| 1wklkbv.com/v3/2431/br/external-marketing/img/logo/logo-1win.svg | 94.130.10.163 | 200 OK | 813 B |
URL GET HTTP/21wklkbv.com/v3/2431/br/external-marketing/img/logo/logo-1win.svg IP94.130.10.163:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject1wklkbv.com Fingerprint31:1E:AB:05:30:83:22:A2:A3:33:74:0A:30:AA:E2:C7:B2:7C:F5:CA ValidityFri, 22 Mar 2024 13:34:29 GMT - Thu, 20 Jun 2024 13:34:28 GMT
File typeSVG Scalable Vector Graphics image Hash63e98a5afaba46c83f6bef94d342dce9 e072aed0418de20c80e9daf1985dacf99816dc4b 3cc48cc7988466d19b323285dc3cd9c54f638f4e610b7f00b03d40a312e6a10f
GET /v3/2431/br/external-marketing/img/logo/logo-1win.svg HTTP/1.1
Host: 1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
date: Tue, 07 May 2024 17:40:02 GMT
etag: "661fb4f2-a4d"
last-modified: Wed, 17 Apr 2024 11:39:30 GMT
server: nginx/1.23.4
vary: Accept-Encoding
content-length: 813
X-Firefox-Spdy: h2
|
|
| 1wklkbv.com/v3/2431/br/external-marketing/sprites/form-sprite.svg | 94.130.10.163 | 200 OK | 1.0 kB |
URL GET HTTP/21wklkbv.com/v3/2431/br/external-marketing/sprites/form-sprite.svg IP94.130.10.163:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject1wklkbv.com Fingerprint31:1E:AB:05:30:83:22:A2:A3:33:74:0A:30:AA:E2:C7:B2:7C:F5:CA ValidityFri, 22 Mar 2024 13:34:29 GMT - Thu, 20 Jun 2024 13:34:28 GMT
File typeSVG Scalable Vector Graphics image Hashd2b31c0304cc259840aa7121d33e09c1 d0063496e9cf3980998bbf60225b6742e82c3de6 7fac6a360735f048385117afb469e559e28a63e3fd0b0800d0df07ad0e1a417b
GET /v3/2431/br/external-marketing/sprites/form-sprite.svg HTTP/1.1
Host: 1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
date: Tue, 07 May 2024 17:40:02 GMT
etag: "661fb4f2-a62"
last-modified: Wed, 17 Apr 2024 11:39:30 GMT
server: nginx/1.23.4
vary: Accept-Encoding
content-length: 1010
X-Firefox-Spdy: h2
|
|
| 1wklkbv.com/v3/2431/br/external-marketing/assets/index-0ce5c634.js | 94.130.10.163 | 200 OK | 42 kB |
URL GET HTTP/21wklkbv.com/v3/2431/br/external-marketing/assets/index-0ce5c634.js IP94.130.10.163:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject1wklkbv.com Fingerprint31:1E:AB:05:30:83:22:A2:A3:33:74:0A:30:AA:E2:C7:B2:7C:F5:CA ValidityFri, 22 Mar 2024 13:34:29 GMT - Thu, 20 Jun 2024 13:34:28 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (62891) Hashd207fdb40baf31383223811eaf8bebbb 150a6a964c8e5e9d9da55e94083b40f1d62cd734 26afc2b84120487df1da5fb97f9550f06c3fb4b2eb9fb01b5db619e8841aa3e0
GET /v3/2431/br/external-marketing/assets/index-0ce5c634.js HTTP/1.1
Host: 1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
date: Tue, 07 May 2024 17:40:02 GMT
etag: "661fb4f3-216b0"
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| 1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 | 94.130.10.163 | 200 OK | 82 kB |
URL User Request GET HTTP/21wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 IP94.130.10.163:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subject1wklkbv.com Fingerprint31:1E:AB:05:30:83:22:A2:A3:33:74:0A:30:AA:E2:C7:B2:7C:F5:CA ValidityFri, 22 Mar 2024 13:34:29 GMT - Thu, 20 Jun 2024 13:34:28 GMT
Hash8b756a2b195f3efadf70ee6be03fc48b 46d5849b08d00cd89433720e74b6da0e46d77403 628d3190acab469266f7bb531429686a5a2a8ebc4a8a08def3aa707d864b214a
GET /v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 HTTP/1.1
Host: 1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/html
date: Tue, 07 May 2024 17:40:02 GMT
etag: "661fb4f3-4336"
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| 1wklkbv.com/v3/2431/br/external-marketing/assets/Inter-Regular-ed64c5d8.woff2 | 94.130.10.163 | 200 OK | 99 kB |
URL GET HTTP/21wklkbv.com/v3/2431/br/external-marketing/assets/Inter-Regular-ed64c5d8.woff2 IP94.130.10.163:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject1wklkbv.com Fingerprint31:1E:AB:05:30:83:22:A2:A3:33:74:0A:30:AA:E2:C7:B2:7C:F5:CA ValidityFri, 22 Mar 2024 13:34:29 GMT - Thu, 20 Jun 2024 13:34:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 98756, version 1.0 Hasha90c493e75dbd61aec1195dbb9bb6b06 a3e3ae8b6f79820b0b393a92fc613f50fb9f03c6 ed64c5d83f5fcc357eb8afd0a7b8d9912cae97d88dd57cccb64787bb643c7c76
GET /v3/2431/br/external-marketing/assets/Inter-Regular-ed64c5d8.woff2 HTTP/1.1
Host: 1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
date: Tue, 07 May 2024 17:40:02 GMT
etag: "661fb4f3-181c4"
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
vary: Accept-Encoding
content-length: 98756
X-Firefox-Spdy: h2
|
|
| 1wklkbv.com/v3/2431/br/external-marketing/assets/Inter-SemiBold-d6d09054.woff2 | 94.130.10.163 | 200 OK | 107 kB |
URL GET HTTP/21wklkbv.com/v3/2431/br/external-marketing/assets/Inter-SemiBold-d6d09054.woff2 IP94.130.10.163:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject1wklkbv.com Fingerprint31:1E:AB:05:30:83:22:A2:A3:33:74:0A:30:AA:E2:C7:B2:7C:F5:CA ValidityFri, 22 Mar 2024 13:34:29 GMT - Thu, 20 Jun 2024 13:34:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 106788, version 1.0 Size107 kB (106788 bytes) Hash920533ddd1d6ea543f7fc3e89b4556bb bc11a427dcb55d1354a5ea07bbc353c57fe9cc0b d6d0905419e1e821c57189396db46ffe335960bd68befedddaf9e73f3f2e7a3a
GET /v3/2431/br/external-marketing/assets/Inter-SemiBold-d6d09054.woff2 HTTP/1.1
Host: 1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
date: Tue, 07 May 2024 17:40:02 GMT
etag: "661fb4f3-1a124"
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
vary: Accept-Encoding
content-length: 106788
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7 | 142.250.74.168 | 200 OK | 110 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7 IP142.250.74.168:443
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (50345) Size110 kB (109542 bytes) Hash4f9bacb93b6533bded2e756f5ea78b77 58c0f0b4ffa2e59d765b38e9ffd94956821deb0f bd1e38cb75be19e09109a326a94bd5a189c39c45d43d7337c14cce983c2d9995
GET /gtm.js?id=GTM-KGKQDC7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 17:40:02 GMT
expires: Tue, 07 May 2024 17:40:02 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 May 2024 16:44:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 109542
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1wklkbv.com/v3/2431/br/external-marketing/assets/Inter-Black-1d1374a7.woff2 | 94.130.10.163 | 200 OK | 104 kB |
URL GET HTTP/21wklkbv.com/v3/2431/br/external-marketing/assets/Inter-Black-1d1374a7.woff2 IP94.130.10.163:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject1wklkbv.com Fingerprint31:1E:AB:05:30:83:22:A2:A3:33:74:0A:30:AA:E2:C7:B2:7C:F5:CA ValidityFri, 22 Mar 2024 13:34:29 GMT - Thu, 20 Jun 2024 13:34:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 103832, version 1.0 Size104 kB (103832 bytes) Hashedf1baa02cd941c61d54610f955f49c6 e40b42fd142c5e04e3babba3def4abc67ff410c4 1d1374a7e2f7a6d506cfcfb4b5bf6edc78801d9dbf58ceb7f5a6b54d5cee5ec4
GET /v3/2431/br/external-marketing/assets/Inter-Black-1d1374a7.woff2 HTTP/1.1
Host: 1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
date: Tue, 07 May 2024 17:40:02 GMT
etag: "661fb4f3-19598"
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
vary: Accept-Encoding
content-length: 103832
X-Firefox-Spdy: h2
|
|
| 1wklkbv.com/v3/2431/br/external-marketing/assets/Inter-Medium-a4ad8ac6.woff2 | 94.130.10.163 | 200 OK | 106 kB |
URL GET HTTP/21wklkbv.com/v3/2431/br/external-marketing/assets/Inter-Medium-a4ad8ac6.woff2 IP94.130.10.163:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject1wklkbv.com Fingerprint31:1E:AB:05:30:83:22:A2:A3:33:74:0A:30:AA:E2:C7:B2:7C:F5:CA ValidityFri, 22 Mar 2024 13:34:29 GMT - Thu, 20 Jun 2024 13:34:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 105944, version 1.0 Size106 kB (105944 bytes) Hash943a67750859470af9d9989ae91aef35 97e6452fe698bf7cbb9ffc164e967c60cb39c7dd a4ad8ac69b901406c6d29ec3173cbf7b00f4652b997b40033c8c640028a6db1e
GET /v3/2431/br/external-marketing/assets/Inter-Medium-a4ad8ac6.woff2 HTTP/1.1
Host: 1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
date: Tue, 07 May 2024 17:40:02 GMT
etag: "661fb4f3-19dd8"
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
vary: Accept-Encoding
content-length: 105944
X-Firefox-Spdy: h2
|
|
| 1wklkbv.com/v3/2431/br/external-marketing/assets/Inter-Bold-04079eb5.woff2 | 94.130.10.163 | 200 OK | 107 kB |
URL GET HTTP/21wklkbv.com/v3/2431/br/external-marketing/assets/Inter-Bold-04079eb5.woff2 IP94.130.10.163:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject1wklkbv.com Fingerprint31:1E:AB:05:30:83:22:A2:A3:33:74:0A:30:AA:E2:C7:B2:7C:F5:CA ValidityFri, 22 Mar 2024 13:34:29 GMT - Thu, 20 Jun 2024 13:34:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 107236, version 1.0 Size107 kB (107236 bytes) Hash231f444dc08212ed0133d8ea5c95c670 a9fdc76a1229a5db11b54c8790d11458547cd3b9 04079eb5aa58d207bc036c8e55d464ea23947d1b1d48d220ebcd1b7c230f589f
GET /v3/2431/br/external-marketing/assets/Inter-Bold-04079eb5.woff2 HTTP/1.1
Host: 1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
date: Tue, 07 May 2024 17:40:02 GMT
etag: "661fb4f3-1a2e4"
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
vary: Accept-Encoding
content-length: 107236
X-Firefox-Spdy: h2
|
|
| 1win-cdn.com/domains/by/filters | 154.197.121.128 | 200 OK | 0 B |
URL POST HTTP/21win-cdn.com/domains/by/filters IP154.197.121.128:443 ASN#328608 Africa-on-Cloud-AS
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerGoogle Trust Services LLC Subject1win-cdn.com Fingerprint4D:C6:44:3C:1A:1A:11:DB:B7:6E:B5:A9:ED:81:CA:3D:DE:30:40:2A ValidityFri, 03 May 2024 12:22:54 GMT - Thu, 01 Aug 2024 12:22:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /domains/by/filters HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wklkbv.com/
Origin: https://1wklkbv.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Tue, 07 May 2024 17:40:02 GMT
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers
x-frame-options: DENY
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=eczchST5053zcxFV8z7TxQ6vR6CHfE_VxuE3beQxL8Q-1715103602-1.0.1.1-xY3lBACWSreBJDS0i48sSCKEc1Nn14XOZvtfbAJnXLPwcKlguQws7i4Jo_._mqdZYJgR8rfgDGRLcdj394vHbA; path=/; expires=Tue, 07-May-24 18:10:02 GMT; domain=.1win-cdn.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8802fe2e1aa656cc-OSL
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=AW-16482547739&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 90 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=AW-16482547739&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash7fd0be2f84883eb497d870699a57b9dd d9701ad3f2e1c237adf48818f85e6f406a1bb04b accf0115907661c13d5a5d2dd427d79a8481a48fe43ab4e07a722006d57973b4
GET /gtag/js?id=AW-16482547739&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 17:40:02 GMT
expires: Tue, 07 May 2024 17:40:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90174
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 92 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash3dfaa5aadac94eeeb55a0a1a3066c0d5 9d815ccafaf9f705f11dfa9886acb88a9a59c9ff ac045b9927d045fd99c18e952276922ddebc1b8a2a993fb09052476e7fe1bf8b
GET /gtag/js?id=G-548949LWLW&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 17:40:02 GMT
expires: Tue, 07 May 2024 17:40:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91596
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 74 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (1822) Hash109c31305a46432d8688b891ca8816ab 6033a95af519446f56789925c0d320c2ac2b5639 70ac549e265b017565a9425d173865ec93467c02e9fbf398459a68f72abb6034
GET /gtag/destination?id=DC-12688802&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 17:40:02 GMT
expires: Tue, 07 May 2024 17:40:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74098
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1win.direct/v4/socket.io/?Language=en&xorigin=location.host&EIO=4&transport=websocket | 134.122.54.186 | | 0 B |
URL 1win.direct/v4/socket.io/?Language=en&xorigin=location.host&EIO=4&transport=websocket IP134.122.54.186:0 ASN#14061 DIGITALOCEAN-ASN
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v4/socket.io/?Language=en&xorigin=location.host&EIO=4&transport=websocket HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://1wklkbv.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XFxJDeHogezxNe6sEEsImA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Sec-Websocket-Accept: oazRuIt4EIVHqmNy/FojYKx1jHQ=
Sec-Websocket-Extensions: permessage-deflate
Set-Cookie: core-sticky=ff478d6931481ad2; Path=/; HttpOnly
Upgrade: websocket
|
|
| kafka-connector.owdp.tech/events | 34.242.170.249 | 204 No Content | 0 B |
URL POST HTTP/2kafka-connector.owdp.tech/events IP34.242.170.249:443
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subjectkafka-connector.owdp.tech FingerprintCB:93:53:96:FA:F3:D8:33:0B:36:A7:96:9A:8F:1A:65:0F:C4:C8:88 ValidityMon, 15 Apr 2024 11:47:55 GMT - Sun, 14 Jul 2024 11:47:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /events HTTP/1.1
Host: kafka-connector.owdp.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wklkbv.com/
Origin: https://1wklkbv.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Tue, 07 May 2024 17:40:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
content-length: 0
X-Firefox-Spdy: h2
|
|
| kafka-connector.owdp.tech/events | 34.242.170.249 | 204 No Content | 0 B |
URL POST HTTP/2kafka-connector.owdp.tech/events IP34.242.170.249:443
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subjectkafka-connector.owdp.tech FingerprintCB:93:53:96:FA:F3:D8:33:0B:36:A7:96:9A:8F:1A:65:0F:C4:C8:88 ValidityMon, 15 Apr 2024 11:47:55 GMT - Sun, 14 Jul 2024 11:47:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /events HTTP/1.1
Host: kafka-connector.owdp.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 335
Origin: https://1wklkbv.com
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Tue, 07 May 2024 17:40:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
X-Firefox-Spdy: h2
|
|
| 1wklkbv.com/v3/2431/br/external-marketing/favicon/favicon.svg | 94.130.10.163 | 200 OK | 528 B |
URL GET HTTP/21wklkbv.com/v3/2431/br/external-marketing/favicon/favicon.svg IP94.130.10.163:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject1wklkbv.com Fingerprint31:1E:AB:05:30:83:22:A2:A3:33:74:0A:30:AA:E2:C7:B2:7C:F5:CA ValidityFri, 22 Mar 2024 13:34:29 GMT - Thu, 20 Jun 2024 13:34:28 GMT
File typeSVG Scalable Vector Graphics image Hashd2260239c47a557dc50312dc01cbad3f dac1c20799be1d52a444de7c1838d4e38fc06c93 da27421d59a3829fd6292f822eed7c6b1b7a745870d6b736dc67220627d9d656
GET /v3/2431/br/external-marketing/favicon/favicon.svg HTTP/1.1
Host: 1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01
Cookie: _gcl_au=1.1.700998733.1715103603; _ga_548949LWLW=GS1.1.1715103603.1.0.1715103603.60.0.0; _ga=GA1.1.428892762.1715103603
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
date: Tue, 07 May 2024 17:40:03 GMT
etag: "661fb4f2-5b5"
last-modified: Wed, 17 Apr 2024 11:39:30 GMT
server: nginx/1.23.4
vary: Accept-Encoding
content-length: 528
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-548949LWLW&cid=428892762.1715103603>m=45je4560v894728184z8894400803za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1700537972 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-548949LWLW&cid=428892762.1715103603>m=45je4560v894728184z8894400803za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1700537972 IP142.250.74.163:443
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97 ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-548949LWLW&cid=428892762.1715103603>m=45je4560v894728184z8894400803za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1700537972 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 May 2024 17:40:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1wklkbv.com/v3/2431/br/external-marketing/favicon/android-icon-512x512.png | 94.130.10.163 | 200 OK | 16 kB |
URL GET HTTP/21wklkbv.com/v3/2431/br/external-marketing/favicon/android-icon-512x512.png IP94.130.10.163:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject1wklkbv.com Fingerprint31:1E:AB:05:30:83:22:A2:A3:33:74:0A:30:AA:E2:C7:B2:7C:F5:CA ValidityFri, 22 Mar 2024 13:34:29 GMT - Thu, 20 Jun 2024 13:34:28 GMT
Hashc819a6839e0dbfe56c3bb1e4ed0795f0 f2a0949c97ca2cf1dd947c49b5c488fa49e9f1f8 af11fb3d27384b5d2ea3594025b965652747c2410e1d1d20de450ca840382422
GET /v3/2431/br/external-marketing/favicon/android-icon-512x512.png HTTP/1.1
Host: 1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01
Cookie: _gcl_au=1.1.700998733.1715103603; _ga_548949LWLW=GS1.1.1715103603.1.0.1715103603.60.0.0; _ga=GA1.1.428892762.1715103603
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/png
date: Tue, 07 May 2024 17:40:03 GMT
etag: "661fb4f2-2b40"
last-modified: Wed, 17 Apr 2024 11:39:30 GMT
server: nginx/1.23.4
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-548949LWLW>m=45je4560v894728184z8894400803za200&_p=1715103602356&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=428892762.1715103603&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&dp=%2Fv3%2F2431%2Fbr%2Fexternal-marketing&sid=1715103603&sct=1&seg=0&dl=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3Derv6nc65gd01&dt=1win&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_url=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3Derv6nc65gd01&tfd=1439 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-548949LWLW>m=45je4560v894728184z8894400803za200&_p=1715103602356&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=428892762.1715103603&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&dp=%2Fv3%2F2431%2Fbr%2Fexternal-marketing&sid=1715103603&sct=1&seg=0&dl=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3Derv6nc65gd01&dt=1win&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_url=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3Derv6nc65gd01&tfd=1439 IP216.239.32.36:443
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-548949LWLW>m=45je4560v894728184z8894400803za200&_p=1715103602356&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=428892762.1715103603&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&dp=%2Fv3%2F2431%2Fbr%2Fexternal-marketing&sid=1715103603&sct=1&seg=0&dl=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3Derv6nc65gd01&dt=1win&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_url=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3Derv6nc65gd01&tfd=1439 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wklkbv.com
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://1wklkbv.com
date: Tue, 07 May 2024 17:40:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| kafka-connector.owdp.tech/events | 34.242.170.249 | 204 No Content | 0 B |
URL POST HTTP/2kafka-connector.owdp.tech/events IP34.242.170.249:443
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subjectkafka-connector.owdp.tech FingerprintCB:93:53:96:FA:F3:D8:33:0B:36:A7:96:9A:8F:1A:65:0F:C4:C8:88 ValidityMon, 15 Apr 2024 11:47:55 GMT - Sun, 14 Jul 2024 11:47:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /events HTTP/1.1
Host: kafka-connector.owdp.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wklkbv.com/
Origin: https://1wklkbv.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Tue, 07 May 2024 17:40:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
content-length: 0
X-Firefox-Spdy: h2
|
|
| kafka-connector.owdp.tech/events | 34.242.170.249 | 204 No Content | 0 B |
URL POST HTTP/2kafka-connector.owdp.tech/events IP34.242.170.249:443
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subjectkafka-connector.owdp.tech FingerprintCB:93:53:96:FA:F3:D8:33:0B:36:A7:96:9A:8F:1A:65:0F:C4:C8:88 ValidityMon, 15 Apr 2024 11:47:55 GMT - Sun, 14 Jul 2024 11:47:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /events HTTP/1.1
Host: kafka-connector.owdp.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 301
Origin: https://1wklkbv.com
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Tue, 07 May 2024 17:40:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-548949LWLW>m=45je4560v894728184z8894400803za200&_p=1715103602356&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=428892762.1715103603&ul=en-us&sr=1280x1024&pscdl=noapi&dp=%2Fv3%2F2431%2Fbr%2Fexternal-marketing&sid=1715103603&sct=1&seg=0&dl=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3Derv6nc65gd01&dt=1win&_s=2&tfd=2942 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-548949LWLW>m=45je4560v894728184z8894400803za200&_p=1715103602356&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=428892762.1715103603&ul=en-us&sr=1280x1024&pscdl=noapi&dp=%2Fv3%2F2431%2Fbr%2Fexternal-marketing&sid=1715103603&sct=1&seg=0&dl=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3Derv6nc65gd01&dt=1win&_s=2&tfd=2942 IP216.239.32.36:443
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-548949LWLW>m=45je4560v894728184z8894400803za200&_p=1715103602356&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=428892762.1715103603&ul=en-us&sr=1280x1024&pscdl=noapi&dp=%2Fv3%2F2431%2Fbr%2Fexternal-marketing&sid=1715103603&sct=1&seg=0&dl=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3Derv6nc65gd01&dt=1win&_s=2&tfd=2942 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 403
Origin: https://1wklkbv.com
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://1wklkbv.com
date: Tue, 07 May 2024 17:40:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-548949LWLW>m=45je4560v894728184za200&_p=1715103602356&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=428892762.1715103603&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=3&dp=%2Fv3%2F2431%2Fbr%2Fexternal-marketing&dl=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26&dr=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3Derv6nc65gd01&sid=1715103603&sct=1&seg=1&dt=1win&en=page_view&ep.page_url=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3Derv6nc65gd01&tfd=7943 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-548949LWLW>m=45je4560v894728184za200&_p=1715103602356&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=428892762.1715103603&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=3&dp=%2Fv3%2F2431%2Fbr%2Fexternal-marketing&dl=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26&dr=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3Derv6nc65gd01&sid=1715103603&sct=1&seg=1&dt=1win&en=page_view&ep.page_url=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3Derv6nc65gd01&tfd=7943 IP216.239.32.36:443
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-548949LWLW>m=45je4560v894728184za200&_p=1715103602356&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=428892762.1715103603&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=3&dp=%2Fv3%2F2431%2Fbr%2Fexternal-marketing&dl=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26&dr=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3Derv6nc65gd01&sid=1715103603&sct=1&seg=1&dt=1win&en=page_view&ep.page_url=https%3A%2F%2F1wklkbv.com%2Fv3%2F2431%2Fbr%2Fexternal-marketing%3Flang%3Dpt%26sub1%3Derv6nc65gd01&tfd=7943 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wklkbv.com
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://1wklkbv.com
date: Tue, 07 May 2024 17:40:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 1wprru.life/affiliate:link_visit?visit_domain=1wklkbv.com&sub_ids=sub1%3Derv6nc65gd01 | 190.115.24.78 | 200 OK | 5.0 kB |
URL OPTIONS HTTP/21wprru.life/affiliate:link_visit?visit_domain=1wklkbv.com&sub_ids=sub1%3Derv6nc65gd01 IP190.115.24.78:443
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject1wprru.life Fingerprint4D:52:14:56:09:A2:86:CB:A9:65:1C:A7:15:F3:98:2E:E4:BD:70:E1 ValidityThu, 25 Apr 2024 16:35:27 GMT - Wed, 24 Jul 2024 16:35:26 GMT
File typegzip compressed data, from Unix Hash11d72a39c5b82f2f652782f814c7c5a1 13c951a3dcb5dedbbc7a09833929e792c1755567 03f6b27ab136c8b8481527fd3a5988a832a137a09f2d4c5acddb493839939c33
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /affiliate:link_visit?visit_domain=1wklkbv.com&sub_ids=sub1%3Derv6nc65gd01 HTTP/1.1
Host: 1wprru.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-origin: 1wklkbv.com
Origin: https://1wklkbv.com
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Tue, 07 May 2024 17:40:03 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Origin
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wklkbv.com
access-control-expose-headers: Authorization
access-control-max-age: 7200
etag: W/"25-Zj67mG54TfZ031q1ea2QwFUXWX4"
set-cookie: __ddg1_=ta8cqj6HSrqr2oPZXQkC; Domain=.1wprru.life; HttpOnly; Path=/; Expires=Wed, 07-May-2025 17:40:03 GMT
core-sticky=http://10.233.84.5:80; Path=/; HttpOnly
x-powered-by: Express
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| 1wklkbv.com/v3/2431/br/external-marketing/flags/flags.svg | 94.130.10.163 | 200 OK | 194 kB |
URL GET HTTP/21wklkbv.com/v3/2431/br/external-marketing/flags/flags.svg IP94.130.10.163:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject1wklkbv.com Fingerprint31:1E:AB:05:30:83:22:A2:A3:33:74:0A:30:AA:E2:C7:B2:7C:F5:CA ValidityFri, 22 Mar 2024 13:34:29 GMT - Thu, 20 Jun 2024 13:34:28 GMT
File typeSVG Scalable Vector Graphics image Size194 kB (194332 bytes) Hasha92bcc34e96e6149bbbf43a1bc9c52d8 cebda3ba8b9260a4de36e6f8ab10e4f192c882bc 46f7c85353be615eb961fca31f10d696cc75f317786b29fc250028fd70a081e7
GET /v3/2431/br/external-marketing/flags/flags.svg HTTP/1.1
Host: 1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
date: Tue, 07 May 2024 17:40:02 GMT
etag: "661fb4f2-2f71c"
last-modified: Wed, 17 Apr 2024 11:39:30 GMT
server: nginx/1.23.4
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| 1wklkbv.com/v3/2431/br/external-marketing/assets/badge-bg-e1fcd70b.svg | 94.130.10.163 | 200 OK | 683 B |
URL GET HTTP/21wklkbv.com/v3/2431/br/external-marketing/assets/badge-bg-e1fcd70b.svg IP94.130.10.163:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject1wklkbv.com Fingerprint31:1E:AB:05:30:83:22:A2:A3:33:74:0A:30:AA:E2:C7:B2:7C:F5:CA ValidityFri, 22 Mar 2024 13:34:29 GMT - Thu, 20 Jun 2024 13:34:28 GMT
File typeSVG Scalable Vector Graphics image Hash131fb43b426a517c04e6121a2fd92105 ba6d013d8e3a6cdd891fb1b71bbc379af4939f11 5eef3f75903e0857c0586910a3e92f2c00a02af458fa4abb2a282a03d6efc2e9
GET /v3/2431/br/external-marketing/assets/badge-bg-e1fcd70b.svg HTTP/1.1
Host: 1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
date: Tue, 07 May 2024 17:40:02 GMT
etag: "661fb4f3-2ab"
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
vary: Accept-Encoding
content-length: 457
X-Firefox-Spdy: h2
|
|
| 1wklkbv.com/v3/2431/br/external-marketing/assets/girl-tablet-1024-d19fe06a.avif | 94.130.10.163 | 200 OK | 25 kB |
URL GET HTTP/21wklkbv.com/v3/2431/br/external-marketing/assets/girl-tablet-1024-d19fe06a.avif IP94.130.10.163:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject1wklkbv.com Fingerprint31:1E:AB:05:30:83:22:A2:A3:33:74:0A:30:AA:E2:C7:B2:7C:F5:CA ValidityFri, 22 Mar 2024 13:34:29 GMT - Thu, 20 Jun 2024 13:34:28 GMT
Hash24c4b93cc5e4ebb6f4272e62d46fd83e 2b306914efad306f4fab602dbbd2069f99ccf65d d19fe06a63037d93665f30fec9dcb140d95a79b8ff94da4330b111491fab6e4d
GET /v3/2431/br/external-marketing/assets/girl-tablet-1024-d19fe06a.avif HTTP/1.1
Host: 1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/avif
date: Tue, 07 May 2024 17:40:02 GMT
etag: "661fb4f3-6325"
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| 1wprru.life/ | 190.115.24.78 | 200 OK | 438 kB |
IP190.115.24.78:443
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject1wprru.life Fingerprint4D:52:14:56:09:A2:86:CB:A9:65:1C:A7:15:F3:98:2E:E4:BD:70:E1 ValidityThu, 25 Apr 2024 16:35:27 GMT - Wed, 24 Jul 2024 16:35:26 GMT
Size438 kB (438150 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 1wprru.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1wklkbv.com/
Origin: https://1wklkbv.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=l5c6BKLi8SrmV3SOGPfx; Domain=.1wprru.life; HttpOnly; Path=/; Expires=Wed, 07-May-2025 17:40:03 GMT
date: Tue, 07 May 2024 17:40:03 GMT
content-type: text/html; charset=utf-8
x-request-id: X7KaF2IFKnRaW4Gk
vary: Origin
access-control-allow-origin: https://1wklkbv.com
access-control-allow-credentials: true
x-match-domain: 1wklkbv.com
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 1wklkbv.com/v3/2431/br/external-marketing/assets/star-3f49e448.svg | 94.130.10.163 | 200 OK | 431 B |
URL GET HTTP/21wklkbv.com/v3/2431/br/external-marketing/assets/star-3f49e448.svg IP94.130.10.163:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject1wklkbv.com Fingerprint31:1E:AB:05:30:83:22:A2:A3:33:74:0A:30:AA:E2:C7:B2:7C:F5:CA ValidityFri, 22 Mar 2024 13:34:29 GMT - Thu, 20 Jun 2024 13:34:28 GMT
File typeSVG Scalable Vector Graphics image Hash357c73f48bd258a20703a6ba5083849f c1483764293b0fba56f61e55f4cec894bb30daf2 5eb8b40023f5c7e204e43bacf42ca633b26f706783fc3468e5f99a6bcced04be
GET /v3/2431/br/external-marketing/assets/star-3f49e448.svg HTTP/1.1
Host: 1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
date: Tue, 07 May 2024 17:40:02 GMT
etag: "661fb4f3-1af"
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
vary: Accept-Encoding
content-length: 431
X-Firefox-Spdy: h2
|
|
| 1wklkbv.com/v3/2431/br/external-marketing/assets/racket-left-tablet-768-2a1536de.avif | 94.130.10.163 | 200 OK | 6.5 kB |
URL GET HTTP/21wklkbv.com/v3/2431/br/external-marketing/assets/racket-left-tablet-768-2a1536de.avif IP94.130.10.163:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject1wklkbv.com Fingerprint31:1E:AB:05:30:83:22:A2:A3:33:74:0A:30:AA:E2:C7:B2:7C:F5:CA ValidityFri, 22 Mar 2024 13:34:29 GMT - Thu, 20 Jun 2024 13:34:28 GMT
Hash02bb2b0662747cc7f190510665bc2766 b8eef192d0d2f6d635d763f6c276b9d4cd1d6181 2a1536dec00b0ec3d3063400280ea1290f056e4f65a38d0cf3d81232ec2fe74f
GET /v3/2431/br/external-marketing/assets/racket-left-tablet-768-2a1536de.avif HTTP/1.1
Host: 1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/avif
date: Tue, 07 May 2024 17:40:02 GMT
etag: "661fb4f3-1946"
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| 1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css | 94.130.10.163 | 200 OK | 137 kB |
URL GET HTTP/21wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css IP94.130.10.163:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject1wklkbv.com Fingerprint31:1E:AB:05:30:83:22:A2:A3:33:74:0A:30:AA:E2:C7:B2:7C:F5:CA ValidityFri, 22 Mar 2024 13:34:29 GMT - Thu, 20 Jun 2024 13:34:28 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size137 kB (136943 bytes) Hashc81cac529cb09ab89321a75e141e0d45 185432078271f83526f8dcf4f7d7e8acc117c240 5d372cb95c04fd5b2c34790d6b8679f6dd5796cb27db5c83b68940c568d4bbd1
GET /v3/2431/br/external-marketing/assets/index-5d372cb9.css HTTP/1.1
Host: 1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css
date: Tue, 07 May 2024 17:40:02 GMT
etag: "661fb4f3-216ef"
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| 1wklkbv.com/v3/2431/br/external-marketing/assets/racket-right-tablet-1024-e8e95cbf.avif | 94.130.10.163 | 200 OK | 14 kB |
URL GET HTTP/21wklkbv.com/v3/2431/br/external-marketing/assets/racket-right-tablet-1024-e8e95cbf.avif IP94.130.10.163:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject1wklkbv.com Fingerprint31:1E:AB:05:30:83:22:A2:A3:33:74:0A:30:AA:E2:C7:B2:7C:F5:CA ValidityFri, 22 Mar 2024 13:34:29 GMT - Thu, 20 Jun 2024 13:34:28 GMT
Hash6dcc68dc6324a026ab508bff5768f692 b6195dbdb54faeb1c282251b078df740934f7130 e8e95cbff2326f2d86274faff7316bd42788a97692e99666fe011a3f251a2521
GET /v3/2431/br/external-marketing/assets/racket-right-tablet-1024-e8e95cbf.avif HTTP/1.1
Host: 1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/avif
date: Tue, 07 May 2024 17:40:02 GMT
etag: "661fb4f3-3775"
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| 1wklkbv.com/v3/2431/br/external-marketing/assets/ball-tablet-1024-2cf1b1d8.avif | 94.130.10.163 | 200 OK | 9.3 kB |
URL GET HTTP/21wklkbv.com/v3/2431/br/external-marketing/assets/ball-tablet-1024-2cf1b1d8.avif IP94.130.10.163:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject1wklkbv.com Fingerprint31:1E:AB:05:30:83:22:A2:A3:33:74:0A:30:AA:E2:C7:B2:7C:F5:CA ValidityFri, 22 Mar 2024 13:34:29 GMT - Thu, 20 Jun 2024 13:34:28 GMT
Hash0b4fca4960e45bc16364d28c258a30e1 914a4e25ef34b5650eacbf7aaa85db8fea6dba62 2cf1b1d8eb61b4f2cf3276106c97f25a4bd2e8bdecbdb0a878f9c3d1f19bb3fb
GET /v3/2431/br/external-marketing/assets/ball-tablet-1024-2cf1b1d8.avif HTTP/1.1
Host: 1wklkbv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1wklkbv.com/v3/2431/br/external-marketing/assets/index-5d372cb9.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/avif
date: Tue, 07 May 2024 17:40:02 GMT
etag: "661fb4f3-2445"
last-modified: Wed, 17 Apr 2024 11:39:31 GMT
server: nginx/1.23.4
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| 1win.direct/v4/socket.io/?Language=en&xorigin=location.host&EIO=4&transport=websocket | 134.122.54.186 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.11win.direct/v4/socket.io/?Language=en&xorigin=location.host&EIO=4&transport=websocket IP134.122.54.186:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://1wklkbv.com/v3/2431/br/external-marketing?lang=pt&sub1=erv6nc65gd01 CertificateIssuerLet's Encrypt Subject*.1win.direct Fingerprint52:A8:ED:F5:F8:3D:CF:F0:55:C1:2A:96:EA:32:49:27:6C:D8:26:27 ValiditySun, 17 Mar 2024 06:46:18 GMT - Sat, 15 Jun 2024 06:46:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v4/socket.io/?Language=en&xorigin=location.host&EIO=4&transport=websocket HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://1wklkbv.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XFxJDeHogezxNe6sEEsImA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Sec-Websocket-Accept: oazRuIt4EIVHqmNy/FojYKx1jHQ=
Sec-Websocket-Extensions: permessage-deflate
Set-Cookie: core-sticky=ff478d6931481ad2; Path=/; HttpOnly
Upgrade: websocket
|
|