urlscan.io logo urlscan.io
SecurityTrails logo

1wfzfn.top Open in urlscan Pro
186.2.162.102  Public Scan

Go To Rescan Add Verdict Report
URL: https://1wfzfn.top/
Submission: On September 04 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 10 domains to perform 69 HTTP transactions. The main IP is 186.2.162.102, located in Belize and belongs to IQWEB, AE. The main domain is 1wfzfn.top.
TLS certificate: Issued by R10 on September 4th 2024. Valid for: 3 months.
This is the only time 1wfzfn.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 186.2.162.102 59692 (IQWEB)
31 154.197.121.128 328608 (Africa-on...)
2 151.101.130.132 54113 (FASTLY)
5 142.251.41.8 15169 (GOOGLE)
2 142.250.80.36 15169 (GOOGLE)
4 52.33.116.158 16509 (AMAZON-02)
1 172.217.165.131 15169 (GOOGLE)
2 4 142.250.80.38 15169 (GOOGLE)
1 108.138.106.124 16509 (AMAZON-02)
2 216.239.32.181 15169 (GOOGLE)
1 142.251.163.154 15169 (GOOGLE)
3 142.250.65.194 15169 (GOOGLE)
2 142.251.32.99 15169 (GOOGLE)
1 142.250.80.102 15169 (GOOGLE)
1 142.250.176.194 15169 (GOOGLE)
1 18.164.96.46 16509 (AMAZON-02)
69 17
9    186.2.162.102 (Belize)

ASN59692 (IQWEB, AE)
PTR: ddos-guard.net
1wfzfn.top
31    154.197.121.128 (Seychelles)

ASN328608 (Africa-on-Cloud-AS, ZA)
v1.bundlecdn.com
2    151.101.130.132 (San Francisco, United States)

ASN54113 (FASTLY, US)
api.lab.amplitude.com
5    142.251.41.8 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f8.1e100.net
www.googletagmanager.com
2    142.250.80.36 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f4.1e100.net
www.google.com
4    52.33.116.158 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-116-158.us-west-2.compute.amazonaws.com
api2.amplitude.com
1    172.217.165.131 (United States)

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f3.1e100.net
www.gstatic.com
4    142.250.80.38 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f6.1e100.net
12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
1    108.138.106.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-124.jfk50.r.cloudfront.net
static.hotjar.com
2    216.239.32.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    142.251.163.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net
stats.g.doubleclick.net
3    142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
td.doubleclick.net
2    142.251.32.99 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f3.1e100.net
www.google.ca
1    142.250.80.102 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f6.1e100.net
ad.doubleclick.net
1    142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
googleads.g.doubleclick.net
1    18.164.96.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-46.jfk50.r.cloudfront.net
script.hotjar.com
Apex Domain
Subdomains		 Transfer
31 bundlecdn.com
v1.bundlecdn.com
716 KB
10 doubleclick.net
12572451.fls.doubleclick.net — Cisco Umbrella Rank: 335755
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
td.doubleclick.net — Cisco Umbrella Rank: 481
12688802.fls.doubleclick.net — Cisco Umbrella Rank: 340553
ad.doubleclick.net — Cisco Umbrella Rank: 210
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
4 KB
9 1wfzfn.top
1wfzfn.top
212 KB
6 amplitude.com
api.lab.amplitude.com — Cisco Umbrella Rank: 5321
api2.amplitude.com — Cisco Umbrella Rank: 1505
1 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
466 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 10
analytics.google.com — Cisco Umbrella Rank: 238
1 KB
2 google.ca
www.google.ca — Cisco Umbrella Rank: 9677
127 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
60 KB
1 gstatic.com
www.gstatic.com
212 KB
0 yandex.ru Failed
mc.yandex.ru Failed
69 10
Domain Requested by
31 v1.bundlecdn.com 1wfzfn.top
v1.bundlecdn.com
9 1wfzfn.top 1wfzfn.top
v1.bundlecdn.com
5 www.googletagmanager.com 1wfzfn.top
www.googletagmanager.com
4 api2.amplitude.com v1.bundlecdn.com
3 td.doubleclick.net www.googletagmanager.com
2 12688802.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.google.ca
2 analytics.google.com www.googletagmanager.com
2 12572451.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.google.com v1.bundlecdn.com
2 api.lab.amplitude.com v1.bundlecdn.com
1 script.hotjar.com static.hotjar.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 ad.doubleclick.net
1 stats.g.doubleclick.net www.googletagmanager.com
1 static.hotjar.com 1wfzfn.top
1 www.gstatic.com www.google.com
0 mc.yandex.ru Failed 1wfzfn.top
69 18

This site contains no links.

Subject Issuer Validity Valid
1wfzfn.top
R10		 2024-09-04 -
2024-12-03		 3 months crt.sh
v1.bundlecdn.com
WE1		 2024-07-24 -
2024-10-22		 3 months crt.sh
*.lab.amplitude.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-11-29 -
2024-12-30		 a year crt.sh
*.google-analytics.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2024-01-31 -
2025-03-02		 a year crt.sh
*.gstatic.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.doubleclick.net
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.google.ca
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://1wfzfn.top/
Frame ID: 7FDE29F17C18D2601A691455D13AA730
Requests: 62 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CKO_5euZqogDFdAOTwgdY10ctA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2648314786254.2446
Frame ID: 628B18417306F33E47741C73D03C3E0B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-548949LWLW&gacid=1287132564.1725484275&gtm=45je4930v894728184z8894400803za200zb894400803&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101529666&z=1822978630
Frame ID: 518ED924F131332F78C91F0F91C261B6
Requests: 1 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=CJO7y-qZqogDFRat0QQdzzcxtw;src=12688802;type=actio0;cat=allpa0;ord=1;num=6945577171644;npa=0;auiddc=283880701.1725484275;ps=1;pcor=372548240;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4930v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wfzfn.top%2F
Frame ID: 9DAEDC407FEB1F6C180A60346B05A483
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=6945577171644;npa=0;auiddc=283880701.1725484275;ps=1;pcor=372548240;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4930v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wfzfn.top%2F
Frame ID: 81B9164F46A4902776E7EC038F1A35D6
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16482547739?random=1725484275439&cv=11&fst=1725484275439&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4930v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2F1wfzfn.top%2F&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=283880701.1725484275&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: C3F04DEA01BAAB56B10A39E56EB1F291
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1win

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

69
Requests

99 %
HTTPS

0 %
IPv6

10
Domains

18
Subdomains

17
IPs

3
Countries

1673 kB
Transfer

5062 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2648314786254.2446 HTTP 302
  • https://12572451.fls.doubleclick.net/activityi;dc_pre=CKO_5euZqogDFdAOTwgdY10ctA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2648314786254.2446
Request Chain 58
  • https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=6945577171644;npa=0;auiddc=283880701.1725484275;ps=1;pcor=372548240;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4930v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wfzfn.top%2F HTTP 302
  • https://12688802.fls.doubleclick.net/activityi;dc_pre=CJO7y-qZqogDFRat0QQdzzcxtw;src=12688802;type=actio0;cat=allpa0;ord=1;num=6945577171644;npa=0;auiddc=283880701.1725484275;ps=1;pcor=372548240;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4930v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wfzfn.top%2F

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1wfzfn.top/ 		63 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1wfzfn.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
858c117cc30e000c11136b786bc4c7506104577aad2306cfe47e49a5e710887e
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 04 Sep 2024 21:11:12 GMT
server
ddos-guard
vary
Origin
x-app-version
v2.112.0
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
x-match-domain
1wfzfn.top
x-request-id
8IiG9xEA1PWY9Hsg
SFNSDisplay-latin.50a4eaff3.woff2
v1.bundlecdn.com/font/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/font/SFNSDisplay-latin.50a4eaff3.woff2
Requested by
Host: 1wfzfn.top
URL: https://1wfzfn.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68

Request headers

Referer
https://1wfzfn.top/
Origin
https://1wfzfn.top
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:13 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 13:22:20 GMT
server
cloudflare
etag
"66d85f0c-8128"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8be0f882fbb1ab42-YYZ
content-length
33064
expires
Sat, 02 Sep 2034 21:11:13 GMT
SFNSText-latin.f09aa5229.woff2
v1.bundlecdn.com/font/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/font/SFNSText-latin.f09aa5229.woff2
Requested by
Host: 1wfzfn.top
URL: https://1wfzfn.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6

Request headers

Referer
https://1wfzfn.top/
Origin
https://1wfzfn.top
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:13 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 13:22:20 GMT
server
cloudflare
etag
"66d85f0c-a9f8"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8be0f882fbb2ab42-YYZ
content-length
43512
expires
Sat, 02 Sep 2034 21:11:13 GMT
minified.js
1wfzfn.top/core-js/3.33.3/ 		238 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1wfzfn.top/core-js/3.33.3/minified.js
Requested by
Host: 1wfzfn.top
URL: https://1wfzfn.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
ce68e1614ab493deaecfa6eb9711736de0348248e1d559b5f6dfb5dc4c29b459
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 14:21:01 GMT
content-encoding
br
last-modified
Wed, 04 Sep 2024 13:22:20 GMT
server
ddos-guard
age
24612
etag
W/"66d85f0c-3b989"
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
vary
Accept-Encoding
content-type
application/javascript
ddg-cache-status
HIT
cache-control
max-age=315360000
content-length
74195
expires
Thu, 31 Dec 2037 23:55:55 GMT
chunk-vendors.b5eb4d992.js
v1.bundlecdn.com/js/ 		247 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/chunk-vendors.b5eb4d992.js
Requested by
Host: 1wfzfn.top
URL: https://1wfzfn.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
f007c721f3891c6fbc6555f58faf308a9187968bfca7439dd601ae93b621649b

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 13:22:20 GMT
server
cloudflare
age
27520
etag
W/"66d85f0c-3dbdd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f883bb6eac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:13 GMT
chunk-common.24c8c104d.js
v1.bundlecdn.com/js/ 		383 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/chunk-common.24c8c104d.js
Requested by
Host: 1wfzfn.top
URL: https://1wfzfn.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
8bfb3370fd663e0b739717c1de85fbc9cbedee33dc903b5b1aea559608f063a4

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 13:22:20 GMT
server
cloudflare
age
27520
etag
W/"66d85f0c-5fc04"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f883fbb8ac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:13 GMT
index.9faf5292f.js
v1.bundlecdn.com/js/ 		385 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/index.9faf5292f.js
Requested by
Host: 1wfzfn.top
URL: https://1wfzfn.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
6550cafadbfbb525b76e0ca1aa718d71bf302d2043b8722824010d5ecb0c9ead

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 17:23:23 GMT
server
cloudflare
age
13143
etag
W/"66d8978b-60349"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f884ac44ac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:13 GMT
index.aedf85995.css
v1.bundlecdn.com/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/css/index.aedf85995.css
Requested by
Host: 1wfzfn.top
URL: https://1wfzfn.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
9be12e59a210d45411e025096615d4308c44a0cffeb791dd452e443c675e8481

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 26 Jul 2024 13:35:13 GMT
server
cloudflare
age
3483078
etag
W/"66a3a611-185b"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f882faa5ac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:13 GMT
1win-normal.svg
1wfzfn.top/img/logo/main/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1wfzfn.top/img/logo/main/1win-normal.svg
Requested by
Host: 1wfzfn.top
URL: https://1wfzfn.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
a5cb3d03f299b837679eaa793491a03acc5fc1afdbc7f207b7566646f3bd2ecb
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 14:21:01 GMT
content-encoding
br
last-modified
Wed, 04 Sep 2024 13:22:20 GMT
server
ddos-guard
age
24612
etag
W/"66d85f0c-1221"
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
ddg-cache-status
HIT
cache-control
max-age=315360000
content-length
1474
expires
Thu, 31 Dec 2037 23:55:55 GMT
desktop.c27b65d31.js
v1.bundlecdn.com/js/ 		115 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/desktop.c27b65d31.js
Requested by
Host: 1wfzfn.top
URL: https://1wfzfn.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
cec717af8c758ea8ecb4c6b518c9152b73f3c15b8a001082af0be567f26a41b5

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 13:22:20 GMT
server
cloudflare
age
27520
etag
W/"66d85f0c-1cab3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f884bc52ac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:13 GMT
desktop.1ceda5a4b.css
v1.bundlecdn.com/css/ 		65 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/css/desktop.1ceda5a4b.css
Requested by
Host: 1wfzfn.top
URL: https://1wfzfn.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
c4de02db11ddd13c3d0fb49abcf7e5b245d5536cf66490b9f0177196a1749fa5

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 21 Aug 2024 08:28:42 GMT
server
cloudflare
age
1251213
etag
W/"66c5a53a-104a6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f884bc50ac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:13 GMT
affiliate:link_visit
1wfzfn.top/ 		37 B
369 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://1wfzfn.top/affiliate:link_visit
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.24c8c104d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard / Express
Resource Hash
9c3b25f260defd6991608963a30a67cad0981ecce13e5975b1a6304887514d7f
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 04 Sep 2024 21:11:13 GMT
content-encoding
gzip
server
ddos-guard
x-powered-by
Express
etag
W/"25-Zj67mG54TfZ031q1ea2QwFUXWX4"
access-control-max-age
7200
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1wfzfn.top
access-control-expose-headers
Authorization
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization, X-Origin
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
18860.1f1e193d8.js
v1.bundlecdn.com/js/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/18860.1f1e193d8.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.9faf5292f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
0f6e3e5c53c730a88de6f874ab17cb1283f0ed8580bb22b57578f4f0d601f700

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Aug 2024 12:57:34 GMT
server
cloudflare
age
1152480
etag
W/"66c735be-6ea0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f8863d9cac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:13 GMT
60215.459b1e991.js
v1.bundlecdn.com/js/ 		74 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/60215.459b1e991.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.9faf5292f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
babd61c4f4b5102b18fade996b7dc220760c78e7504be1976c5d7afe958aba41

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 12:01:19 GMT
server
cloudflare
age
31430
etag
W/"66d84c0f-12859"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f8863d9fac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:13 GMT
68050.5f2355bb2.css
v1.bundlecdn.com/css/ 		51 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/css/68050.5f2355bb2.css
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.9faf5292f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
d9f875700253ce714da68530512dc3dd7b7f91cc46fe9cde788d0c25947d71c4

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 12:01:19 GMT
server
cloudflare
age
31430
etag
W/"66d84c0f-caa9"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f8863da1ac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:13 GMT
68050.4e58a4025.js
v1.bundlecdn.com/js/ 		369 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/68050.4e58a4025.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.9faf5292f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
761e4c75f250605584e32d3d76a212161f1e36900a536f7799258c33d5a7dc68

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 17:23:23 GMT
server
cloudflare
age
13142
etag
W/"66d8978b-5c31c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f8863da3ac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:13 GMT
84167.17f5fa4a9.js
v1.bundlecdn.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/84167.17f5fa4a9.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.9faf5292f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
92ea9bd64fc986968b38a1003174a422f7ea9ff287f3e60257c88edd3577882b

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 12:01:19 GMT
server
cloudflare
age
31303
etag
W/"66d84c0f-1e3a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f8863da5ac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:13 GMT
en
1wfzfn.top/fss/translations/ 		373 KB
111 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://1wfzfn.top/fss/translations/en?domain=1wfzfn.top&appName=web
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.24c8c104d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
51fa23d09e322391a7c92cdf1e78f7eb67c065c50002229db2b5a08820fcb657
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Accept
application/json, text/plain, */*
Referer
https://1wfzfn.top/
X-Origin
1wfzfn.top
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:13 GMT
content-encoding
gzip
x-app-version
v2.112.0
server
ddos-guard
etag
W/"9dc2f-eySnyzdu8IuCm26J+jRdg6n0rQY"
vary
Origin
x-match-domain
1wfzfn.top
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
x-request-id
6WDsNvFJNjvKcXAD
allv4
v1.bundlecdn.com/common/banners/ 		18 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/common/banners/allv4?localeId=61&lang=en&tzOffset=-420
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.24c8c104d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
f63819fcea3ec2e0aab2ed7311279ac653687eb28ffbdc184662655b81e0d5ed
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"5bef-w0uv3oKb9xY4d+RknuZsIOTTt90"
vary
Origin
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, stale-while-revalidate=300
cf-ray
8be0f887e9b1ab42-YYZ
vardata
api.lab.amplitude.com/sdk/v2/ 		2 KB
730 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.lab.amplitude.com/sdk/v2/vardata?v=0
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.24c8c104d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
47f025dfa3798b5201c977df67d21c791ecb3d4b996fdeb6148af968e6e9dafd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://1wfzfn.top/
Authorization
Api-Key client-Ss5BFx7UDrTj948TJHfc5ZUoTW67EjvZ
X-Amp-Exp-User
eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS4xMC4wIiwibGFuZ3VhZ2UiOiJlbi1VUyIsInBsYXRmb3JtIjoiV2ViIiwib3MiOiJDaHJvbWUgMTI4IiwiZGV2aWNlX21vZGVsIjoiTGludXgiLCJkZXZpY2VfaWQiOiIyNGMyNGJjYi1lNGEyLTQyZjUtODgxMi02NmM2YTUwNWM1MzciLCJ1c2VyX3Byb3BlcnRpZXMiOnsiZGV2aWNlX3R5cGUiOiJkZXNrdG9wIiwicGxhdGZvcm0iOiJ3ZWIiLCJvcyI6Im90aGVyIiwicGxhdGZvcm1fbGFuZ3VhZ2UiOiJlbiIsImRvbWFpbiI6IjF3Znpmbi50b3AiLCJ0aW1lX3pvbmUiOiJBbWVyaWNhL1ZhbmNvdXZlciIsInJlZmVycmluZ19kb21haW4iOiIifX0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
0
x-cache
MISS
cache-tag
client-Ss5BFx7UDrTj948TJHfc5ZUoTW67EjvZ
content-length
541
x-served-by
cache-yyz4571-YYZ
x-timer
S1725484275.564701,VS0,VE98
x-amzn-trace-id
Root=1-66d8ccf2-7211dd8863b78e2c1392452d
vary
Origin, Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://1wfzfn.top
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
vardata
api.lab.amplitude.com/sdk/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.lab.amplitude.com/sdk/v2/vardata?v=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amp-exp-user
Access-Control-Request-Method
GET
Origin
https://1wfzfn.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization,x-amp-exp-user
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
https://1wfzfn.top
access-control-max-age
1800
age
2544
cache-control
no-store
content-length
0
date
Wed, 04 Sep 2024 21:11:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id
Root=1-66d8c302-6ce106bc66f376b3761ef56d
x-cache
HIT
x-cache-hits
819
x-content-type-options
nosniff
x-served-by
cache-yyz4571-YYZ
x-timer
S1725484274.028736,VS0,VE0
favicon-32x32.png
1wfzfn.top/img/icons/ 		536 B
605 B 		Other
General
Check archive.org
Download Go to
Full URL
https://1wfzfn.top/img/icons/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
82dcbd3db370fd49d3a130886970cfd48796750ab3767c8b6985a2bf825b250b
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 14:21:03 GMT
last-modified
Wed, 04 Sep 2024 13:22:20 GMT
server
ddos-guard
age
24612
etag
"66d85f0c-218"
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
content-type
image/png
ddg-cache-status
HIT
cache-control
max-age=315360000
accept-ranges
bytes
content-length
536
expires
Thu, 31 Dec 2037 23:55:55 GMT
firebase-app.js
1wfzfn.top/firebase/8.1.1/ 		19 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://1wfzfn.top/firebase/8.1.1/firebase-app.js
Requested by
Host: 1wfzfn.top
URL: https://1wfzfn.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 14:21:03 GMT
content-encoding
br
last-modified
Wed, 04 Sep 2024 13:22:20 GMT
server
ddos-guard
age
24611
etag
W/"66d85f0c-4ded"
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
vary
Accept-Encoding
content-type
application/javascript
ddg-cache-status
HIT
cache-control
max-age=315360000
content-length
6578
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		369 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Requested by
Host: 1wfzfn.top
URL: https://1wfzfn.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.8 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
a00550f9cc6556f9c581517453f6e61a4b114d67331cf4d350f39913fdfb74e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
112569
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 04 Sep 2024 21:11:14 GMT
24179.85835a921.js
v1.bundlecdn.com/js/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/24179.85835a921.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.9faf5292f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
1fddc7a4959d6bd2252397a7dd9b595203b164241ced90d4b4110e251fda5310

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 12:59:59 GMT
server
cloudflare
age
28421
etag
W/"66d859cf-6e0c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f88c8bfdac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:14 GMT
55032.d47af85ce.js
v1.bundlecdn.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/55032.d47af85ce.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.9faf5292f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
3df4b3bf9f6db36c6b9f30b956f88320e05d824152e4c0c5f8cab550e930d5f9

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Aug 2024 12:57:34 GMT
server
cloudflare
age
1152425
etag
W/"66c735be-1bd6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f88c8c00ac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:14 GMT
58183.6a2f83b21.js
v1.bundlecdn.com/js/ 		82 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/58183.6a2f83b21.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.9faf5292f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
4742a7c7bbc3c690cd8bebf51d127b5ef9197fb49313a15ece626a4972c10aa8

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Aug 2024 12:57:34 GMT
server
cloudflare
age
1152292
etag
W/"66c735be-148e5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f88c8c02ac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:14 GMT
68618.d62065178.js
v1.bundlecdn.com/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/68618.d62065178.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.9faf5292f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
13b15f93eb2d98d4f7e9d58c481b6e04e54a0caed2b0b19a51cfb2a61adc8449

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 27 Aug 2024 09:42:11 GMT
server
cloudflare
age
731580
etag
W/"66cd9f73-272d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f88c8c03ac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:14 GMT
88751.6f9d434df.css
v1.bundlecdn.com/css/ 		18 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/css/88751.6f9d434df.css
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.9faf5292f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
ae3d0b16c6f2026758aae183042582cd1c83a6104887b8364fc562d0d3b309fd

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 01 Aug 2024 14:42:40 GMT
server
cloudflare
age
2960610
etag
W/"66ab9ee0-49ca"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f88c8bfaac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:14 GMT
88751.9942e3d08.js
v1.bundlecdn.com/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/88751.9942e3d08.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.9faf5292f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
2289168b9b5b4dd7fbfdf8b1635349e097eea304c5bde7c8ae4984e3609e9f07

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Aug 2024 12:57:34 GMT
server
cloudflare
age
1152292
etag
W/"66c735be-272b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f88c8c04ac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:14 GMT
60385.06f32d4d1.js
v1.bundlecdn.com/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/60385.06f32d4d1.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.9faf5292f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
a7cc97d5681d6d3e5921465551231c25df6ea5dec92aeb116e7dd146daef4565

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Aug 2024 12:57:34 GMT
server
cloudflare
age
1152482
etag
W/"66c735be-241d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f88c8c05ac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:14 GMT
33874.11392fd3e.js
v1.bundlecdn.com/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/33874.11392fd3e.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.9faf5292f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
4c1a4127bccfeef5458d604802707b3956ce0932d7a67f30aa3c3f4f552d0487

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Aug 2024 12:57:34 GMT
server
cloudflare
age
1151980
etag
W/"66c735be-26c4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f88c8c06ac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:14 GMT
61033.8474e5cd7.css
v1.bundlecdn.com/css/ 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/css/61033.8474e5cd7.css
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.9faf5292f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
9a42cdf4ae3bd2ed76206ea90b4b10bb87b23f120a6f945ba7c7da5c914145b3

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 14 Aug 2024 13:07:25 GMT
server
cloudflare
age
1842944
etag
W/"66bcac0d-8516"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f88c8bfbac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:14 GMT
61033.b404f5729.js
v1.bundlecdn.com/js/ 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/61033.b404f5729.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.9faf5292f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
c803aa14ce73a828ab438cc3aa20142cfd971f69a013d57aad6be127f3a8603c

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 27 Aug 2024 09:42:10 GMT
server
cloudflare
age
731487
etag
W/"66cd9f72-d2d8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f88cac31ac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:14 GMT
54591.9f9c039d5.js
v1.bundlecdn.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/54591.9f9c039d5.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.9faf5292f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca5f940d0599107621415baced4179c4af29d10ee69a7ba9ff2bd822c3ba722

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Aug 2024 12:57:34 GMT
server
cloudflare
age
1152429
etag
W/"66c735be-2170"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f88cac34ac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:14 GMT
43888.50c228fa6.js
v1.bundlecdn.com/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/43888.50c228fa6.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.9faf5292f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc592ccf7d030c8755d4593ac87648989b84bb53375e00b71a4dd13ff1b5e86

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 12:01:19 GMT
server
cloudflare
age
31204
etag
W/"66d84c0f-5f78"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f88cac36ac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:14 GMT
66607.f50bd4cfc.css
v1.bundlecdn.com/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/css/66607.f50bd4cfc.css
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.9faf5292f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
7028a71da8f876058fecce61a50965fef6882bed9467c47026a7651a98c056f4

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 20 Aug 2024 10:17:05 GMT
server
cloudflare
age
1094448
etag
W/"66c46d21-2199"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f88c8bfcac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:14 GMT
firebase-messaging.js
1wfzfn.top/firebase/8.1.1/ 		40 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://1wfzfn.top/firebase/8.1.1/firebase-messaging.js
Requested by
Host: 1wfzfn.top
URL: https://1wfzfn.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 14:21:03 GMT
content-encoding
br
last-modified
Wed, 04 Sep 2024 13:22:20 GMT
server
ddos-guard
age
24610
etag
W/"66d85f0c-9f25"
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
vary
Accept-Encoding
content-type
application/javascript
ddg-cache-status
HIT
cache-control
max-age=315360000
content-length
10915
expires
Thu, 31 Dec 2037 23:55:55 GMT
1279.2ddf52e8a.js
v1.bundlecdn.com/js/ 		911 B
688 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/1279.2ddf52e8a.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.9faf5292f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
b563de728f7ad9022ef94968360931749d32898f02f524b66a73c2630126f4a3

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Aug 2024 12:57:33 GMT
server
cloudflare
age
1152429
etag
W/"66c735bd-38f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
8be0f88d4d18ac8a-YYZ
expires
Sat, 02 Sep 2034 21:11:14 GMT
1win-normal.34748aac6.svg
v1.bundlecdn.com/img/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v1.bundlecdn.com/img/1win-normal.34748aac6.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
a5cb3d03f299b837679eaa793491a03acc5fc1afdbc7f207b7566646f3bd2ecb

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 17:23:23 GMT
server
cloudflare
age
4468
etag
W/"66d8978b-1221"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8be0f88d4d28ac8a-YYZ
expires
Thu, 05 Sep 2024 01:11:14 GMT
ca.svg
v1.bundlecdn.com/img/flags/ 		458 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v1.bundlecdn.com/img/flags/ca.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
6cf8f34e4b607c3ce8575639c308203e4fad00e9fab2ea37c99b04b680523b43

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 17:23:23 GMT
server
cloudflare
age
3130
etag
W/"66d8978b-1ca"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8be0f88d5d29ac8a-YYZ
expires
Thu, 05 Sep 2024 01:11:14 GMT
title
1wfzfn.top/common/ 		29 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1wfzfn.top/common/title?path=bets&lang=en
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.24c8c104d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.2.162.102 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
ddos-guard.net
Software
ddos-guard /
Resource Hash
c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Accept
application/json, text/plain, */*
Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
gzip
server
ddos-guard
etag
W/"25-bM/5z02X/xOkKbh8eZCiJpcKcd0"
vary
Origin, Accept-Encoding
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, stale-while-revalidate=300
bear.c08bbaeea-290.webp
v1.bundlecdn.com/img/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v1.bundlecdn.com/img/bear.c08bbaeea-290.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
cloudflare /
Resource Hash
145648fbb0420a13a445a0a67ba0aa7b8e8737cd13e5ec9a439a4eb48bd86f35

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2024 17:23:23 GMT
server
cloudflare
age
6079
etag
"66d8978b-6ee8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8be0f88d7d5bac8a-YYZ
content-length
28392
expires
Thu, 05 Sep 2024 01:11:14 GMT
api.js
www.google.com/recaptcha/ 		1 KB
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.9faf5292f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.36 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f4.1e100.net
Software
ESF /
Resource Hash
1be24db5f3aa860a3d2b5c918f43e1cb57dc367db832e72cc4dc5f289d81bcc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
expires
Wed, 04 Sep 2024 21:11:14 GMT
httpapi
api2.amplitude.com/2/ 		94 B
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.24c8c104d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.33.116.158 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-116-158.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
0aecd112d139989b220269d08d5415df20ad9ae1f068b341c0757db90c7443ba
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 04 Sep 2024 21:11:16 GMT
strict-transport-security
max-age=15768000
content-length
94
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
application/json
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.33.116.158 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-116-158.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1wfzfn.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Wed, 04 Sep 2024 21:11:16 GMT
strict-transport-security
max-age=15768000
recaptcha__en.js
www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/ 		536 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f3.1e100.net
Software
sffe /
Resource Hash
04a0c20c086ea1edc10ab2a9612afc96ac6bd5a49fa5b310768aba2ab688718f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wfzfn.top/
Origin
https://1wfzfn.top
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 16:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15956
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
216812
x-xss-protection
0
last-modified
Mon, 26 Aug 2024 04:00:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Sep 2025 16:45:19 GMT
destination
www.googletagmanager.com/gtag/ 		268 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-548949LWLW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.8 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
88d24954ad9e40e03837c470a9b4fde8a192a3a74de98e22cab3906d735c9976
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95063
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 04 Sep 2024 21:11:15 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.8 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fdbb46d9d3ddeb11e321d5a99af6ffbb0a3848ac2b2911384fedf0d6dcece762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95055
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 04 Sep 2024 21:11:15 GMT
js
www.googletagmanager.com/gtag/ 		269 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16482547739&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.8 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b4c50a3e43f9b08bbd4b771fabf64494ef3d9296ca126c38c119507125c84d1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94703
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 04 Sep 2024 21:11:15 GMT
destination
www.googletagmanager.com/gtag/ 		215 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.8 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9fa649fbd7fd617410fbf5211d81eca5dcd87bdb682f39915d7e1f1e220fe3bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 21:11:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78871
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 04 Sep 2024 21:11:15 GMT
activityi;dc_pre=CKO_5euZqogDFdAOTwgdY10ctA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
12572451.fls.doubleclick.net/ Frame 628B
Redirect Chain
  • https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
  • https://12572451.fls.doubleclick.net/activityi;dc_pre=CKO_5euZqogDFdAOTwgdY10ctA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://12572451.fls.doubleclick.net/activityi;dc_pre=CKO_5euZqogDFdAOTwgdY10ctA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2648314786254.2446?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.38 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wfzfn.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1006
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Sep 2024 21:11:18 GMT
expires
Wed, 04 Sep 2024 21:11:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Sep 2024 21:11:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12572451.fls.doubleclick.net/activityi;dc_pre=CKO_5euZqogDFdAOTwgdY10ctA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2648314786254.2446?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
hotjar-2606090.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2606090.js?sv=6
Requested by
Host: 1wfzfn.top
URL: https://1wfzfn.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-124.jfk50.r.cloudfront.net
Software
/
Resource Hash
94657a0ba1bf670d6f6b46b77431cb686cce231caff19c94b141d4f2f74ddf7a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Wed, 04 Sep 2024 21:10:54 GMT
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
29
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/235c9ae8c90c4c97fbc357fe8e0eea16
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
35UOX66nTjYJhO13WR1WJsakemZUMdsY0RmBdqkjdL09rKt0Hq3aJA==
tag.js
mc.yandex.ru/metrika/ 		0
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-548949LWLW&gtm=45je4930v894728184z8894400803za200zb894400803&_p=1725484274604&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101529666&cid=1287132564.1725484275&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1725484275&sct=1&seg=0&dl=https%3A%2F%2F1wfzfn.top%2F&dt=1win&en=socket_connection_attempt&_fv=1&_nsi=1&_ss=1&tfd=3665
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-548949LWLW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 21:11:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://1wfzfn.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-548949LWLW&cid=1287132564.1725484275&gtm=45je4930v894728184z8894400803za200zb894400803&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101529666
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-548949LWLW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 21:11:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://1wfzfn.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rul
td.doubleclick.net/td/ga/ Frame 518E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-548949LWLW&gacid=1287132564.1725484275&gtm=45je4930v894728184z8894400803za200zb894400803&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101529666&z=1822978630
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-548949LWLW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wfzfn.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Sep 2024 21:11:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-548949LWLW&cid=1287132564.1725484275&gtm=45je4930v894728184z8894400803za200zb894400803&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101529666&tag_exp=101529666&z=52774225
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 21:11:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CJO7y-qZqogDFRat0QQdzzcxtw;src=12688802;type=actio0;cat=allpa0;ord=1;num=6945577171644;npa=0;auiddc=283880701.1725484275;ps=1;pcor=372548240;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=...
12688802.fls.doubleclick.net/ Frame 9DAE
Redirect Chain
  • https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=6945577171644;npa=0;auiddc=283880701.1725484275;ps=1;pcor=372548240;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua...
  • https://12688802.fls.doubleclick.net/activityi;dc_pre=CJO7y-qZqogDFRat0QQdzzcxtw;src=12688802;type=actio0;cat=allpa0;ord=1;num=6945577171644;npa=0;auiddc=283880701.1725484275;ps=1;pcor=372548240;ua...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://12688802.fls.doubleclick.net/activityi;dc_pre=CJO7y-qZqogDFRat0QQdzzcxtw;src=12688802;type=actio0;cat=allpa0;ord=1;num=6945577171644;npa=0;auiddc=283880701.1725484275;ps=1;pcor=372548240;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4930v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wfzfn.top%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.38 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wfzfn.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
343
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Sep 2024 21:11:15 GMT
expires
Wed, 04 Sep 2024 21:11:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Sep 2024 21:11:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12688802.fls.doubleclick.net/activityi;dc_pre=CJO7y-qZqogDFRat0QQdzzcxtw;src=12688802;type=actio0;cat=allpa0;ord=1;num=6945577171644;npa=0;auiddc=283880701.1725484275;ps=1;pcor=372548240;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4930v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wfzfn.top%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=6945577171644;npa=0;auiddc=283880701.1725484275;ps=1;pcor=372548240;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;...
td.doubleclick.net/td/fls/rul/ Frame 81B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=6945577171644;npa=0;auiddc=283880701.1725484275;ps=1;pcor=372548240;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4930v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wfzfn.top%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wfzfn.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Sep 2024 21:11:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=6945577171644;npa=0;auiddc=283880701.1725484275;ps=1;pcor=372548240;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=6945577171644;npa=0;auiddc=283880701.1725484275;ps=1;pcor=372548240;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4930v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2F1wfzfn.top%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 21:11:15 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"10563696220428629832"}],"aggregatable_trigger_data":[{"filters":[{"14":["13647302"]}],"key_piece":"0xad7990f7efcbfeeb","source_keys":["12","13","14","15","16","17","18","19","20","21","20557008","20557009","20557010","20557011","638603056","638603057","638603058","638603059","900140808","900140809","900140810","900140811"]},{"key_piece":"0xa2c94820f40891eb","not_filters":{"14":["13647302"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","20557008","20557009","20557010","20557011","638603056","638603057","638603058","638603059","900140808","900140809","900140810","900140811"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"20557008":36,"20557009":36,"20557010":36,"20557011":3530,"21":6356,"638603056":32,"638603057":32,"638603058":32,"638603059":3177,"900140808":34,"900140809":34,"900140810":34,"900140811":3345},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"8890669361710939538","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"10563696220428629832","filters":[{"14":["13647302"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"10563696220428629832","filters":[{"14":["13647302"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"10563696220428629832","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"10563696220428629832","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12688802"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16482547739/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16482547739/?random=1725484275439&cv=11&fst=1725484275439&bg=ffffff&guid=ON&async=1&gtm=45be4930v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2F1wfzfn.top%2F&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=283880701.1725484275&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16482547739&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
8e3d17fbb0a9832758a23083b9036518b78bddcc97d383f7c1a1b48af9004b20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 21:11:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
16482547739
td.doubleclick.net/td/rul/ Frame C3F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/16482547739?random=1725484275439&cv=11&fst=1725484275439&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4930v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2F1wfzfn.top%2F&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=283880701.1725484275&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16482547739&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wfzfn.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Sep 2024 21:11:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-46.jfk50.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
3134889
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
FQgczQZImdMUOH-PaNfre_HY8EQmcmGDXvtBna5YUnlaI5_uPDMTxQ==
/
www.google.com/pagead/1p-user-list/16482547739/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/16482547739/?random=1725484275439&cv=11&fst=1725483600000&bg=ffffff&guid=ON&async=1&gtm=45be4930v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2F1wfzfn.top%2F&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=283880701.1725484275&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfpuHHhjyVj-yu4ippR-_jOzoD2_8sMg&random=4056523886&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.36 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 21:11:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/16482547739/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/16482547739/?random=1725484275439&cv=11&fst=1725483600000&bg=ffffff&guid=ON&async=1&gtm=45be4930v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2F1wfzfn.top%2F&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=283880701.1725484275&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfpuHHhjyVj-yu4ippR-_jOzoD2_8sMg&random=4056523886&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 21:11:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
httpapi
api2.amplitude.com/2/ 		94 B
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.24c8c104d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.33.116.158 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-116-158.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e41e27b78ad96dd625de2a83876c8238c3fd51a9bc3e5f00ee3cab481d319cce
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 04 Sep 2024 21:11:16 GMT
strict-transport-security
max-age=15768000
content-length
94
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
application/json
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.33.116.158 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-116-158.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1wfzfn.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Wed, 04 Sep 2024 21:11:16 GMT
strict-transport-security
max-age=15768000
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-548949LWLW&gtm=45je4930v894728184z8894400803za200zb894400803&_p=1725484274604&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101529666&cid=1287132564.1725484275&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sid=1725484275&sct=1&seg=1&dl=https%3A%2F%2F1wfzfn.top%2F&dt=1win&_s=2&tfd=8702
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-548949LWLW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://1wfzfn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 04 Sep 2024 21:11:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://1wfzfn.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mc.yandex.ru
URL
https://mc.yandex.ru/metrika/tag.js

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| INITIAL_DATA object| _chunksDictionary function| clearImmediate function| setImmediate string| appTitle function| deepFreeze object| LangEnum object| lang string| releaseTag string| buildName string| gtmKey object| supportChatConfig object| webim object| webimHandlers function| initOrGetInstanceOfSupportChat function| openTgSupportChannel function| loadScript object| webpackChunk_1win_frontend_main object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| dataLayer object| __vueuse_ssr_handlers__ function| IMask object| buildConfig boolean| __VUE__ object| amplitude object| analyticsConnectorInstances object| socket object| firebase object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| axel number| a string| userId function| hj object| _hjSettings function| ym object| gaGlobal object| GooglebQhCsO object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| recaptcha

14 Cookies

Domain/Path Name / Value
.1wfzfn.top/ Name: __ddg1_
Value: qCgQINyuwIpCnVDeZYJ9
1wfzfn.top/ Name: visit_domain
Value: 1wfzfn.top
1wfzfn.top/ Name: 1w_lang
Value: en
1wfzfn.top/ Name: 1w_locale
Value: 61
.1wfzfn.top/ Name: _gcl_au
Value: 1.1.283880701.1725484275
.1wfzfn.top/ Name: AMP_494cccfe21
Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjIyNGMyNGJjYi1lNGEyLTQyZjUtODgxMi02NmM2YTUwNWM1MzclMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzI1NDg0MjczOTAyJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcyNTQ4NDI3NTExOCUyQyUyMmxhc3RFdmVudElkJTIyJTNBNiUyQyUyMnBhZ2VDb3VudGVyJTIyJTNBMCU3RA==
.1wfzfn.top/ Name: _ga
Value: GA1.1.1287132564.1725484275
.1wfzfn.top/ Name: _ga_548949LWLW
Value: GS1.1.1725484275.1.1.1725484275.60.0.0
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUn4sox2aRtSqnVTTYOrN7lqyCqFjwC7J8KCj2rT-Yd8v1ZiAIpYnXMmyKQmZzE
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.1wfzfn.top/ Name: _hjSessionUser_2606090
Value: eyJpZCI6IjI1MmEyMjY4LTYwODEtNTQ2My1hN2NkLTE0NGUxOTRmZjY0MyIsImNyZWF0ZWQiOjE3MjU0ODQyNzYwODAsImV4aXN0aW5nIjpmYWxzZX0=
.1wfzfn.top/ Name: _hjSession_2606090
Value: eyJpZCI6ImM4YTRmMWZkLTA1MmItNGE0OC05Y2Y2LTliMTMyOTI1ODlmYyIsImMiOjE3MjU0ODQyNzYwODUsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
1wfzfn.top/ Name: _hjHasCachedUserAttributes
Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
1wfzfn.top
ad.doubleclick.net
analytics.google.com
api.lab.amplitude.com
api2.amplitude.com
googleads.g.doubleclick.net
mc.yandex.ru
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
td.doubleclick.net
v1.bundlecdn.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
mc.yandex.ru
108.138.106.124
142.250.176.194
142.250.65.194
142.250.80.102
142.250.80.36
142.250.80.38
142.251.163.154
142.251.32.99
142.251.41.8
151.101.130.132
154.197.121.128
172.217.165.131
18.164.96.46
186.2.162.102
216.239.32.181
52.33.116.158
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
04a0c20c086ea1edc10ab2a9612afc96ac6bd5a49fa5b310768aba2ab688718f
06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6
0aecd112d139989b220269d08d5415df20ad9ae1f068b341c0757db90c7443ba
0f6e3e5c53c730a88de6f874ab17cb1283f0ed8580bb22b57578f4f0d601f700
13b15f93eb2d98d4f7e9d58c481b6e04e54a0caed2b0b19a51cfb2a61adc8449
145648fbb0420a13a445a0a67ba0aa7b8e8737cd13e5ec9a439a4eb48bd86f35
1be24db5f3aa860a3d2b5c918f43e1cb57dc367db832e72cc4dc5f289d81bcc5
1fddc7a4959d6bd2252397a7dd9b595203b164241ced90d4b4110e251fda5310
2289168b9b5b4dd7fbfdf8b1635349e097eea304c5bde7c8ae4984e3609e9f07
3df4b3bf9f6db36c6b9f30b956f88320e05d824152e4c0c5f8cab550e930d5f9
4742a7c7bbc3c690cd8bebf51d127b5ef9197fb49313a15ece626a4972c10aa8
47f025dfa3798b5201c977df67d21c791ecb3d4b996fdeb6148af968e6e9dafd
4c1a4127bccfeef5458d604802707b3956ce0932d7a67f30aa3c3f4f552d0487
4ca5f940d0599107621415baced4179c4af29d10ee69a7ba9ff2bd822c3ba722
51fa23d09e322391a7c92cdf1e78f7eb67c065c50002229db2b5a08820fcb657
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
5cc592ccf7d030c8755d4593ac87648989b84bb53375e00b71a4dd13ff1b5e86
6550cafadbfbb525b76e0ca1aa718d71bf302d2043b8722824010d5ecb0c9ead
6cf8f34e4b607c3ce8575639c308203e4fad00e9fab2ea37c99b04b680523b43
7028a71da8f876058fecce61a50965fef6882bed9467c47026a7651a98c056f4
761e4c75f250605584e32d3d76a212161f1e36900a536f7799258c33d5a7dc68
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
82dcbd3db370fd49d3a130886970cfd48796750ab3767c8b6985a2bf825b250b
858c117cc30e000c11136b786bc4c7506104577aad2306cfe47e49a5e710887e
88d24954ad9e40e03837c470a9b4fde8a192a3a74de98e22cab3906d735c9976
8bfb3370fd663e0b739717c1de85fbc9cbedee33dc903b5b1aea559608f063a4
8e3d17fbb0a9832758a23083b9036518b78bddcc97d383f7c1a1b48af9004b20
92ea9bd64fc986968b38a1003174a422f7ea9ff287f3e60257c88edd3577882b
94657a0ba1bf670d6f6b46b77431cb686cce231caff19c94b141d4f2f74ddf7a
9a42cdf4ae3bd2ed76206ea90b4b10bb87b23f120a6f945ba7c7da5c914145b3
9be12e59a210d45411e025096615d4308c44a0cffeb791dd452e443c675e8481
9c3b25f260defd6991608963a30a67cad0981ecce13e5975b1a6304887514d7f
9fa649fbd7fd617410fbf5211d81eca5dcd87bdb682f39915d7e1f1e220fe3bc
a00550f9cc6556f9c581517453f6e61a4b114d67331cf4d350f39913fdfb74e4
a5cb3d03f299b837679eaa793491a03acc5fc1afdbc7f207b7566646f3bd2ecb
a7cc97d5681d6d3e5921465551231c25df6ea5dec92aeb116e7dd146daef4565
ae3d0b16c6f2026758aae183042582cd1c83a6104887b8364fc562d0d3b309fd
b4c50a3e43f9b08bbd4b771fabf64494ef3d9296ca126c38c119507125c84d1a
b563de728f7ad9022ef94968360931749d32898f02f524b66a73c2630126f4a3
babd61c4f4b5102b18fade996b7dc220760c78e7504be1976c5d7afe958aba41
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a
c4de02db11ddd13c3d0fb49abcf7e5b245d5536cf66490b9f0177196a1749fa5
c803aa14ce73a828ab438cc3aa20142cfd971f69a013d57aad6be127f3a8603c
ce68e1614ab493deaecfa6eb9711736de0348248e1d559b5f6dfb5dc4c29b459
cec717af8c758ea8ecb4c6b518c9152b73f3c15b8a001082af0be567f26a41b5
d9f875700253ce714da68530512dc3dd7b7f91cc46fe9cde788d0c25947d71c4
df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41e27b78ad96dd625de2a83876c8238c3fd51a9bc3e5f00ee3cab481d319cce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f007c721f3891c6fbc6555f58faf308a9187968bfca7439dd601ae93b621649b
f63819fcea3ec2e0aab2ed7311279ac653687eb28ffbdc184662655b81e0d5ed
fdbb46d9d3ddeb11e321d5a99af6ffbb0a3848ac2b2911384fedf0d6dcece762