ms XHR
application/json 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/get-authorization?random=1626893084213-0.7720911046442875
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/js/app.b3308a5e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard / Express
Resource Hash: 759315d5ae8c31136d2a7bc803e591554894987559325cdf7e0b5965bec0eaca

Request headers

:path: /get-authorization?random=1626893084213-0.7720911046442875
pragma: no-cache
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; _ga=GA1.2.1000086892.1626893084; _gid=GA1.2.529312922.1626893084; _gat_gtag_UA_174162538_1=1; __ddgid=8fRvOCu19QqsOHD9; __ddgmark=z9wsjiAqwqEKCSLA; amp_c644f1=CGqK0Y8yz7wtigiJuMD_Hg...1fb564p4q.1fb564p4q.0.0.0; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b&; visit_domain=1wota.top; partner_key=570k
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: 1wota.top
referer: https://1wota.top/?open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://1wota.top/?open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
etag: W/"13-s4irxbhWs8tlAyz2jRLN7icHP8c"
server: ddos-guard
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: 1wota.top *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: core-sticky=http://10.233.71.148:80; Path=/; HttpOnly
access-control-allow-headers: Content-Type, Authorization

POST
H2 200 ask Show response
1wota.top/microservice/ 205 B
283 B 73ms
73ms XHR
application/json 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wota.top/microservice/ask

Requested by

Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/js/app.b3308a5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

ddos-guard / Express

Resource Hash

1f42c582364058726238a1c0eb5f6bc6a838078c0cae1799f15eb04f2215209e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://1wota.top
accept-encoding: gzip, deflate, br
accept-language: en
authorization: [object Object]
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; _ga=GA1.2.1000086892.1626893084; _gid=GA1.2.529312922.1626893084; _gat_gtag_UA_174162538_1=1; __ddgid=8fRvOCu19QqsOHD9; __ddgmark=z9wsjiAqwqEKCSLA; amp_c644f1=CGqK0Y8yz7wtigiJuMD_Hg...1fb564p4q.1fb564p4q.0.0.0; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b&; visit_domain=1wota.top; partner_key=570k
content-length: 38
:path: /microservice/ask
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json;charset=UTF-8
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?open=register
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/plain, */*
Referer: https://1wota.top/?open=register
Authorization: [object Object]
Accept-Language: en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
etag: W/"cd-O02xCs0r7RjAOqxMjS9P/K+DiuY"
server: ddos-guard
x-frame-options: DENY
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wota.top
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: core-sticky=http://10.233.71.151:80; Path=/; HttpOnly
access-control-allow-headers: Content-Type, Authorization

POST
H2 200 ask Show response
1wota.top/microservice/ 608 B
365 B 71ms
70ms XHR
application/json 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wota.top/microservice/ask

Requested by

Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/js/app.b3308a5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

ddos-guard / Express

Resource Hash

18281ae2a55517e2ece911f916b1a144a0a32071ff6725db32963197bd1ccf5b

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://1wota.top
accept-encoding: gzip, deflate, br
accept-language: en
authorization: [object Object]
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; _ga=GA1.2.1000086892.1626893084; _gid=GA1.2.529312922.1626893084; _gat_gtag_UA_174162538_1=1; __ddgid=8fRvOCu19QqsOHD9; __ddgmark=z9wsjiAqwqEKCSLA; amp_c644f1=CGqK0Y8yz7wtigiJuMD_Hg...1fb564p4q.1fb564p4q.0.0.0; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b&; visit_domain=1wota.top; partner_key=570k
content-length: 38
:path: /microservice/ask
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json;charset=UTF-8
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?open=register
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/plain, */*
Referer: https://1wota.top/?open=register
Authorization: [object Object]
Accept-Language: en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
etag: W/"260-/MR4G9ZOwCIN7qQn959BD06f/G4"
server: ddos-guard
x-powered-by: Express
x-frame-options: DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wota.top
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: core-sticky=http://10.233.69.85:80; Path=/; HttpOnly
access-control-allow-headers: Content-Type, Authorization

POST
H2 200 ask Show response
1wota.top/microservice/ 290 B
298 B 72ms
72ms XHR
application/json 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wota.top/microservice/ask

Requested by

Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/js/app.b3308a5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

ddos-guard / Express

Resource Hash

0860328708e499a40d72322cab3e075967d3582529c15fddbc7541943393330a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://1wota.top
accept-encoding: gzip, deflate, br
accept-language: en
authorization: [object Object]
sec-fetch-dest: empty
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; _ga=GA1.2.1000086892.1626893084; _gid=GA1.2.529312922.1626893084; _gat_gtag_UA_174162538_1=1; __ddgid=8fRvOCu19QqsOHD9; __ddgmark=z9wsjiAqwqEKCSLA; amp_c644f1=CGqK0Y8yz7wtigiJuMD_Hg...1fb564p4q.1fb564p4q.0.0.0; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b&; visit_domain=1wota.top; partner_key=570k
content-length: 38
:path: /microservice/ask
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json;charset=UTF-8
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: 1wota.top
referer: https://1wota.top/?open=register
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/plain, */*
Referer: https://1wota.top/?open=register
Authorization: [object Object]
Accept-Language: en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
etag: W/"122-hlxF2ljhMNJsVA/sZrg9jVda0uA"
server: ddos-guard
x-powered-by: Express
x-frame-options: DENY
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wota.top
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: core-sticky=http://10.233.72.177:80; Path=/; HttpOnly
access-control-allow-headers: Content-Type, Authorization

GET
H2 200 uah.txt Show response
1wota.top/ 2 B
76 B 70ms
69ms XHR
text/plain 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/uah.txt
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/js/app.b3308a5e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: b8d31e852725afb1e26d53bab6095b2bff1749c9275be13ed1c05a56ed31ec09

Request headers

:path: /uah.txt
pragma: no-cache
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; _ga=GA1.2.1000086892.1626893084; _gid=GA1.2.529312922.1626893084; _gat_gtag_UA_174162538_1=1; __ddgid=8fRvOCu19QqsOHD9; __ddgmark=z9wsjiAqwqEKCSLA; amp_c644f1=CGqK0Y8yz7wtigiJuMD_Hg...1fb564p4q.1fb564p4q.0.0.0; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b&; visit_domain=1wota.top; partner_key=570k
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: 1wota.top
referer: https://1wota.top/?open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://1wota.top/?open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: ddos-guard
age: 0
etag: W/"60f81b69-2"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 icons-common.e6d18ca6.js Show response
cdn-1win.xyz/js/ 190 KB
56 KB 60ms
59ms Script
application/javascript 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/js/icons-common.e6d18ca6.js
Requested by: Host: 1wota.top
URL: https://1wota.top/js/index.9d92e661.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: 6017c4efd04f4f31d760d46f8b46b2f81e65e27ab779b74237abcbbb3d516895

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 13:04:40 GMT
server: nginx/1.15.10
etag: W/"60f81b68-2f948"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop~mobile~vip.1177ed54.css
cdn-1win.xyz/css/ 510 B
452 B 61ms
60ms Stylesheet
text/css 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/css/desktop~mobile~vip.1177ed54.css
Requested by: Host: 1wota.top
URL: https://1wota.top/js/index.9d92e661.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: fa7c70629f07754630eb365152ad57f6375f1400033a9307deeb4a0e956b04c2

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: nginx/1.15.10
etag: W/"60f81b69-1fe"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop~mobile~vip.55c03e8b.js Show response
cdn-1win.xyz/js/ 66 KB
20 KB 62ms
60ms Script
application/javascript 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/js/desktop~mobile~vip.55c03e8b.js
Requested by: Host: 1wota.top
URL: https://1wota.top/js/index.9d92e661.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: d6c3658b0faee7f97b3539adb66a465f6b444d89aadd9cfbc8436750b118ddc1

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 13:04:40 GMT
server: nginx/1.15.10
etag: W/"60f81b68-10626"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop~mobile.693e5b0d.css
cdn-1win.xyz/css/ 10 KB
2 KB 63ms
62ms Stylesheet
text/css 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/css/desktop~mobile.693e5b0d.css
Requested by: Host: 1wota.top
URL: https://1wota.top/js/index.9d92e661.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: 14286081bccd0f629a660660bf914ce7efc28ba28c42b05b42b21b79d8f3d715

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: nginx/1.15.10
etag: W/"60f81b69-2898"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop~mobile.79f53286.js Show response
cdn-1win.xyz/js/ 148 KB
46 KB 64ms
63ms Script
application/javascript 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/js/desktop~mobile.79f53286.js
Requested by: Host: 1wota.top
URL: https://1wota.top/js/index.9d92e661.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: bb2cb8e0039965e20462b5a4b03cc64579c90d1486939bd19f15bc23445be3ce

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 13:04:40 GMT
server: nginx/1.15.10
etag: W/"60f81b68-25155"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.a9c1fd49.css
cdn-1win.xyz/css/ 101 KB
16 KB 62ms
62ms Stylesheet
text/css 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/css/desktop.a9c1fd49.css
Requested by: Host: 1wota.top
URL: https://1wota.top/js/index.9d92e661.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: b204b78582a858a2e05a5fa244af52fde0ef4eb8760f3825c3d95a92a8e6713a

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: nginx/1.15.10
etag: W/"60f81b69-1957b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.0789fff5.js Show response
cdn-1win.xyz/js/ 130 KB
34 KB 67ms
67ms Script
application/javascript 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/js/desktop.0789fff5.js
Requested by: Host: 1wota.top
URL: https://1wota.top/js/index.9d92e661.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: fa6704d10f2ceb23d7e5b96bdd9d4f16f509ab2300a9922bdfc9916d6edbd2e4

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 13:04:40 GMT
server: nginx/1.15.10
etag: W/"60f81b68-20732"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 en Show response
1wota.top/production-translations/langs/ 536 KB
109 KB 145ms
145ms XHR
application/json 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://1wota.top/production-translations/langs/en?v=2

Requested by

Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/js/app.b3308a5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

Software

ddos-guard /

Resource Hash

0702a296832bf834d6ea775d06162671e36f24062c00f69f376c331a0ed4e853

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

:path: /production-translations/langs/en?v=2
pragma: no-cache
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; _ga=GA1.2.1000086892.1626893084; _gid=GA1.2.529312922.1626893084; _gat_gtag_UA_174162538_1=1; __ddgid=8fRvOCu19QqsOHD9; __ddgmark=z9wsjiAqwqEKCSLA; amp_c644f1=CGqK0Y8yz7wtigiJuMD_Hg...1fb564p4q.1fb564p4q.0.0.0; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b&; visit_domain=1wota.top; partner_key=570k; core-sticky=http://10.233.72.177:80
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: 1wota.top
referer: https://1wota.top/?open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://1wota.top/?open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
vary: Origin
server: ddos-guard
x-frame-options: DENY
content-type: application/json; charset=utf-8

GET
H2

200

app3.js Show response
widgets-2-omni-iframe.livetex.ru/js/
Redirect Chain

https://balancer-cloud.livetex.ru/get-client/?site_id=170258&version=1.2.30-3d79ab1&target=path&rnd=zdhnjb1fzm
https://widgets-2-omni-iframe.livetex.ru/js/app3.js

26 KB
7 KB

80ms
80ms

Script
application/javascript

185.39.80.168
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-2-omni-iframe.livetex.ru/js/app3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.80.168 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 9027792502fc16873e8f59cb90120c830f3e45a79185abd9230da483c24c5468

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
server: nginx
etag: W/"60f54d09-68d1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: no-cache
access-control-allow-credentials: true

Redirect headers

pragma: no-cache
date: Wed, 21 Jul 2021 18:44:44 GMT
server: nginx
location: //widgets-2-omni-iframe.livetex.ru/js/app3.js
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
access-control-allow-credentials: true
content-length: 0
expires: Wed, 21 Jul 2021 18:44:43 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 223 KB
71 KB 149ms
50ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/js/desktop~mobile.79f53286.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e788c7f07903cd5e96a062aa3ea175c987b0772cce696914daca381dee353dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: br
last-modified: Tue, 20 Jul 2021 13:56:12 GMT
etag: "60ec4755-11a70"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 72304
expires: Wed, 21 Jul 2021 19:44:44 GMT

HEAD
H2 200 iframe.html
widgets-2-omni-iframe.livetex.me/js/ 0
0 99ms
76ms Fetch
text/html 2606:4700:3033::ac43:8bce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-2-omni-iframe.livetex.me/js/iframe.html
Requested by: Host: balancer-cloud.livetex.ru
URL: https://balancer-cloud.livetex.ru/get-client/?site_id=170258&version=1.2.30-3d79ab1&target=path&rnd=zdhnjb1fzm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:8bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FCIPSkQOOv3NHvsSc8QGDxHH9%2Bs00lBB5mt4M5%2F0kcI%2F1OqKEHJGTeC5GgGQWs941YRScwzEyjWnEf24cXMu7sWCKBgAu%2Bc2lJuYyxqlaGW2QQ1%2Fzy7zB4rqUvbaFva7YK0p4e4TRVlnYHmGgGQt0dhkc1OT44UmGNBytnqdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://1wota.top
cache-control: no-cache
cf-ray: 6726951269ed0614-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 iframe.html Show response
widgets-2-omni-iframe.livetex.me/js/ Frame 6BBF 2 KB
2 KB 92ms
82ms Document
text/html 2606:4700:3033::ac43:8bce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-2-omni-iframe.livetex.me/js/iframe.html
Requested by: Host: balancer-cloud.livetex.ru
URL: https://balancer-cloud.livetex.ru/get-client/?site_id=170258&version=1.2.30-3d79ab1&target=path&rnd=zdhnjb1fzm
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11419c1b975999ca0130096ff873c78f5810b7f34298e84b7cbcf9d38c5fc936

Request headers

:method: GET
:authority: widgets-2-omni-iframe.livetex.me
:scheme: https
:path: /js/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1wota.top/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://1wota.top/

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie: __cf_bm=878db252a1921ceb065becee39a9de498cf0e8b1-1626893084-1800-AYU/nyjPiqhOUVcFqoWlBwU/3sn25CadFk//YWpxSmvx7MkzrGO960msEVdRlAEeBAPIUkxCNQHK+gap6k0NtOE=; path=/; expires=Wed, 21-Jul-21 19:14:44 GMT; domain=.livetex.me; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANyE%2BWms5V4%2Fw1DqkgSXcY7AHNqThPKmAqkYS19LyN2f5y%2BqZ4%2BoCU%2FumLdBF1fudGFj0MagiMolXJZW6JJX5dLLV%2FPldXnMEmrs4S44jj63na8MBQFDjuiZMuwP%2BABKTDMR7UFvq%2F8I4kEso3KAiJu8S6rSsCglYisCbi35Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 672695130d65c2fe-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 ui.7.1.833.js Show response
widgets-2-omni-iframe.livetex.me/js/ 1 MB
252 KB 39ms
29ms Script
application/javascript 2606:4700:3033::ac43:8bce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-2-omni-iframe.livetex.me/js/ui.7.1.833.js
Requested by: Host: balancer-cloud.livetex.ru
URL: https://balancer-cloud.livetex.ru/get-client/?site_id=170258&version=1.2.30-3d79ab1&target=path&rnd=zdhnjb1fzm
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1edbc3fa313630192f0cd01c6c02646a8854792881340dc1a5eca386babaf8e9

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 203117
cf-polished: origSize=1120522
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"60f54d03-11190a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9Sz2ehcjmMNO%2BhOsPGAVHCkKJjjF3MjOE7nFCJPZetMHoJD8nlFqhU9c6xpScO2g8jQV7zuVzZmP1Hxyiy%2BgPyfaQNOYpYVEdYNzmaNkYbL64QQATtkK4glBWhUKXfotKp6vRB3eWOmg2bfe58%2BMCxcdqSGwA0XKY0fH2NIYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
sourcemap: ui.7.1.833.js.map
cf-ray: 672695130d62c2fe-FRA

GET
H2 200 / Show response
balancer-cloud.livetex.ru/services/ 2 KB
679 B 78ms
77ms Fetch
text/plain 185.39.80.168
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://balancer-cloud.livetex.ru/services/?site_id=170258&ids=widgets-api-service2-app.thrift-http,widgets-api-service2-app.http,event-service-app.widgets-thrift-http&client=widget&version=7.1.833
Requested by: Host: balancer-cloud.livetex.ru
URL: https://balancer-cloud.livetex.ru/get-client/?site_id=170258&version=1.2.30-3d79ab1&target=path&rnd=zdhnjb1fzm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.80.168 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 39611dd33c775dd0a978ca38ca759a4a8bdff2e92e206d4e7abedd9b82f07918

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://1wota.top
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-TOKEN
expires: Wed, 21 Jul 2021 18:44:43 GMT

GET
H2 200 chunk-7091432f.749aeb81.js Show response
cdn-1win.xyz/js/ 25 KB
9 KB 72ms
71ms Script
application/javascript 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/js/chunk-7091432f.749aeb81.js
Requested by: Host: 1wota.top
URL: https://1wota.top/js/index.9d92e661.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: ffece173c0978450b65533a8102cc55f00567482439ce248b0296b243da2028f

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 13:04:40 GMT
server: nginx/1.15.10
etag: W/"60f81b68-64aa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chunk-2d22892c.8826c86d.js Show response
cdn-1win.xyz/js/ 10 KB
4 KB 72ms
72ms Script
application/javascript 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/js/chunk-2d22892c.8826c86d.js
Requested by: Host: 1wota.top
URL: https://1wota.top/js/index.9d92e661.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: c9e6e1a5236be0135dbb83a6705b33bfbd75046d2c99ae9bc4a72785fc76c9d5

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 13:04:40 GMT
server: nginx/1.15.10
etag: W/"60f81b68-2823"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chunk-68fe9726.ee0b70eb.css
cdn-1win.xyz/css/ 17 KB
3 KB 72ms
72ms Stylesheet
text/css 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/css/chunk-68fe9726.ee0b70eb.css
Requested by: Host: 1wota.top
URL: https://1wota.top/js/index.9d92e661.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: 2d629a070ba809ebdc1e2e8da7cc4d04b80a4c2541facd32503767f77603be11

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: nginx/1.15.10
etag: W/"60f81b69-425d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chunk-68fe9726.3d8d9df9.js Show response
cdn-1win.xyz/js/ 44 KB
15 KB 72ms
71ms Script
application/javascript 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/js/chunk-68fe9726.3d8d9df9.js
Requested by: Host: 1wota.top
URL: https://1wota.top/js/index.9d92e661.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: c310c2ada6ab145cbf40ce9371f29554aa7b75d8cb9b726b39a8a05b7dd5cedf

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 13:04:40 GMT
server: nginx/1.15.10
etag: W/"60f81b68-b087"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chunk-7a87df8e.ade49416.css
cdn-1win.xyz/css/ 20 KB
3 KB 73ms
72ms Stylesheet
text/css 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/css/chunk-7a87df8e.ade49416.css
Requested by: Host: 1wota.top
URL: https://1wota.top/js/index.9d92e661.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: ccfae81300aabadfe3afc80a77b0b957f9d7c597d0612d67c00c7819c53a8795

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: nginx/1.15.10
etag: W/"60f81b69-4f0b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chunk-7a87df8e.f7b35351.js Show response
cdn-1win.xyz/js/ 37 KB
10 KB 73ms
72ms Script
application/javascript 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/js/chunk-7a87df8e.f7b35351.js
Requested by: Host: 1wota.top
URL: https://1wota.top/js/index.9d92e661.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: d84b3e7fe8cfc941ab1daf46e021ffbb3077a275d2e96deab3d67666444eb227

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 13:04:40 GMT
server: nginx/1.15.10
etag: W/"60f81b68-9557"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=341761632&t=event&_s=2&dl=https%3A%2F%2F1wota.top%2F%3Fsub1%3D60f86b1b1eda6c0001c6cc9b%26open%3Dregister&ul=en-us&de=UTF-8&dt=1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=bad&ea=bad-js&_u=YFBAAUABCAAAAC~&jid=&gjid=&cid=1000086892.1626893084&tid=UA-174162538-1&_gid=529312922.1626893084&gtm=2ou7j0&z=448572520

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 17:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3533
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9341.a3AL6hCrqtfG9bQtU3VV77HWw77SRwdIG0rDc00LT6WkZZ4Szihip4aqzXSUNZFt.59WPoAzaB-l9HFA-73NfFh5Lqpw%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9341.sAYJPVByw7L2fk1PTkj1CPhy6M5Mu7jBukhPG6qUqlrOry2XPcGltULQRqy6D6RM-mDv_1vt2CejamC9vxoq5A%2C%2C.8lsJpy5iREFKPtjVh9ktC96fTgw%2C

75 B
75 B

52ms
51ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9341.sAYJPVByw7L2fk1PTkj1CPhy6M5Mu7jBukhPG6qUqlrOry2XPcGltULQRqy6D6RM-mDv_1vt2CejamC9vxoq5A%2C%2C.8lsJpy5iREFKPtjVh9ktC96fTgw%2C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:45 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9341.sAYJPVByw7L2fk1PTkj1CPhy6M5Mu7jBukhPG6qUqlrOry2XPcGltULQRqy6D6RM-mDv_1vt2CejamC9vxoq5A%2C%2C.8lsJpy5iREFKPtjVh9ktC96fTgw%2C
date: Wed, 21 Jul 2021 18:44:45 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 49ms
49ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:44 GMT
last-modified: Tue, 20 Jul 2021 13:56:12 GMT
etag: "60ec4755-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 21 Jul 2021 19:44:44 GMT

GET
H2 200 flags.f10e1598.svg
1wota.top/img/ 190 KB
42 KB 84ms
83ms Other
image/svg+xml 190.115.19.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1wota.top/img/flags.f10e1598.svg
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/js/app.b3308a5e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.19.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software: ddos-guard /
Resource Hash: 3cc70efd28ada2a45989ff15b96d1f9d95eb88c722fb334ba206ed5fff8d81b5

Request headers

:path: /img/flags.f10e1598.svg
pragma: no-cache
cookie: __ddg1=qNXBhEYoTgY6kX1xyJLW; _ga=GA1.2.1000086892.1626893084; _gid=GA1.2.529312922.1626893084; _gat_gtag_UA_174162538_1=1; __ddgid=8fRvOCu19QqsOHD9; __ddgmark=z9wsjiAqwqEKCSLA; sub_ids=sub1=60f86b1b1eda6c0001c6cc9b&; visit_domain=1wota.top; partner_key=570k; core-sticky=http://10.233.72.177:80; amp_c644f1=CGqK0Y8yz7wtigiJuMD_Hg...1fb564p4q.1fb564po3.0.0.0; _ym_uid=162689308519384928; _ym_d=1626893085
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: same-origin
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 1wota.top
referer: https://1wota.top/?open=register
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1wota.top/?open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:45 GMT
content-encoding: br
last-modified: Wed, 21 Jul 2021 13:04:40 GMT
server: ddos-guard
age: 0
etag: W/"60f81b68-2f6fd"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 / Show response
api.amplitude.com/ 7 B
168 B 618ms
207ms XHR
text/html 54.213.181.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/js/desktop~mobile.79f53286.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.213.181.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-213-181-117.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 21 Jul 2021 18:44:45 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=341761632&t=event&_s=3&dl=https%3A%2F%2F1wota.top%2F%3Fsub1%3D60f86b1b1eda6c0001c6cc9b%26open%3Dregister&ul=en-us&de=UTF-8&dt=1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=reg&ea=reg-modalOppened&_u=YFBAAUABCAAAAC~&jid=&gjid=&cid=1000086892.1626893084&tid=UA-174162538-1&_gid=529312922.1626893084&gtm=2ou7j0&z=1534312698

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 17:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3534
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 vendor.5591d9.js Show response
widgets-2-omni-iframe.livetex.me/js/ Frame 6BBF 428 KB
69 KB 24ms
24ms Script
application/javascript 2606:4700:3033::ac43:8bce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-2-omni-iframe.livetex.me/js/vendor.5591d9.js
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/iframe.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77006f90837e3d7a112d67fd9ccfa9e5bb857547c1278acf7b65a034a0905c2a

Request headers

Referer: https://widgets-2-omni-iframe.livetex.me/js/iframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 116347
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"60f54d21-6af60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApcF7LIK81GrMn0Ww6ZV5jiKYvD%2BH0lb5Rx81yyVpbNjPrpxYmidKL8CuoahwO3eYYyt8zGcLJpPNPr7Vt5BhVbCkpKF%2Ba0Lb9r4gBjtkQAxueUQvX2BU%2BT1oNRDRc0rjjf%2FaQcEsQP%2FXGHRHXNDQm%2FdZY1WKKTp1zXHrwF5cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
sourcemap: vendor.5591d9.js.map
cf-ray: 672695154918c2fe-FRA

GET
H3-29 200 services.606461.js Show response
widgets-2-omni-iframe.livetex.me/js/ Frame 6BBF 338 KB
72 KB 26ms
25ms Script
application/javascript 2606:4700:3033::ac43:8bce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-2-omni-iframe.livetex.me/js/services.606461.js
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/iframe.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e06fbac0a8f2e013d4bbb8cbb1a805a2cd488c881322ec7b4a21eb3333b4e338

Request headers

Referer: https://widgets-2-omni-iframe.livetex.me/js/iframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 203118
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"60f54d21-54716"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0r1EHFi3f%2F8tzu70K3IFZYjuEC2XNEwoh%2BaUTIrAPSLMEcSEaTZ9cc4QDruF4JWdsIQv%2BHbvYsxsZaHTvodip2fL351ewl9YWQKolLPrX1Vplwdxmfj7g7tBbuYjOu%2FfZd6aO4bnnFjAEy0Y%2FwecnD9sj7mPcEAitmsb4eXxKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=604800
sourcemap: services.606461.js.map
cf-ray: 67269515491bc2fe-FRA

GET
H2 200 emoji-soccer.c18c3992-160.png
cdn-1win.xyz/img/ 19 KB
19 KB 61ms
59ms Image
image/png 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1win.xyz/img/emoji-soccer.c18c3992-160.png
Requested by: Host: 1wota.top
URL: https://1wota.top/?open=register
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: 2a4ed0a610bb22a1b34255e8cde3bd4f243c0661c6ccbf74e1812d3bc98924fd

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:45 GMT
last-modified: Wed, 21 Jul 2021 13:04:40 GMT
server: nginx/1.15.10
etag: "60f81b68-4c60"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 19552
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 emoji-slots.df1dca96-160.png
cdn-1win.xyz/img/ 43 KB
43 KB 62ms
60ms Image
image/png 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1win.xyz/img/emoji-slots.df1dca96-160.png
Requested by: Host: 1wota.top
URL: https://1wota.top/?open=register
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: f79710ca75c1b6b9d19d7f36f6e58f6ef40dbff7a48768be22e531d8df351667

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:45 GMT
last-modified: Wed, 21 Jul 2021 13:04:40 GMT
server: nginx/1.15.10
etag: "60f81b68-ab28"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 43816
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cashback.bbf4225d.svg
cdn-1win.xyz/img/ 2 KB
1 KB 65ms
63ms Image
image/svg+xml 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-1win.xyz/img/cashback.bbf4225d.svg
Requested by: Host: 1wota.top
URL: https://1wota.top/?open=register
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: 8492b63b2d1147503ddb11a27f119e5287c5ae6f02f37e51ad6ae769af970658

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:45 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 13:04:40 GMT
server: nginx/1.15.10
etag: W/"60f81b68-851"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProDisplay-Bold.33802914.woff2
cdn-1win.xyz/fonts/ 96 KB
97 KB 60ms
59ms Font
application/octet-stream 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/fonts/SFProDisplay-Bold.33802914.woff2
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/app.1c8b6f05.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: 32b6db04338d853de4148e775afcacadfb2d0bd3e8f10192916f6688f34c6005

Request headers

Origin: https://1wota.top
Referer: https://cdn-1win.xyz/css/app.1c8b6f05.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:45 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: nginx/1.15.10
etag: "60f81b69-18198"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 98712
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProText-Medium.09be2e2f.woff2
cdn-1win.xyz/fonts/ 102 KB
102 KB 160ms
159ms Font
application/octet-stream 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/fonts/SFProText-Medium.09be2e2f.woff2
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/app.1c8b6f05.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: 7a3e5a3f97d4a5b7422d73c10e8431e3b7ad971e81b34a671575bd5cce451a4d

Request headers

Origin: https://1wota.top
Referer: https://cdn-1win.xyz/css/app.1c8b6f05.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:45 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: nginx/1.15.10
etag: "60f81b69-196ec"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 104172
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProText-Bold.8e175b47.woff2
cdn-1win.xyz/fonts/ 100 KB
100 KB 166ms
164ms Font
application/octet-stream 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/fonts/SFProText-Bold.8e175b47.woff2
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/app.1c8b6f05.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: 87189c7bda240da89b1b1d7373467142d71c103b5f619f8017104c64f4d514f1

Request headers

Origin: https://1wota.top
Referer: https://cdn-1win.xyz/css/app.1c8b6f05.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:45 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: nginx/1.15.10
etag: "60f81b69-18fb0"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 102320
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFProText-Semibold.211b9d52.woff2
cdn-1win.xyz/fonts/ 102 KB
102 KB 164ms
164ms Font
application/octet-stream 190.115.24.14
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-1win.xyz/fonts/SFProText-Semibold.211b9d52.woff2
Requested by: Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/app.1c8b6f05.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.14 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.15.10 /
Resource Hash: 4a9d3fc12296ec7769a6d1863f3de6daa5b7f364ac6ff2f0e9b06bcabf58a929

Request headers

Origin: https://1wota.top
Referer: https://cdn-1win.xyz/css/app.1c8b6f05.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:45 GMT
last-modified: Wed, 21 Jul 2021 13:04:41 GMT
server: nginx/1.15.10
etag: "60f81b69-196cc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 104140
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=341761632&t=event&_s=4&dl=https%3A%2F%2F1wota.top%2F%3Fsub1%3D60f86b1b1eda6c0001c6cc9b%26open%3Dregister&ul=en-us&de=UTF-8&dt=1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=bad&ea=bad-js&_u=YFBAAUABCAAAAC~&jid=&gjid=&cid=1000086892.1626893084&tid=UA-174162538-1&_gid=529312922.1626893084&gtm=2ou7j0&z=857904123

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 17:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3534
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/67400437/
Redirect Chain

https://mc.yandex.com/watch/67400437?wmode=7&page-url=https%3A%2F%2F1wota.top%2F%3Fopen%3Dregister&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A649%3Afu%3A0%3Aen%3A...
https://mc.yandex.com/watch/67400437/1?wmode=7&page-url=https%3A%2F%2F1wota.top%2F%3Fopen%3Dregister&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A649%3Afu%3A0%3Aen%...

316 B
398 B

56ms
56ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/67400437/1?wmode=7&page-url=https%3A%2F%2F1wota.top%2F%3Fopen%3Dregister&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A471335240804%3Ahid%3A332164005%3Az%3A120%3Ai%3A20210721204444%3Aet%3A1626893085%3Ac%3A1%3Arn%3A1027138297%3Au%3A162689308519384928%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626893083022%3Ads%3A1%2C111%2C60%2C1%2C405%2C0%2C%2C220%2C0%2C1208%2C1208%2C0%2C802%3Adsn%3A1%2C110%2C61%2C0%2C406%2C0%2C%2C223%2C0%2C1208%2C1208%2C0%2C802%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626893085%3At%3A1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0e4c147c2bfdc4951b471a3618c0d3fff4e1c79c338be143f69f6be2de43902e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 18:44:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 21-Jul-2021 18:44:45 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wota.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 316
x-xss-protection: 1; mode=block
expires: Wed, 21-Jul-2021 18:44:45 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jul 2021 18:44:45 GMT
last-modified: Wed, 21-Jul-2021 18:44:45 GMT
location: /watch/67400437/1?wmode=7&page-url=https%3A%2F%2F1wota.top%2F%3Fopen%3Dregister&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4uzkmd4e35cd16k0n%3Afp%3A649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A471335240804%3Ahid%3A332164005%3Az%3A120%3Ai%3A20210721204444%3Aet%3A1626893085%3Ac%3A1%3Arn%3A1027138297%3Au%3A162689308519384928%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1626893083022%3Ads%3A1%2C111%2C60%2C1%2C405%2C0%2C%2C220%2C0%2C1208%2C1208%2C0%2C802%3Adsn%3A1%2C110%2C61%2C0%2C406%2C0%2C%2C223%2C0%2C1208%2C1208%2C0%2C802%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1626893085%3At%3A1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://1wota.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 21-Jul-2021 18:44:45 GMT

GET
H3-29 200 170258.js Show response
widgets-2-omni-iframe.livetex.me/js/settings/v3/ Frame 6BBF 4 KB
2 KB 80ms
80ms Fetch
application/json 2606:4700:3033::ac43:8bce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-2-omni-iframe.livetex.me/js/settings/v3/170258.js
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/services.606461.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 514e1ef801ff7d4475d1c21e5009849adade205909f2e489450f446f3edcb4dc

Request headers

Referer: https://widgets-2-omni-iframe.livetex.me/js/iframe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 103694
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPQI4XrhIbhUUgRLu0CP0WPpCxRsTmGNjN3mfwF4KXjxnJZsBfU1ieU21osifrmmjvW2ohrTTQONmAVv3ZIiJgV6pqdxipPXpNhNk%2BsTfXOE7%2B3kjhoNyGQNbwEvCysxvShitxrr3YGayaqtLbLzBYprLUxa7p0YMqNy%2FD9XCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6726951c7c1fc2fe-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 21 Jul 2021 19:44:46 GMT

GET
H3-29 200 170258.css Show response
widgets-2-omni-iframe.livetex.me/css/widgets/ 269 KB
34 KB 95ms
80ms XHR
text/css 2606:4700:3033::ac43:8bce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-2-omni-iframe.livetex.me/css/widgets/170258.css
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/ui.7.1.833.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cf9641638652a9399ab47c17c30cf69cd32192808959ecd420b6fd55088c43c

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Jul 2021 18:44:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 103679
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aven8Mb%2Bkn5ZtWqjCxSpY2TPsjyvxnY8IYA5evLDuqsBpJrH%2BoG18Hq9AZDCDNZHrZXoIm8m9CsedU7t9jL6eqqAkHbRSfUN8geI27KovgV7oHw7CEgdAQjPcc6vrW50dXCJKBdyzIuIvrz%2FGPyeTq3cbmKL%2BYxaWWPd6%2FsU8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6726951d28c7dfeb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 21 Jul 2021 19:44:46 GMT

GET
H2 200 / Show response
balancer-cloud.livetex.ru/get-server/ Frame 6BBF 165 B
443 B 76ms
76ms Script
text/plain 185.39.80.168
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://balancer-cloud.livetex.ru/get-server/?site_id=170258&__fallback__&=&_m=GET&_c=njr_1_callback&_t=jsonp&_rnd=ck8w49ghavc&_h[lt-origin]=account%3A281894%3Asite%3A170258
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/vendor.5591d9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.80.168 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: ddf5bb65921ab17b056314f7798388a10702d47ff115cf194d2cc7eb35805caf

Request headers

Referer: https://widgets-2-omni-iframe.livetex.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 18:44:46 GMT
server: nginx
content-type: text/plain; charset=UTF-8
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
access-control-allow-credentials: true
content-length: 165
expires: Wed, 21 Jul 2021 18:44:45 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=341761632&t=event&_s=5&dl=https%3A%2F%2F1wota.top%2F%3Fsub1%3D60f86b1b1eda6c0001c6cc9b%26open%3Dregister&ul=en-us&de=UTF-8&dt=1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=bad&ea=bad-js&_u=YFBAAUABCAAAAC~&jid=&gjid=&cid=1000086892.1626893084&tid=UA-174162538-1&_gid=529312922.1626893084&gtm=2ou7j0&z=2131017196

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 17:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3535
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK auth Show response
io3-production-2-ltx227.livetex.ru/visitor/ Frame 6BBF 551 B
1 KB 271ms
81ms Script
text/javascript 185.39.80.58
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://io3-production-2-ltx227.livetex.ru/visitor/auth?__fallback__&=&_m=POST&_c=njr_2_callback&_t=jsonp&_=%7B%22is_mobile%22%3Afalse%7D&_rnd=megbnez5u&_h[lt-origin]=account%3A281894%3Asite%3A170258
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/vendor.5591d9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.39.80.58 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: a37424e28741fa21548018391fff2ea173aee6e828ee3584de48e941e3fa8c23

Request headers

Referer: https://widgets-2-omni-iframe.livetex.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jul 2021 18:44:46 GMT
Server: nginx
Content-Type: text/javascript
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
Connection: keep-alive
Content-Length: 551
Expires: Wed, 21 Jul 2021 18:44:45 GMT

GET
H2 200 / Show response
balancer-cloud.livetex.ru/services/ Frame 6BBF 2 KB
650 B 72ms
72ms XHR
text/plain 185.39.80.168
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://balancer-cloud.livetex.ru/services/?account_id=281894&ids=visitor-notification-delivery-service-app.thrift-http&client=widget&version=7.1.833&0.8607440354398781
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/vendor.5591d9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.80.168 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8bcad5c5910f408823c52a706954e8521422994a829e439c193791d15d35fcd3

Request headers

Referer: https://widgets-2-omni-iframe.livetex.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 18:44:46 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://widgets-2-omni-iframe.livetex.me
cache-control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-TOKEN
expires: Wed, 21 Jul 2021 18:44:45 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=341761632&t=event&_s=6&dl=https%3A%2F%2F1wota.top%2F%3Fsub1%3D60f86b1b1eda6c0001c6cc9b%26open%3Dregister&ul=en-us&de=UTF-8&dt=1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=bad&ea=bad-js&_u=YFBAAUABCAAAAC~&jid=&gjid=&cid=1000086892.1626893084&tid=UA-174162538-1&_gid=529312922.1626893084&gtm=2ou7j0&z=1097383136

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 17:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3535
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=341761632&t=event&_s=7&dl=https%3A%2F%2F1wota.top%2F%3Fsub1%3D60f86b1b1eda6c0001c6cc9b%26open%3Dregister&ul=en-us&de=UTF-8&dt=1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=bad&ea=bad-js&_u=YFBAAUABCAAAAC~&jid=&gjid=&cid=1000086892.1626893084&tid=UA-174162538-1&_gid=529312922.1626893084&gtm=2ou7j0&z=1616414885

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 17:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3535
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=341761632&t=event&_s=8&dl=https%3A%2F%2F1wota.top%2F%3Fsub1%3D60f86b1b1eda6c0001c6cc9b%26open%3Dregister&ul=en-us&de=UTF-8&dt=1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=bad&ea=bad-js&_u=YFBAAUABCAAAAC~&jid=&gjid=&cid=1000086892.1626893084&tid=UA-174162538-1&_gid=529312922.1626893084&gtm=2ou7j0&z=625723966

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 17:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3535
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK add-page Show response
io3-production-2-ltx227.livetex.ru/site/ Frame 6BBF 285 B
617 B 80ms
80ms Script
text/javascript 185.39.80.58
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://io3-production-2-ltx227.livetex.ru/site/add-page?__fallback__&=&_m=POST&_c=njr_5_callback&_t=jsonp&_=%7B%22page%22%3A%7B%22account%3A281894%3Asite%3A170258%3Apage%3A1zrn27m968j%22%3A%7B%22seo_referrer%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22page_title%22%3A%22MXdpbiDigJMg0LfQsNCz0YDRg9C30LrQsA%3D%3D%22%2C%22page_url%22%3A%22aHR0cHM6Ly8xd290YS50b3AvP29wZW49cmVnaXN0ZXI%3D%22%7D%7D%7D&_rnd=fr1yemlvpfl&_h[lt-origin]=account%3A281894%3Asite%3A170258&_h[cookie]=kleo19%3Dio%3Aio-3-ltx227-livetex-ru%3Asession%3A131hbbs1jtxmlh2a0b2o6r
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/vendor.5591d9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.39.80.58 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: fd6ffdc80c0ad62e66cccd54e21389cec82e330255975070dc228ed6ebc3201d

Request headers

Referer: https://widgets-2-omni-iframe.livetex.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jul 2021 18:44:46 GMT
Server: nginx
Content-Type: text/javascript
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
Connection: keep-alive
Content-Length: 285
Expires: Wed, 21 Jul 2021 18:44:45 GMT

GET
H/1.1 200
OK 1626893086798 Show response
io3-production-2-ltx227.livetex.ru/poll/0/ Frame 6BBF 102 B
434 B 153ms
74ms Script
text/javascript 185.39.80.58
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://io3-production-2-ltx227.livetex.ru/poll/0/1626893086798?__fallback__&=&_m=GET&_c=njr_4_callback&_t=jsonp&_rnd=3ery7fk6o72&_h[lt-origin]=account%3A281894%3Asite%3A170258&_h[x-hold-timeout]=20000&_h[x-destroy-timeout]=40000&_h[cookie]=kleo19%3Dio%3Aio-3-ltx227-livetex-ru%3Asession%3A131hbbs1jtxmlh2a0b2o6r
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/vendor.5591d9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.39.80.58 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2876f12ca294321d232ee9c7c43558392ae6cb7570b5221893d17f93254e3549

Request headers

Referer: https://widgets-2-omni-iframe.livetex.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jul 2021 18:44:46 GMT
Server: nginx
Content-Type: text/javascript
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
Connection: keep-alive
Content-Length: 102
Expires: Wed, 21 Jul 2021 18:44:45 GMT

POST
H/1.1 200
OK visitor-notification-delivery-service-app-production-2-i2.thrift-http Show response
vnds-production-2-i2.livetex.ru/ Frame 6BBF 110 B
387 B 242ms
75ms XHR
text/plain 185.39.80.57
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://vnds-production-2-i2.livetex.ru/visitor-notification-delivery-service-app-production-2-i2.thrift-http
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/vendor.5591d9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.80.57 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0d80475339c47d1909abeed522749ee4aaf390516345e612a82249cfadfd6c65

Request headers

Referer: https://widgets-2-omni-iframe.livetex.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://widgets-2-omni-iframe.livetex.me
Date: Wed, 21 Jul 2021 18:44:47 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 110
Access-Control-Allow-Methods: POST, GET, OPTIONS

POST
H/1.1 200
OK widgets-api-service2-app-production-2-i1.thrift-http Show response
wapi-02.livetex.ru/ Frame 6BBF 45 B
321 B 244ms
80ms XHR
text/plain 185.39.80.59
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://wapi-02.livetex.ru/widgets-api-service2-app-production-2-i1.thrift-http
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/vendor.5591d9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.80.59 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: eb90dc9fa1cc7f148c99ec84a6a8d4b959b5a13a241105895cd4b0a9c45c3cdb

Request headers

Referer: https://widgets-2-omni-iframe.livetex.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://widgets-2-omni-iframe.livetex.me
Date: Wed, 21 Jul 2021 18:44:47 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 45
Access-Control-Allow-Methods: POST, GET, OPTIONS

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=341761632&t=event&_s=9&dl=https%3A%2F%2F1wota.top%2F%3Fsub1%3D60f86b1b1eda6c0001c6cc9b%26open%3Dregister&ul=en-us&de=UTF-8&dt=1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=bad&ea=bad-js&_u=YFBAAUABCAAAAC~&jid=&gjid=&cid=1000086892.1626893084&tid=UA-174162538-1&_gid=529312922.1626893084&gtm=2ou7j0&z=1580687170

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 17:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3535
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=341761632&t=event&_s=10&dl=https%3A%2F%2F1wota.top%2F%3Fsub1%3D60f86b1b1eda6c0001c6cc9b%26open%3Dregister&ul=en-us&de=UTF-8&dt=1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=bad&ea=bad-js&_u=YFBAAUABCAAAAC~&jid=&gjid=&cid=1000086892.1626893084&tid=UA-174162538-1&_gid=529312922.1626893084&gtm=2ou7j0&z=490005573

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 17:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3535
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=341761632&t=event&_s=11&dl=https%3A%2F%2F1wota.top%2F%3Fsub1%3D60f86b1b1eda6c0001c6cc9b%26open%3Dregister&ul=en-us&de=UTF-8&dt=1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=bad&ea=bad-js&_u=YFBAAUABCAAAAC~&jid=&gjid=&cid=1000086892.1626893084&tid=UA-174162538-1&_gid=529312922.1626893084&gtm=2ou7j0&z=30924279

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 17:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3535
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=341761632&t=event&_s=12&dl=https%3A%2F%2F1wota.top%2F%3Fsub1%3D60f86b1b1eda6c0001c6cc9b%26open%3Dregister&ul=en-us&de=UTF-8&dt=1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=bad&ea=bad-js&_u=YFBAAUABCAAAAC~&jid=&gjid=&cid=1000086892.1626893084&tid=UA-174162538-1&_gid=529312922.1626893084&gtm=2ou7j0&z=1354897549

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 17:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3535
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=341761632&t=event&_s=13&dl=https%3A%2F%2F1wota.top%2F%3Fsub1%3D60f86b1b1eda6c0001c6cc9b%26open%3Dregister&ul=en-us&de=UTF-8&dt=1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=bad&ea=bad-js&_u=YFBAAUABCAAAAC~&jid=&gjid=&cid=1000086892.1626893084&tid=UA-174162538-1&_gid=529312922.1626893084&gtm=2ou7j0&z=1242473843

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 17:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3535
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 icons.ttf
widgets-2-omni-iframe.livetex.me/fonts/ 7 KB
8 KB 18ms
17ms Font
application/octet-stream 2606:4700:3033::ac43:8bce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets-2-omni-iframe.livetex.me/fonts/icons.ttf
Requested by: Host: 1wota.top
URL: https://1wota.top/?open=register
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d4050ea709bb28a0f3a6b01528958bdb8e9375aa2fdcc3e111821531125a7fb

Request headers

Origin: https://1wota.top
Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:46 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 102935
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7156
last-modified: Mon, 19 Jul 2021 09:57:44 GMT
server: cloudflare
etag: "60f54c98-1bf4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8AvhFngKipfvq1gf7KyiWxzdc7OlhlysARgGr0md04STRXPJG%2Bxo%2BrL4cF%2BhEvn4VhqiBULQUwuTMLnnPtCVNwD677J4NRZ1znCKNyfe7hZuSkdTxtedSEfCWjanVAdErghaB4k%2Ff1r3l9WcYf38vIC8W1ipa2FTsXJ%2B%2F50VRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 67269521480ddfeb-FRA
expires: Tue, 27 Jul 2021 14:09:11 GMT

GET
H3-29 200 preloader.gif
widgets-2-omni-iframe.livetex.me/images/ 4 KB
4 KB 19ms
19ms Image
image/gif 2606:4700:3033::ac43:8bce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets-2-omni-iframe.livetex.me/images/preloader.gif
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:8bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67efea367418257aaa5cd14e446ef9b6d48231fef881ac1a5b9f39732911e918

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 18:44:47 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 44848
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3960
last-modified: Mon, 19 Jul 2021 09:57:44 GMT
server: cloudflare
etag: "60f54c98-f78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6phLaWxby4xPCFOfeabqpIf6QiRA%2FBoWB1kHnDxKqbU9MQnmaUbIOwl2fbIXGACqj%2BZbCoS9o0xslWcsWQLfQI7WI9LLasVREIJxpqe%2B3QCcZy3RXLRKwhPkCC8IEbSwpJ4cWsFNkaNamHnY9aEFiFWd9nApCzH55Y8%2FediSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 672695223dcfc2fe-FRA
expires: Thu, 22 Jul 2021 06:17:19 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=341761632&t=event&_s=14&dl=https%3A%2F%2F1wota.top%2F%3Fsub1%3D60f86b1b1eda6c0001c6cc9b%26open%3Dregister&ul=en-us&de=UTF-8&dt=1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=bad&ea=bad-js&_u=YFBAAUABCAAAAC~&jid=&gjid=&cid=1000086892.1626893084&tid=UA-174162538-1&_gid=529312922.1626893084&gtm=2ou7j0&z=791728998

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 17:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=341761632&t=event&_s=15&dl=https%3A%2F%2F1wota.top%2F%3Fsub1%3D60f86b1b1eda6c0001c6cc9b%26open%3Dregister&ul=en-us&de=UTF-8&dt=1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=bad&ea=bad-js&_u=YFBAAUABCAAAAC~&jid=&gjid=&cid=1000086892.1626893084&tid=UA-174162538-1&_gid=529312922.1626893084&gtm=2ou7j0&z=2007590080

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 17:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=341761632&t=event&_s=16&dl=https%3A%2F%2F1wota.top%2F%3Fsub1%3D60f86b1b1eda6c0001c6cc9b%26open%3Dregister&ul=en-us&de=UTF-8&dt=1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=bad&ea=bad-js&_u=YFBAAUABCAAAAC~&jid=&gjid=&cid=1000086892.1626893084&tid=UA-174162538-1&_gid=529312922.1626893084&gtm=2ou7j0&z=1515151230

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 17:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=341761632&t=event&_s=17&dl=https%3A%2F%2F1wota.top%2F%3Fsub1%3D60f86b1b1eda6c0001c6cc9b%26open%3Dregister&ul=en-us&de=UTF-8&dt=1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=bad&ea=bad-js&_u=YFBAAUABCAAAAC~&jid=&gjid=&cid=1000086892.1626893084&tid=UA-174162538-1&_gid=529312922.1626893084&gtm=2ou7j0&z=1331848354

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 17:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST visitor-notification-delivery-service-app-production-2-i2.thrift-http
vnds-production-2-i2.livetex.ru/ Frame 6BBF 0
0

GET
DATA 200
OK truncated
/ 855 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4b0814ddb7d026f97299e4455c0016622ae4ee9efaa4d8c5640643265de9417

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 882 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0316eaf7f780bba871772a47fc0df43a1a06d30901532d1cc4a1dd14c7c70027

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=341761632&t=event&_s=18&dl=https%3A%2F%2F1wota.top%2F%3Fsub1%3D60f86b1b1eda6c0001c6cc9b%26open%3Dregister&ul=en-us&de=UTF-8&dt=1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=bad&ea=bad-js&_u=YFBAAUABCAAAAC~&jid=&gjid=&cid=1000086892.1626893084&tid=UA-174162538-1&_gid=529312922.1626893084&gtm=2ou7j0&z=1872951091

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 17:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET 1626893087172
io3-production-2-ltx227.livetex.ru/poll/19tove/ Frame 6BBF 0
0

POST
H2 200 67400437 Show response
mc.yandex.com/webvisor/ 43 B
73 B 493ms
57ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/67400437?wmode=0&wv-part=1&wv-hit=332164005&page-url=https%3A%2F%2F1wota.top%2F%3Fopen%3Dregister&rn=366878385&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1626893087%3Aw%3A1600x1200%3Av%3A591%3Az%3A120%3Ai%3A20210721204447%3Au%3A162689308519384928%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1626893087

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 18:44:47 GMT
last-modified: Wed, 21-Jul-2021 18:44:47 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://1wota.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 21-Jul-2021 18:44:47 GMT

POST
H2 200 67400437 Show response
mc.yandex.com/webvisor/ 43 B
73 B 94ms
61ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/67400437?wmode=0&wv-part=2&wv-hit=332164005&page-url=https%3A%2F%2F1wota.top%2F%3Fopen%3Dregister&rn=780080579&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1626893088%3Aw%3A1600x1200%3Av%3A591%3Az%3A120%3Ai%3A20210721204447%3Au%3A162689308519384928%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1626893088

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 18:44:47 GMT
last-modified: Wed, 21-Jul-2021 18:44:47 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://1wota.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 21-Jul-2021 18:44:47 GMT

POST
H2 200 67400437 Show response
mc.yandex.com/webvisor/ 43 B
145 B 83ms
53ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/67400437?wmode=0&wv-part=1&wv-hit=332164005&page-url=https%3A%2F%2F1wota.top%2F%3Fopen%3Dregister&rn=973806211&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1626893088%3Aw%3A1600x1200%3Av%3A591%3Az%3A120%3Ai%3A20210721204447%3Au%3A162689308519384928%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1626893088

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 18:44:47 GMT
last-modified: Wed, 21-Jul-2021 18:44:47 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://1wota.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 21-Jul-2021 18:44:47 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=341761632&t=event&_s=19&dl=https%3A%2F%2F1wota.top%2F%3Fsub1%3D60f86b1b1eda6c0001c6cc9b%26open%3Dregister&ul=en-us&de=UTF-8&dt=1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=bad&ea=bad-js&_u=YFBAAUABCAAAAC~&jid=&gjid=&cid=1000086892.1626893084&tid=UA-174162538-1&_gid=529312922.1626893084&gtm=2ou7j0&z=355676672

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 17:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=341761632&t=event&_s=20&dl=https%3A%2F%2F1wota.top%2F%3Fsub1%3D60f86b1b1eda6c0001c6cc9b%26open%3Dregister&ul=en-us&de=UTF-8&dt=1win%20%E2%80%93%20%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B7%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=bad&ea=bad-js&_u=YFBAAUABCAAAAC~&jid=&gjid=&cid=1000086892.1626893084&tid=UA-174162538-1&_gid=529312922.1626893084&gtm=2ou7j0&z=1024672507

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 17:45:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3536
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 67400437 Show response
mc.yandex.com/webvisor/ 43 B
145 B 53ms
53ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/67400437?wmode=0&wv-part=3&wv-hit=332164005&page-url=https%3A%2F%2F1wota.top%2F%3Fopen%3Dregister&rn=34348077&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1626893090%3Aw%3A1600x1200%3Av%3A591%3Az%3A120%3Ai%3A20210721204449%3Au%3A162689308519384928%3Avf%3A4uzkmd4e35cd16k0n%3Awe%3A1%3Ati%3A2%3Ast%3A1626893090

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1wota.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 18:44:49 GMT
last-modified: Wed, 21-Jul-2021 18:44:49 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://1wota.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 21-Jul-2021 18:44:49 GMT

POST
H/1.1 200
OK event-service-app.widgets-thrift-http Show response
event-service.livetex.ru/ Frame 6BBF 0
289 B 245ms
78ms XHR
text/plain 185.39.80.57
LIVETEX

General

Check archive.org

Show headers Download Go to

Full URL: https://event-service.livetex.ru/event-service-app.widgets-thrift-http
Requested by: Host: widgets-2-omni-iframe.livetex.me
URL: https://widgets-2-omni-iframe.livetex.me/js/vendor.5591d9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.80.57 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://widgets-2-omni-iframe.livetex.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://widgets-2-omni-iframe.livetex.me
Date: Wed, 21 Jul 2021 18:44:49 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vnds-production-2-i2.livetex.ru
URL: https://vnds-production-2-i2.livetex.ru/visitor-notification-delivery-service-app-production-2-i2.thrift-http

Domain: io3-production-2-ltx227.livetex.ru
URL: https://io3-production-2-ltx227.livetex.ru/poll/19tove/1626893087172?__fallback__&=&_m=GET&_c=njr_4_callback&_t=jsonp&_rnd=dnzfzvi0thg&_h[lt-origin]=account%3A281894%3Asite%3A170258&_h[cookie]=kleo19%3Dio%3Aio-3-ltx227-livetex-ru%3Asession%3A131hbbs1jtxmlh2a0b2o6r

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.1wota.top/	1970-01-23 11:30:53	Name: amp_c644f1 Value: CGqK0Y8yz7wtigiJuMD_Hg...1fb564p4q.1fb564p4q.0.0.0
.1wota.top/	1970-01-19 20:09:16	Name: __ddgmark Value: z9wsjiAqwqEKCSLA
.1wota.top/	1970-01-20 04:53:26	Name: __ddgid Value: 8fRvOCu19QqsOHD9
.1wota.top/	1970-01-19 19:56:19	Name: _gid Value: GA1.2.529312922.1626893084
1wota.top/	1970-01-19 20:39:31	Name: sub_ids Value: sub1=60f86b1b1eda6c0001c6cc9b&
.1wota.top/	1970-01-20 13:26:05	Name: _ga Value: GA1.2.1000086892.1626893084
.1wota.top/	1970-01-19 19:54:53	Name: _gat_gtag_UA_174162538_1 Value: 1
1wota.top/	1970-01-19 20:39:31	Name: partner_key Value: 570k
1wota.top/	1970-01-19 20:39:31	Name: visit_domain Value: 1wota.top
.1wota.top/	1970-01-20 04:40:29	Name: __ddg1 Value: qNXBhEYoTgY6kX1xyJLW

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://cdn-1win.xyz/js/app.b3308a5e.js(Line 15) Message: [Storage] localStorage is not available {}
console-api	info	URL: https://cdn-1win.xyz/js/app.b3308a5e.js(Line 17) Message: Partner key stored: 570k
console-api	warning	URL: https://cdn-1win.xyz/js/app.b3308a5e.js(Line 45) Message: HTTP: >>> COMMON:offer-1 [object Object]
console-api	warning	URL: https://cdn-1win.xyz/js/app.b3308a5e.js(Line 45) Message: HTTP: >>> COMMON:offer-2 [object Object]
console-api	warning	URL: https://cdn-1win.xyz/js/app.b3308a5e.js(Line 45) Message: HTTP: >>> COMMON:offer-3 [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1win-auth.com
1wiye.top
1wota.top
api.amplitude.com
balancer-cloud.livetex.ru
cdn-1win.xyz
cdn.amplitude.com
cs15.livetex.ru
event-service.livetex.ru
io3-production-2-ltx227.livetex.ru
leado.g2afse.com
mc.yandex.com
mc.yandex.ru
redoo.fun
stats.g.doubleclick.net
vnds-production-2-i2.livetex.ru
wapi-02.livetex.ru
widgets-2-omni-iframe.livetex.me
widgets-2-omni-iframe.livetex.ru
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
io3-production-2-ltx227.livetex.ru
vnds-production-2-i2.livetex.ru
13.226.156.182
185.39.80.168
185.39.80.57
185.39.80.58
185.39.80.59
190.115.19.14
190.115.24.14
194.67.91.213
212.32.250.1
2606:4700:3033::ac43:8bce
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2008
2a00:1450:400c:c04::9d
2a02:6b8::1:119
54.213.181.117
0316eaf7f780bba871772a47fc0df43a1a06d30901532d1cc4a1dd14c7c70027
0702a296832bf834d6ea775d06162671e36f24062c00f69f376c331a0ed4e853
0860328708e499a40d72322cab3e075967d3582529c15fddbc7541943393330a
0d80475339c47d1909abeed522749ee4aaf390516345e612a82249cfadfd6c65
0e4c147c2bfdc4951b471a3618c0d3fff4e1c79c338be143f69f6be2de43902e
11419c1b975999ca0130096ff873c78f5810b7f34298e84b7cbcf9d38c5fc936
14286081bccd0f629a660660bf914ce7efc28ba28c42b05b42b21b79d8f3d715
18281ae2a55517e2ece911f916b1a144a0a32071ff6725db32963197bd1ccf5b
1b24abd7f35109b02478216a4ec909efe93c0e49d171fb97969b203b87977bac
1bdd72e2b09669643d5368ee8af8ba769fd34784f0b8bd8b85a355ca4ed54396
1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8
1edbc3fa313630192f0cd01c6c02646a8854792881340dc1a5eca386babaf8e9
1f42c582364058726238a1c0eb5f6bc6a838078c0cae1799f15eb04f2215209e
203f2a16c3f446bffe78faa40b09a7c0760665a23b3809e7d2c02cd89190b85a
21961c9c0cb52a74112af43f4903ab8c80feb7ebed32b192a62dc006c4f3cf74
2876f12ca294321d232ee9c7c43558392ae6cb7570b5221893d17f93254e3549
2a4ed0a610bb22a1b34255e8cde3bd4f243c0661c6ccbf74e1812d3bc98924fd
2d629a070ba809ebdc1e2e8da7cc4d04b80a4c2541facd32503767f77603be11
32b6db04338d853de4148e775afcacadfb2d0bd3e8f10192916f6688f34c6005
39611dd33c775dd0a978ca38ca759a4a8bdff2e92e206d4e7abedd9b82f07918
3cc70efd28ada2a45989ff15b96d1f9d95eb88c722fb334ba206ed5fff8d81b5
3cf9641638652a9399ab47c17c30cf69cd32192808959ecd420b6fd55088c43c
3d2c759213949af96fbdcd756a5146f64a9acadf9625bd7a9feb04bb4517b4f9
477857d9744ebb246b1b3ced9dc69977db60737f0ad15a84dbe8fadbfe5bf65c
4a9d3fc12296ec7769a6d1863f3de6daa5b7f364ac6ff2f0e9b06bcabf58a929
514e1ef801ff7d4475d1c21e5009849adade205909f2e489450f446f3edcb4dc
52249da2bd2f1995aa161e0f2394d17767e0211f314b6b6e61fbf4516dea6e50
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d0aeb5992a5f890707faa4399d53bab0366e02fa3f1f8fc54f0a4926e93ace8
6017c4efd04f4f31d760d46f8b46b2f81e65e27ab779b74237abcbbb3d516895
67efea367418257aaa5cd14e446ef9b6d48231fef881ac1a5b9f39732911e918
6aa847542f08697afbd3a9bba4c695d7dde1607441455938d5b93e50457e2a18
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
759315d5ae8c31136d2a7bc803e591554894987559325cdf7e0b5965bec0eaca
77006f90837e3d7a112d67fd9ccfa9e5bb857547c1278acf7b65a034a0905c2a
7a3e5a3f97d4a5b7422d73c10e8431e3b7ad971e81b34a671575bd5cce451a4d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8492b63b2d1147503ddb11a27f119e5287c5ae6f02f37e51ad6ae769af970658
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87189c7bda240da89b1b1d7373467142d71c103b5f619f8017104c64f4d514f1
8a1914bcc30c47d6f74e1b6856573bf0c3968c7ae938c6fbfe432212fe03d1da
8bcad5c5910f408823c52a706954e8521422994a829e439c193791d15d35fcd3
9027792502fc16873e8f59cb90120c830f3e45a79185abd9230da483c24c5468
9a883e70f59ccdb03e8dfaead298a90e0cbb39a3d99f0b53ec5942d872ce5a14
9c8773b18df092674df6b952c940fdc72cb66c5b6f408851e66866e72743df56
9d4050ea709bb28a0f3a6b01528958bdb8e9375aa2fdcc3e111821531125a7fb
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a37424e28741fa21548018391fff2ea173aee6e828ee3584de48e941e3fa8c23
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b204b78582a858a2e05a5fa244af52fde0ef4eb8760f3825c3d95a92a8e6713a
b4b0814ddb7d026f97299e4455c0016622ae4ee9efaa4d8c5640643265de9417
b8d31e852725afb1e26d53bab6095b2bff1749c9275be13ed1c05a56ed31ec09
b8dc925c5e9e5a5b9ac7ee9795d1174710121d649f09b23a759745cb98d75857
bb2cb8e0039965e20462b5a4b03cc64579c90d1486939bd19f15bc23445be3ce
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c310c2ada6ab145cbf40ce9371f29554aa7b75d8cb9b726b39a8a05b7dd5cedf
c9e6e1a5236be0135dbb83a6705b33bfbd75046d2c99ae9bc4a72785fc76c9d5
cb8b8f2c3b982cda141255fe244f16c79320fd9db76128160f859d2eac64a2bf
ccfae81300aabadfe3afc80a77b0b957f9d7c597d0612d67c00c7819c53a8795
d6c3658b0faee7f97b3539adb66a465f6b444d89aadd9cfbc8436750b118ddc1
d84b3e7fe8cfc941ab1daf46e021ffbb3077a275d2e96deab3d67666444eb227
ddf5bb65921ab17b056314f7798388a10702d47ff115cf194d2cc7eb35805caf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfb88abec4164d7e48f6812051ee984ffa6f587e613d6d512bf9cce04b1190a0
e008a35de2b440b38d36f207292432cebc485d2a069155955cb4ca54a0158c7a
e06fbac0a8f2e013d4bbb8cbb1a805a2cd488c881322ec7b4a21eb3333b4e338
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45a1911aaa4fe56370aca534dc4b11d6feced7d0e57a74131dc31af31cc16b7
e6d2e447997a58043ecdc6e4534ebd9cb98f0576bfee7b82a4d8d2e357968d62
e788c7f07903cd5e96a062aa3ea175c987b0772cce696914daca381dee353dfa
e80a61b2cbc6d6b3b3ed8b50bcd8f6a89f8f5b69460e03f47defe0554c3220d2
eb90dc9fa1cc7f148c99ec84a6a8d4b959b5a13a241105895cd4b0a9c45c3cdb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f79710ca75c1b6b9d19d7f36f6e58f6ef40dbff7a48768be22e531d8df351667
fa6704d10f2ceb23d7e5b96bdd9d4f16f509ab2300a9922bdfc9916d6edbd2e4
fa7c70629f07754630eb365152ad57f6375f1400033a9307deeb4a0e956b04c2
fd301e0a9a13f3d0918c58a0fe18e292e07cc3209efe080bb63e0aa22b45a66f
fd6ffdc80c0ad62e66cccd54e21389cec82e330255975070dc228ed6ebc3201d
ffece173c0978450b65533a8102cc55f00567482439ce248b0296b243da2028f

1wota.top Open in urlscan Pro 190.115.19.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

137 Requests

99 %HTTPS

44 %IPv6

16 Domains

23 Subdomains

18 IPs

6 Countries

4444 kBTransfer

6881 kBSize

10 Cookies

3 Outgoing links

Page URL History

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

1wota.top Open in urlscan Pro
190.115.19.14 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

99 %
HTTPS

44 %
IPv6

16
Domains

23
Subdomains

18
IPs

6
Countries

4444 kB
Transfer

6881 kB
Size

10
Cookies

137 HTTP transactions
3 data transactions