1wjxec.top Open in urlscan Pro
190.115.24.78 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://1wij.today/
Effective URL:
https://1wjxec.top/
Submission: On October 21 via api (October 21st 2023, 2:20:09 am UTC) from US — Scanned from US

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 11 domains to perform 57 HTTP transactions. The main IP is 190.115.24.78, located in Belize and belongs to IQWEB, AE. The main domain is 1wjxec.top.
TLS certificate: Issued by R3 on August 3rd 2023. Valid for: 3 months.

This is the only time 1wjxec.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3033::6815:fc0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	190.115.24.78 190.115.24.78	59692 (IQWEB) (IQWEB)
27	2606:4700:e0:... 2606:4700:e0::ac40:6a23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
2	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
2 4	172.253.63.149 172.253.63.149	15169 (GOOGLE) (GOOGLE)
2 4	172.253.63.148 172.253.63.148	15169 (GOOGLE) (GOOGLE)
1	18.160.41.49 18.160.41.49	16509 (AMAZON-02) (AMAZON-02)
1 5	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	99.84.191.77 99.84.191.77	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4004:c07::9c	15169 (GOOGLE) (GOOGLE)
2	52.40.67.88 52.40.67.88	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6b8::346 2a02:6b8::346	208722 (GLOBAL_DC) (GLOBAL_DC)
57	15

1 2606:4700:3033::6815:fc0 (United States)

ASN13335 (CLOUDFLARENET, US)

1wij.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 190.115.24.78 (Belize)

ASN59692 (IQWEB, AE)
PTR: ddos-guard.net

1wjxec.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:e0::ac40:6a23 (United States)

ASN13335 (CLOUDFLARENET, US)

1win-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.132 (United States)

ASN54113 (FASTLY, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.63.149 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bi-in-f149.1e100.net

12688802.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.63.148 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bi-in-f148.1e100.net

12572451.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.41.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-49.iad55.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Ulyanovsk, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.191.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-77.iad89.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c07::9c (Washington, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.40.67.88 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-67-88.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::346 (Ulyanovsk, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

adfstat.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	1win-cdn.com 1win-cdn.com — Cisco Umbrella Rank: 249789	638 KB
8	doubleclick.net 4 redirects 12688802.fls.doubleclick.net — Cisco Umbrella Rank: 306533 12572451.fls.doubleclick.net — Cisco Umbrella Rank: 308374	4 KB
6	1wjxec.top 1wjxec.top	134 KB
4	yandex.com 1 redirects mc.yandex.com — Cisco Umbrella Rank: 7957	3 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 118	890 B
4	amplitude.com api.lab.amplitude.com — Cisco Umbrella Rank: 4282 api2.amplitude.com — Cisco Umbrella Rank: 1334	454 B
2	yandex.ru mc.yandex.ru — Cisco Umbrella Rank: 3539 adfstat.yandex.ru — Cisco Umbrella Rank: 21312	72 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 901 script.hotjar.com — Cisco Umbrella Rank: 1101	60 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	169 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	250 B
1	1wij.today 1wij.today	638 B
57	11

	Domain	Requested by
27	1win-cdn.com	1wjxec.top 1win-cdn.com
6	1wjxec.top	1wij.today 1wjxec.top 1win-cdn.com
4	mc.yandex.com	1 redirects mc.yandex.ru 1wjxec.top
4	adservice.google.com	12572451.fls.doubleclick.net 12688802.fls.doubleclick.net
4	12572451.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	12688802.fls.doubleclick.net	2 redirects www.googletagmanager.com
2	api2.amplitude.com	1win-cdn.com
2	api.lab.amplitude.com	1win-cdn.com
2	www.googletagmanager.com	1wij.today www.googletagmanager.com
1	adfstat.yandex.ru
1	script.hotjar.com	static.hotjar.com
1	www.google-analytics.com	www.googletagmanager.com
1	mc.yandex.ru	1wij.today
1	static.hotjar.com	1wij.today
1	1wij.today
57	15

This site contains no links.

Subject Issuer	Validity	Valid
1wij.today GTS CA 1P5	`2023-08-27` - `2023-11-25`	3 months	crt.sh
1wjxec.top R3	`2023-08-03` - `2023-11-01`	3 months	crt.sh
1win-cdn.com GTS CA 1P5	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-25` - `2024-03-28`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-14`	a year	crt.sh
adfstat.yandex.ru GlobalSign RSA OV SSL CA 2018	`2023-08-03` - `2024-01-31`	6 months	crt.sh

This page contains 10 frames:

Primary Page: https://1wjxec.top/
Frame ID: 49E3E86C6EB7D592B32B582B4ADF733B
Requests: 45 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=CPrm0oOKhoIDFS6CdwEdwp0GsQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=4737230020803;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F
Frame ID: 5F7E294FEDAFC0B5111F7FEF0A450367
Requests: 1 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=COeu04OKhoIDFb2K0QQdueQGaA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1916369727609.5881
Frame ID: F4F49940FE9886C8BCBEDEF5FD993B8E
Requests: 1 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=CKvq0oOKhoIDFQGK0QQday0GUg;src=12688802;type=actio0;cat=allpa0;ord=1;num=5382610822172;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome
Frame ID: E0787DFBB9A85655B17B6F60C79A076D
Requests: 1 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CPO104OKhoIDFX2g0QQdN-8EMQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1407311769749.0933
Frame ID: B7B248EC4ECB83975353C1B53C889600
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COeu04OKhoIDFb2K0QQdueQGaA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1916369727609.5881;~oref=https://1wjxec.top/
Frame ID: 12B3C2E311EE630BE045DAE9FF20A273
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKvq0oOKhoIDFQGK0QQday0GUg;src=12688802;type=actio0;cat=allpa0;ord=1;num=5382610822172;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome
Frame ID: CA91C0A281BD153E0DA30068B3FF512E
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPrm0oOKhoIDFS6CdwEdwp0GsQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=4737230020803;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F
Frame ID: 4DB844EE10A9A4F151274E65DE1F963B
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPO104OKhoIDFX2g0QQdN-8EMQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1407311769749.0933;~oref=https://1wjxec.top/
Frame ID: 874BCCAD88BF285EF7E2B6B50E0F6983
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 7288468B05A1FF27DC8671C9E49A6EE7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1win

Page URL History Show full URLs

https://1wij.today/ Page URL
https://1wjxec.top/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

57
Requests

96 %
HTTPS

50 %
IPv6

11
Domains

15
Subdomains

15
IPs

3
Countries

1078 kB
Transfer

3243 kB
Size

29
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://1wij.today/ Page URL
https://1wjxec.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=4737230020803;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F HTTP 302
https://12688802.fls.doubleclick.net/activityi;dc_pre=CPrm0oOKhoIDFS6CdwEdwp0GsQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=4737230020803;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F

Request Chain 32

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1916369727609.5881 HTTP 302
https://12572451.fls.doubleclick.net/activityi;dc_pre=COeu04OKhoIDFb2K0QQdueQGaA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1916369727609.5881

Request Chain 36

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=5382610822172;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome HTTP 302
https://12688802.fls.doubleclick.net/activityi;dc_pre=CKvq0oOKhoIDFQGK0QQday0GUg;src=12688802;type=actio0;cat=allpa0;ord=1;num=5382610822172;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome

Request Chain 37

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1407311769749.0933 HTTP 302
https://12572451.fls.doubleclick.net/activityi;dc_pre=CPO104OKhoIDFX2g0QQdN-8EMQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1407311769749.0933

Request Chain 54

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10162.foWPwgCSv9gafSUrNPAUSGWyCTWH0UkUDO-8sai6r4bWFmhdmbSI2NQ5_kMxHuLM.lx1jBb0jNUxgkbpYze3z7BCjsGM%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10162.Fc7ci1SDCibDSlIHpRiUYg7ty5Pv9wRfj-kkFhLUJyMVZ_nRKoUFOlXzZDo9vUBuDkzDi5tqusUbvt6N2bEQFiX1C8mKyc7FuNcZ-hcYlTnfxT5NaJhDgMjStm_QkcYdDg9pqqPmwEunnf-xx_EgDgjKT-SPLTQw00P0LNDZ6Yn3LpKN898ng1sx4K9U59yKCltl46tbr8DJUzQmt8KY3XIRrdz3j__s5Si_CX0Hbss%2C.3fBNWdXGQ1pbhQltRhZle9cqmxw%2C

Request Chain 56

https://mc.yandex.com/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome&page-ref=https%3A%2F%2F1wij.today%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhe16nuwp1gt1zsuz%3Afp%3A1497%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1141%3Acn%3A1%3Adp%3A0%3Als%3A785037244801%3Ahid%3A921700392%3Az%3A-600%3Ai%3A20231020162004%3Aet%3A1697854805%3Ac%3A1%3Arn%3A985716453%3Arqn%3A1%3Au%3A1697854805341591355%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C429%2C626%2C360%2C2%2C0%2C%2C4%2C0%2C%2C%2C%2C1714%3Aco%3A0%3Acpf%3A1%3Ans%3A1697854801458%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697854805%3At%3A1win&t=gdpr(14)clc(0-0-0)mtb(0)rqnt(1)aw(1)pe(1)cs(kcbe)efid(1)ti(2) HTTP 302
https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome&page-ref=https%3A%2F%2F1wij.today%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhe16nuwp1gt1zsuz%3Afp%3A1497%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1141%3Acn%3A1%3Adp%3A0%3Als%3A785037244801%3Ahid%3A921700392%3Az%3A-600%3Ai%3A20231020162004%3Aet%3A1697854805%3Ac%3A1%3Arn%3A985716453%3Arqn%3A1%3Au%3A1697854805341591355%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C429%2C626%2C360%2C2%2C0%2C%2C4%2C0%2C%2C%2C%2C1714%3Aco%3A0%3Acpf%3A1%3Ans%3A1697854801458%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697854805%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29mtb%280%29rqnt%281%29aw%281%29pe%281%29cs%28kcbe%29efid%281%29ti%282%29

57 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
1wij.today/ 340 B
638 B 416ms
304ms Document
text/html 2606:4700:3033::6815:fc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1wij.today/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:fc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 819604db3bc2c35d-EWR
content-encoding: br
content-type: text/html
date: Sat, 21 Oct 2023 02:20:01 GMT
last-modified: Fri, 03 Mar 2023 15:15:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXJ01cF%2FGkGYfgC%2BllP9MhUmmwKs6DY7uEu641otLLWu9SkLMGiVkr%2BnPR4mqD85glZJ2SElobuboSS0b7fAWBk1%2FpXz53G8LeOUIS78cPrC%2B%2FpfJaOTRArxUpM1CXtLBwELreJh8HNQ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Primary Request / Show response
1wjxec.top/ 334 KB
112 KB 1117ms
627ms Document
text/html 190.115.24.78
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1wjxec.top/

Requested by

Host: 1wij.today
URL: https://1wij.today/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.24.78 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

openresty/1.19.9.1 /

Resource Hash

ac0197e7b96de118bddb79a6d8b9e4fb2aec38810ee1f5e0ac72260928237245

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://1wij.today/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 21 Oct 2023 02:20:02 GMT
server: openresty/1.19.9.1
vary: Origin
x-frame-options: DENY
x-match-domain: 1wjxec.top
x-request-id: b1L7r4o3z9kmrl6E

GET
H2 200 SFNSDisplay-latin.50a4eaff3.woff2
1win-cdn.com/font/ 32 KB
33 KB 155ms
56ms Font
application/octet-stream 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/font/SFNSDisplay-latin.50a4eaff3.woff2
Requested by: Host: 1wjxec.top
URL: https://1wjxec.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68

Request headers

Referer: https://1wjxec.top/
Origin: https://1wjxec.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 310726
alt-svc: h3=":443"; ma=86400
content-length: 33064
last-modified: Mon, 16 Oct 2023 11:49:41 GMT
server: cloudflare
etag: "652d2355-8128"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwDQoUtSITGvv7Uwrm%2BQvBlaTnWRuMgK62tOil0B3ISKnvk4awRyNOO43jZCdR5GI9AAIAZs0CrC6fG6sK6pDJmBukyc%2BzsEX%2Fl0nzLoYKftxp78ch4Opp9LpQD4lymfaMwpsAZAMZ7%2BRUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 819604e6d9bec35b-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFNSText-latin.f09aa5229.woff2
1win-cdn.com/font/ 42 KB
43 KB 142ms
43ms Font
application/octet-stream 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/font/SFNSText-latin.f09aa5229.woff2
Requested by: Host: 1wjxec.top
URL: https://1wjxec.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6

Request headers

Referer: https://1wjxec.top/
Origin: https://1wjxec.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 996841
alt-svc: h3=":443"; ma=86400
content-length: 43512
last-modified: Mon, 09 Oct 2023 11:06:02 GMT
server: cloudflare
etag: "6523de9a-a9f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RvW3tD0%2BRM4mnV51BToN%2BMcCfWlhRY0pjsono%2Bv7RbFFzwqctPkPdKB3cj7tVTUxYV%2BRG6tzT7AOjYIuT3j0SIhiDK4HyS%2F96Axec6UVoVZ1bg4QuI6ZAB6OEBMx10VwHChrIO1lebq38R8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 819604e6d9bcc35b-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.fc4e85afa.js Show response
1win-cdn.com/js/ 117 KB
32 KB 146ms
51ms Script
application/javascript 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/desktop.fc4e85afa.js
Requested by: Host: 1wjxec.top
URL: https://1wjxec.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90ef6e5c2446492402ad870e1ce4b95da0ed5b8a69f43c8feeea67e86729bd45

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 110505
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 19 Oct 2023 19:29:11 GMT
server: cloudflare
etag: W/"65318387-1d24e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFb6MbUzb5MgwK503Xm4EsmCmkY1GbfyihqU%2FEjd2GGoJpIHNPw6DaPc7KjzQj16RET2vUmssp93JL5CAh7LG%2BeRXOKZsfCsb5A1LbIwhu5DEpqk0WS99TW1Obhd9BxPUA7oApcaDN2bL6E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604e6effb0f83-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.8f3a2eacd.css
1win-cdn.com/css/ 68 KB
14 KB 138ms
44ms Stylesheet
text/css 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/desktop.8f3a2eacd.css
Requested by: Host: 1wjxec.top
URL: https://1wjxec.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85c80e8aaa829fc58803d764a76a19dfd081cc4bc87b96bd77eb371508b3c46b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230517
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 18 Oct 2023 10:08:22 GMT
server: cloudflare
etag: W/"652fae96-11032"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWKxPy8YiWheIv%2BenR%2BAvevWq4D6ruuk8th7KWER6ESRd6s0%2BemZ0DRihP8SlWfZdQXAShU19ggIaYxBZdHCdNoWukeVS14Sczcz%2BXxRA59jXQV3ZKKySh5HIeYQssgmEGFdqyVK9Tqopl0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604e6eff70f83-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chunk-vendors.1548ceddb.js Show response
1win-cdn.com/js/ 258 KB
95 KB 158ms
66ms Script
application/javascript 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/chunk-vendors.1548ceddb.js
Requested by: Host: 1wjxec.top
URL: https://1wjxec.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9bdfb773b9bb3ae6d46b27a825686b661e45125d17484d9a19663a50d632b80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 924073
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 10 Oct 2023 09:13:36 GMT
server: cloudflare
etag: W/"652515c0-408e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMqzAdTX3bE0x56Cc4%2FGstlmiS9tv1fSrmk2tCHsj9AjEIoBrYXWYaQPX%2F6u4lJwiQPSBuTJz309Nf8C%2FlzF0We3Vwc0%2FLbYoF8Cb3Cxg5uGo4HnzDIv89lu5keNFAf4jJNXso4QdD7PdRk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604e6efff0f83-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chunk-common.2c4fb0deb.js Show response
1win-cdn.com/js/ 103 KB
33 KB 151ms
58ms Script
application/javascript 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/chunk-common.2c4fb0deb.js
Requested by: Host: 1wjxec.top
URL: https://1wjxec.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75221124496825660c75ddb5c0165715f73ad0c05d336366b97c4f988b87b8da

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 110587
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 19 Oct 2023 19:29:12 GMT
server: cloudflare
etag: W/"65318388-19dab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Wohc2lQ2glv2wIlDFRbVJSf0Zu5uVc4Pwpqnr%2BM3reNyhYg2Vdb5D2e3gSlvrDf%2BlU62%2F%2FJOPUly1chWY%2BC7j2wFAbsu4ujAyFMBp%2Bim9qhGm3NhDj7uLq0DktdvZwuuGXgUCFVAPDYwFo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604e6e8010f83-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.3522bcbdc.js Show response
1win-cdn.com/js/ 186 KB
73 KB 43ms
42ms Script
application/javascript 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/index.3522bcbdc.js
Requested by: Host: 1wjxec.top
URL: https://1wjxec.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9e867654a101af8bc2597413cdf3ee7f512080fc845d0d1ba3c120e53ff9ee5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 110587
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 19 Oct 2023 19:29:11 GMT
server: cloudflare
etag: W/"65318387-2e8a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68XgTc8r%2FzFovNHSzKVwGkMwKDhFJEClGnKPBVwws%2BGUJUN%2BVKu46AOugXUWOs29t3HwqAQoG%2BHpJ9tCPJym8EObmVlEhk5afb6hl9lDxEKWQXZH9s9MsLE5GT3d8W0L3WtRUziXKgz8V6M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604e728520f83-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1win-normal.svg
1wjxec.top/img/logo/main/ 5 KB
2 KB 201ms
200ms Image
image/svg+xml 190.115.24.78
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1wjxec.top/img/logo/main/1win-normal.svg
Requested by: Host: 1wjxec.top
URL: https://1wjxec.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.115.24.78 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS: ddos-guard.net
Software: openresty/1.19.9.1 /
Resource Hash: a5cb3d03f299b837679eaa793491a03acc5fc1afdbc7f207b7566646f3bd2ecb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2023 19:29:12 GMT
server: openresty/1.19.9.1
etag: W/"65318388-1221"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 affiliate:link_visit Show response
1wjxec.top/ 15 B
433 B 246ms
246ms Fetch
application/json 190.115.24.78
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1wjxec.top/affiliate:link_visit?visit_domain=1wjxec.top&sub_ids=undefined

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/chunk-common.2c4fb0deb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.24.78 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

openresty/1.19.9.1 / Express

Resource Hash

a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
server: openresty/1.19.9.1
etag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
x-powered-by: Express
access-control-max-age: 7200
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: undefined
access-control-expose-headers: Authorization
x-frame-options: DENY
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Origin
content-length: 15

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 91893.d6cbcbbc0.js Show response
1win-cdn.com/js/ 29 KB
11 KB 37ms
36ms Script
application/javascript 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/91893.d6cbcbbc0.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.3522bcbdc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7428dd7509ba00ec47fae633382c20d286f7c563528d6611a5f0508076d3850

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 833860
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 11 Oct 2023 10:15:45 GMT
server: cloudflare
etag: W/"652675d1-7403"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4UAvLxGsff2Sir2m4JOCPpNNaU1WKqkeQRcuW9qFdYNRotPfM99h925iEA2D%2BCfPSN2yvPUTNUPGKQp%2BUroz2wfF1nliwa0WX2eVsqGhN8quUBGB6OsrvCNOtgTHNcCIfjphfr%2FjK4EQ58%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604e7e9690f83-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 75154.f8395b717.js Show response
1win-cdn.com/js/ 56 KB
14 KB 56ms
55ms Script
application/javascript 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/75154.f8395b717.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.3522bcbdc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68d63510dcd15d143785fdc4a4c83a53ed11278d62a0be73e2cc5f9d2893521a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 139717
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 19 Oct 2023 11:15:44 GMT
server: cloudflare
etag: W/"65310fe0-df8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=haLgd%2BRe1MWcVVLv1UKtDLBdWh09GIFrlApPzFXbwxa0daFnmXrhkvHT7hhJiwHaY3l%2FIKA5iRaAEkAB7fDmvaAePCCw4E3vFZICOoSTAV6rNxf0vd%2B65vnoaopvq4p0ZPhRtONpT9UQSUg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604e809bb0f83-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 63780.0da7686df.css
1win-cdn.com/css/ 19 KB
5 KB 54ms
54ms Stylesheet
text/css 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/63780.0da7686df.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.3522bcbdc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d13ce48438bcdcaecca35073452081235ff2b1e38ba10bdaa0c36bd2227d2dbf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119848
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 19 Oct 2023 16:56:07 GMT
server: cloudflare
etag: W/"65315fa7-4b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMyX1ttzK0wsJIrLA%2BTu2GjNJ0Q2PVHiBf8dkK2O%2B8BvTKH9iKfwldmTQrGKWCw1Uz8qWIpgLMED4ILIZi04qJguNXS1r6mUtF3j15%2FAy9Gyw278Ku5Nlr%2Bcj4xuh5yOJKfNS9%2B2pRoN4KQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604e809bd0f83-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 63780.f7084d166.js Show response
1win-cdn.com/js/ 411 KB
125 KB 65ms
64ms Script
application/javascript 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/63780.f7084d166.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.3522bcbdc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f3c45d82c741d2fc9e30742de193d117f0ffba46a104d15a9b82c4e88234cc5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 110583
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 19 Oct 2023 19:29:12 GMT
server: cloudflare
etag: W/"65318388-66ca9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFlOhjZrEulDuum0veyWWfCWymyc7hLT8tGIa1Oc8aq1gA59bGhqLU1X6SeqR83W6BtwNzv14Axh3AFJjRVIaLZfILxuv7hUEO4Tto3%2FSfv4I5RySyRkvEtXvesmtYV642WEbtE14r9%2FWqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604e809bf0f83-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 firebase-app.js Show response
1wjxec.top/firebase/8.1.1/ 19 KB
7 KB 247ms
245ms Script
application/javascript 190.115.24.78
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1wjxec.top/firebase/8.1.1/firebase-app.js

Requested by

Host: 1wjxec.top
URL: https://1wjxec.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.24.78 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

openresty/1.19.9.1 /

Resource Hash

01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2023 19:29:12 GMT
server: openresty/1.19.9.1
etag: W/"65318388-4ded"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 303 KB
88 KB 136ms
42ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Requested by

Host: 1wij.today
URL: https://1wij.today/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1eba2f2e3664e25cec834c5f7a915e6028a4dbcf1f499dc906d49aa6718312c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89737
x-xss-protection: 0
last-modified: Sat, 21 Oct 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 21 Oct 2023 02:20:03 GMT

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 2 B
145 B 159ms
158ms Fetch
application/json 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/63780.f7084d166.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wjxec.top/
accept-language: en-US,en;q=0.9
Authorization: Api-Key client-Ss5BFx7UDrTj948TJHfc5ZUoTW67EjvZ
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjEiLCJkZXZpY2VfaWQiOiIwNTZjYmNjNC04YTA0LTQ5OGMtOGJhOS04MWM1N2JiZjg2MjYiLCJ1c2VyX3Byb3BlcnRpZXMiOnt9fQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 0
x-cache: MISS
content-length: 2
x-served-by: cache-ewr18183-EWR
x-timer: S1697854804.548367,VS0,VE123
x-amzn-trace-id: Root=1-65333553-7381329f3082c72c3ced91ed
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://1wjxec.top
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 title Show response
1wjxec.top/common/ 29 B
247 B 1008ms
1007ms XHR
application/json 190.115.24.78
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1wjxec.top/common/title?path=bets&lang=en

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/chunk-common.2c4fb0deb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.24.78 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

openresty/1.19.9.1 /

Resource Hash

c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wjxec.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:04 GMT
server: openresty/1.19.9.1
etag: "25-bM/5z02X/xOkKbh8eZCiJpcKcd0"
vary: Origin
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=300
content-length: 29

GET
H3 200 81602.74d7d3ee6.css
1win-cdn.com/css/ 21 KB
3 KB 56ms
56ms Stylesheet
text/css 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/81602.74d7d3ee6.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.3522bcbdc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bfdd2da44b911cb52468472ffb409ff696f06a9e7b412bb063b83ca59726c7b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3925229
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Sep 2023 12:42:55 GMT
server: cloudflare
etag: W/"64f7224f-5395"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qWpih4liwO%2BCBh%2BT4mIb9UYoodyjmX6LWTWVDYO1Ma4MKsRxKXLvcTnWMmFqAaovA4xrwNOlKimCT4br2NoOBW%2FplprXFEmIZV3ZmSSTJY0lp6h%2FS5rE3L9Rnfurc3Kkk%2B%2FPPTo09X5v2w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604e95b5d8c90-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 47546.d85019cb4.js Show response
1win-cdn.com/js/ 10 KB
4 KB 56ms
56ms Script
application/javascript 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/47546.d85019cb4.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.3522bcbdc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 332325ac9a9df8dfe4757bb956f761b0cfd8e929deba4d21623aea3a97678c8e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230148
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 18 Oct 2023 10:08:22 GMT
server: cloudflare
etag: W/"652fae96-289c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Elaya2XlbyPUG7LQPexSrvozovtObbqMyYYyqfM6RotKWwQduALLZwlW3paC7oV%2BujCKrxvL5RZXG8NVC1ibSgDCN6hyl%2FwTyebuiEPjExWoJf4cFZKfyv8FkBAg2uko26wn4pjByR4qfTM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604e95b5e8c90-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 58183.9675eb8a9.js Show response
1win-cdn.com/js/ 155 KB
46 KB 92ms
92ms Script
application/javascript 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/58183.9675eb8a9.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.3522bcbdc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86b632f55d1dde3b53345f8bf2ae3e54f46ca4e50f18444a6f2b1a97c792d282

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 919867
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 10 Oct 2023 09:13:36 GMT
server: cloudflare
etag: W/"652515c0-26c52"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqIjBkTVVRfrmkEjVxy%2FYCh%2B3dc5ciL3HaCuZyC67dvLqoIwbxFiovv8dU4MGNZcPJZL3QXUmZKnQ2XgUkl93MfcWjpdHqYF95LRquXCW16hSPhxUGjvpP9Qfa%2BDkYt3nGA1aurmPWexln4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604e95b5f8c90-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 85015.fa0a7f64d.js Show response
1win-cdn.com/js/ 106 KB
20 KB 123ms
123ms Script
application/javascript 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/85015.fa0a7f64d.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.3522bcbdc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7e15b04616b59f59de6ec754e067dc822146e64e4d16d3bff6a7c6eed189c74

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119651
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 19 Oct 2023 16:56:07 GMT
server: cloudflare
etag: W/"65315fa7-1a8f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sy50IsBqy7OIoz56ruFBhkB5Ujp4olzS1jL0ekM7xSupYC%2BhTGLV3J9Yf9xaAWyvUBpMvd3WZGVDzlB3QgXcCno1iuQ0ERuh0G0x82ARttygjt9BMzh3tS30%2Bk1jhheYt5I0cVRZoiaRZ9o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604e95b608c90-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 21470.56a153cc8.js Show response
1win-cdn.com/js/ 8 KB
4 KB 135ms
135ms Script
application/javascript 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/21470.56a153cc8.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.3522bcbdc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2cb448a0ea6a076cd4c5e7052283a66746d068597fb0ff78c052cd0f3dbf8fb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230147
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 18 Oct 2023 10:08:22 GMT
server: cloudflare
etag: W/"652fae96-1e5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SaCBS%2BnUssX7%2B5dzB%2BnGIWL3w9ZpkbQ0U7RWPoPq61v7dUHYt5fUCXMlRZ7QWCN10MUoMtgjRkHVUPD3Xg45c%2FLhAIdrH9vcWGBIYSDoIuS%2BK4leDYRU%2F0y0NNBj92Ijk0yEBi5E%2B%2Bqzsz0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604e95b628c90-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 39769.188ffc7a9.js Show response
1win-cdn.com/js/ 11 KB
4 KB 55ms
55ms Script
application/javascript 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/39769.188ffc7a9.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.3522bcbdc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 890d7faed6245e877a5dcf3d215ae3b6efc532dbe59223a5f1c6302d31c43fc6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230494
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 18 Oct 2023 10:08:22 GMT
server: cloudflare
etag: W/"652fae96-2d14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rne8G44bd48k5vkwlEAEi6vj%2BVFV0uHi6ZYNtbCF3UgzQSFSnFUqk1W4aNHfHtQLmTvDhZcx%2BsTTMbJso3LbI%2FSVbMGdSMdHvjqU%2BITQX2BiDxtdecrtnz00caW91YhzP9AJkMXAYDIX5HI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604e95b638c90-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 32989.75ba74eb2.css
1win-cdn.com/css/ 62 KB
13 KB 144ms
141ms Stylesheet
text/css 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/32989.75ba74eb2.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.3522bcbdc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b7740f896a38800f5d9ccdc12d2618b006ff62b62e771be6363ee72234fd75a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 118937
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 19 Oct 2023 16:56:07 GMT
server: cloudflare
etag: W/"65315fa7-f6a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMa7WfYUTnwDuWUhzCNh6Gjst0ELFroG%2FPtYV2g9CLKrAdlyRD838uT8hkPtGSF5%2F69qIqLWZTEEMj%2B%2FczIAd6yKKLwTp4HE%2FjVo5XBZ8Qbk4%2BY28KoXaIQhdJTwM8GtegwVztTaiNBV7xg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604e95b678c90-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 32989.6ae00bc93.js Show response
1win-cdn.com/js/ 103 KB
29 KB 146ms
143ms Script
application/javascript 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/32989.6ae00bc93.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.3522bcbdc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 821ad9f57d96e8df83e1459c1eadcfe77a7304c62b54faf4ddf5c00699ade7aa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 118937
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 19 Oct 2023 16:56:07 GMT
server: cloudflare
etag: W/"65315fa7-19c48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TniP%2BHHrkjhoQZxSp%2BJNM0m6r9uxoERVRu2s5RMhg6znS%2BzrgPgv51RcZGeMa0icuOTBRZaIL88MpS51y%2FqIV%2BZ3gniw9CCXbKzQUhfeil2TZEbXx9uqJxB8BZC7KiiqLDvd%2FEkubj51b8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604e95b6a8c90-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 69632.1602f5e15.js Show response
1win-cdn.com/js/ 8 KB
3 KB 151ms
149ms Script
application/javascript 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/69632.1602f5e15.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.3522bcbdc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 075c76e74c411d8acfc7d0aa7dc363a06f5996dbe64afe46c7abefcff26de7fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 833856
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 11 Oct 2023 10:15:45 GMT
server: cloudflare
etag: W/"652675d1-1ee9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVtVSwOzz7YsqSfcmDZiiN0YPVx2mCThNTeZvdZmLykNneN7sWBca94%2B994nXOQHt4tc627aB%2Bc6iekmM2PVCl4zzjnhc3AUMA6NQuzmtKGhaje5hZ0goGN%2BAYm2bKof1DTT1nHE0oGmdmM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604e95b6b8c90-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 57912.35d3b77df.js Show response
1win-cdn.com/js/ 23 KB
7 KB 151ms
149ms Script
application/javascript 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/57912.35d3b77df.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.3522bcbdc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5efdf7a049f447c4a8a7f92b1bcf96271cdf3ceac2d9a122b29cd9c8ee64595

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 137045
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 19 Oct 2023 11:15:44 GMT
server: cloudflare
etag: W/"65310fe0-5ddd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCRUplAaVHsL14D92zbCuBQVRiNDysWknNByWiGZgl3d3U8uOOZGxLQMgwW8lcZCnbsRrUp9Z4NU4YYFEimIcGgL407Yfa%2FDKHOuXcIz0AVLnSIT2jyxxMybZQNhl9yO7Wu4J%2BHV0CgF9C8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604e95b6c8c90-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 69036.9a6de51fe.css
1win-cdn.com/css/ 8 KB
3 KB 152ms
150ms Stylesheet
text/css 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/69036.9a6de51fe.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.3522bcbdc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb4079b307564e585700674b4c018ffaaae34d50caf9000fe61077c8a2327d0f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230148
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 18 Oct 2023 10:08:22 GMT
server: cloudflare
etag: W/"652fae96-208f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UE7KAvNwStR00WsQwdv4ITO9OZqb9N3VsoFh20UmZN3H8AG2IvNtfCOK1GaIZyEXkA6Au9fYHYxo2JM4HLOoQ6wRoA4FLAizO6c0sdLfqHuvZvz%2FT0RhoGxeIxFFYSDpmGR%2B4mXXU1uJMac%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604e95b6e8c90-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 147ms
41ms Preflight 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://1wjxec.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://1wjxec.top
access-control-max-age: 1800
age: 2306
cache-control: no-store
content-length: 0
date: Sat, 21 Oct 2023 02:20:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-65332c51-2a9ee75346af5a0012c991bf
x-cache: HIT
x-cache-hits: 169
x-content-type-options: nosniff
x-served-by: cache-ewr18183-EWR
x-timer: S1697854804.504529,VS0,VE0

GET
H2

200

activityi;dc_pre=CPrm0oOKhoIDFS6CdwEdwp0GsQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=4737230020803;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=... Show response
12688802.fls.doubleclick.net/ Frame 5F7E
Redirect Chain

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=4737230020803;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epv...
https://12688802.fls.doubleclick.net/activityi;dc_pre=CPrm0oOKhoIDFS6CdwEdwp0GsQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=4737230020803;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl...

537 B
472 B

87ms
85ms

Document
text/html

172.253.63.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12688802.fls.doubleclick.net/activityi;dc_pre=CPrm0oOKhoIDFS6CdwEdwp0GsQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=4737230020803;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f149.1e100.net

Software

cafe /

Resource Hash

3e6c6f1c331d080a9231fd8bcf32db66fa84ef10df9d39b2ef74440ff27473e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wjxec.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 299
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 02:20:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 02:20:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12688802.fls.doubleclick.net/activityi;dc_pre=CPrm0oOKhoIDFS6CdwEdwp0GsQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=4737230020803;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=COeu04OKhoIDFb2K0QQdueQGaA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o... Show response
12572451.fls.doubleclick.net/ Frame F4F4
Redirect Chain

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://12572451.fls.doubleclick.net/activityi;dc_pre=COeu04OKhoIDFb2K0QQdueQGaA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

555 B
481 B

51ms
49ms

Document
text/html

172.253.63.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12572451.fls.doubleclick.net/activityi;dc_pre=COeu04OKhoIDFb2K0QQdueQGaA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1916369727609.5881?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f148.1e100.net

Software

cafe /

Resource Hash

803df8c9e18ea622901b3b0c3e66fee10de4ad6b03334288e976000c128fa81a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wjxec.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 305
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 02:20:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 02:20:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12572451.fls.doubleclick.net/activityi;dc_pre=COeu04OKhoIDFb2K0QQdueQGaA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1916369727609.5881?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hotjar-2606090.js Show response
static.hotjar.com/c/ 10 KB
4 KB 133ms
38ms Script
application/javascript 18.160.41.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Requested by

Host: 1wij.today
URL: https://1wij.today/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.41.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-41-49.iad55.r.cloudfront.net

Software

Resource Hash

aab0bd5462cf6d84308c26cfda451a6bdd4df0aaa8fcfe0008c7841d6b0e34f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sat, 21 Oct 2023 02:19:21 GMT
via: 1.1 8beba0476250d2240f748269153a9f96.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
age: 43
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/330946d0820e763143abc14855e9d7be
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: FJBbM7YM4rXHzReGMadLAkf0a-wCn6ptzCgfFaFBCeQjjql7iplc6Q==

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
72 KB 764ms
284ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: 1wij.today
URL: https://1wij.today/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e795f268fe30060b131637a969b4089cc57cfed994f0f6b9531d8ab516e05f71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 20 Oct 2023 11:55:53 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65326ac9-11a9e"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 72350
expires: Sat, 21 Oct 2023 03:20:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
81 KB 40ms
40ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9821d6eac30663f2667ffbf2ae408778fd8ea3f657a7c11cb62956a7171d3943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82468
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 21 Oct 2023 02:20:03 GMT

GET
H2

200

activityi;dc_pre=CKvq0oOKhoIDFQGK0QQday0GUg;src=12688802;type=actio0;cat=allpa0;ord=1;num=5382610822172;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=... Show response
12688802.fls.doubleclick.net/ Frame E078
Redirect Chain

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=5382610822172;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epv...
https://12688802.fls.doubleclick.net/activityi;dc_pre=CKvq0oOKhoIDFQGK0QQday0GUg;src=12688802;type=actio0;cat=allpa0;ord=1;num=5382610822172;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl...

548 B
485 B

53ms
50ms

Document
text/html

172.253.63.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12688802.fls.doubleclick.net/activityi;dc_pre=CKvq0oOKhoIDFQGK0QQday0GUg;src=12688802;type=actio0;cat=allpa0;ord=1;num=5382610822172;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f149.1e100.net

Software

cafe /

Resource Hash

0ff8f460de045e20c18ca256ea817d96b87929db16796d5d67133f3d13a53687

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wjxec.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 310
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 02:20:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 02:20:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12688802.fls.doubleclick.net/activityi;dc_pre=CKvq0oOKhoIDFQGK0QQday0GUg;src=12688802;type=actio0;cat=allpa0;ord=1;num=5382610822172;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CPO104OKhoIDFX2g0QQdN-8EMQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o... Show response
12572451.fls.doubleclick.net/ Frame B7B2
Redirect Chain

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://12572451.fls.doubleclick.net/activityi;dc_pre=CPO104OKhoIDFX2g0QQdN-8EMQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

555 B
477 B

98ms
96ms

Document
text/html

172.253.63.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12572451.fls.doubleclick.net/activityi;dc_pre=CPO104OKhoIDFX2g0QQdN-8EMQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1407311769749.0933?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f148.1e100.net

Software

cafe /

Resource Hash

42f5f523c001c5b4a5a628946e7d6e974d77768d5b8b5a9b2733113ff6bc47a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wjxec.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 304
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 02:20:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 02:20:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12572451.fls.doubleclick.net/activityi;dc_pre=CPO104OKhoIDFX2g0QQdN-8EMQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1407311769749.0933?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 51621.78a872e1c.js Show response
1win-cdn.com/js/ 944 B
1 KB 40ms
40ms Script
application/javascript 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/51621.78a872e1c.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.3522bcbdc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b67edb1b19b6133aed97b0e83423cf859760fd184b4f9292e65e1d9e106c2ad5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 833827
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 11 Oct 2023 10:15:44 GMT
server: cloudflare
etag: W/"652675d0-3b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Jl9qZHyHfIZd%2Bb%2FMECMRonN%2Bal80Wip4Hh3dZzRYqU3xPubKftk6Fsrangjc5WzMpgQxk1XUGAXvndkuz4%2FEpMz3ZpWNMb62AMYgOMz9au3M6kM855n99cinNy0TU4wujlGc0bC2r0SpqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604eadd138c90-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1win-normal.34748aac6.svg
1win-cdn.com/img/ 5 KB
2 KB 35ms
34ms Image
image/svg+xml 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-cdn.com/img/1win-normal.34748aac6.svg
Requested by: Host: 1wjxec.top
URL: https://1wjxec.top/bets/home
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5cb3d03f299b837679eaa793491a03acc5fc1afdbc7f207b7566646f3bd2ecb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3925759
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Sep 2023 12:42:55 GMT
server: cloudflare
etag: W/"64f7224f-1221"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGV53aQ8OSKNTPLBnyHyFCjky1484yzA0r0ffzaZPwLhy8cRwU3o7ft7d7nxwym6Xtim93rlx6raT1nyhwVpycOqXPBIhUy4FG8fmQdmfvazVBNr33PIObIq%2BUPCdsJKdji1QYgRYaYgefY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604eadd1f8c90-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 us.svg
1win-cdn.com/img/flags/ 1 KB
882 B 36ms
35ms Image
image/svg+xml 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-cdn.com/img/flags/us.svg
Requested by: Host: 1wjxec.top
URL: https://1wjxec.top/bets/home
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6447823ef26e378c36555f7b20ab85bb2f5bcd0a845e8c60bef81eb5f36acd46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3925640
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Sep 2023 12:42:55 GMT
server: cloudflare
etag: W/"64f7224f-5be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FGTaPuLSxym4DoV%2BU1%2BbYIhnTaC%2FIXFtuJrPS2GLFJBtN0C6GP1bdWwnxygMfUlIQSYlh2l%2F56Vkhy%2Ffe3pM5LR4sAtVZWaNNWIJsYkfAbrHBrWJ5v28EJTBSVrFp9GqX%2Fep3Z1PNCx24M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604eadd228c90-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bear.09894b84b-290.webp
1win-cdn.com/img/ 21 KB
21 KB 35ms
34ms Image
image/webp 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-cdn.com/img/bear.09894b84b-290.webp

Requested by

Host: 1wjxec.top
URL: https://1wjxec.top/bets/home

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4010cd904385baf40748bc00e7ae96604ab7dbb0aa6b3c359d79e8a09d9b8b9

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1322
alt-svc: h3=":443"; ma=86400
content-length: 21260
last-modified: Thu, 19 Oct 2023 19:29:11 GMT
server: cloudflare
etag: "65318387-530c"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5eY0LKzUdcyzKe77PyLdV1MhJe1tr4sbv7NCkpM84ic7ExNsAMYArDSIG82JlI5kEu7yVfsMJoDAsrv6rKqc5TjqVyDPDMuUPo948em3Qw%2BlMMUCFxu1q7bhr%2BhPEazDUKcZ9Q6fO61ziE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 819604eaed2b8c90-EWR

GET
H2 200 firebase-messaging.js Show response
1wjxec.top/firebase/8.1.1/ 40 KB
12 KB 342ms
342ms Script
application/javascript 190.115.24.78
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://1wjxec.top/firebase/8.1.1/firebase-messaging.js

Requested by

Host: 1wjxec.top
URL: https://1wjxec.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

190.115.24.78 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

ddos-guard.net

Software

openresty/1.19.9.1 /

Resource Hash

58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/bets/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:03 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2023 19:29:12 GMT
server: openresty/1.19.9.1
etag: W/"65318388-9f25"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
250 B 459ms
87ms Ping
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-548949LWLW&gtm=45je3ai0&_p=171289525&cid=776043098.1697854804&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&sid=1697854803&sct=1&seg=0&dl=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome&dr=https%3A%2F%2F1wij.today%2F&dt=1win%20-%20Loading&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_url=https%3A%2F%2F1wjxec.top%2F&up.platform_language=en&up.device_type=desktop&up.platform=web&up.os=windows
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 02:20:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1wjxec.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.e1dfa7708b9d9a8bea71.js Show response
script.hotjar.com/ 228 KB
56 KB 383ms
40ms Script
application/javascript 99.84.191.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e1dfa7708b9d9a8bea71.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.191.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-191-77.iad89.r.cloudfront.net

Software

Resource Hash

37c5cc6fa83a5392f51d53cba3892630c02c0e02219d88a043db6d530aa64664

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 12:05:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 3ba4f1633675322ba2a091472486bb3a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 137698
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56552
last-modified: Thu, 19 Oct 2023 12:04:32 GMT
etag: "6767acf9424d83d0946202b3a45c9012"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: SSJobJA23jPXqaIVgT1JoLR8nenvyUdSVqjbZsC_asQDk96grN2vmQ==

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=COeu04OKhoIDFb2K0QQdueQGaA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame 12B3 194 B
150 B 186ms
95ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COeu04OKhoIDFb2K0QQdueQGaA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1916369727609.5881;~oref=https://1wjxec.top/

Requested by

Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=COeu04OKhoIDFb2K0QQdueQGaA;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1916369727609.5881?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 02:20:04 GMT
expires: Sat, 21 Oct 2023 02:20:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 41114.30fee6864.js Show response
1win-cdn.com/js/ 697 B
1007 B 33ms
33ms Script
application/javascript 2606:4700:e0::ac40:6a23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/41114.30fee6864.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.3522bcbdc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b6f6e1aa52cf3a00da91603ed25cac5938b9c7bca1ef33643e9d2b251a7a1f5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 833855
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 11 Oct 2023 10:15:44 GMT
server: cloudflare
etag: W/"652675d0-2b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rx5IO1YAXTuLQeoM392ZmKugwCL0EhjkDqLyV5b4uQGaFM1%2FwjmR1EAtibTBi%2BhjQ3momJ1Q2LU%2FoM%2F7343JG7k8g%2FhyiFlKGJcs1elG7z6ao4Ncq8SrgqIebqyMpavpv9P9%2Bn7I9GZyvX8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 819604edd8168c90-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dc_pre=CKvq0oOKhoIDFQGK0QQday0GUg;src=12688802;type=actio0;cat=allpa0;ord=1;num=5382610822172;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=ht... Show response
adservice.google.com/ddm/fls/i/ Frame CA91 194 B
150 B 178ms
96ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKvq0oOKhoIDFQGK0QQday0GUg;src=12688802;type=actio0;cat=allpa0;ord=1;num=5382610822172;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome

Requested by

Host: 12688802.fls.doubleclick.net
URL: https://12688802.fls.doubleclick.net/activityi;dc_pre=CKvq0oOKhoIDFQGK0QQday0GUg;src=12688802;type=actio0;cat=allpa0;ord=1;num=5382610822172;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12688802.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 02:20:04 GMT
expires: Sat, 21 Oct 2023 02:20:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CPrm0oOKhoIDFS6CdwEdwp0GsQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=4737230020803;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=ht... Show response
adservice.google.com/ddm/fls/i/ Frame 4DB8 194 B
440 B 128ms
95ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPrm0oOKhoIDFS6CdwEdwp0GsQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=4737230020803;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F

Requested by

Host: 12688802.fls.doubleclick.net
URL: https://12688802.fls.doubleclick.net/activityi;dc_pre=CPrm0oOKhoIDFS6CdwEdwp0GsQ;src=12688802;type=actio0;cat=allpa0;ord=1;num=4737230020803;auiddc=143744158.1697854804;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wjxec.top%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12688802.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 02:20:04 GMT
expires: Sat, 21 Oct 2023 02:20:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CPO104OKhoIDFX2g0QQdN-8EMQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame 874B 194 B
150 B 128ms
96ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPO104OKhoIDFX2g0QQdN-8EMQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1407311769749.0933;~oref=https://1wjxec.top/

Requested by

Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=CPO104OKhoIDFX2g0QQdN-8EMQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1407311769749.0933?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 21 Oct 2023 02:20:04 GMT
expires: Sat, 21 Oct 2023 02:20:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 422ms
156ms Preflight 52.40.67.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.40.67.88 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-67-88.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://1wjxec.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Sat, 21 Oct 2023 02:20:04 GMT
strict-transport-security: max-age=15768000

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
309 B 93ms
93ms Fetch
application/json 52.40.67.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/63780.f7084d166.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.40.67.88 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-67-88.us-west-2.compute.amazonaws.com

Software

Resource Hash

771a231c18143ede0abeacfd42ff15440e20362a60a7d9cb18aada5d959c322c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://1wjxec.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 21 Oct 2023 02:20:04 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-65333554-5a7b58f57237b10a71b8ee48
content-length: 94

GET
H2 200 metrika_match.html Show response
mc.yandex.com/metrika/ Frame 7288 2 KB
1 KB 152ms
151ms Document
text/html 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

3b47c34b78f258a288e6b089a06118b4b6a1a1e81a9d3ee79cbdb2630e16a457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://1wjxec.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 697
content-type: text/html
date: Sat, 21 Oct 2023 02:20:04 GMT
etag: "65326ac9-2b9"
expires: Sat, 21 Oct 2023 03:20:04 GMT
last-modified: Fri, 20 Oct 2023 11:55:53 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
477 B 148ms
147ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: 1wjxec.top
URL: https://1wjxec.top/bets/home

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 02:20:04 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 20 Oct 2023 11:55:53 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65326ac9-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 21 Oct 2023 03:20:04 GMT

GET

sync_cookie_image_decide
mc.yandex.com/ Frame 7288
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10162.foWPwgCSv9gafSUrNPAUSGWyCTWH0UkUDO-8sai6r4bWFmhdmbSI2NQ5_kMxHuLM.lx1jBb0jNUxgkbpYze3z7BCjsGM%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10162.Fc7ci1SDCibDSlIHpRiUYg7ty5Pv9wRfj-kkFhLUJyMVZ_nRKoUFOlXzZDo9vUBuDkzDi5tqusUbvt6N2bEQFiX1C8mKyc7FuNcZ-hcYlTnfxT5NaJhDgMjStm_QkcYdDg9pqqPmwE...

0
0

GET
H/1.1 200
OK metrica
adfstat.yandex.ru/ Frame 7288 0
0 630ms
291ms Image
application/json 2a02:6b8::346
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adfstat.yandex.ru/metrica?id=921700392
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::346 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mc.yandex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2

200

1 Show response
mc.yandex.com/watch/92006234/
Redirect Chain

https://mc.yandex.com/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome&page-ref=https%3A%2F%2F1wij.today%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhe16...
https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome&page-ref=https%3A%2F%2F1wij.today%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhe...

437 B
520 B

163ms
162ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome&page-ref=https%3A%2F%2F1wij.today%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhe16nuwp1gt1zsuz%3Afp%3A1497%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1141%3Acn%3A1%3Adp%3A0%3Als%3A785037244801%3Ahid%3A921700392%3Az%3A-600%3Ai%3A20231020162004%3Aet%3A1697854805%3Ac%3A1%3Arn%3A985716453%3Arqn%3A1%3Au%3A1697854805341591355%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C429%2C626%2C360%2C2%2C0%2C%2C4%2C0%2C%2C%2C%2C1714%3Aco%3A0%3Acpf%3A1%3Ans%3A1697854801458%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697854805%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29mtb%280%29rqnt%281%29aw%281%29pe%281%29cs%28kcbe%29efid%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

59000a0ae6c5e133672c5bd93d56fb87e3791e512a895530564eb132fbcfad51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wjxec.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 02:20:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 21-Oct-2023 02:20:05 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wjxec.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 437
x-xss-protection: 1; mode=block
expires: Sat, 21-Oct-2023 02:20:05 GMT

Redirect headers

pragma: no-cache
date: Sat, 21 Oct 2023 02:20:05 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 21-Oct-2023 02:20:05 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wjxec.top%2Fbets%2Fhome&page-ref=https%3A%2F%2F1wij.today%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhe16nuwp1gt1zsuz%3Afp%3A1497%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1141%3Acn%3A1%3Adp%3A0%3Als%3A785037244801%3Ahid%3A921700392%3Az%3A-600%3Ai%3A20231020162004%3Aet%3A1697854805%3Ac%3A1%3Arn%3A985716453%3Arqn%3A1%3Au%3A1697854805341591355%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C429%2C626%2C360%2C2%2C0%2C%2C4%2C0%2C%2C%2C%2C1714%3Aco%3A0%3Acpf%3A1%3Ans%3A1697854801458%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697854805%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29mtb%280%29rqnt%281%29aw%281%29pe%281%29cs%28kcbe%29efid%281%29ti%282%29
access-control-allow-origin: https://1wjxec.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 21-Oct-2023 02:20:05 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mc.yandex.com
URL: https://mc.yandex.com/sync_cookie_image_decide?token=10162.Fc7ci1SDCibDSlIHpRiUYg7ty5Pv9wRfj-kkFhLUJyMVZ_nRKoUFOlXzZDo9vUBuDkzDi5tqusUbvt6N2bEQFiX1C8mKyc7FuNcZ-hcYlTnfxT5NaJhDgMjStm_QkcYdDg9pqqPmwEunnf-xx_EgDgjKT-SPLTQw00P0LNDZ6Yn3LpKN898ng1sx4K9U59yKCltl46tbr8DJUzQmt8KY3XIRrdz3j__s5Si_CX0Hbss%2C.3fBNWdXGQ1pbhQltRhZle9cqmxw%2C

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1wjxec.top/	1970-01-20 16:22:13	Name: visit_domain Value: 1wjxec.top
1wjxec.top/	1970-01-21 00:23:10	Name: 1w_lang Value: en
.1wjxec.top/	1970-01-21 00:23:10	Name: AMP_MKTG_494cccfe21 Value: JTdCJTIycmVmZXJyZXIlMjIlM0ElMjJodHRwcyUzQSUyRiUyRjF3aWoudG9kYXklMkYlMjIlMkMlMjJyZWZlcnJpbmdfZG9tYWluJTIyJTNBJTIyMXdpai50b2RheSUyMiU3RA==
1wjxec.top/	1969-12-31 23:59:59	Name: core-sticky Value: http://10.233.97.83:80
.1wjxec.top/	1970-01-20 17:47:10	Name: _gcl_au Value: 1.1.143744158.1697854804
.1wjxec.top/	1970-01-21 01:13:34	Name: _ga_548949LWLW Value: GS1.1.1697854803.1.0.1697854803.0.0.0
.1wjxec.top/	1970-01-21 01:13:34	Name: _ga Value: GA1.1.776043098.1697854804
.1wjxec.top/	1970-01-21 00:23:10	Name: AMP_494cccfe21 Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjIwNTZjYmNjNC04YTA0LTQ5OGMtOGJhOS04MWM1N2JiZjg2MjYlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNjk3ODU0ODAzMzczJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTY5Nzg1NDgwMzcwNSUyQyUyMmxhc3RFdmVudElkJTIyJTNBNyU3RA==
.doubleclick.net/	1970-01-20 15:37:35	Name: test_cookie Value: CheckForPermission
1wjxec.top/	1969-12-31 23:59:59	Name: 1w_locale Value: 1
.1wjxec.top/	1970-01-21 00:23:10	Name: _hjSessionUser_2606090 Value: eyJpZCI6ImE1MDk2N2U2LTExMGItNTA0MC1hMTA5LWY1ZWI4OGQ1YWNhZiIsImNyZWF0ZWQiOjE2OTc4NTQ4MDQxNjAsImV4aXN0aW5nIjpmYWxzZX0=
.1wjxec.top/	1970-01-20 15:37:36	Name: _hjFirstSeen Value: 1
.1wjxec.top/	1970-01-20 15:37:34	Name: _hjIncludedInSessionSample_2606090 Value: 0
.1wjxec.top/	1970-01-20 15:37:36	Name: _hjSession_2606090 Value: eyJpZCI6ImQwN2E0ODE2LTY1NWQtNDQyYS1iOGQwLWQxOTNiYTdjZTY1NyIsImNyZWF0ZWQiOjE2OTc4NTQ4MDQxNjIsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6dHJ1ZX0=
.1wjxec.top/	1970-01-20 15:37:36	Name: _hjAbsoluteSessionInProgress Value: 0
1wjxec.top/	1969-12-31 23:59:59	Name: _hjHasCachedUserAttributes Value: true
.yandex.ru/	1970-01-21 01:13:34	Name: i Value: ymHrVq2ogiskS/Lx7mo/Q7XFoUd1DJJ4Y/stp0YmC+EnEn1LPPbwBdrhbUoTYFm8kq+NMJ8SJlGFGnZnwxLJnD22/MI=
.yandex.ru/	1970-01-21 01:13:34	Name: yandexuid Value: 1324807841697854804
.1wjxec.top/	1970-01-21 00:23:10	Name: _ym_uid Value: 1697854805341591355
.1wjxec.top/	1970-01-21 00:23:10	Name: _ym_d Value: 1697854805
.1wjxec.top/	1970-01-20 15:38:46	Name: _ym_isad Value: 2
.yandex.com/	1970-01-21 01:13:34	Name: i Value: NXbLI2f4JHCO3rVeITsOHepVdmrGZOFlNtJowbFXsMQD9pKhuagFj+/CN1SiD4wraWEPdujKsYiGAIke2soV2n4zxUE=
.yandex.com/	1970-01-21 00:23:10	Name: yandexuid Value: 1452325441697854804
.mc.yandex.com/	1970-01-20 15:37:35	Name: sync_cookie_csrf Value: 765994054fake
.mc.yandex.ru/	1970-01-20 15:37:35	Name: sync_cookie_csrf Value: 2313829910fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1053967741697854805
.yandex.com/	1970-01-21 00:23:10	Name: yuidss Value: 1452325441697854804
.yandex.com/	1970-01-21 00:23:10	Name: ymex Value: 1729390805.yrts.1697854805
.yandex.com/	1970-01-21 00:23:10	Name: bh Value: KgI/MA==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
1wij.today
1win-cdn.com
1wjxec.top
adfstat.yandex.ru
adservice.google.com
api.lab.amplitude.com
api2.amplitude.com
mc.yandex.com
mc.yandex.ru
script.hotjar.com
static.hotjar.com
www.google-analytics.com
www.googletagmanager.com
mc.yandex.com
151.101.194.132
172.253.63.148
172.253.63.149
18.160.41.49
190.115.24.78
2001:4860:4802:38::178
2606:4700:3033::6815:fc0
2606:4700:e0::ac40:6a23
2607:f8b0:4004:c07::9c
2607:f8b0:4004:c08::61
2a02:6b8::1:119
2a02:6b8::346
52.40.67.88
99.84.191.77
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6
075c76e74c411d8acfc7d0aa7dc363a06f5996dbe64afe46c7abefcff26de7fe
0ff8f460de045e20c18ca256ea817d96b87929db16796d5d67133f3d13a53687
1eba2f2e3664e25cec834c5f7a915e6028a4dbcf1f499dc906d49aa6718312c0
2b7740f896a38800f5d9ccdc12d2618b006ff62b62e771be6363ee72234fd75a
332325ac9a9df8dfe4757bb956f761b0cfd8e929deba4d21623aea3a97678c8e
37c5cc6fa83a5392f51d53cba3892630c02c0e02219d88a043db6d530aa64664
3b47c34b78f258a288e6b089a06118b4b6a1a1e81a9d3ee79cbdb2630e16a457
3e6c6f1c331d080a9231fd8bcf32db66fa84ef10df9d39b2ef74440ff27473e6
42f5f523c001c5b4a5a628946e7d6e974d77768d5b8b5a9b2733113ff6bc47a4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4f3c45d82c741d2fc9e30742de193d117f0ffba46a104d15a9b82c4e88234cc5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
59000a0ae6c5e133672c5bd93d56fb87e3791e512a895530564eb132fbcfad51
6447823ef26e378c36555f7b20ab85bb2f5bcd0a845e8c60bef81eb5f36acd46
68d63510dcd15d143785fdc4a4c83a53ed11278d62a0be73e2cc5f9d2893521a
6bfdd2da44b911cb52468472ffb409ff696f06a9e7b412bb063b83ca59726c7b
75221124496825660c75ddb5c0165715f73ad0c05d336366b97c4f988b87b8da
771a231c18143ede0abeacfd42ff15440e20362a60a7d9cb18aada5d959c322c
803df8c9e18ea622901b3b0c3e66fee10de4ad6b03334288e976000c128fa81a
821ad9f57d96e8df83e1459c1eadcfe77a7304c62b54faf4ddf5c00699ade7aa
85c80e8aaa829fc58803d764a76a19dfd081cc4bc87b96bd77eb371508b3c46b
86b632f55d1dde3b53345f8bf2ae3e54f46ca4e50f18444a6f2b1a97c792d282
890d7faed6245e877a5dcf3d215ae3b6efc532dbe59223a5f1c6302d31c43fc6
90ef6e5c2446492402ad870e1ce4b95da0ed5b8a69f43c8feeea67e86729bd45
9821d6eac30663f2667ffbf2ae408778fd8ea3f657a7c11cb62956a7171d3943
9b6f6e1aa52cf3a00da91603ed25cac5938b9c7bca1ef33643e9d2b251a7a1f5
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2cb448a0ea6a076cd4c5e7052283a66746d068597fb0ff78c052cd0f3dbf8fb
a4010cd904385baf40748bc00e7ae96604ab7dbb0aa6b3c359d79e8a09d9b8b9
a5cb3d03f299b837679eaa793491a03acc5fc1afdbc7f207b7566646f3bd2ecb
aab0bd5462cf6d84308c26cfda451a6bdd4df0aaa8fcfe0008c7841d6b0e34f8
ac0197e7b96de118bddb79a6d8b9e4fb2aec38810ee1f5e0ac72260928237245
b5efdf7a049f447c4a8a7f92b1bcf96271cdf3ceac2d9a122b29cd9c8ee64595
b67edb1b19b6133aed97b0e83423cf859760fd184b4f9292e65e1d9e106c2ad5
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a
d13ce48438bcdcaecca35073452081235ff2b1e38ba10bdaa0c36bd2227d2dbf
d9bdfb773b9bb3ae6d46b27a825686b661e45125d17484d9a19663a50d632b80
d9e867654a101af8bc2597413cdf3ee7f512080fc845d0d1ba3c120e53ff9ee5
df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7428dd7509ba00ec47fae633382c20d286f7c563528d6611a5f0508076d3850
e795f268fe30060b131637a969b4089cc57cfed994f0f6b9531d8ab516e05f71
eb4079b307564e585700674b4c018ffaaae34d50caf9000fe61077c8a2327d0f
f7e15b04616b59f59de6ec754e067dc822146e64e4d16d3bff6a7c6eed189c74

1wjxec.top Open in urlscan Pro 190.115.24.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

96 %HTTPS

50 %IPv6

11 Domains

15 Subdomains

15 IPs

3 Countries

1078 kBTransfer

3243 kBSize

29 Cookies

0 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

1wjxec.top Open in urlscan Pro
190.115.24.78 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

96 %
HTTPS

50 %
IPv6

11
Domains

15
Subdomains

15
IPs

3
Countries

1078 kB
Transfer

3243 kB
Size

29
Cookies

57 HTTP transactions
1 data transactions