urlscan.io logo urlscan.io
SecurityTrails logo

1wbms.top Open in urlscan Pro
190.115.19.43  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1wbms.top/
Effective URL: https://1wbms.top/
Submission: On December 01 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 68 HTTP transactions. The main IP is 190.115.19.43, located in Belize City, Belize and belongs to DDOS-GUARD CORP., BZ. The main domain is 1wbms.top.
TLS certificate: Issued by R3 on September 21st 2022. Valid for: 3 months.
This is the only time 1wbms.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 190.115.19.43 262254 (DDOS-GUAR...)
19 172.67.74.226 13335 (CLOUDFLAR...)
2 151.101.66.132 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
1 18.67.17.99 16509 (AMAZON-02)
2 3 185.39.80.120 200015 (LIVETEX)
1 18.67.21.83 16509 (AMAZON-02)
3 6 142.251.32.102 15169 (GOOGLE)
1 18.67.17.78 16509 (AMAZON-02)
1 18.67.17.123 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
11 185.39.80.48 200015 (LIVETEX)
10 2606:4700:20:... 13335 (CLOUDFLAR...)
68 15
11    190.115.19.43 (Belize City, Belize)

ASN262254 (DDOS-GUARD CORP., BZ)
1wbms.top
19    172.67.74.226 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-1win.xyz
2    151.101.66.132 (United States)

ASN54113 (FASTLY, US)
api.lab.amplitude.com
2    2607:f8b0:4006:808::2008 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.67.17.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-17-99.yto50.r.cloudfront.net
static.hotjar.com
3    185.39.80.120 (Russian Federation)

ASN200015 (LIVETEX, RU)
cs15.livetex.ru
balancer-cloud.livetex.ru
1    18.67.21.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-21-83.yto50.r.cloudfront.net
cdn.amplitude.com
6    142.251.32.102 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f6.1e100.net
12572451.fls.doubleclick.net
1    18.67.17.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-17-78.yto50.r.cloudfront.net
script.hotjar.com
1    18.67.17.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-17-123.yto50.r.cloudfront.net
vars.hotjar.com
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2607:f8b0:4006:80f::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
11    185.39.80.48 (Russian Federation)

ASN200015 (LIVETEX, RU)
widgets-04.livetex.ru
balancer-04.livetex.ru
io4-ls-04.livetex.ru
wapi-04.livetex.ru
10    2606:4700:20::ac43:4a03 (United States)

ASN13335 (CLOUDFLARENET, US)
widgets-04.livetex.me
Apex Domain
Subdomains		 Transfer
19 cdn-1win.xyz
cdn-1win.xyz — Cisco Umbrella Rank: 707721
778 KB
14 livetex.ru
cs15.livetex.ru — Cisco Umbrella Rank: 240341
balancer-cloud.livetex.ru — Cisco Umbrella Rank: 195012
widgets-04.livetex.ru — Cisco Umbrella Rank: 407648
balancer-04.livetex.ru — Cisco Umbrella Rank: 347572
io4-ls-04.livetex.ru — Cisco Umbrella Rank: 692512
wapi-04.livetex.ru — Cisco Umbrella Rank: 433163
122 KB
11 1wbms.top
1wbms.top
320 KB
10 livetex.me
widgets-04.livetex.me — Cisco Umbrella Rank: 386485
468 KB
6 doubleclick.net
12572451.fls.doubleclick.net
2 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 70
659 B
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 638
script.hotjar.com — Cisco Umbrella Rank: 778
vars.hotjar.com — Cisco Umbrella Rank: 823
72 KB
3 amplitude.com
api.lab.amplitude.com — Cisco Umbrella Rank: 6396
cdn.amplitude.com — Cisco Umbrella Rank: 2728
27 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
360 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
126 KB
68 10
Domain Requested by
19 cdn-1win.xyz 1wbms.top
cdn-1win.xyz
11 1wbms.top 1 redirects 1wbms.top
10 widgets-04.livetex.me balancer-cloud.livetex.ru
widgets-04.livetex.me
6 12572451.fls.doubleclick.net 3 redirects www.googletagmanager.com
3 wapi-04.livetex.ru widgets-04.livetex.me
3 io4-ls-04.livetex.ru widgets-04.livetex.me
3 balancer-04.livetex.ru balancer-cloud.livetex.ru
widgets-04.livetex.me
3 adservice.google.com 12572451.fls.doubleclick.net
2 widgets-04.livetex.ru
2 balancer-cloud.livetex.ru 2 redirects
2 www.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com 1wbms.top
www.googletagmanager.com
2 api.lab.amplitude.com cdn-1win.xyz
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 cdn.amplitude.com 1wbms.top
1 cs15.livetex.ru 1wbms.top
1 static.hotjar.com 1wbms.top
68 18

This site contains links to these domains. Also see Links.

Domain
livetex.ru
Subject Issuer Validity Valid
1wbms.top
R3		 2022-09-21 -
2022-12-20		 3 months crt.sh
*.cdn-1win.xyz
GTS CA 1P5		 2022-11-18 -
2023-02-16		 3 months crt.sh
*.lab.amplitude.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-24 -
2023-06-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
*.livetex.ru
GlobalSign GCC R3 DV TLS CA 2020		 2022-05-21 -
2023-06-22		 a year crt.sh
cdn.amplitude.com
Amazon		 2021-12-17 -
2023-01-14		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.livetex.me
E1		 2022-11-14 -
2023-02-12		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://1wbms.top/
Frame ID: 79CFB6A32E2AE626D18EDFF44F259FCB
Requests: 50 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CPjFxpbp2PsCFY0YoQodMmwKPQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5348490914895.658
Frame ID: 0DB69B93848DD4FC7AAFD43C68704E7D
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: E6B18D30E7BDD2F9620C396C15DC7D52
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPjFxpbp2PsCFY0YoQodMmwKPQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5348490914895.658;~oref=https://1wbms.top/
Frame ID: 714FDE56CABCD5A873E00C2C044D643C
Requests: 1 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CJnBgpfp2PsCFUVmwQodyJgH8A;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4052910998775.827
Frame ID: 0560F69F408B6886066BABE550B235A5
Requests: 2 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CMWOg5fp2PsCFZuFywEdZY4GLA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2805257936928.0938
Frame ID: 9140035E98C31309A1807E8C22F099E9
Requests: 2 HTTP requests in this frame

Frame: https://widgets-04.livetex.me/js/iframe.html?host-page-origin=https://1wbms.top
Frame ID: 2F5C9208C8F7C904B1D6632210860354
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1win

Page URL History Show full URLs

  1. http://1wbms.top/ HTTP 301
    https://1wbms.top/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

68
Requests

96 %
HTTPS

29 %
IPv6

10
Domains

18
Subdomains

15
IPs

3
Countries

1915 kB
Transfer

5962 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1wbms.top/ HTTP 301
    https://1wbms.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5348490914895.658 HTTP 302
  • https://12572451.fls.doubleclick.net/activityi;dc_pre=CPjFxpbp2PsCFY0YoQodMmwKPQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5348490914895.658
Request Chain 41
  • https://balancer-cloud.livetex.ru/get-client/?site_id=171205&version=1.2.36&target=settings_path&rnd=r7henholaep HTTP 302
  • https://widgets-04.livetex.ru/js/widgetsSettings.json
Request Chain 42
  • https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4052910998775.827 HTTP 302
  • https://12572451.fls.doubleclick.net/activityi;dc_pre=CJnBgpfp2PsCFUVmwQodyJgH8A;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4052910998775.827
Request Chain 43
  • https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2805257936928.0938 HTTP 302
  • https://12572451.fls.doubleclick.net/activityi;dc_pre=CMWOg5fp2PsCFZuFywEdZY4GLA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2805257936928.0938
Request Chain 46
  • https://balancer-cloud.livetex.ru/get-client/?site_id=171205&version=1.2.36&target=path&rnd=ac90t83dnew HTTP 302
  • https://widgets-04.livetex.ru/js/app3.js

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1wbms.top/
Redirect Chain
  • http://1wbms.top/
  • https://1wbms.top/
227 KB
74 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1wbms.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
2443e8c5c86842a728a41586e0431ee69a0d3e2c4d7a27e91c1af5a01b801864
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 01 Dec 2022 16:18:36 GMT
server
nginx/1.22.0
x-frame-options
DENY

Redirect headers

Connection
keep-alive
Content-Length
169
Content-Type
text/html
Date
Thu, 01 Dec 2022 16:18:35 GMT
Location
https://1wbms.top
Server
nginx/1.22.0
X-Frame-Options
DENY
chunk-vendors.2670f107.js
1wbms.top/js/ 		423 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1wbms.top/js/chunk-vendors.2670f107.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
937bd57dfd90353fed8987562f85448589ce90cce46ea035a013333d8a0903b6
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://1wbms.top/
Origin
https://1wbms.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:36 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 14:36:12 GMT
server
nginx/1.22.0
etag
W/"6388bbdc-69c74"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
chunk-common.77cb8ea6.js
1wbms.top/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1wbms.top/js/chunk-common.77cb8ea6.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
767ed8079c0656263c80bb5945e63297e94a50bec143736fe0ef86597c30f497
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://1wbms.top/
Origin
https://1wbms.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:36 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 14:36:12 GMT
server
nginx/1.22.0
etag
W/"6388bbdc-3d43"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.6f43e37e.js
1wbms.top/js/ 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1wbms.top/js/index.6f43e37e.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
2110c1b78eb15f3dc45d9643ff77da6f17b5db2fa43ce73299b9eed311ce2115
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://1wbms.top/
Origin
https://1wbms.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:36 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 14:36:12 GMT
server
nginx/1.22.0
etag
W/"6388bbdc-15ca7"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
desktop.0599edc9.js
1wbms.top/js/ 		114 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1wbms.top/js/desktop.0599edc9.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
5d901262ec70744f7df1a19414056f3d9bb71f47c923ceb4318485184977b59e
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:36 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 14:36:12 GMT
server
nginx/1.22.0
etag
W/"6388bbdc-1c675"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
1.txt
cdn-1win.xyz/ 		8 B
457 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-1win.xyz/1.txt?1669911516541
Requested by
Host: 1wbms.top
URL: https://1wbms.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.67.74.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d2c759213949af96fbdcd756a5146f64a9acadf9625bd7a9feb04bb4517b4f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:36 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 01 Dec 2022 14:35:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6388bbc3-8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVDZUCrTW0WKYFNxdgsMFwGTx4M2x%2BcbJHkbtUhf%2FqaPV5EWUfm7UV064v8J%2BCXI7LSHBvWAIivnXxCWKv%2F6DtJUV70XxqhgqEmh8UouVa9kR0hcvuecWTZ8KVJnvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
772d23c2bb59c35e-EWR
content-length
8
affiliate:link_visit
1wbms.top/ 		15 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1wbms.top/affiliate:link_visit?visit_domain=1wbms.top&sub_ids=undefined
Requested by
Host: 1wbms.top
URL: https://1wbms.top/js/chunk-vendors.2670f107.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
nginx/1.22.0 / Express
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
server
nginx/1.22.0
etag
W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
x-powered-by
Express
x-frame-options
DENY
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
undefined
access-control-expose-headers
Authorization
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
content-length
15
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/webp
icons-common.614df494.js
cdn-1win.xyz/js/ 		226 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1win.xyz/js/icons-common.614df494.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/js/index.6f43e37e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.67.74.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
364d31ef9b27918df7b80aa6e01cb9d7a95dbd8f70064b1a066a60fd5aa5ba9f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1145572
cf-polished
origSize=231212
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:00:55 GMT
server
cloudflare
etag
W/"637757d7-3872c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqteY%2F9uiFDUfxvI6Z%2Bg4unRKYjLK3dTJRnW%2B1DfRr9HLSU60kXQISPEVbJy4DCcnpZTW4ONNQcq%2FUWw7AKldSXrP8suF7%2BYqiBcCK2raLHJ2Yoo6rWVDXOFa6NU%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
772d23c5aa6d19aa-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
1705.d306728f.js
cdn-1win.xyz/js/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1win.xyz/js/1705.d306728f.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/js/index.6f43e37e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.67.74.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
270fd7ec5b3a45c223ebd2f7740a48447e8d190b0ae2487cf6c4ddfc94cea1b6
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
801567
cf-polished
origSize=29313
cf-bgj
minify
last-modified
Tue, 22 Nov 2022 08:38:05 GMT
server
cloudflare
etag
W/"637c8a6d-7281"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CT2TyTMHkBumfIMgb284x8RPATEUA8whu6jGD9dvKUB5yMx7sDq%2Blk2Ga8kvJD%2BPhDb5H9OO%2Fkh3G0u654v2icJGxxnJCIf6%2Fo1eIbkzUfHUSxCrgMSi6OPlnDLn%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
772d23c5aa7019aa-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
2668.9486adaf.js
cdn-1win.xyz/js/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1win.xyz/js/2668.9486adaf.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/js/index.6f43e37e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.67.74.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08761935c0be818c26284291183354911e2cdaec084b3377f093906e7456fbd1
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
87213
cf-polished
origSize=60574
cf-bgj
minify
last-modified
Wed, 30 Nov 2022 16:03:03 GMT
server
cloudflare
etag
W/"63877eb7-ec9e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NiItMUmr4a06UwJ%2BgiX8TA99vQdSu%2BgorOGNhJPQvue73hc4MP4d8G2hPgauhRN2vDpREpRNlU1QYODpDE9f14m%2FIdpPcKGESAkj2dCf4o65wVcNS09c6sbN3ZFM%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
772d23c5aa7119aa-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
2527.17e6dc66.js
cdn-1win.xyz/js/ 		523 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1win.xyz/js/2527.17e6dc66.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/js/index.6f43e37e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.67.74.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1080f4549f7a1cc088115b64059b108860517b7a8db7fa31380600d47fd61dd
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11818
cf-polished
origSize=535596
cf-bgj
minify
last-modified
Thu, 01 Dec 2022 12:46:26 GMT
server
cloudflare
etag
W/"6388a222-82c2c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5KKLRU0GuRSuhLcEJauf1QaBXV1G30IOXXRQB98P%2B%2F%2Frygwe5VMcNWZgNYsefNdP0G0D3UDG8LgtQmhBcwqchE6qvUS8I85vKu%2Bjzdl%2F%2BEKqrfSnS5im2E%2Blqvugw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
772d23c5aa6f19aa-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
desktop.5956ec14.css
cdn-1win.xyz/css/ 		109 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-1win.xyz/css/desktop.5956ec14.css
Requested by
Host: 1wbms.top
URL: https://1wbms.top/js/index.6f43e37e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.67.74.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8cb21d7671103a19e2fddf77fc306f719b35954cc94ffd5c5d345e8c98e707a
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
536200
cf-polished
origSize=111842
cf-bgj
minify
last-modified
Fri, 25 Nov 2022 10:58:40 GMT
server
cloudflare
etag
W/"63809fe0-1b4e2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EeJNDFYCAPBGCKHCuXFUskca%2FdP3xuLTjYAeIO%2Ffyjz4JVWGALBNJFg8iIf%2F2HVvVYCP7Rr8l3q%2BHQ%2Fp1fbja0yr2NwENGeh1jJy%2B3TqNJEOLUE24xWvP8NgLSAAzg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
772d23c5aa6a19aa-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
desktop.0599edc9.js
cdn-1win.xyz/js/ 		114 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1win.xyz/js/desktop.0599edc9.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/js/index.6f43e37e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.67.74.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ceac3e05f02aec0a6e07c68b2e32e74658df93577349271cdd9983802341f0e
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4586
cf-polished
origSize=116341
cf-bgj
minify
last-modified
Thu, 01 Dec 2022 14:35:46 GMT
server
cloudflare
etag
W/"6388bbc2-1c675"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCJAvwn6Gy4zZoOGHEi%2FHbRr1hBwpP74IBVWSNfTnkLKb%2BE9wI7eCIq4aoVKLzT2WmBKEPS80oX87YiEg3ppmHpnICHAE5WeBl8qhS0buQRjtFzEXb%2B1m3dprejbwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
772d23c5aa6e19aa-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
SFNSText.c652402c.woff2
cdn-1win.xyz/fonts/ 		370 KB
371 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-1win.xyz/fonts/SFNSText.c652402c.woff2
Requested by
Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/css/desktop.5956ec14.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.67.74.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49073903870a8bb345c24e632270bc480dde66725f0af85c66df5cb7269c4214

Request headers

Referer
https://cdn-1win.xyz/css/desktop.5956ec14.css
Origin
https://1wbms.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Dec 2022 14:35:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6388bbc3-5c9b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bkwd00fGfMRsxdLCGELrDCZakKKoXvxnmXXOBM15N6OX6c6ihLlWxp%2Fkdo%2BaElcPgvoDfDFRH4z7Em7%2Bb9ULSgb%2Fcz5bWkFYFEXKSGDngnqx77QZK4PToDN%2Ba0hjhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
772d23c6093bc35e-EWR
content-length
379312
expires
Thu, 31 Dec 2037 23:55:55 GMT
vardata
api.lab.amplitude.com/sdk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.lab.amplitude.com/sdk/vardata
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amp-exp-user
Access-Control-Request-Method
GET
Origin
https://1wbms.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization,x-amp-exp-user
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
https://1wbms.top
access-control-max-age
1800
date
Thu, 01 Dec 2022 16:18:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin
x-amzn-trace-id
Root=1-6388d3dd-0067bead0d04d9c623df9754
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-ewr18178-EWR
x-timer
S1669911517.460899,VS0,VE62
1959.0f42cf4c.js
cdn-1win.xyz/js/ 		192 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1win.xyz/js/1959.0f42cf4c.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/js/index.6f43e37e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.67.74.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a80e828d38a3bcd538602c347de067809481044d7857046104c5ad4d1d1813f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7970880
cf-bgj
minify
last-modified
Wed, 31 Aug 2022 10:03:20 GMT
server
cloudflare
etag
W/"630f31e8-2fe26"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UG3NkA%2F0VVu0QXxmpBNh%2F%2FE2yxyMYuPfH9UBtTq%2F0KVqakcZkwioWgnkmVLq9jR%2Bc4%2F7TrhbNTqozxiHQy9Y3TNrDDkAnmZgiddyKJb5p0uy5vq7RD4lA8DTRIdCBA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
772d23c74dec19aa-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
vardata
api.lab.amplitude.com/sdk/ 		2 B
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.lab.amplitude.com/sdk/vardata
Requested by
Host: cdn-1win.xyz
URL: https://cdn-1win.xyz/js/2527.17e6dc66.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://1wbms.top/
accept-language
en-US,en;q=0.9
Authorization
Api-Key client-utHKVjcfmBn9NBTv9TXTB9Qo2likMJCV
X-Amp-Exp-User
eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS41LjUiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMDgiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwidXNlcl9wcm9wZXJ0aWVzIjp7fX0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-served-by
cache-ewr18178-EWR
date
Thu, 01 Dec 2022 16:18:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
0
x-timer
S1669911518.533030,VS0,VE63
x-amzn-trace-id
Root=1-6388d3dd-3936c4e3750c6e8939aa2ba5
vary
Origin, Origin
x-cache
MISS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://1wbms.top
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2
x-cache-hits
0
get-authorization
1wbms.top/ 		19 B
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1wbms.top/get-authorization?random=1669911517417-0.6387965412968217
Requested by
Host: 1wbms.top
URL: https://1wbms.top/js/chunk-vendors.2670f107.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
759315d5ae8c31136d2a7bc803e591554894987559325cdf7e0b5965bec0eaca
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://1wbms.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-origin
https://1wbms.top
date
Thu, 01 Dec 2022 16:18:37 GMT
access-control-allow-credentials
true
server
nginx/1.22.0
content-length
19
x-frame-options
DENY
content-type
application/json; charset=utf-8
firebase-app.js
1wbms.top/firebase/8.1.1/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1wbms.top/firebase/8.1.1/firebase-app.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 14:36:12 GMT
server
nginx/1.22.0
etag
W/"6388bbdc-4ded"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		131 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Requested by
Host: 1wbms.top
URL: https://1wbms.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0b7a2bb56e1fc57c48d20be6a4428fcfb74af68b80d71289babce28af18d9856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49514
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Dec 2022 16:18:37 GMT
hotjar-2606090.js
static.hotjar.com/c/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2606090.js?sv=6
Requested by
Host: 1wbms.top
URL: https://1wbms.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.17.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-17-99.yto50.r.cloudfront.net
Software
/
Resource Hash
703ff140ad21e02bcf5e5b0772a856766d9d956cdd962994349978b531ffb03d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 01 Dec 2022 16:18:37 GMT
via
1.1 dc63ed289fa4d9a64b4cc2f12891a350.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-P1
age
10
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/35d79d8698581aa97b915448d1da611e
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
njbWWXEPgqMOpOmAO9Du5EppUqfe9RPyYrsW5cFF4iD8e-i6urAe7g==
client.js
cs15.livetex.ru/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cs15.livetex.ru/js/client.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.39.80.120 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
11628576aa0c8af216a2a18bd48baef78a9dff831ac706699313abbbcfbd0506

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
gzip
last-modified
Thu, 14 Jul 2022 15:24:11 GMT
server
nginx
etag
W/"62d0351b-690"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
expires
Fri, 02 Dec 2022 16:18:37 GMT
amplitude-8.17.0-min.gz.js
cdn.amplitude.com/libs/ 		92 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-8.17.0-min.gz.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.21.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-21-83.yto50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e7a2297c8371775455adc684445c2a383bcd0cee869777d45aefd8bc08456a6

Request headers

Referer
https://1wbms.top/
Origin
https://1wbms.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:38 GMT
content-encoding
gzip
via
1.1 c73f9dc228a4b3fb05ae37ce52d04a1c.cloudfront.net (CloudFront)
x-amz-version-id
wr63ICD3duh0Opi8j2KDhI34Ow38BHG0
x-amz-cf-pop
YTO50-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
27400
last-modified
Fri, 25 Mar 2022 19:53:18 GMT
server
AmazonS3
etag
"e5211b7cbee53b6912f07a1cd72a4582"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
CexryDMW0YQ0eejEw9ikz8_U8hu0N0pW7ZGJR3mmkOzvI72peWZHCA==
activityi;dc_pre=CPjFxpbp2PsCFY0YoQodMmwKPQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
12572451.fls.doubleclick.net/ Frame 0DB6
Redirect Chain
  • https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
  • https://12572451.fls.doubleclick.net/activityi;dc_pre=CPjFxpbp2PsCFY0YoQodMmwKPQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...
553 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12572451.fls.doubleclick.net/activityi;dc_pre=CPjFxpbp2PsCFY0YoQodMmwKPQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5348490914895.658?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
cafe /
Resource Hash
de8ad9b25778faa01a82fff18d56f931f3cc0a911da7dc5d2cb7ad53833e4be2
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wbms.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
303
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Dec 2022 16:18:37 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Dec 2022 16:18:37 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12572451.fls.doubleclick.net/activityi;dc_pre=CPjFxpbp2PsCFY0YoQodMmwKPQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5348490914895.658?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
59df4a64e41b22e931dac8412d72376146c3f9815317f4fcdeaa9291060f8e84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78866
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Dec 2022 16:18:37 GMT
modules.90de377b639fd5b933d2.js
script.hotjar.com/ 		263 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.90de377b639fd5b933d2.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.17.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-17-78.yto50.r.cloudfront.net
Software
/
Resource Hash
36e764ba72de0f2e398100e2449d677b02ff15669733bf8a823f01da53af1c2d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:37:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 60c77d7f2a0954d991174a909a828016.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-P1
age
9691
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68504
last-modified
Thu, 01 Dec 2022 13:36:28 GMT
etag
"8766036825574dfbddbfc197bd098f6b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
0j6G8KRlEEEA0hbduQe-S1KPq_dtE1GW51HMc7mbl_ARrMvkAsv8Ng==
firebase-messaging.js
1wbms.top/firebase/8.1.1/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1wbms.top/firebase/8.1.1/firebase-messaging.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 14:36:12 GMT
server
nginx/1.22.0
etag
W/"6388bbdc-9f25"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
box-5e66f98b4ee957db209dc6f63e3d59dd.html
vars.hotjar.com/ Frame E6B1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.17.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-17-123.yto50.r.cloudfront.net
Software
/
Resource Hash
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://1wbms.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
702511
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 13:10:06 GMT
etag
"e0652b84b7b3b650769c759fc520c3f8"
last-modified
Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 c5670948bece41c6bb9df947cb650b7e.cloudfront.net (CloudFront)
x-amz-cf-id
RR3FAFzRfBwoAYNBzw5MHalYY_YqWWmdkswXT8G4zN1lTaI63tfJfA==
x-amz-cf-pop
YTO50-P1
x-cache
Hit from cloudfront
x-robots-tag
none
collect
www.google-analytics.com/g/ 		0
343 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-548949LWLW&gtm=2oebu0&_p=1574131660&cid=1976725665.1669911518&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669911517&sct=1&seg=0&dl=https%3A%2F%2F1wbms.top%2F&dt=1win%20-%20Loading&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 16:18:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://1wbms.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5616.c1491995.css
cdn-1win.xyz/css/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-1win.xyz/css/5616.c1491995.css
Requested by
Host: 1wbms.top
URL: https://1wbms.top/js/index.6f43e37e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.67.74.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ada3da6673d59485a386158787756d4d27beae9e38466dbe646d05f406b8d9b6
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7964788
cf-bgj
minify
last-modified
Wed, 31 Aug 2022 10:03:20 GMT
server
cloudflare
etag
W/"630f31e8-3f30"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9FFpfAQkL8a6wTW9e5664To9YtytFs%2BrF9%2BVLrkcAS8VtEZ02hskL8JcqV6W74Yk4UWhIG2W8274dGv1sDEoTvgD1rTIDwqnVuUDqdDPLESY6cZcB3skTmbnwKwXw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
772d23caec2619aa-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
1883.ce7803cd.js
cdn-1win.xyz/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1win.xyz/js/1883.ce7803cd.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/js/index.6f43e37e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.67.74.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
952fc95c0b994becce7780ba0dfa5f7b8038ca1b56357258bd5bd73dbb2f554c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1140752
cf-polished
origSize=13732
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:09:40 GMT
server
cloudflare
etag
W/"637759e4-35a4"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xt83dVgmLabA3urPjuKeLgPYqQC%2BBHEXQOFz9aJBtnS4FeCvtoCAcyP0yqtQDtGe8Fzc06BcS17yf4qXRvGfXkJoAxKjbM3pm3rgpM3ul8d%2BAmg23YBF2qpd0W%2FYdA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
772d23caec2919aa-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
5620.ebfbc5a4.js
cdn-1win.xyz/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1win.xyz/js/5620.ebfbc5a4.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/js/index.6f43e37e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.67.74.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cb3180ed77e3dba3b84b431ffe6405605aad7d75fddcc68adda163bf8551351
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
713994
cf-polished
origSize=8440
cf-bgj
minify
last-modified
Wed, 23 Nov 2022 09:56:09 GMT
server
cloudflare
etag
W/"637dee39-20f8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=joUpLYBT6%2Fn%2BzEr6nNGwo9k3n%2FRypSlDrLNDSW%2BgxRva5sJNznlFo3%2Bq%2FFQnA2t4wJdRjsNGewzjZ47zIIaG3aamxS4tYjqkvubQ0yQs9JVw%2BgRskcpxMsQFbDU4VA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
772d23caec2c19aa-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
174.66149bec.js
cdn-1win.xyz/js/ 		80 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1win.xyz/js/174.66149bec.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/js/index.6f43e37e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.67.74.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a0be16a80154038a82b457d1ac3ba48c2a128fc39379f6f896a51abb9231870
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
536197
cf-polished
origSize=82373
cf-bgj
minify
last-modified
Fri, 25 Nov 2022 10:58:39 GMT
server
cloudflare
etag
W/"63809fdf-141c5"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hToRS3kVwEK%2BwAxHrc1Lbj7WcNnac1XO2uTunM6CyBxoQrYvF3F83fKmA%2FhmbcrUFHbKFK44k39H9oU18%2B%2BOnVJc1774jKmLNfiqTIvm13imMfa8NkfVyyUdx88%2BuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
772d23caec2d19aa-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
541.38b45359.js
cdn-1win.xyz/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1win.xyz/js/541.38b45359.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/js/index.6f43e37e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.67.74.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db00c142247c0e4ea82cd6bb86775c34686415b7c61445fc9c164b4e21c9a86e
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
779651
cf-polished
origSize=10578
cf-bgj
minify
last-modified
Tue, 22 Nov 2022 15:43:15 GMT
server
cloudflare
etag
W/"637cee13-2952"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXg5UVyhJCZBaFkZmv8YLJq8BGyt8DaoyqRvpHauVYF0C2zB2WU2RYVp2m13j91ZIQCGbNsYmJ7nWC1XtLeAHVnPE7c3ms9QCePjp94iMlwN%2BaSsvOmSjCJiCa1X6g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
772d23caec3319aa-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
7249.95ecdddd.js
cdn-1win.xyz/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1win.xyz/js/7249.95ecdddd.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/js/index.6f43e37e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.67.74.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
414a74315c51d21e972ef3b093212bc83c1fdd92f736789357bffcdafc8e9793
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3539711
cf-polished
origSize=8709
cf-bgj
minify
last-modified
Fri, 21 Oct 2022 16:46:52 GMT
server
cloudflare
etag
W/"6352ccfc-2205"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hkFplVVGtyOLIbVCxPIvKySZslF0R8ISzTZDxzBDZs0IT7RvvNeKZTMbCuzC7mRhfiPQZ2znvW%2B2A7AP3pMObIgYpyM5%2F9wjSJPZP%2FWyPVpbJmxM5RICKEPIv29pA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
772d23caec3d19aa-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
9083.0e28c4e6.css
cdn-1win.xyz/css/ 		67 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-1win.xyz/css/9083.0e28c4e6.css
Requested by
Host: 1wbms.top
URL: https://1wbms.top/js/index.6f43e37e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.67.74.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8cff4704bedcc735c28ba55d35b7ee34ca6ed32fe18193269f1a45a29a7f409
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
535924
cf-polished
origSize=68720
cf-bgj
minify
last-modified
Fri, 25 Nov 2022 10:58:40 GMT
server
cloudflare
etag
W/"63809fe0-10c70"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCBpmT3JoZEZkdYISRvRqlrpDHh%2B7ocUiuoxvZ8RCrj8aLRYUwVBJvNnjRpNX9PXXZ22G9hh8l%2Fxf7%2BydkzA1hsR1f6K7I7S%2FwOoQoc98JHTeFRs0RU%2F9chMIsRsvg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
772d23cafc4c19aa-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
9083.a9f07ce5.js
cdn-1win.xyz/js/ 		91 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1win.xyz/js/9083.a9f07ce5.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/js/index.6f43e37e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.67.74.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf151d1419fec28642d8a2de9f12fdaff08d308e9bceef6c10ee22d6cd78a1e3
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4583
cf-polished
origSize=92813
cf-bgj
minify
last-modified
Thu, 01 Dec 2022 14:35:46 GMT
server
cloudflare
etag
W/"6388bbc2-16a8d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rdaEKVtncpP85Fnit2F1xBZWPLEt3RExHwfBz9JxaidBnXHhpz37Nk2nLqNSchGrnnULQTNuBPbsrWoQVoVbbSKPsPrGbb%2Bh4xjFHEvKjrJM9quFA5wqt1RA%2BDacg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
772d23cafc4e19aa-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
9617.4f6e5a11.js
cdn-1win.xyz/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-1win.xyz/js/9617.4f6e5a11.js
Requested by
Host: 1wbms.top
URL: https://1wbms.top/js/index.6f43e37e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.67.74.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0a0b5c67a6ff7482079475fb62ed453d5304fc70beed7781ebfa3954bb12f58
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10100
cf-polished
origSize=21925
cf-bgj
minify
last-modified
Thu, 01 Dec 2022 13:09:09 GMT
server
cloudflare
etag
W/"6388a775-55a5"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4bBoKBO%2BLGwvHDcEixCQBSPuaKDmMjxpxDc7f5vSXOhjPBl06uVhgvEeAKDmeCeC7FVRisfwdb5Z2OvJ0zC6otsqJ71bT9Vkl%2FOntbIJTZREcgDTb7JHZmhCURPFIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
772d23cafc5119aa-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
7725.9e883aca.css
cdn-1win.xyz/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-1win.xyz/css/7725.9e883aca.css
Requested by
Host: 1wbms.top
URL: https://1wbms.top/js/index.6f43e37e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.67.74.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cea561cb5c9466e4bd8b00f9627f0d0d259a110e06017d4be6e50ad9e8889f0
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2419596
cf-bgj
minify
last-modified
Thu, 03 Nov 2022 15:53:40 GMT
server
cloudflare
etag
W/"6363e404-2994"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tMwkyYGkYEIlkWKhcs8DaCagLdnSzF6nl3yRr2hv2QiMd6rv8v8MEbMN4DcVQP8yglMPEi9FLol2h7uXP8Gf%2F%2FUqL%2BFGL33A7VXMbythhzRnrhp68BisSYcrJi5cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
772d23cb0c5c19aa-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
title
1wbms.top/common/ 		16 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1wbms.top/common/title?path=bets&lang=en
Requested by
Host: 1wbms.top
URL: https://1wbms.top/js/chunk-vendors.2670f107.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.115.19.43 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://1wbms.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:38 GMT
server
nginx/1.22.0
content-length
16
vary
Origin
x-frame-options
DENY
content-type
application/json; charset=utf-8
/
adservice.google.com/ddm/fls/i/dc_pre=CPjFxpbp2PsCFY0YoQodMmwKPQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame 714F 		194 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CPjFxpbp2PsCFY0YoQodMmwKPQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5348490914895.658;~oref=https://1wbms.top/
Requested by
Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=CPjFxpbp2PsCFY0YoQodMmwKPQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=5348490914895.658?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Dec 2022 16:18:38 GMT
expires
Thu, 01 Dec 2022 16:18:38 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
widgetsSettings.json
widgets-04.livetex.ru/js/
Redirect Chain
  • https://balancer-cloud.livetex.ru/get-client/?site_id=171205&version=1.2.36&target=settings_path&rnd=r7henholaep
  • https://widgets-04.livetex.ru/js/widgetsSettings.json
823 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widgets-04.livetex.ru/js/widgetsSettings.json
Protocol
H2
Server
185.39.80.48 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software
/
Resource Hash
1fa82e973cd370596fed3d7647743fd6f5108792fdc816237a4530b600129e47
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 07 Nov 2022 10:22:42 GMT
etag
"6368dc72-337"
access-control-max-age
1728000
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
823

Redirect headers

pragma
no-cache
date
Thu, 01 Dec 2022 16:18:38 GMT
server
nginx
location
//widgets-04.livetex.ru/js/widgetsSettings.json
access-control-allow-origin
https://1wbms.top
cache-control
no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Dec 2022 16:18:37 GMT
activityi;dc_pre=CJnBgpfp2PsCFUVmwQodyJgH8A;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
12572451.fls.doubleclick.net/ Frame 0560
Redirect Chain
  • https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
  • https://12572451.fls.doubleclick.net/activityi;dc_pre=CJnBgpfp2PsCFUVmwQodyJgH8A;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...
459 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12572451.fls.doubleclick.net/activityi;dc_pre=CJnBgpfp2PsCFUVmwQodyJgH8A;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4052910998775.827?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
cafe /
Resource Hash
0b391d659a7e3c36d4a7baed0432916e581bcab7e5bf45e466d63b83645d5b81
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wbms.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
264
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Dec 2022 16:18:38 GMT
expires
Thu, 01 Dec 2022 16:18:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Dec 2022 16:18:38 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12572451.fls.doubleclick.net/activityi;dc_pre=CJnBgpfp2PsCFUVmwQodyJgH8A;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4052910998775.827?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CMWOg5fp2PsCFZuFywEdZY4GLA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
12572451.fls.doubleclick.net/ Frame 9140
Redirect Chain
  • https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
  • https://12572451.fls.doubleclick.net/activityi;dc_pre=CMWOg5fp2PsCFZuFywEdZY4GLA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...
460 B
290 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12572451.fls.doubleclick.net/activityi;dc_pre=CMWOg5fp2PsCFZuFywEdZY4GLA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2805257936928.0938?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
cafe /
Resource Hash
b4248992acf2f1d8d59809e321d3ac28d89385710f955597693d7e64e8dd096a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1wbms.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
265
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Dec 2022 16:18:38 GMT
expires
Thu, 01 Dec 2022 16:18:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Dec 2022 16:18:38 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12572451.fls.doubleclick.net/activityi;dc_pre=CMWOg5fp2PsCFZuFywEdZY4GLA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2805257936928.0938?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CJnBgpfp2PsCFUVmwQodyJgH8A;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4...
adservice.google.com/ddm/fls/z/ Frame 0560 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJnBgpfp2PsCFUVmwQodyJgH8A;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4052910998775.827
Requested by
Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=CJnBgpfp2PsCFUVmwQodyJgH8A;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4052910998775.827?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://12572451.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 16:18:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CMWOg5fp2PsCFZuFywEdZY4GLA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2...
adservice.google.com/ddm/fls/z/ Frame 9140 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CMWOg5fp2PsCFZuFywEdZY4GLA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2805257936928.0938
Requested by
Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=CMWOg5fp2PsCFZuFywEdZY4GLA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=2805257936928.0938?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://12572451.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 16:18:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
app3.js
widgets-04.livetex.ru/js/
Redirect Chain
  • https://balancer-cloud.livetex.ru/get-client/?site_id=171205&version=1.2.36&target=path&rnd=ac90t83dnew
  • https://widgets-04.livetex.ru/js/app3.js
114 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets-04.livetex.ru/js/app3.js
Protocol
H2
Server
185.39.80.48 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software
/
Resource Hash
17a207d9c80901869fea50c14c9605766a1c0ae57965018641dcb8ceb23c6d8d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:39 GMT
strict-transport-security
max-age=15724800; includeSubDomains
etag
"6368d609-1c873"
access-control-max-age
1728000
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
116851

Redirect headers

pragma
no-cache
date
Thu, 01 Dec 2022 16:18:39 GMT
server
nginx
location
//widgets-04.livetex.ru/js/app3.js
cache-control
no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Dec 2022 16:18:38 GMT
iframe.html
widgets-04.livetex.me/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://widgets-04.livetex.me/js/iframe.html
Requested by
Host: balancer-cloud.livetex.ru
URL: https://balancer-cloud.livetex.ru/get-client/?site_id=171205&version=1.2.36&target=path&rnd=ac90t83dnew
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45VFThQHcqTOy8OflC5w8QSHRhdgOTcFE3JIDb40QwR%2FGLyYBLZFR16BO%2BHm3usLSDC7oMWKNN%2B2xWQv8V06cqdI%2F4bJQFaOz3HhujUcQonq0lhb8BysloCTp34%2Bdq6f2kRSYsSCQ7dn%2B7peok%2F7L5GpKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
772d23d909be8cbd-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
iframe.html
widgets-04.livetex.me/js/ Frame 2F5C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets-04.livetex.me/js/iframe.html?host-page-origin=https://1wbms.top
Requested by
Host: balancer-cloud.livetex.ru
URL: https://balancer-cloud.livetex.ru/get-client/?site_id=171205&version=1.2.36&target=path&rnd=ac90t83dnew
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dad30ca2d6a5defd296f718acd748b12e8ac1d29f44903b25f7c54c7470b7313

Request headers

Referer
https://1wbms.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods
GET, HEAD, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
772d23da9f46c32d-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 01 Dec 2022 16:18:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LoOzr7Lx2twj3Yh5EtgbNerbE%2BvO5cZTvSjbLbY9M3MCwV49sRJFrnsBUYRyYSKfRNY2ODtCn6Nma6tta7FsCzpmSiivzmwKylmbjn52Oa1tnMwqjdp6oQc5JlbkjXDASeXBPrQOKUixXKp9fzixi%2BPWEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
ui.7.1.1223.js
widgets-04.livetex.me/js/ 		1 MB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets-04.livetex.me/js/ui.7.1.1223.js
Requested by
Host: balancer-cloud.livetex.ru
URL: https://balancer-cloud.livetex.ru/get-client/?site_id=171205&version=1.2.36&target=path&rnd=ac90t83dnew
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abbd9e045173f339f4fb8aa5b3c3427dfa0661105ae808e4b1d27c35439cf290

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2162
cf-polished
origSize=1159765
cf-bgj
minify
last-modified
Mon, 07 Nov 2022 09:55:08 GMT
server
cloudflare
etag
W/"6368d5fc-11b255"
access-control-max-age
1728000
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wak9BIcE8A6vala6yCetq%2Foa%2BSfY8cGaZmjOd2bulX2V4ZdLyleSrXKXwAdhBM3x0xO86USRAhH8GM8fhWDI6q3blRpu8qbnqNTdB7vrUum37KWPJTAyuVLk3o%2Ft2SzogHFtpNrcv%2FzFIW1aRGxnieQy8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
vary
Accept-Encoding
access-control-allow-credentials
true
cf-ray
772d23da9f53c32d-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
/
balancer-04.livetex.ru/services/ 		510 B
762 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://balancer-04.livetex.ru/services/?site_id=171205&ids=widgets-api-service2-app.thrift-http,widgets-api-service2-app.http&client=widget&version=7.1.1223
Requested by
Host: balancer-cloud.livetex.ru
URL: https://balancer-cloud.livetex.ru/get-client/?site_id=171205&version=1.2.36&target=path&rnd=ac90t83dnew
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.39.80.48 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software
/
Resource Hash
0f009adee148b2bcd756d4332898e660fa25c5ebb442bac4bee2c450dec94cdf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:40 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://1wbms.top
cache-control
no-cache, public
access-control-allow-credentials
true
content-length
510
expires
Thu, 01 Dec 2022 16:18:39 GMT
vendor.b4481d.js
widgets-04.livetex.me/js/ Frame 2F5C 		467 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets-04.livetex.me/js/vendor.b4481d.js
Requested by
Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/iframe.html?host-page-origin=https://1wbms.top
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c02737c1f46fd97a5042fc8e4f9b7d5992a9548cad4d27a8a45c078d181c0a8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-04.livetex.me/js/iframe.html?host-page-origin=https://1wbms.top
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
532921
cf-bgj
minify
server
cloudflare
etag
W/"6368d62d-74c44"
access-control-max-age
1728000
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2MVT5ADRv9hA%2BsDTUTODoL0R55SblbRNNsYgQhn1tjQKlA4loqhFQubcyh3ZCYz84KtPwYgUgY8DkM2SSLwQTD3vRLayS1Wyk9gOpXuaQj6pGESGXq4s4k%2F%2F2As%2FmBKVm13Q3o1dGwzQr7lsZMFvMXZIcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
772d23dd0bf3c32d-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
services.1cb56e.js
widgets-04.livetex.me/js/ Frame 2F5C 		352 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets-04.livetex.me/js/services.1cb56e.js
Requested by
Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/iframe.html?host-page-origin=https://1wbms.top
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464e9858722d810339ac771b7808a68f853545e5ed416eb9653fc5761ea46f8d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-04.livetex.me/js/iframe.html?host-page-origin=https://1wbms.top
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
279589
cf-bgj
minify
server
cloudflare
etag
W/"6368d62d-57e7a"
access-control-max-age
1728000
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FLSS%2B1y0KiKsV%2BIDCliczEfadkfGGgk4n0sbnqNrIj1HmfSmTO3mmiwgLWiZTHJApiXK8jabN3kjdyBZl4eb2T4cH9SdVYYyBFm%2BMMD66IC%2BNru%2FiUZlwJmZqg6mRo6Eb7F%2FWwf1OJjDweqDTYPraRmaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
772d23dd0bf7c32d-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
171205.js
widgets-04.livetex.me/js/settings/v3/ Frame 2F5C 		16 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://widgets-04.livetex.me/js/settings/v3/171205.js
Requested by
Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/services.1cb56e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
063f7fdb9fd032e6c736e36d6fdab82dfc8ab6fe27aafc950e093c52a5ef2742

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-04.livetex.me/js/iframe.html?host-page-origin=https://1wbms.top
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3341
last-modified
Thu, 01 Dec 2022 14:16:58 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8o6GZ0deMfFzj9Ti1AhQjVkGkJVf7138v5ZVpHhZ2%2FoaCmZWm3iqoAYecxvoTbeJ488AhtsVl8pUP%2FXS8oFuAHyVtdnq%2B49r0ItiC6WnbKVhMzwSprBtZuydVN%2FYQ%2FG1%2BfIS8E%2BZ%2FIgj03dqNcv2sZVw1g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public,max-age=0,s-maxage=7200
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
772d23dded88c32d-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
171205.css
widgets-04.livetex.me/css/widgets/ 		268 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widgets-04.livetex.me/css/widgets/171205.css
Requested by
Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/ui.7.1.1223.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c32f658018f3074c27e1544d444317540c07fd42ca36b525b3e93ddf511cf16

Request headers

Referer
https://1wbms.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 01 Dec 2022 16:18:41 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified
Thu, 01 Dec 2022 16:18:41 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKrt8pHPlbYfdb3K8k9foD3iejiYP9juxjdMLBtSUa3sqcdNOsciSTMDS%2FAGM%2BLK7ZMSswzfhNf3BeAMWBPTyj3r4Gu1PehhCc5HChHaSZwUzUikSMNES%2Fbnzm%2FdX45f8f7OSoM%2BZ0jXvfsHYRMXrvWk5g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public,max-age=0,s-maxage=7200
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
772d23de1ed08cbd-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
/
balancer-04.livetex.ru/get-server/ Frame 2F5C 		137 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://balancer-04.livetex.ru/get-server/?site_id=171205&__fallback__&=&_m=GET&_c=njr_1_callback&_t=jsonp&_rnd=7y82f0gzav&_h[lt-origin]=account%3A281894%3Asite%3A171205
Requested by
Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/vendor.b4481d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.39.80.48 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software
/
Resource Hash
daa5ad1ad90cb6dbe82ab074c344cc823b9e0bcfb6fc9e00fe8d0bfb10674329
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-04.livetex.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type
text/plain; charset=UTF-8
date
Thu, 01 Dec 2022 16:18:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cache-control
no-cache, public
access-control-allow-credentials
true
content-length
137
expires
Thu, 01 Dec 2022 16:18:40 GMT
auth
io4-ls-04.livetex.ru/visitor/ Frame 2F5C 		554 B
913 B 		Script
General
Check archive.org
Download Go to
Full URL
https://io4-ls-04.livetex.ru/visitor/auth?__fallback__&=&_m=POST&_c=njr_2_callback&_t=jsonp&_=%7B%22is_mobile%22%3Afalse%7D&_rnd=lzc2hbjgak&_h[lt-origin]=account%3A281894%3Asite%3A171205
Requested by
Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/vendor.b4481d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.39.80.48 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software
/
Resource Hash
a770f7045462032e7810bed33e6b10068445f97d1eb3a403a29092297684e263
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-04.livetex.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Thu, 01 Dec 2022 16:18:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cache-control
no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
content-length
554
expires
Thu, 01 Dec 2022 16:18:40 GMT
/
balancer-04.livetex.ru/services/ Frame 2F5C 		784 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://balancer-04.livetex.ru/services/?account_id=281894&ids=visitor-notification-delivery-service-app.thrift-http&client=widget&version=7.1.1223&0.2639951323045464
Requested by
Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/vendor.b4481d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.39.80.48 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software
/
Resource Hash
a56aa87a50f3a363a1399279cde29f6228283d38fbac94df375f69a5675282c5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-04.livetex.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://widgets-04.livetex.me
cache-control
no-cache, public
access-control-allow-credentials
true
content-length
784
expires
Thu, 01 Dec 2022 16:18:40 GMT
WidgetsAPIServiceTag
wapi-04.livetex.ru/ Frame 2F5C 		41 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wapi-04.livetex.ru/WidgetsAPIServiceTag
Requested by
Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/vendor.b4481d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.39.80.48 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software
/
Resource Hash
df8b813734ebb9a36cbb442c5dbdd8cba10b6b8a6a6be7318e53765e2cbfd937
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://widgets-04.livetex.me/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://widgets-04.livetex.me
date
Thu, 01 Dec 2022 16:18:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
content-length
41
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
1669911521915
io4-ls-04.livetex.ru/poll/0/ Frame 2F5C 		102 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://io4-ls-04.livetex.ru/poll/0/1669911521915?__fallback__&=&_m=GET&_c=njr_4_callback&_t=jsonp&_rnd=cvtpo3q3078&_h[lt-origin]=account%3A281894%3Asite%3A171205&_h[x-hold-timeout]=20000&_h[x-destroy-timeout]=40000&_h[cookie]=zk8im5%3Dio%3Aio-1-kube-livetex-ru%3Asession%3A2m4wmdnaadjyid2easjor
Requested by
Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/vendor.b4481d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.39.80.48 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software
/
Resource Hash
fb4b69028e12ea7584ee4c70c62cd64255e832b666395a950adc54356765c379
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-04.livetex.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Thu, 01 Dec 2022 16:18:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cache-control
no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
content-length
102
expires
Thu, 01 Dec 2022 16:18:40 GMT
WidgetsAPIServiceTag
wapi-04.livetex.ru/ Frame 2F5C 		78 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wapi-04.livetex.ru/WidgetsAPIServiceTag
Requested by
Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/vendor.b4481d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.39.80.48 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software
/
Resource Hash
6bf7959a9b77d03809ee21c84c89119a6167ac3bd095bc5af50c2c66b3d2e0ff
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://widgets-04.livetex.me/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://widgets-04.livetex.me
date
Thu, 01 Dec 2022 16:18:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
content-length
78
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
1669911522038
io4-ls-04.livetex.ru/poll/2txiir/ Frame 2F5C 		0
0
add-page
io4-ls-04.livetex.ru/site/ Frame 2F5C 		190 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://io4-ls-04.livetex.ru/site/add-page?__fallback__&=&_m=POST&_c=njr_5_callback&_t=jsonp&_=%7B%22page%22%3A%7B%22account%3A281894%3Asite%3A171205%3Apage%3Ag17chejhf0a%22%3A%7B%22seo_referrer%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22page_title%22%3A%22MXdpbg%3D%3D%22%2C%22page_url%22%3A%22aHR0cHM6Ly8xd2Jtcy50b3AvYmV0cy9ob21l%22%7D%7D%7D&_rnd=hgbr97jy7l6&_h[lt-origin]=account%3A281894%3Asite%3A171205&_h[cookie]=zk8im5%3Dio%3Aio-1-kube-livetex-ru%3Asession%3A2m4wmdnaadjyid2easjor
Requested by
Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/vendor.b4481d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.39.80.48 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software
/
Resource Hash
5ddf65c01ad8a283d98e5a74f001bb29e95121e7d0cdaef89b24338f7dfb76df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets-04.livetex.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Thu, 01 Dec 2022 16:18:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cache-control
no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
content-length
190
expires
Thu, 01 Dec 2022 16:18:41 GMT
WidgetsAPIServiceTag
wapi-04.livetex.ru/ Frame 2F5C 		45 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wapi-04.livetex.ru/WidgetsAPIServiceTag
Requested by
Host: widgets-04.livetex.me
URL: https://widgets-04.livetex.me/js/vendor.b4481d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.39.80.48 , Russian Federation, ASN200015 (LIVETEX, RU),
Reverse DNS
Software
/
Resource Hash
bee266c2464765db01a96140e0536542fdbc85fd12ce5825269095a5673d51d1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://widgets-04.livetex.me/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://widgets-04.livetex.me
date
Thu, 01 Dec 2022 16:18:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
content-length
45
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
footer_bg.png
widgets-04.livetex.me/images/ 		547 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets-04.livetex.me/images/footer_bg.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2a1b8d81d0c8cb8f69b1ce1f3ad8ee2a795f5d9befa267b9fd54892c76c91b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26507
content-length
547
last-modified
Mon, 07 Nov 2022 09:52:17 GMT
server
cloudflare
etag
"6368d551-223"
access-control-max-age
1728000
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9eHuZhvzY7ecCPlWWmaLuTQfB%2FJha6vGLaV3luDIJdVvjc26bZNhzvsGOaA%2F1ViqX2SWgkCIbLdi%2BqeEPIVqF5JMUmwKDpR2eqEqaLumcCZFvoBrq25XnNryvsWUWAtD4OjPFzaFZ6Y222DMuNmrS%2FnuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
772d23e8cb16c32d-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Thu, 01 Dec 2022 20:07:07 GMT
icons.ttf
widgets-04.livetex.me/fonts/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://widgets-04.livetex.me/fonts/icons.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d4050ea709bb28a0f3a6b01528958bdb8e9375aa2fdcc3e111821531125a7fb

Request headers

Referer
https://1wbms.top/
Origin
https://1wbms.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
7156
last-modified
Mon, 07 Nov 2022 09:52:17 GMT
server
cloudflare
etag
"6368d551-1bf4"
access-control-max-age
1728000
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpdIBLA9TPgwrD%2BwsgimzNLVdBJrnpoEGjS4rDPtGWnVX1rgEdMP5KrwrC%2F%2FEN88mvXsgr3eRXRB7vDhvpz3s91IiWB966Yim9fowF8jtNq%2F07HJoOWlSiuY%2BfmdTso8v84Mbqj%2FTwxiBr3Q%2FisVLuhmAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
772d23e8ca6e8cbd-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Thu, 08 Dec 2022 05:14:40 GMT
preloader.gif
widgets-04.livetex.me/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets-04.livetex.me/images/preloader.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67efea367418257aaa5cd14e446ef9b6d48231fef881ac1a5b9f39732911e918

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1wbms.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 16:18:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13739
content-length
3960
last-modified
Mon, 07 Nov 2022 09:52:17 GMT
server
cloudflare
etag
"6368d551-f78"
access-control-max-age
1728000
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XiAiD0LEpV544%2FBm0VDbdxVvl5ZirpbamJ5m7E1%2FpkdKK12m0WJCkgbhKF2urE0lB0TkOu9N7l0QUgoYjHvYxj1Baow8xBWaeRyHX%2Fkl53EF0jMyiK8ga1TJkU1X7JhwORWEjQoqkQvrCC%2FJwf7kuluHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
772d23e9ccdfc32d-EWR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Thu, 01 Dec 2022 20:11:37 GMT
truncated
/ 		855 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4b0814ddb7d026f97299e4455c0016622ae4ee9efaa4d8c5640643265de9417

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/ 		882 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0316eaf7f780bba871772a47fc0df43a1a06d30901532d1cc4a1dd14c7c70027

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-548949LWLW&gtm=2oebu0&_p=1574131660&cid=1976725665.1669911518&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1669911517&sct=1&seg=0&dl=https%3A%2F%2F1wbms.top%2F&dt=1win%20-%20Loading&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1wbms.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Dec 2022 16:18:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://1wbms.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
io4-ls-04.livetex.ru
URL
https://io4-ls-04.livetex.ru/poll/2txiir/1669911522038?__fallback__&=&_m=GET&_c=njr_4_callback&_t=jsonp&_rnd=oa0170sxmy&_h[lt-origin]=account%3A281894%3Asite%3A171205&_h[cookie]=zk8im5%3Dio%3Aio-1-kube-livetex-ru%3Asession%3A2m4wmdnaadjyid2easjor

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontentvisibilityautostatechange object| INITIAL_DATA object| _chunksDictionary object| oneWinLang string| cdnUrl string| releaseTag function| prefetchAllDynamicLogos function| getNextDynamicLogoIndex function| getLogoPath function| performTransition function| showLogo function| subscribeToLogoUpdate function| startUpdateDynamicLogosInterval function| loadScript boolean| vipDomain object| webpackChunk_1win_frontend_main object| SENTRY_RELEASE object| SENTRY_RELEASES object| dataLayer object| buildConfig object| analyticsConnectorInstances object| socket function| langPromise object| LiveTex function| hj object| _hjSettings string| ltLang boolean| liveTex number| liveTexID boolean| liveTex_object function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data object| amplitude string| axel number| a object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| firebase function| onYouTubeIframeAPIReady object| gaGlobal string| LTX_VERSION function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___

13 Cookies

Domain/Path Name / Value
1wbms.top/ Name: visit_domain
Value: 1wbms.top
1wbms.top/ Name: core-sticky
Value: http://10.233.69.225:80
1wbms.top/ Name: 1w_lang
Value: en
.1wbms.top/ Name: _ga
Value: GA1.1.1976725665.1669911518
.1wbms.top/ Name: amp_494ccc
Value: v0ykE3954FHArgydwvcNA0...1gj77n6vv.1gj77n6vv.0.0.0
1wbms.top/ Name: 1w_locale
Value: 7
.1wbms.top/ Name: _hjSessionUser_2606090
Value: eyJpZCI6ImEzODRjODBlLTkzYTMtNWM2Yi05YmM2LWZiMTMzNzc0YmYzOSIsImNyZWF0ZWQiOjE2Njk5MTE1MTgzNzksImV4aXN0aW5nIjpmYWxzZX0=
.1wbms.top/ Name: _hjFirstSeen
Value: 1
1wbms.top/ Name: _hjIncludedInSessionSample
Value: 0
.1wbms.top/ Name: _hjSession_2606090
Value: eyJpZCI6IjM2NmEyNTU2LWJkY2ItNDJkZi1hMmI2LWIxYjYzZGM2NDU0ZCIsImNyZWF0ZWQiOjE2Njk5MTE1MTg2MDMsImluU2FtcGxlIjpmYWxzZX0=
.1wbms.top/ Name: _hjAbsoluteSessionInProgress
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUnL1erDvCzh93ByoMeZjayjIi_JfU_qM-qZ3G0l5ebFQkcCinsG_FKkdvFjsxQ
.1wbms.top/ Name: _ga_548949LWLW
Value: GS1.1.1669911517.1.1.1669911519.0.0.0

1 Console Messages

Source Level URL
Text
security error URL: https://widgets-04.livetex.me/js/ui.7.1.1223.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://widgets-04.livetex.me') does not match the recipient window's origin ('https://1wbms.top').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12572451.fls.doubleclick.net
1wbms.top
adservice.google.com
api.lab.amplitude.com
balancer-04.livetex.ru
balancer-cloud.livetex.ru
cdn-1win.xyz
cdn.amplitude.com
cs15.livetex.ru
io4-ls-04.livetex.ru
script.hotjar.com
static.hotjar.com
vars.hotjar.com
wapi-04.livetex.ru
widgets-04.livetex.me
widgets-04.livetex.ru
www.google-analytics.com
www.googletagmanager.com
io4-ls-04.livetex.ru
142.251.32.102
151.101.66.132
172.67.74.226
18.67.17.123
18.67.17.78
18.67.17.99
18.67.21.83
185.39.80.120
185.39.80.48
190.115.19.43
2001:4860:4802:32::178
2606:4700:20::ac43:4a03
2607:f8b0:4006:808::2008
2607:f8b0:4006:80f::2002
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
0316eaf7f780bba871772a47fc0df43a1a06d30901532d1cc4a1dd14c7c70027
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
063f7fdb9fd032e6c736e36d6fdab82dfc8ab6fe27aafc950e093c52a5ef2742
08761935c0be818c26284291183354911e2cdaec084b3377f093906e7456fbd1
0a80e828d38a3bcd538602c347de067809481044d7857046104c5ad4d1d1813f
0b391d659a7e3c36d4a7baed0432916e581bcab7e5bf45e466d63b83645d5b81
0b7a2bb56e1fc57c48d20be6a4428fcfb74af68b80d71289babce28af18d9856
0f009adee148b2bcd756d4332898e660fa25c5ebb442bac4bee2c450dec94cdf
11628576aa0c8af216a2a18bd48baef78a9dff831ac706699313abbbcfbd0506
17a207d9c80901869fea50c14c9605766a1c0ae57965018641dcb8ceb23c6d8d
1fa82e973cd370596fed3d7647743fd6f5108792fdc816237a4530b600129e47
2110c1b78eb15f3dc45d9643ff77da6f17b5db2fa43ce73299b9eed311ce2115
2443e8c5c86842a728a41586e0431ee69a0d3e2c4d7a27e91c1af5a01b801864
270fd7ec5b3a45c223ebd2f7740a48447e8d190b0ae2487cf6c4ddfc94cea1b6
2cea561cb5c9466e4bd8b00f9627f0d0d259a110e06017d4be6e50ad9e8889f0
364d31ef9b27918df7b80aa6e01cb9d7a95dbd8f70064b1a066a60fd5aa5ba9f
36e764ba72de0f2e398100e2449d677b02ff15669733bf8a823f01da53af1c2d
3a0be16a80154038a82b457d1ac3ba48c2a128fc39379f6f896a51abb9231870
3cb3180ed77e3dba3b84b431ffe6405605aad7d75fddcc68adda163bf8551351
3ceac3e05f02aec0a6e07c68b2e32e74658df93577349271cdd9983802341f0e
3d2c759213949af96fbdcd756a5146f64a9acadf9625bd7a9feb04bb4517b4f9
414a74315c51d21e972ef3b093212bc83c1fdd92f736789357bffcdafc8e9793
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
464e9858722d810339ac771b7808a68f853545e5ed416eb9653fc5761ea46f8d
49073903870a8bb345c24e632270bc480dde66725f0af85c66df5cb7269c4214
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
59df4a64e41b22e931dac8412d72376146c3f9815317f4fcdeaa9291060f8e84
5d901262ec70744f7df1a19414056f3d9bb71f47c923ceb4318485184977b59e
5ddf65c01ad8a283d98e5a74f001bb29e95121e7d0cdaef89b24338f7dfb76df
67efea367418257aaa5cd14e446ef9b6d48231fef881ac1a5b9f39732911e918
6bf7959a9b77d03809ee21c84c89119a6167ac3bd095bc5af50c2c66b3d2e0ff
703ff140ad21e02bcf5e5b0772a856766d9d956cdd962994349978b531ffb03d
759315d5ae8c31136d2a7bc803e591554894987559325cdf7e0b5965bec0eaca
767ed8079c0656263c80bb5945e63297e94a50bec143736fe0ef86597c30f497
7e7a2297c8371775455adc684445c2a383bcd0cee869777d45aefd8bc08456a6
8c32f658018f3074c27e1544d444317540c07fd42ca36b525b3e93ddf511cf16
937bd57dfd90353fed8987562f85448589ce90cce46ea035a013333d8a0903b6
952fc95c0b994becce7780ba0dfa5f7b8038ca1b56357258bd5bd73dbb2f554c
9d4050ea709bb28a0f3a6b01528958bdb8e9375aa2fdcc3e111821531125a7fb
a0a0b5c67a6ff7482079475fb62ed453d5304fc70beed7781ebfa3954bb12f58
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a56aa87a50f3a363a1399279cde29f6228283d38fbac94df375f69a5675282c5
a770f7045462032e7810bed33e6b10068445f97d1eb3a403a29092297684e263
abbd9e045173f339f4fb8aa5b3c3427dfa0661105ae808e4b1d27c35439cf290
ada3da6673d59485a386158787756d4d27beae9e38466dbe646d05f406b8d9b6
b4248992acf2f1d8d59809e321d3ac28d89385710f955597693d7e64e8dd096a
b4b0814ddb7d026f97299e4455c0016622ae4ee9efaa4d8c5640643265de9417
b8cb21d7671103a19e2fddf77fc306f719b35954cc94ffd5c5d345e8c98e707a
b8cff4704bedcc735c28ba55d35b7ee34ca6ed32fe18193269f1a45a29a7f409
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bee266c2464765db01a96140e0536542fdbc85fd12ce5825269095a5673d51d1
c02737c1f46fd97a5042fc8e4f9b7d5992a9548cad4d27a8a45c078d181c0a8e
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cf151d1419fec28642d8a2de9f12fdaff08d308e9bceef6c10ee22d6cd78a1e3
d1080f4549f7a1cc088115b64059b108860517b7a8db7fa31380600d47fd61dd
daa5ad1ad90cb6dbe82ab074c344cc823b9e0bcfb6fc9e00fe8d0bfb10674329
dad30ca2d6a5defd296f718acd748b12e8ac1d29f44903b25f7c54c7470b7313
db00c142247c0e4ea82cd6bb86775c34686415b7c61445fc9c164b4e21c9a86e
de8ad9b25778faa01a82fff18d56f931f3cc0a911da7dc5d2cb7ad53833e4be2
df8b813734ebb9a36cbb442c5dbdd8cba10b6b8a6a6be7318e53765e2cbfd937
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a1b8d81d0c8cb8f69b1ce1f3ad8ee2a795f5d9befa267b9fd54892c76c91b5
fb4b69028e12ea7584ee4c70c62cd64255e832b666395a950adc54356765c379