1wvgdg.top/
190.115.19.101301 Moved Permanently 175 B IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 27d3037d4815f88b7bb724cb258524e1
092678ca1f61e13d97f37f7be9438e7b32b722e9
0c0a343c76a265d5b6b5b3708383afaf77f187eaa7f3fa8f1fec18cdf4ebe198
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: 1wvgdg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: openresty/1.19.9.1
Date: Mon, 30 Jan 2023 17:11:48 GMT
Content-Type: text/html
Content-Length: 175
Connection: keep-alive
Location: https://1wvgdg.top
X-Frame-Options: DENY
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3619
Expires: Mon, 30 Jan 2023 18:12:07 GMT
Date: Mon, 30 Jan 2023 17:11:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3433
Expires: Mon, 30 Jan 2023 18:09:01 GMT
Date: Mon, 30 Jan 2023 17:11:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 16:43:12 GMT
content-type: application/json
age: 1716
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6006
Expires: Mon, 30 Jan 2023 18:51:54 GMT
Date: Mon, 30 Jan 2023 17:11:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GELRlQTYdn51eadTrFnaUMJPEktlPri4FnoIoxT0m+lG4fjw2dN0y6iS+KdKaHPRLz9jx97DH8g=
x-amz-request-id: GXKCAHVFN40HS0A9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 16:21:52 GMT
age: 2996
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:11:48 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b6305cb19d1a0d7006e25ccdae262e56
396bb5ddc5e0ba42782105aee2baf4be721cacf1
7d1ebfba03faa4f4d23b8b52a423aa50fe035d2ea733e77253ae1cb949af759c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D1EBFBA03FAA4F4D23B8B52A423AA50FE035D2EA733E77253AE1CB949AF759C"
Last-Modified: Mon, 30 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 30 Jan 2023 23:11:48 GMT
Date: Mon, 30 Jan 2023 17:11:48 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/Qcxua71jizE
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Qcxua71jizE
IP 142.250.74.131:0
Hash 70bd4b753dd8a78fff1f17d30f6f3aee
19d29346022f70f3e05a9a461c104de1f06795f9
a67c465e7b7b92566c30370ec62d038bad6123c377fbd7000dfb573dc7ca0d92
POST /s/gts1p5/Qcxua71jizE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:11:49 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Qcxua71jizE
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Qcxua71jizE
IP 142.250.74.131:0
Hash 70bd4b753dd8a78fff1f17d30f6f3aee
19d29346022f70f3e05a9a461c104de1f06795f9
a67c465e7b7b92566c30370ec62d038bad6123c377fbd7000dfb573dc7ca0d92
POST /s/gts1p5/Qcxua71jizE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:11:49 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Qcxua71jizE
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Qcxua71jizE
IP 142.250.74.131:0
Hash 70bd4b753dd8a78fff1f17d30f6f3aee
19d29346022f70f3e05a9a461c104de1f06795f9
a67c465e7b7b92566c30370ec62d038bad6123c377fbd7000dfb573dc7ca0d92
POST /s/gts1p5/Qcxua71jizE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:11:49 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Qcxua71jizE
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Qcxua71jizE
IP 142.250.74.131:0
Hash 70bd4b753dd8a78fff1f17d30f6f3aee
19d29346022f70f3e05a9a461c104de1f06795f9
a67c465e7b7b92566c30370ec62d038bad6123c377fbd7000dfb573dc7ca0d92
POST /s/gts1p5/Qcxua71jizE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:11:49 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Qcxua71jizE
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Qcxua71jizE
IP 142.250.74.131:0
Hash 70bd4b753dd8a78fff1f17d30f6f3aee
19d29346022f70f3e05a9a461c104de1f06795f9
a67c465e7b7b92566c30370ec62d038bad6123c377fbd7000dfb573dc7ca0d92
POST /s/gts1p5/Qcxua71jizE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:11:49 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1win-cdn.com/css/6610.4f034e44.css
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/css/6610.4f034e44.css
IP 104.26.5.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/6610.4f034e44.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wvgdg.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:49 GMT
content-type: text/css
content-length: 0
cache-control: max-age=315360000
cf-bgj: minify
access-control-allow-origin: *
etag: "63c7c775-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
cf-cache-status: HIT
age: 993970
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLdQos410yNxVMs9o8YHf1vVcILriKNjPLmxgs8uLm%2FShgjybEk3IZfOt1a%2FypAoye1ymwcPcuqm4BkGiRzn98RsQA5ww%2F33rAs4B4%2FH%2Bl4m33JwhRkUjcnhVwi1%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd435d96db505-OSL
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 16:49:04 GMT
age: 1365
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21386
Expires: Mon, 30 Jan 2023 23:08:15 GMT
Date: Mon, 30 Jan 2023 17:11:49 GMT
Connection: keep-alive
push.services.mozilla.com/
52.34.129.187101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.34.129.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MacpJq+0WgB4lsexVfQGoA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EMsvTuoRlEjpyMZ1uf0nr2l5868=
1win-cdn.com/js/1895.80662a88.js
104.26.5.11200 OK 53 kB URL HTTP/2 1win-cdn.com/js/1895.80662a88.js
IP 104.26.5.11:0
File type ASCII text, with very long lines (60374), with no line terminators
Hash 2e9f55f34e5eb989ab9581f749bf5963
532b4a8d29a019fa06d5b3289705627210c3fbca
81fd3bcafc2cdfa1364f2e1d850015c872ce160de63b778abe4de146299fc132
GET /js/1895.80662a88.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wvgdg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=60416
access-control-allow-origin: *
etag: W/"63d7c7fa-ec00"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 30 Jan 2023 13:36:58 GMT
cf-cache-status: HIT
age: 12871
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agJe9%2FB0rLiv7QEOxzTO3w%2Fcqhyv53u9mSKxFWZy7rqR93INHhzAD71smer794sr%2F3B%2BAcnbBuQFE63laWhTSdw4%2FrOkjc6CYLlVA%2BcoVZgW9D%2FKL6PJZCk4mgpo%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd43a0f4db505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/css/2950.0ca1e6d2.css
104.26.5.11200 OK 17 kB URL HTTP/2 1win-cdn.com/css/2950.0ca1e6d2.css
IP 104.26.5.11:0
File type ASCII text, with very long lines (19620), with no line terminators
Hash 52e1fdb9f828805456e54b289af9bebb
f2c444485d342e21bbb383829382cf6d947b63c3
576f49c41e09070596d3c9888eecabff049fd7ca5703fee78e937217ddd3bf01
GET /css/2950.0ca1e6d2.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wvgdg.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:50 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=19626
access-control-allow-origin: *
etag: W/"63d7c0ef-4caa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 30 Jan 2023 13:06:55 GMT
cf-cache-status: HIT
age: 14636
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwRJzO6DuWu3HqjCmTSjpoFEvzNJYjOhL1xaHyMrG%2FoMXetN3HOTeaOh%2FfPUjnYCKTL5sMHqwbBWQkOpFbV6KVHQumL4esrFRHtfB%2FiSS6FwMSj680q4Hvl0bmh29g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd43a0f51b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:11:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
142.250.74.40200 OK 57 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
IP 142.250.74.40:0
File type ASCII text, with very long lines (13682)
Hash 395d62aa2d2a91f15b5b11afa9226400
fc3299f21c133ddd1d7c8d3ca9bc82689a733bbb
bb99e6d1d12212b62ff6831042fa4befcd61d9d11df8d3bf5919c85b90c22ab7
GET /gtm.js?id=GTM-KGKQDC7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wvgdg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:11:50 GMT
expires: Mon, 30 Jan 2023 17:11:50 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 57244
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:11:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1win-cdn.com/js/desktop.84d979cf.js
104.26.5.11200 OK 420 kB URL HTTP/2 1win-cdn.com/js/desktop.84d979cf.js
IP 104.26.5.11:0
File type Unicode text, UTF-8 text, with very long lines (65495), with no line terminators
Size 420 kB (419805 bytes)
Hash 03150aa63bb75fa396970c0ba9ca88d1
95ccd0ade8a61c16c8a87e00ad263521838bc224
2af4aa211156ce20e40cd3b3b9f169629c3393cdffeed74995ed827f0e2f870e
GET /js/desktop.84d979cf.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wvgdg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:49 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=119486
access-control-allow-origin: *
etag: W/"63d7c7fb-1d2be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 30 Jan 2023 13:36:59 GMT
cf-cache-status: HIT
age: 12640
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRQgmXUmeq7oOrmmNCZuZ1qxYLmc9FLcdSKcZLmIXq%2BNuk7QTvTtw30rT%2FFEWYLAknvB9hE17aPdgG8etvvBbfpFw1BdUZGfKmlEStsEf5%2BGAtnOlLxdy00a6yW1yw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd435d977b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d12e9ff2f182d3ce52d59d589ab5a61d
1d39c5eed0a766cbee2fe1f0729eab7472f56d7f
e675272e9b74782eb09ee52be90da7a92ba0cbe71fccba9bd8c4416e4817b13b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:11:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d12e9ff2f182d3ce52d59d589ab5a61d
1d39c5eed0a766cbee2fe1f0729eab7472f56d7f
e675272e9b74782eb09ee52be90da7a92ba0cbe71fccba9bd8c4416e4817b13b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:11:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1wvgdg.top/pwaNotFound.html
190.115.19.101200 OK 2.6 kB URL HTTP/2 1wvgdg.top/pwaNotFound.html
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
Hash 67350b81dd2601f43cd98962746eca40
9fc0170fbd5252ec0cfd769ae44721f8b1e3c37a
597ec97aae957de15856b5e85d7cad5d9a52d432061c4a5b102e1a60308359c5
GET /pwaNotFound.html HTTP/1.1
Host: 1wvgdg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1wvgdg.top/sw.db344b25.js
Connection: keep-alive
Cookie: visit_domain=1wvgdg.top; 1w_lang=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Mon, 30 Jan 2023 17:11:50 GMT
content-type: text/html
last-modified: Mon, 30 Jan 2023 13:37:13 GMT
etag: W/"63d7c809-136c"
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4185816739517.688?
142.250.74.6200 OK 274 B URL HTTP/2 12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4185816739517.688?
IP 142.250.74.6:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (520), with no line terminators
Hash e562042fc8c51a42780eca676e863c4c
7feea575e8b2a4dc3ddf3392077d8dcbc79e70fd
9a8dc193dfdfb4898c091c2b51314de97daed063ea3dd8f8e64ad67d43517000
GET /activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4185816739517.688? HTTP/1.1
Host: 12572451.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wvgdg.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 17:11:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 274
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 30-Jan-2023 17:26:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 33e403367d183257be0f03f28da923d2
a586e4052008741f8f535e7bd12a94bde81b264e
82ce104749546e6a6f76a8ddf19b67795784c06256581c13f499e80e4f713131
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:11:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 33e403367d183257be0f03f28da923d2
a586e4052008741f8f535e7bd12a94bde81b264e
82ce104749546e6a6f76a8ddf19b67795784c06256581c13f499e80e4f713131
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:11:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:11:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=9488863576720;gtm=2wg1p0;auiddc=220436822.1675098724;~oref=https%3A%2F%2F1wvgdg.top%2F
142.250.74.2200 OK 248 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=9488863576720;gtm=2wg1p0;auiddc=220436822.1675098724;~oref=https%3A%2F%2F1wvgdg.top%2F
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (446), with no line terminators
Hash cdf8939a1687c12946d0ec0b67308a95
9b49ea7fd54ed784774dea4d1c9c632b4a0f1f29
61e8dbbaa774db67b99af02ebd953f93292c8dd830431d5970566b1f4831f02f
GET /ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=9488863576720;gtm=2wg1p0;auiddc=220436822.1675098724;~oref=https%3A%2F%2F1wvgdg.top%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://12688802.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 17:11:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1wvgdg.top/get-authorization?random=1675098723308-0.78967225884359
190.115.19.101200 OK 19 B URL HTTP/2 1wvgdg.top/get-authorization?random=1675098723308-0.78967225884359
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
File type JSON data\012- , ASCII text, with no line terminators
Hash 97816351479ac35375c10e73546c9459
b388abc5b856b3cb65032cf68d12cdee27073fc7
759315d5ae8c31136d2a7bc803e591554894987559325cdf7e0b5965bec0eaca
GET /get-authorization?random=1675098723308-0.78967225884359 HTTP/1.1
Host: 1wvgdg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wvgdg.top/
Cookie: visit_domain=1wvgdg.top; 1w_lang=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Mon, 30 Jan 2023 17:11:50 GMT
content-type: application/json; charset=utf-8
content-length: 19
access-control-allow-origin: https://1wvgdg.top
access-control-allow-credentials: true
x-frame-options: DENY
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4185816739517.688;~oref=https://1wvgdg.top/
142.250.74.2200 OK 276 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4185816739517.688;~oref=https://1wvgdg.top/
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (519), with no line terminators
Hash 78d266aa0fc81204ba6bcdc5c848d38c
4448e21331dc216221230451e9459269519b9a74
eb1658d9c0ba7e501cc45c7702a982ede247a0c3a231efcdfa61fb1bebaa3cb9
GET /ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4185816739517.688;~oref=https://1wvgdg.top/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 17:11:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:11:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:11:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:11:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4185816739517.688;~oref=https://1wvgdg.top/
142.250.74.34200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4185816739517.688;~oref=https://1wvgdg.top/
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=4185816739517.688;~oref=https://1wvgdg.top/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 17:11:50 GMT
expires: Mon, 30 Jan 2023 17:11:50 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=9488863576720;gtm=2wg1p0;auiddc=220436822.1675098724;~oref=https%3A%2F%2F1wvgdg.top%2F
142.250.74.34200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=9488863576720;gtm=2wg1p0;auiddc=220436822.1675098724;~oref=https%3A%2F%2F1wvgdg.top%2F
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=9488863576720;gtm=2wg1p0;auiddc=220436822.1675098724;~oref=https%3A%2F%2F1wvgdg.top%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 17:11:50 GMT
expires: Mon, 30 Jan 2023 17:11:50 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1wvgdg.top/1.txt?1675098723824
190.115.19.101200 OK 8 B URL HTTP/2 1wvgdg.top/1.txt?1675098723824
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
Hash 48cfef8b3001a8c220dc815870f9916e
b77e871e72a3083c4bb31d6bcb5a257557181269
3d2c759213949af96fbdcd756a5146f64a9acadf9625bd7a9feb04bb4517b4f9
GET /1.txt?1675098723824 HTTP/1.1
Host: 1wvgdg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1wvgdg.top/sw.db344b25.js
Connection: keep-alive
Cookie: visit_domain=1wvgdg.top; 1w_lang=en; _gcl_au=1.1.220436822.1675098724; _ga_548949LWLW=GS1.1.1675098723.1.0.1675098723.0.0.0; _ga=GA1.1.1816004527.1675098724
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Mon, 30 Jan 2023 17:11:50 GMT
content-type: text/plain
content-length: 8
last-modified: Mon, 30 Jan 2023 13:37:13 GMT
etag: "63d7c809-8"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
1win-cdn.com/js/5862.39aa5820.js
104.26.5.11200 OK 18 kB URL HTTP/2 1win-cdn.com/js/5862.39aa5820.js
IP 104.26.5.11:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash fbb0bffb63c11618898596a43b0e6b0a
1b6b792aca2b19cf3eeb3a106efaed648cca4498
6523eb0a71540065333602707305949b7b6ab5f4154211e326c537ce9d489b39
GET /js/5862.39aa5820.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=95351
access-control-allow-origin: *
etag: W/"63c68016-17477"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 17 Jan 2023 11:01:42 GMT
cf-cache-status: HIT
age: 1144908
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tslO9e8mDmbPSEGxq0qPzFY%2Bq23FnyhZBQSyh4y4FgxxgR20OxgK%2FJgTNofXBegooFKJty2ehSF%2Bl%2B0OH1OfjWyHie17YgoIWb34%2Bey5BSRmabmnhq9QMGpEKQj3CA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd43f4f89b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14527
Expires: Mon, 30 Jan 2023 21:13:58 GMT
Date: Mon, 30 Jan 2023 17:11:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14527
Expires: Mon, 30 Jan 2023 21:13:58 GMT
Date: Mon, 30 Jan 2023 17:11:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14527
Expires: Mon, 30 Jan 2023 21:13:58 GMT
Date: Mon, 30 Jan 2023 17:11:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14527
Expires: Mon, 30 Jan 2023 21:13:58 GMT
Date: Mon, 30 Jan 2023 17:11:51 GMT
Connection: keep-alive
12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8680955368070.91?
142.250.74.6200 OK 274 B URL HTTP/2 12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8680955368070.91?
IP 142.250.74.6:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (519), with no line terminators
Hash b53e420f510725da819d5b57a89c7e2b
b77908b2541f7cbe3221e69ad31a518e84f0d8aa
471bb7dbefccd9a3b3f5d1473898f688fce47d8a4b3b6f043f343c15dd1d5624
GET /activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8680955368070.91? HTTP/1.1
Host: 12572451.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wvgdg.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 17:11:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 274
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 30-Jan-2023 17:26:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1win-cdn.com/js/541.d536ea95.js
104.26.5.11200 OK 13 kB URL HTTP/2 1win-cdn.com/js/541.d536ea95.js
IP 104.26.5.11:0
File type Unicode text, UTF-8 text, with very long lines (11173), with no line terminators
Hash 77209d6f376b3665a561963f8482c2a8
47b95ee506f1bce7a11746fa6a9faa59dfe5e2a8
a41b07d61e7919e424c4d8ca861d5696ff5c43bf3819c0a5a8d877cd62ec49e1
GET /js/541.d536ea95.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=11217
access-control-allow-origin: *
etag: W/"63a43d6a-2bd1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 11:20:10 GMT
cf-cache-status: HIT
age: 3390666
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6sanFhqLywCMzvDMqVXvRmRB4nuxoOEI4Ziu4AOalGRE2Ks5H9n6A3rZXb7FpfAPwq6PZBW33r9nL%2F2e%2F2mARZsup9GyBrmIqm1V8fHU7w%2Faqgz4P6cUzrptShi2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd43f4f8bb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/css/7057.6c4e5731.css
104.26.5.11200 OK 19 kB URL HTTP/2 1win-cdn.com/css/7057.6c4e5731.css
IP 104.26.5.11:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 39a06e6e5c2b6f17a94e58606d166377
896ddde38c53e9a43c24b20ada8764a3b1359f9f
179ddf06c7f0e84e9a9e89664df2f1fd79b569c19d018f7c0c9eff8f10146250
GET /css/7057.6c4e5731.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:50 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=68681
access-control-allow-origin: *
etag: W/"63cfcc7b-10c49"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 24 Jan 2023 12:18:03 GMT
cf-cache-status: HIT
age: 534078
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HheHaq7zEGoyIhGH8qQ8PAQAotvGQCSyMVdZDDbvVDItS3J0s4uAhdP3QSoB4Jce%2FZ3%2F%2BrcBVn4J9hBpki7NPmLZUYADxdk3dyJnNoLCdNakqR9BKe%2FyTGC8FUibcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd43f4f94b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/7057.258afbfb.js
104.26.5.11200 OK 37 kB URL HTTP/2 1win-cdn.com/js/7057.258afbfb.js
IP 104.26.5.11:0
File type Unicode text, UTF-8 text, with very long lines (65531), with no line terminators
Hash 344bec1380930bfd2d944dff8af830b6
e1de99fbdddf20b6eca670393b7bc883b9e07605
02936f656390ee6860993d7b618da4be2e62d88683e88122509d5126b19fd161
GET /js/7057.258afbfb.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=99219
access-control-allow-origin: *
etag: W/"63d7c7fa-18393"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 30 Jan 2023 13:36:58 GMT
cf-cache-status: HIT
age: 12180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMnYVErr00wZU9jE7YVs2McHtFBwdhMfwZCOnDAqIueO2reGqoKSBOWILeGKIRpdveXWXwBTDljTbTOI%2BfudN%2FQXuouUeRRwfFCDGtTCfNs7Lwl2ivO5xQgmDK0KBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd43f5fa7b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7016865724822.866?
142.250.74.6200 OK 271 B URL HTTP/2 12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7016865724822.866?
IP 142.250.74.6:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (520), with no line terminators
Hash c0c499b25278cbdd820bcacd6af18bcd
068e3bfb00f14f527550294ee7df2deecd620020
6ce489739da702ebd1e3f0a262012035b2ff2b3f1f53f5c8ecc04a94a7d4766b
GET /activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7016865724822.866? HTTP/1.1
Host: 12572451.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wvgdg.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 17:11:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 271
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 30-Jan-2023 17:26:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1win-cdn.com/css/546.f10717d0.css
104.26.5.11200 OK 14 kB URL HTTP/2 1win-cdn.com/css/546.f10717d0.css
IP 104.26.5.11:0
File type ASCII text, with very long lines (11188), with no line terminators
Hash b82f0896a78de7bb84280e171d95215e
3cefdb5cd4f6219e48b45f1bc9f92b6802c31e78
16e22ab32faad3d7cb81cac28277f907f5dd24ee3fad1d95fd6420d534d877ca
GET /css/546.f10717d0.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:50 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
access-control-allow-origin: *
etag: W/"63c7c775-2bb4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
cf-cache-status: HIT
age: 1001196
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGrRyF4rvImGf4GnnDZzEcYP8a5JRAS6DiBOCYMhUv%2F%2FfazZyOU2He3q9DU2VeccjK029OGhkVq02xCQJXtPB%2B8%2BGtNSiko%2Fe2kH7t5Ln4fhVoTMsdUN4yVzlAkmCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd43f6fd3b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UNub7Gd4S0ogn5EJhtJVu8q1qML5_4eL2lIPQXiAuXy_q-XiR4s-5w==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:21 GMT
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
age: 69390
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4jPbm4WufkUKm7ljLvpHrJUFhr-JQ_nl3iYfI5S8nTqEszFdUtz9EQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:56:46 GMT
age: 69305
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
1win-cdn.com/css/5616.80aa74eb.css
104.26.5.11200 OK 3.4 kB URL HTTP/2 1win-cdn.com/css/5616.80aa74eb.css
IP 104.26.5.11:0
File type ASCII text, with very long lines (20616), with no line terminators
Hash 524e98f3215c8c713faa16b673278b79
6393264e8966f8855675a106c0c788f08be5fe12
fb00281217c01b6a666713e7bee978c45cf6fbbc16acf58d2f7dcd0c027cefff
GET /css/5616.80aa74eb.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:50 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
access-control-allow-origin: *
etag: W/"63a42a53-5088"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3395417
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxN%2Fk7DLK%2FQFCnt%2BcLayj753Rwwaf5jhhDkDHkjXc22mkIboCded76BcfSC4qjFb0x6HOieml0qKDeDwwqw9OT2Vz139kk5up85rHJx0IGQRm44JxwrGTWzG3gbsog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd43f3f7db505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1wvgdg.top/affiliate:link_visit?visit_domain=1wvgdg.top&sub_ids=undefined
190.115.19.101200 OK 15 B URL HTTP/2 1wvgdg.top/affiliate:link_visit?visit_domain=1wvgdg.top&sub_ids=undefined
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
File type JSON data\012- , ASCII text, with no line terminators
Hash 0f0479874bf6f4a7281099b15df27c27
55a490e280d48996e564d00492437eb17faadd28
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
GET /affiliate:link_visit?visit_domain=1wvgdg.top&sub_ids=undefined HTTP/1.1
Host: 1wvgdg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wvgdg.top/
Cookie: visit_domain=1wvgdg.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: application/json; charset=utf-8
content-length: 15
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: undefined
access-control-expose-headers: Authorization
etag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
set-cookie: core-sticky=http://10.233.107.135:80; Path=/; HttpOnly
x-powered-by: Express
x-frame-options: DENY
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3d7a6c616b1bef4af40ae536f8558994
8d7b7fd0419667f156aefeb461aa337333fc19d8
046f634a5a4d49cffd2638d4db2183bf8f07391fee571d04e903959d0c54333f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "046F634A5A4D49CFFD2638D4DB2183BF8F07391FEE571D04E903959D0C54333F"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5586
Expires: Mon, 30 Jan 2023 18:44:57 GMT
Date: Mon, 30 Jan 2023 17:11:51 GMT
Connection: keep-alive
1win.direct/socket.io/?Language=en&EIO=3&transport=websocket
134.122.54.186101 Switching Protocols 0 B URL HTTP/1.1 1win.direct/socket.io/?Language=en&EIO=3&transport=websocket
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?Language=en&EIO=3&transport=websocket HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://1wvgdg.top
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: azuaOVLThFgEH87VHSokMg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Sec-Websocket-Accept: Wq/8wl6TlQwLR9wJwrQMgxS3o7U=
Sec-Websocket-Extensions: permessage-deflate
Set-Cookie: core-sticky=300bce1683c333c5; Path=/; HttpOnly
Upgrade: websocket
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 2016e6df9dc301255c3765224561ecaa
8f7aed4a5861d1118216a235514f67a6e8b5b7bf
49f258d41c56572b11dcf7054df0d056dd64ee7b8d794240002f07862b55aa71
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:11:51 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Fri, 03 Feb 2023 13:17:53 GMT
ETag: "8f7aed4a5861d1118216a235514f67a6e8b5b7bf"
Last-Modified: Mon, 30 Jan 2023 13:17:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 452
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791bd4415a94b51b-OSL
mc.yandex.ru/metrika/tag.js
87.250.250.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash a236c7014c1f1a1e52d356f59e5d665a
b66c638eb2346287364c37725819bbab1f409d66
ad2d57579e453af0eac49156840bcd1dcfbd802a82135af98f41f714d7e698f2
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
HTTP/2 200 OK
content-length: 73769
date: Mon, 30 Jan 2023 17:11:51 GMT
access-control-allow-origin: *
etag: "63c93a4b-12029"
expires: Mon, 30 Jan 2023 18:11:51 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
api.lab.amplitude.com/sdk/vardata
151.101.2.132200 OK 0 B URL HTTP/2 api.lab.amplitude.com/sdk/vardata
IP 151.101.2.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sdk/vardata HTTP/1.1
Host: api.lab.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,x-amp-exp-user
Referer: https://1wvgdg.top/
Origin: https://1wvgdg.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://1wvgdg.top
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,POST,HEAD
access-control-allow-headers: authorization,x-amp-exp-user
x-amzn-trace-id: Root=1-63d7fa57-1b91de7133436ee0051505d4
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 30 Jan 2023 17:11:51 GMT
x-served-by: cache-bma1673-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675098711.212951,VS0,VE171
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
1wvgdg.top/common/title?path=bets&lang=en
190.115.19.101200 OK 16 B URL HTTP/2 1wvgdg.top/common/title?path=bets&lang=en
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /common/title?path=bets&lang=en HTTP/1.1
Host: 1wvgdg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1wvgdg.top/
Connection: keep-alive
Cookie: visit_domain=1wvgdg.top; 1w_lang=en; _gcl_au=1.1.220436822.1675098724; _ga_548949LWLW=GS1.1.1675098723.1.0.1675098723.0.0.0; _ga=GA1.1.1816004527.1675098724; core-sticky=http://10.233.107.135:80
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: application/json; charset=utf-8
content-length: 16
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
api.lab.amplitude.com/sdk/vardata
151.101.2.132200 OK 2 B URL HTTP/2 api.lab.amplitude.com/sdk/vardata
IP 151.101.2.132:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /sdk/vardata HTTP/1.1
Host: api.lab.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1wvgdg.top/
Authorization: Api-Key client-Ss5BFx7UDrTj948TJHfc5ZUoTW67EjvZ
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS41LjUiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkZpcmVmb3ggMTA1IiwiZGV2aWNlX21vZGVsIjoiV2luZG93cyIsInVzZXJfcHJvcGVydGllcyI6e319
Origin: https://1wvgdg.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
access-control-allow-origin: https://1wvgdg.top
access-control-allow-credentials: true
x-amzn-trace-id: Root=1-63d7fa57-490524362139e3a45e294046
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 30 Jan 2023 17:11:51 GMT
age: 0
x-served-by: cache-bma1673-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675098711.397290,VS0,VE187
vary: Origin, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2
X-Firefox-Spdy: h2
1win-cdn.com/img/present-with-light.bd57fb06-151.png
104.26.5.11200 OK 6.7 kB URL HTTP/2 1win-cdn.com/img/present-with-light.bd57fb06-151.png
IP 104.26.5.11:0
File type PNG image data, 151 x 161, 8-bit colormap, non-interlaced\012- data
Hash 6e2f4fff39b3a495fecefe5fee863c51
d358f1c8d7fe7298feea325c7ea6d145a3634026
4800fa860802fd0e46629776201afccd5adc1bf6b8b5a45a5e7c46d8d3b2a690
GET /img/present-with-light.bd57fb06-151.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: image/png
content-length: 6732
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-1a4c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3395400
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsyRewLfwaTb%2B7Wb5gptx0t43cKe424X8AkpDgm9esJkUbQnojHORR1e9Us%2BGy04wUUNb9BpzdH4HndXW%2FFjtf6HcnRAR9TzFYGFV0QtisrbLz2DjGJ0VQXFNdByRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4437d74b505-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/casino-mentor.f6b6387a-172.png
104.26.5.11200 OK 2.0 kB URL HTTP/2 1win-cdn.com/img/casino-mentor.f6b6387a-172.png
IP 104.26.5.11:0
File type PNG image data, 172 x 50, 8-bit colormap, non-interlaced\012- data
Hash 1c8fa7ed406056b760b1171b49f8fd73
601643736f0c6bdce0531f5bc5252a96879d1ad1
c4ff5a6ee1315f5e5eeb287189912baaae7e032f178ccad3c575d6f8d99d4916
GET /img/casino-mentor.f6b6387a-172.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: image/png
content-length: 1976
last-modified: Wed, 21 Dec 2022 11:04:29 GMT
etag: "63a2e83d-7b8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3463440
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVTqblTqV04bKwpQGMNlLw3b%2B71D%2B8q1ohHr7eS8Pzi2LB3ZWnohE8H82nf4tX9GtcK10WQyQ5QcCG8%2F13oMhB0ipZmqz%2Bmb6BG3dWM8CLEqHGfu7sHK0FeyuJ3Gyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4438d8db505-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/best-bitcoin-casino.9c1716b1-50.png
104.26.5.11200 OK 1.0 kB URL HTTP/2 1win-cdn.com/img/best-bitcoin-casino.9c1716b1-50.png
IP 104.26.5.11:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash d17d9ae707b485a356eec325e36aa505
650fc9b7790343d87eacfa5f5466ecf659f3b9a7
5bca66d0040f92e3f15089ebc1f46687cf7bde68d46db0fb286113aaba9ac57f
GET /img/best-bitcoin-casino.9c1716b1-50.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: image/png
content-length: 1035
last-modified: Wed, 21 Dec 2022 11:04:29 GMT
etag: "63a2e83d-40b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3463440
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLr2VgpoQ0MYfyYg6zZbqiZ5y41GvxCEvYMbLghLIEZ36j47IpL91oRP9J8u7qlYGz3piTDg9A7aPPqbwjjMdahJ9J%2FjztGgH7piqAu3Eama3UvbJaLhyzxT5h8SGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd444bf20b505-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/casinos-analyzer.896bc525-182.png
104.26.5.11200 OK 2.0 kB URL HTTP/2 1win-cdn.com/img/casinos-analyzer.896bc525-182.png
IP 104.26.5.11:0
File type PNG image data, 182 x 50, 8-bit colormap, non-interlaced\012- data
Hash 75b2e733b195a4dc9229efa156e5a67a
f1755917d01bb31e56ab6e68c16656f6ffa9c38a
58a6718ce885d0923e0c0cdf64b8017396068f6c4c7ebda40fe951221dfb7475
GET /img/casinos-analyzer.896bc525-182.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: image/png
content-length: 2047
last-modified: Wed, 21 Dec 2022 11:04:29 GMT
etag: "63a2e83d-7ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3463440
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gr%2F%2B7CyGyWLmtUMPqLnWT6EQvAP%2FRvi5HxAlA4dUveaDKAll8VOSdAYiPJ%2B5OsEYypO9UWqGMc%2FTEf290NrXiqmmF0qqSvT7lBRhhVmTKBvvV7Hd3ANDbknSdjRmVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd444bf27b505-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/fire.47bc0337.svg
104.26.5.11200 OK 2.9 kB URL HTTP/2 1win-cdn.com/img/fire.47bc0337.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (322)
Hash b7f998633d401fc927e08d33bef609a1
1545a965975794f357d3cecf809cddd4508dbabb
313e9ec89ce650f3b9dd74eb776cc90ab49ca55aedccc8623dadb1e60438f2a2
GET /img/fire.47bc0337.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-244"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393501
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qAVd9GqetQMJ9tC7v8KhV6PGvc5ETC6gWuzYM7GUAd2rAnfani%2Bys7cnvF8ExwbNE3SOGDIcIVwOnC8I%2BaS5OTlP%2BM0qmAfrqOZGZJeILLpfHeaEcbISqmDR2xgsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4438d80b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/cricket-betting-guru.cfe7d426-500.png
104.26.5.11200 OK 9.2 kB URL HTTP/2 1win-cdn.com/img/cricket-betting-guru.cfe7d426-500.png
IP 104.26.5.11:0
File type PNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data
Hash 3c6da1041cc0873ff73533fd0e03f5a0
0666e13970c0698cf09ffafc9467ea705258c552
dfeed2cdb884b7769b5ee0fde60457b4b5380b7608c296b67e26c48dc1ca3f08
GET /img/cricket-betting-guru.cfe7d426-500.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: image/png
content-length: 9249
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-2421"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3395400
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Itvwy9Wnpro7W7p%2BCIW%2Fb74EvOE2dvR8tDmVKm0b222ZkuSGClIOGrqO48uqhi3lxyi9RqXLHifkLOmqQb4ArAX1oA99b6O6wjS%2FrHd1ZiQGafCfMY9etEnd%2FxfqxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd444df4cb505-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/free-money-link-image.4433e497-120.png
104.26.5.11200 OK 6.3 kB URL HTTP/2 1win-cdn.com/img/free-money-link-image.4433e497-120.png
IP 104.26.5.11:0
File type PNG image data, 120 x 97, 8-bit colormap, non-interlaced\012- data
Hash 8c77c77c33189721a876fefeadf5ca83
0b197aa9e55fe824b28e55b9e0591f8631b6c3c8
b2a4295182c1f7c9619a4d2f842be12f4cbc6c4bb8d2ea607f06ff3bc4099486
GET /img/free-money-link-image.4433e497-120.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: image/png
content-length: 6292
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-1894"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393502
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZgBzIchXPLDzDUygho1N%2FhUJolWaDj%2FCipsIkLlMllGrTMduzvbd8756%2FSvN0%2Bc1N0ZOffLHjZvAsXutbATiWHF5bM1bKXhuwVfcKAH4%2BKKld2pXTOxO93KG0YAOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd444df52b505-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-tvbet-frame@2.52cde99d-256.png
104.26.5.11200 OK 4.5 kB URL HTTP/2 1win-cdn.com/img/sprite-tvbet-frame@2.52cde99d-256.png
IP 104.26.5.11:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 40212134fb58f842529fa66647f1b7d2
e6d355ea609129942cde7b9d47e587ae5cc8596c
c04666bc555dfa0fbd2b5da4984cb813b58eab772e1fa1efa2fd2e62c6d11f7b
GET /img/sprite-tvbet-frame@2.52cde99d-256.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: image/png
content-length: 4458
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-116a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393502
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3XXSdmGGqLOMLjn62KSqrR5oD%2BpfKkPQk%2BR%2F%2FA3rikflDL0qtm1ApKMc6a2Qgn4HOqH3NmTJkuUwkX2J%2FREXCU%2BEUk8ltc7JK2v12N3yY9f3w0URmHMcBp7WEs2ig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd444df5fb505-OSL
X-Firefox-Spdy: h2
1win-cdn.com/js/icons-pack-payment-full.6272cc58.js
104.26.5.11200 OK 23 kB URL HTTP/2 1win-cdn.com/js/icons-pack-payment-full.6272cc58.js
IP 104.26.5.11:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 79e4fd692944880bb2c10fd81e5220a2
8bed2a5b0f584be2bf40ba1dd60a32b3e2475c6a
0d3dee87533ce0b006bf3c60a8b5aa8dc795905181696da247575d97aa77f0c9
GET /js/icons-pack-payment-full.6272cc58.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=112398
access-control-allow-origin: *
etag: W/"63c7c775-1b70e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
cf-cache-status: HIT
age: 993967
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOnIbIr3l7IV%2BRlYvVqfR%2B6JDRU8%2B0bnIKm%2BIxq2BLa%2FxIUt3i%2FR3h9X1WlxvfCodr%2BiCLdYOr0bQLyI9afJrdDpEJvHkOwrfwBA5HUIWH2tjw93%2FZTKxr9BpDbwdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4438d87b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-roulette-frame@2.76ea5a24-256.png
104.26.5.11200 OK 30 kB URL HTTP/2 1win-cdn.com/img/sprite-roulette-frame@2.76ea5a24-256.png
IP 104.26.5.11:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash fa83f73358ed73cbd8a0faf0d8e6c019
586b95f1e5e1945abd0248e995f79274463c1cd8
ede3848497b96e7defd4c5d53133cf2e374487411186a66a6146191ae5692f77
GET /img/sprite-roulette-frame@2.76ea5a24-256.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: image/png
content-length: 29770
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-744a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjFt56ofoDGu%2FkUb9JhFHyPDbTC3rOYJLoLloWpQXsWS4cQfV4vtM3BL%2Bp7eEl3Us8%2FNdj6VG8HsrHFa3dri59qoWsNJfvly77nsnXuVa7D5OM2pGtSOfpxsZjBepg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd444ef6fb505-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-tvbet@2.888adc8e-256.webp
104.26.5.11200 OK 354 kB URL HTTP/2 1win-cdn.com/img/sprite-tvbet@2.888adc8e-256.webp
IP 104.26.5.11:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 354 kB (353842 bytes)
Hash 8df817e5ef0af5dc8279d3f20cae9bc3
12c85bcc74a48053c92f3f75ce3c14e1a19e46d3
61a0f98511e6c60430ab044d1f80e1c9eff83f577064d465cc5f893ba3ce0fee
GET /img/sprite-tvbet@2.888adc8e-256.webp HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: image/webp
content-length: 353842
last-modified: Mon, 30 Jan 2023 13:36:59 GMT
etag: "63d7c7fb-56632"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 6157
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSNLhoyQnJon%2BK0aN4e1j9FO0Fu96Az0ysAGcxo3%2FPJlSJpvda%2B9Xj1SX0Bsq2ZkbFE9ZT8Ap1x6B%2FUKt9vXQPKR0%2F9yAPK1AK1gS8lPbtCQj10V6iNU0SsDdurxHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd444ef6eb505-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-roulette@2.25507485-256.webp
104.26.5.11200 OK 720 kB URL HTTP/2 1win-cdn.com/img/sprite-roulette@2.25507485-256.webp
IP 104.26.5.11:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 720 kB (719644 bytes)
Hash 344d71695bd0f387fedd84fba6ace2c1
1d37e2d66ab1098072febc0a0dc3769d44090048
7775854f4b641fa2c9f954c79de9d4bd51ffea8b9bc74d8e01768718cc438003
GET /img/sprite-roulette@2.25507485-256.webp HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: image/webp
content-length: 719644
last-modified: Mon, 30 Jan 2023 13:36:59 GMT
etag: "63d7c7fb-afb1c"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 6156
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4ZeFH%2Bnidwiw0bT3e8pvS4AhBw%2B9tRD5aKr%2FexgYSekQ83CDyXtGvMp6MSfoofpyRJVIniVSk6GBTH8jEWFpdJ2yhGc2VRxbRXl%2F4FP0qg4YSUbubK5fVWJ80HBEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd444ef74b505-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-poker-frame@2.1caa31af-256.png
104.26.5.11200 OK 10 kB URL HTTP/2 1win-cdn.com/img/sprite-poker-frame@2.1caa31af-256.png
IP 104.26.5.11:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 74023900d89b98987ea3248f4a89a218
4ea53a2415cf89647c40a32c69b50bde861a40ed
484183c9f4d5b2d68649d3025af4d2b95a5cb71f40a1cf960d62e0e3560162ab
GET /img/sprite-poker-frame@2.1caa31af-256.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: image/png
content-length: 10453
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-28d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DedpSOqvZbnVBOawkQsBgcgxoMpnX0o9KCrzuC1YSchzLwctXdjuvgvAIVc2UWyU7ETetP6MtnmGC%2BXGxZ0qSDuH5DpxfaJoAYewdL9sufip%2BY%2FgRR7WVNvrweoVRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd444ff8eb505-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-dice-frame@2.8e0d7067-256.png
104.26.5.11200 OK 17 kB URL HTTP/2 1win-cdn.com/img/sprite-dice-frame@2.8e0d7067-256.png
IP 104.26.5.11:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash b5469917695caf597285ce3e08c0e314
8d6b57a1590baf7531d688d5dde729ede7d02108
3353862bc343fe2f92faf7e59595d9aa80d2fbdc90c6677437daf3a9acd84b32
GET /img/sprite-dice-frame@2.8e0d7067-256.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: image/png
content-length: 17269
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-4375"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393502
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2B9ERP4lRgJzyK7PjwkXQl1UmbrQjTtlCBkayDWg0ttam5WCDNSxf2zqvkQCF1PWE5RuyxC7mv4RCHWnE4LE%2B0EpGlZl%2FoOyhNQIg%2BPNuiawSILU1AwbUUQjWIUrFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd444ff8bb505-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-poker@2.a38733e7-256.webp
104.26.5.11200 OK 361 kB URL HTTP/2 1win-cdn.com/img/sprite-poker@2.a38733e7-256.webp
IP 104.26.5.11:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 361 kB (360930 bytes)
Hash 3da44652926631bc4fc847cfcbad6c71
a5f7955272162e543d5db897e200d00d3af22b22
354fe37cee669fe141e1e1dcb3b5a12df1ff2b9b34be38b4f2e20dd46fdb7d2a
GET /img/sprite-poker@2.a38733e7-256.webp HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: image/webp
content-length: 360930
last-modified: Mon, 30 Jan 2023 13:36:59 GMT
etag: "63d7c7fb-581e2"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 4194
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvOr%2F7McGtwewayfssr3KZNfusYy%2FWq7Is72hYfcjSiJesxzpeNdTtPqXhULrLQsGckDDnm%2FwvGM%2BGE8kvwUmjbJ%2BjBaPuiMy5JcHeNvOmWzBnJr0GDWFiAI3b66%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd444ff8fb505-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-dice@2.6e1ac0ed-256.webp
104.26.5.11200 OK 430 kB URL HTTP/2 1win-cdn.com/img/sprite-dice@2.6e1ac0ed-256.webp
IP 104.26.5.11:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 430 kB (429680 bytes)
Hash abaa6833958bdc5427e6fa573cbfa70a
d43989916cc382e4e3d983933d9cd52a7d1dbeb2
51ba8ea694483e38020360731af53be7cd411671786008119b70b2a320e3bd92
GET /img/sprite-dice@2.6e1ac0ed-256.webp HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: image/webp
content-length: 429680
last-modified: Mon, 30 Jan 2023 13:36:59 GMT
etag: "63d7c7fb-68e70"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 4194
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRQWLqpKWLDLG9cl7fQAp7nttwj89018SV4BgKdCJS%2BDijBpqwGOwcLG9MGueazW5FZPyYJKkturEDjjHDiPKpxhaW1kF7c9PvHwbu0hqc25CIV5ZQe3WcdvMYoRlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd444ff8db505-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/pwa_android_en.b229a444-690.png
104.26.5.11200 OK 38 kB URL HTTP/2 1win-cdn.com/img/pwa_android_en.b229a444-690.png
IP 104.26.5.11:0
File type PNG image data, 690 x 450, 8-bit colormap, non-interlaced\012- data
Hash 8b6daeaca5784288934eb5c3dbc3401d
2df52222cb03510733d5f5c616278143e7f93f2d
53ee238e1169d7940016da0159e72a214403576447cf1b8cb384942a6200d191
GET /img/pwa_android_en.b229a444-690.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: image/png
content-length: 37637
last-modified: Thu, 22 Dec 2022 11:20:11 GMT
etag: "63a43d6b-9305"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3389172
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BsTOxpweyLIVUcRw%2F27DopVrDWBQbExe%2FZiHnJCpwkUVMNevxk7pQEvKdBUY3OTdugytKr3MfaIdK9PrEOLtZrNSwoF0SE%2Bxn6JeZf0X%2Fo3yO8%2F5XoOHI91GpsWXVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4451fd0b505-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/home-poker-banner-bg.87d81897-600.webp
104.26.5.11200 OK 12 kB URL HTTP/2 1win-cdn.com/img/home-poker-banner-bg.87d81897-600.webp
IP 104.26.5.11:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d42d6b091c917baad89cc62f34b1ef8d
6915e60ae50f4b00af5083ce1217a7dab04df42d
9ac95cc43cf590f1f9a5dd85b5b0bf04d98e38d3005b6e4b436f8c04d09a66e9
GET /img/home-poker-banner-bg.87d81897-600.webp HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: image/webp
content-length: 11812
last-modified: Mon, 30 Jan 2023 13:36:59 GMT
etag: "63d7c7fb-2e24"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 4194
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdgCF7AfceFmOajk%2FOH6AUVdv1sWZBODREYQ8SeS2lajciDJCPgu5xKx6rzz1QHtHJ%2Fl1WEZIabs2re%2B6IrOfjtitdgSy%2BQSv8JP9p3GKkK22eCi7ZxhyuTUwNleMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4451fd2b505-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/pwa_ios_en.f08ddb1e-690.png
104.26.5.11200 OK 39 kB URL HTTP/2 1win-cdn.com/img/pwa_ios_en.f08ddb1e-690.png
IP 104.26.5.11:0
File type PNG image data, 690 x 450, 8-bit colormap, non-interlaced\012- data
Hash 2b063a8e2fb87b84cbf377d7a7fd389e
5c12f02ca086902c7fd9a5bd5de9eabce82c22a1
aa8f787e4db589a38a5c5a56bdb03f69329bfedc64649454f9fd370b78820b49
GET /img/pwa_ios_en.f08ddb1e-690.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: image/png
content-length: 39066
last-modified: Thu, 22 Dec 2022 11:20:11 GMT
etag: "63a43d6b-989a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3389171
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzZ3EciuQ%2FEUbu9%2BemOPCzJjpD3MJSHpha%2Fe1PwTIDoMJw7ghpZd9YluKa8EEXhN1f344SRGL46rZxGr7Vf6u2%2BCeOPCZ%2B3oPT%2FU12Sp%2FtS%2BrRDKjKi3dp%2FWI1GSYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4454810b505-OSL
X-Firefox-Spdy: h2
cdn.amplitude.com/libs/amplitude-8.17.0-min.gz.js
54.230.245.185200 OK 27 kB URL HTTP/2 cdn.amplitude.com/libs/amplitude-8.17.0-min.gz.js
IP 54.230.245.185:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e5211b7cbee53b6912f07a1cd72a4582
097096657cc1484ad9509b2c990a81a48990efdc
008014793f2666c663f98c7a3405db81b2db301c6a3caf2c05e6e9556085aa78
GET /libs/amplitude-8.17.0-min.gz.js HTTP/1.1
Host: cdn.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wvgdg.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
HTTP/2 200 OK
content-type: application/javascript
content-length: 27400
date: Mon, 30 Jan 2023 17:11:52 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Fri, 25 Mar 2022 19:53:18 GMT
etag: "e5211b7cbee53b6912f07a1cd72a4582"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: wr63ICD3duh0Opi8j2KDhI34Ow38BHG0
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GB9nSc3XR56QTBupCFEvOnwdeNqkJKRPULgjVpHTpJjLrhXcJjea7Q==
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wvgdg.top/
Origin: https://1wvgdg.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wvgdg.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Mon, 30 Jan 2023 17:11:52 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=558a49684ab968eb; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wvgdg.top/
Origin: https://1wvgdg.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wvgdg.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Mon, 30 Jan 2023 17:11:52 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=300bce1683c333c5; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wvgdg.top/
Origin: https://1wvgdg.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wvgdg.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Mon, 30 Jan 2023 17:11:52 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=4c19cd8fc84bc7; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wvgdg.top/
Origin: https://1wvgdg.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wvgdg.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Mon, 30 Jan 2023 17:11:52 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=f00e2df9a6729095; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 667f2c02cead780538e445d0571bbeff
a68b9ac6c84f66d76b49ca6ea1e19604e55fc0f7
b53fd18961e7dd2a72bdd54c8bdce035ac698af6ec7964d7d4dd389a2c3c4ac2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B53FD18961E7DD2A72BDD54C8BDCE035AC698AF6EC7964D7D4DD389A2C3C4AC2"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3397
Expires: Mon, 30 Jan 2023 18:08:29 GMT
Date: Mon, 30 Jan 2023 17:11:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5ba52e45f90b43f5e340dac6da635e68
78d8821fa6b45238a0cd32f77ed29120b4a29701
eb89a0c6f4ca0a1e5b42020d7cb39aac05013f124faa8642f02504307fe72ca7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB89A0C6F4CA0A1E5B42020D7CB39AAC05013F124FAA8642F02504307FE72CA7"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5002
Expires: Mon, 30 Jan 2023 18:35:14 GMT
Date: Mon, 30 Jan 2023 17:11:52 GMT
Connection: keep-alive
vars.hotjar.com/box-2722367854ce9702c28ea74c51e2a23f.html
54.230.111.94200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-2722367854ce9702c28ea74c51e2a23f.html
IP 54.230.111.94:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 8665e233ef6caaf010ca89793f27b6f8
5c593fa5f33e55b3081308b43e6e801b56c047f7
435a3ca7c1c49cbfac193647d056e46217e5c3f9c65c354974ad7acdfb8925ac
GET /box-2722367854ce9702c28ea74c51e2a23f.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wvgdg.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Mon, 30 Jan 2023 16:06:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "8665e233ef6caaf010ca89793f27b6f8"
last-modified: Mon, 30 Jan 2023 16:05:37 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AgSnjDooaRCLt2tcer46kgyZ8niFKxwKKYMrKSnA66faNj_eWVWjbw==
age: 3946
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wvgdg.top/
Origin: https://1wvgdg.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wvgdg.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Mon, 30 Jan 2023 17:11:52 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=b1ff9d782588ea7e; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win-cdn.com/js/10.fff54e18.js
104.26.5.11200 OK 4.2 kB URL HTTP/2 1win-cdn.com/js/10.fff54e18.js
IP 104.26.5.11:0
File type ASCII text, with very long lines (11261), with no line terminators
Hash 36cdda785d4f9f883eb6bd4d67dc6c53
a1b916c6298717cf0d93ec8302b1b8fb353c9ec0
51fd49935cb9250eae2d1094036c40222764ec153c5364c8a4b6a02c942792f3
GET /js/10.fff54e18.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=11301
access-control-allow-origin: *
etag: W/"63cfcc79-2c25"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 24 Jan 2023 12:18:01 GMT
cf-cache-status: HIT
age: 534078
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pedobpQ6v9vTYXgeeBlMKA7nVnryF%2BF7DyEkAbJRv0QiaUiZcBxKlz6wYIsCMaiHrWhzQs%2B8UO%2FaQUY4QSoFgp2%2BYnP8fAIuF%2BURnSgrWQiwPxJmbmhQBAu3v5CRQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd43f4f93b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wvgdg.top/
Origin: https://1wvgdg.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wvgdg.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Mon, 30 Jan 2023 17:11:52 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=d9ff2d6049763a8f; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wvgdg.top/
Origin: https://1wvgdg.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wvgdg.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Mon, 30 Jan 2023 17:11:52 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=3b80968ed731790; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-deposit.png@avif
190.115.24.75200 OK 4.3 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-deposit.png@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 22a160f55908549771f823852d5eaeea
267d86356fc72824681f08d9fd1207b77530c08d
bb19dc50ecc9dd60ce8760b73843ce465df86b78a76de6a924c813fc770a2f23
GET /unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-deposit.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
HTTP/2 200 OK
server: nginx/1.22.0
date: Mon, 30 Jan 2023 17:11:52 GMT
content-type: image/avif
content-length: 4323
cache-control: max-age=604800, public
content-disposition: inline; filename="bonus-banner-deposit.avif"
etag: "afr-jhlkuoDx_XrwjiuFbkzj6HdVsjvDmAeQvV8BbYs/RIjYxYTRlY2UwLTU0YWIyIg"
expires: Thu, 02 Feb 2023 09:59:19 GMT
x-request-id: k_UiPjjC7eUn-KF9U943Q
x-cache-status: HIT
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2.7 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (44409), with no line terminators
Hash 7be14b8a0b056b592a9fc8609eccba2f
5859d8a0e197392c235d966b55dc3567d8f40b4b
8361320771b60ab6963dee173dc1ef498ba42fabf121345156f61388f743521e
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 71
Origin: https://1wvgdg.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wvgdg.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 30 Jan 2023 17:11:52 GMT
etag: W/"ab5-WFnYoOGXOSwjXZZrVdw1Z9j0C0s"
set-cookie: core-sticky=47446d5769b203fa; Path=/; HttpOnly
x-powered-by: Express
content-length: 2741
X-Firefox-Spdy: h2
1win-cdn.com/img/flags/en.svg
104.26.5.11200 OK 296 kB URL HTTP/2 1win-cdn.com/img/flags/en.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Size 296 kB (295784 bytes)
Hash 4ba563bfe93c87f1cd46028629346cf1
7a22969ee3bf8ea32a03ef378e055c3ed71e9e7b
f9b6842f74b5e5dfa402f72b1e689123f0b2c2d8c7470b30d723d571890ad89f
GET /img/flags/en.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 10:56:34 GMT
etag: W/"63ce67e2-8ae"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 626301
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9NX%2FJE2jw9V%2BMLyxstra1EZK766dB0ExoIe9O4qKWbXOt%2FLW0MX8C6KkL0QIlsk0O2uQ%2Bk4vIreDNHSHarPWL66Vpa9K%2FvAoReb0rzvBwAD9vezQRsZEDdjdTn5ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4438d77b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 3.4 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (17749), with no line terminators
Hash b1da0f55def6bae6eca720e54c5b8a1d
206692db7f4b3e76399da513e790f6fa7b18633b
2fbed773e4d7a4e04c956ed38b8f2f667b452cb4b6add9df05e91463314c5af5
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 101
Origin: https://1wvgdg.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wvgdg.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 30 Jan 2023 17:11:52 GMT
etag: W/"d22-IGaS239LPnY5naUT55D2+nsYYzs"
set-cookie: core-sticky=3bff0df57a815b91; Path=/; HttpOnly
x-powered-by: Express
content-length: 3362
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-cashback-casino.png@avif
190.115.24.75200 OK 7.9 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-cashback-casino.png@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash f86f39dc44e8f92cc5658a394e833352
54093f2e69f448e122e771ec7c63d3cce35ffbdf
3fded209043aa6ec28cdff6321cff18c41238215a062dc02fab1af3915c637fe
GET /unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-cashback-casino.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
HTTP/2 200 OK
server: nginx/1.22.0
date: Mon, 30 Jan 2023 17:11:52 GMT
content-type: image/avif
content-length: 7940
cache-control: max-age=604800, public
content-disposition: inline; filename="bonus-banner-cashback-casino.avif"
etag: "afr-jhlkuoDx_XrwjiuFbkzj6HdVsjvDmAeQvV8BbYs/RIjYxYTRlY2U4LTYzNWI4Ig"
expires: Thu, 02 Feb 2023 09:59:18 GMT
x-request-id: uzFsF7HGLMtmmodlVn6LF
x-cache-status: HIT
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2.7 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (44409), with no line terminators
Hash 7be14b8a0b056b592a9fc8609eccba2f
5859d8a0e197392c235d966b55dc3567d8f40b4b
8361320771b60ab6963dee173dc1ef498ba42fabf121345156f61388f743521e
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 71
Origin: https://1wvgdg.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wvgdg.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 30 Jan 2023 17:11:52 GMT
etag: W/"ab5-WFnYoOGXOSwjXZZrVdw1Z9j0C0s"
set-cookie: core-sticky=ca809554607091dc; Path=/; HttpOnly
x-powered-by: Express
content-length: 2741
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 12 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 4ec273e003184bb03c9bd713bcffea98
3d1cd95f003bcdc699fcae78544ab746d08a8821
f52437dcdad220afaca3393340f604a0c2d546d68264fc1e1591762737b25d33
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 80
Origin: https://1wvgdg.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wvgdg.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 30 Jan 2023 17:11:52 GMT
etag: W/"2e03-PRzZXwA7zcaZ/K54VEq3RtCKiCE"
set-cookie: core-sticky=d7c6494501d2f0b6; Path=/; HttpOnly
x-powered-by: Express
content-length: 11779
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 54 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 5d3f374f2e7b3a6b6a84df5715886565
05c7829cb1e78be4fbbbcec33e0038c42b14db55
ec6d9dfc36e302406a50d927bf99d5a834ad21b077a6acff7a8da4ac13a63365
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 85
Origin: https://1wvgdg.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wvgdg.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 30 Jan 2023 17:11:52 GMT
etag: W/"d425-BceCnLHni+T7u87DPgA4xCsU21U"
set-cookie: core-sticky=ee2385ecc1a0eb94; Path=/; HttpOnly
x-powered-by: Express
content-length: 54309
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 54 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 5d3f374f2e7b3a6b6a84df5715886565
05c7829cb1e78be4fbbbcec33e0038c42b14db55
ec6d9dfc36e302406a50d927bf99d5a834ad21b077a6acff7a8da4ac13a63365
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 98
Origin: https://1wvgdg.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wvgdg.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 30 Jan 2023 17:11:52 GMT
etag: W/"d425-BceCnLHni+T7u87DPgA4xCsU21U"
set-cookie: core-sticky=16f815f09e880af8; Path=/; HttpOnly
x-powered-by: Express
content-length: 54309
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 3.4 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (17749), with no line terminators
Hash b1da0f55def6bae6eca720e54c5b8a1d
206692db7f4b3e76399da513e790f6fa7b18633b
2fbed773e4d7a4e04c956ed38b8f2f667b452cb4b6add9df05e91463314c5af5
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 88
Origin: https://1wvgdg.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wvgdg.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 30 Jan 2023 17:11:52 GMT
etag: W/"d22-IGaS239LPnY5naUT55D2+nsYYzs"
set-cookie: core-sticky=780879a3a57fb48e; Path=/; HttpOnly
x-powered-by: Express
content-length: 3362
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 12 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 4ec273e003184bb03c9bd713bcffea98
3d1cd95f003bcdc699fcae78544ab746d08a8821
f52437dcdad220afaca3393340f604a0c2d546d68264fc1e1591762737b25d33
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 67
Origin: https://1wvgdg.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wvgdg.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 30 Jan 2023 17:11:52 GMT
etag: W/"2e03-PRzZXwA7zcaZ/K54VEq3RtCKiCE"
set-cookie: core-sticky=b5ceb9aa11155333; Path=/; HttpOnly
x-powered-by: Express
content-length: 11779
X-Firefox-Spdy: h2
1win-cdn.com/common/banners/all-v2?lang=en&type=desktop&bannersType=main
104.26.5.11200 OK 70 kB URL HTTP/2 1win-cdn.com/common/banners/all-v2?lang=en&type=desktop&bannersType=main
IP 104.26.5.11:0
File type JSON data\012- , ASCII text, with very long lines (3086), with no line terminators
Hash f46f25474e0b1fa9895ca3fbb454847d
94a804504038388100498df314c52f52e83d1451
9e0282349b1cc3ebd4ed73668310ebd1c266408fb27fe7806764494f5f8d2bb9
GET /common/banners/all-v2?lang=en&type=desktop&bannersType=main HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wvgdg.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wvgdg.top
vary: Origin
x-frame-options: DENY
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hfj8DnmsqUN8DvfV0tMO9B9QYQfYUR38E12sw3zQW%2BpoOTB9ZEk%2Ffo9Dn3YZUPZdeXyA98ZFMPd6LJKuasNVKhIKTORuQ3tQYhAAQboub1a2Q0HLy0ZLX7aBplu6Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791bd444f98b0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
mc.yandex.ru/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wvgdg.top%2Fbets%2Fhome&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A956%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A921447478384%3Ahid%3A474270006%3Az%3A0%3Ai%3A20230130171204%3Aet%3A1675098725%3Ac%3A1%3Arn%3A323863009%3Arqn%3A1%3Au%3A1675098725320639644%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C259%2C97%2C0%2C368%2C0%2C%2C205%2C1%2C%2C%2C%2C1722%3Aco%3A0%3Ans%3A1675098721272%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675098725%3At%3A1win%20-%20Loading&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.250.119302 Found 5.3 kB URL HTTP/2 mc.yandex.ru/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wvgdg.top%2Fbets%2Fhome&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A956%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A921447478384%3Ahid%3A474270006%3Az%3A0%3Ai%3A20230130171204%3Aet%3A1675098725%3Ac%3A1%3Arn%3A323863009%3Arqn%3A1%3Au%3A1675098725320639644%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C259%2C97%2C0%2C368%2C0%2C%2C205%2C1%2C%2C%2C%2C1722%3Aco%3A0%3Ans%3A1675098721272%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675098725%3At%3A1win%20-%20Loading&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
File type ISO Media, AVIF Image\012- data
Hash 76a502c1036d076e2317739f0cc878d8
480303b6e1e68b1d04e998d9bcd26224429db376
e377abb67003f9b87b6c67e87b9814b99bb3c1de68f286546d9af4e6d6377351
GET /watch/92006234?wmode=7&page-url=https%3A%2F%2F1wvgdg.top%2Fbets%2Fhome&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A956%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A921447478384%3Ahid%3A474270006%3Az%3A0%3Ai%3A20230130171204%3Aet%3A1675098725%3Ac%3A1%3Arn%3A323863009%3Arqn%3A1%3Au%3A1675098725320639644%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C259%2C97%2C0%2C368%2C0%2C%2C205%2C1%2C%2C%2C%2C1722%3Aco%3A0%3Ans%3A1675098721272%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675098725%3At%3A1win%20-%20Loading&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wvgdg.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 302 Found
location: /watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wvgdg.top%2Fbets%2Fhome&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A956%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A921447478384%3Ahid%3A474270006%3Az%3A0%3Ai%3A20230130171204%3Aet%3A1675098725%3Ac%3A1%3Arn%3A323863009%3Arqn%3A1%3Au%3A1675098725320639644%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C259%2C97%2C0%2C368%2C0%2C%2C205%2C1%2C%2C%2C%2C1722%3Aco%3A0%3Ans%3A1675098721272%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675098725%3At%3A1win%20-%20Loading&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Mon, 30 Jan 2023 17:11:53 GMT
access-control-allow-origin: https://1wvgdg.top
set-cookie: yabs-sid=2674127771675098713; Path=/; SameSite=None; Secure
i=Lye4CvPFBUidxvNynJFlM68B7ZYhzTGFqqCWutY8/AZbz1ElBgklj9wfvZj9atWlC3Rf8GX/fBXQtYz4ulnnWFe7HdI=; Expires=Thu, 27-Jan-2033 17:11:52 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=9997972081675098713; Expires=Tue, 30-Jan-2024 17:11:53 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=9997972081675098713; Expires=Tue, 30-Jan-2024 17:11:53 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706634713.yc.1675098713#1706634713.yrts.1675098713#1706634713.yrtsi.1675098713; Expires=Tue, 30-Jan-2024 17:11:53 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 17:11:53 GMT
last-modified: Mon, 30-Jan-2023 17:11:53 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/576a0d3a-0df0-4a5b-ac90-7e9f2ab73407.png@avif
190.115.24.75200 OK 4.3 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/576a0d3a-0df0-4a5b-ac90-7e9f2ab73407.png@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash d5f05284c21b7798248cd9fa99bfd299
bf9b3b55c3aa5508d51c2935e6494a6f91fb21b9
85a15ca1b3ad7e7569214ac1e02596a70b806eccd8ebf2b9fb079ca53986a0d4
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/576a0d3a-0df0-4a5b-ac90-7e9f2ab73407.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/avif
content-length: 4304
cache-control: max-age=604800, public
content-disposition: inline; filename="576a0d3a-0df0-4a5b-ac90-7e9f2ab73407.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzOTM2OTZmLTIwOWY5Ig"
expires: Thu, 02 Feb 2023 09:59:11 GMT
x-request-id: qdWArseWFiQPH7191DrZi
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/81c5273a-ebb1-47f6-8535-6376c353ea74.png@avif
190.115.24.75200 OK 3.6 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/81c5273a-ebb1-47f6-8535-6376c353ea74.png@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 38274844df1004bd9a0e2ebaa78fc880
ef316b9b62257b1e930eb064f30c1baecd86f2b9
5d128fbc4ca805ffd77a5d0c93ed6c15e548157d1b6a68b16c2849a98799a6a6
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/81c5273a-ebb1-47f6-8535-6376c353ea74.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/avif
content-length: 3601
cache-control: max-age=604800, public
content-disposition: inline; filename="81c5273a-ebb1-47f6-8535-6376c353ea74.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzOTM2OTc1LTY1Njk0Ig"
expires: Thu, 02 Feb 2023 09:59:15 GMT
x-request-id: 3_3K_XaC4gvPsdkGmWl7c
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/f736e1ff-fdf7-40e5-93b5-2daa1b472e4d.png@avif
190.115.24.75200 OK 3.3 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/f736e1ff-fdf7-40e5-93b5-2daa1b472e4d.png@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash bbb2a9093140015e4ebcb4b1ade5b171
dc35c677bb7d9b9e222f93e844793afc4fc06b2a
769a8489bc32f748e268b35024e9726719ef2a65d32665b0a5a54ca6d28789d9
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/f736e1ff-fdf7-40e5-93b5-2daa1b472e4d.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/avif
content-length: 3255
cache-control: max-age=604800, public
content-disposition: inline; filename="f736e1ff-fdf7-40e5-93b5-2daa1b472e4d.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzOTM2OThiLTFiYzYyIg"
expires: Thu, 02 Feb 2023 09:59:15 GMT
x-request-id: yhDgjau2hqJoacHHecauB
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/9dd18146-c273-48b4-ab55-70c3042a3f64.png@avif
190.115.24.75200 OK 5.8 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/9dd18146-c273-48b4-ab55-70c3042a3f64.png@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 8b9dae655791a2c093c33da8a8f41277
c564561f1f54aa7ce97a26a5c0d869fd05ba59da
179311580e45d0faa648f3673f12b5cb2235d2a367c4864febdc818f3a5d27fe
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/9dd18146-c273-48b4-ab55-70c3042a3f64.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/avif
content-length: 5759
cache-control: max-age=604800, public
content-disposition: inline; filename="9dd18146-c273-48b4-ab55-70c3042a3f64.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzOTM2OTU5LTJhM2VmIg"
expires: Thu, 02 Feb 2023 09:59:12 GMT
x-request-id: 1b79iucWvgm-kD0B9wRn0
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/1983b5c6-aeba-424f-b790-01d500023607.jpg@avif
190.115.24.75200 OK 7.6 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/1983b5c6-aeba-424f-b790-01d500023607.jpg@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash d437b0757b3d3be3c19c87919a3aa1d2
32a477ee6439bab8e93e3f47c949000a2c6270dd
0cf00b44bd1b346f12c6b46e7316669113d0c2cd43e752c5a06ae4990d78d9a8
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/1983b5c6-aeba-424f-b790-01d500023607.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/avif
content-length: 7591
cache-control: max-age=604800, public
content-disposition: inline; filename="1983b5c6-aeba-424f-b790-01d500023607.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzOTczNDEyLTIxMzk1Ig"
expires: Thu, 02 Feb 2023 10:09:25 GMT
x-request-id: 7FZkIHauUdzQArQbJb8jG
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/relax/c_102de4b840e0b3d43ec219886af06871.png@avif
190.115.24.75200 OK 7.4 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/relax/c_102de4b840e0b3d43ec219886af06871.png@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 44d6d73bffea52fdb89dbce90b12ed68
3e2feb53775a9b247958092366956ec10ac06b3f
3249942415e96d6fb3c5099b69b378f556f3bbc1cd3e674e6c87311177a4fa10
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/relax/c_102de4b840e0b3d43ec219886af06871.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/avif
content-length: 7415
cache-control: max-age=604800, public
content-disposition: inline; filename="c_102de4b840e0b3d43ec219886af06871.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYyOWEwODM4LTY4MzFjIg"
expires: Thu, 02 Feb 2023 10:05:28 GMT
x-request-id: BzPlnfcoMMob-lFMDxjbf
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/bgaming/194f01dc-eaa3-4379-831d-5a792c1eca57.png@avif
190.115.24.75200 OK 8.9 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/bgaming/194f01dc-eaa3-4379-831d-5a792c1eca57.png@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 17026de42f18fb450b84240abe77801b
aac5ef93d090c0f7711e949da60170ceeb09e291
954db7309a3f64c0f1784e7a72542a54a4216f182ea865080ad6efbaa71414e0
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/bgaming/194f01dc-eaa3-4379-831d-5a792c1eca57.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/avif
content-length: 8870
cache-control: max-age=604800, public
content-disposition: inline; filename="194f01dc-eaa3-4379-831d-5a792c1eca57.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzYzkwNDMzLTY0MWJhIg"
expires: Thu, 02 Feb 2023 08:50:36 GMT
x-request-id: XaEAK-kY2gZKSLFgjEWKA
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/evoplay/c_629b5b7ecad77eca213957740c0ac78c.jpg@avif
190.115.24.75200 OK 5.0 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/evoplay/c_629b5b7ecad77eca213957740c0ac78c.jpg@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 3076cecb5519fe3ab82562ba350f69b5
cc77dcda234ae49c57fd0534ebddaf1b1fb9fe82
5ee40b48c9b99199aa92cb5c9832626d77f5ba97a362ff617fcc12f94017f9a1
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/evoplay/c_629b5b7ecad77eca213957740c0ac78c.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/avif
content-length: 5026
cache-control: max-age=604800, public
content-disposition: inline; filename="c_629b5b7ecad77eca213957740c0ac78c.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjVmODQ0YWFmLTRmNjQi"
expires: Thu, 02 Feb 2023 10:04:25 GMT
x-request-id: oMLdXJ5uFDVAqqILg_OdH
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/spinomenal/e8c6ec93-32f6-423b-b5e0-574778b0383e.jpg@avif
190.115.24.75200 OK 17 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/spinomenal/e8c6ec93-32f6-423b-b5e0-574778b0383e.jpg@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 10efcdb8a9e6e4d6e26335cb5f6f22e5
6dea345a0cbd5d7a467315dd9ebb48949e761b60
6ac02eb9d12d1a9b448180af552bed3ed48b749345c0979ad991650f81c063ce
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/spinomenal/e8c6ec93-32f6-423b-b5e0-574778b0383e.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/avif
content-length: 17157
cache-control: max-age=604800, public
content-disposition: inline; filename="e8c6ec93-32f6-423b-b5e0-574778b0383e.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzNjNiNWM4LTE0ODkzIg"
expires: Thu, 02 Feb 2023 10:05:16 GMT
x-request-id: KL7T5SHGdCoCVOyCw9Vca
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/5cc068cf-9d52-4102-9f28-66395a65c931.png@avif
190.115.24.75200 OK 8.5 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/5cc068cf-9d52-4102-9f28-66395a65c931.png@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 67a53ed7251c92f5ea42d77beae82de5
9110e976e79310157443eac3ae7329b4ebc6d716
527ab81f140771168d3e0d7401d3a75dcd3aa9a9341529b2cd066f105ef01879
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/5cc068cf-9d52-4102-9f28-66395a65c931.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/avif
content-length: 8467
cache-control: max-age=604800, public
content-disposition: inline; filename="5cc068cf-9d52-4102-9f28-66395a65c931.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzYTk5ODk5LTE3NzA3Ig"
expires: Mon, 06 Feb 2023 12:53:03 GMT
x-request-id: VJq1xJuEobh49qYCL7KRV
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/eb768ea8-8c0f-4c1d-a465-b8273ca51b7b.png@avif
190.115.24.75200 OK 7.2 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/eb768ea8-8c0f-4c1d-a465-b8273ca51b7b.png@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 346cd8e0efd877ab4b3be5e25dcccf98
e9b425456024f04cd54718964de4460a030ece5b
24c523648df2f1021c092a6a6e217f892a6192c3828d71af9ff2177ae77a8cff
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/eb768ea8-8c0f-4c1d-a465-b8273ca51b7b.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/avif
content-length: 7168
cache-control: max-age=604800, public
content-disposition: inline; filename="eb768ea8-8c0f-4c1d-a465-b8273ca51b7b.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzNWZlNTkzLTU2ZTRhIg"
expires: Thu, 02 Feb 2023 09:59:55 GMT
x-request-id: H1Z6wD1jtNxW1mPqoxQDi
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/cat_wilde_doom_of_dead.jpg@avif
190.115.24.75200 OK 9.4 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/cat_wilde_doom_of_dead.jpg@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 76dbfbe5cdd074e629e319a5d6b3dddb
6ffd4956326fc530e89fdfc5c5708d25cb9617ec
38bbf2f26820df3af512990110e926a7fd0c95dbbd203edad95562aafd75e9c6
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/cat_wilde_doom_of_dead.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/avif
content-length: 9367
cache-control: max-age=604800, public
content-disposition: inline; filename="cat_wilde_doom_of_dead.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjVmZDg5ZjBjLTI3Mzc5Ig"
expires: Sat, 04 Feb 2023 01:30:02 GMT
x-request-id: LGSuP5PoWS0qM3nJ8dU3I
x-cache-status: HIT
X-Firefox-Spdy: h2
1win-cdn.com/img/caleta.4b134d78.svg
104.26.5.11200 OK 6.8 kB URL HTTP/2 1win-cdn.com/img/caleta.4b134d78.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1174)
Hash f190533286464c5ea5fe8fd6a25f6ea9
87305777f9503830f6a824b2238e2724af32aad1
a9401453813d9810335c5b63fbc697367ddd663940f9df9954a3b57fd20ec683
GET /img/caleta.4b134d78.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-502"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393512
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bym50F6b9nkv%2BD2kshdpE%2FHN6G0aNb64C0amW93Md9UVZBGFlWdHw45Vtk19v5khnzZuwcwAIIBi65hP9b51Z4NHmLPytACTx51AOhoVedBKTvYgY99BWqYZ2wZ1OA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4526adcb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/02afd62b-235b-4d6b-ad9c-58457d5b4b5d.jpg@avif
190.115.24.75200 OK 4.5 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/02afd62b-235b-4d6b-ad9c-58457d5b4b5d.jpg@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 485b06f67fd25afaea1ab08a605e830c
5adb1ff31fd9a405ab2ddb9a6ec1b3155ca3c9b5
7ebd2ded354fa906d7dea21ee2bb392051524a2f05760986f27271323c3430d1
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/02afd62b-235b-4d6b-ad9c-58457d5b4b5d.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/avif
content-length: 4529
cache-control: max-age=604800, public
content-disposition: inline; filename="02afd62b-235b-4d6b-ad9c-58457d5b4b5d.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzY2ZjY2VmLWJiOTAi"
expires: Tue, 31 Jan 2023 12:22:29 GMT
x-request-id: w225OA76XNK_lGesHFlS2
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/26b06924-2e59-423a-b6ef-9bd9c97f41ae.jpg@avif
190.115.24.75200 OK 5.7 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/26b06924-2e59-423a-b6ef-9bd9c97f41ae.jpg@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash d43bad364c5a03c96a9609f5817e6150
15772d42d72303f27a057a208ffa73a5e2cd79c5
fc301e54c3cfd5b3a1ae24e06ce4df85391d488199b163e44fe653027fc014e4
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/26b06924-2e59-423a-b6ef-9bd9c97f41ae.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/avif
content-length: 5690
cache-control: max-age=604800, public
content-disposition: inline; filename="26b06924-2e59-423a-b6ef-9bd9c97f41ae.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzMDc2Zjg5LTEyZjkwIg"
expires: Thu, 02 Feb 2023 09:59:43 GMT
x-request-id: TX1K5cWHXpyP0FUMhzS8Y
x-cache-status: HIT
X-Firefox-Spdy: h2
1win-cdn.com/js/index.ada59b3e.js
104.26.5.11200 OK 51 kB URL HTTP/2 1win-cdn.com/js/index.ada59b3e.js
IP 104.26.5.11:0
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Hash c4a18152108c08f5dca25d30cfa4d0be
d84e7c997a4611f4739120b1dadef343fd920966
a877988f64ab1a1b3b66c7f1fb19dc2e36164748e37ddcf1e98d786d1ea2970e
GET /js/index.ada59b3e.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wvgdg.top
Connection: keep-alive
Referer: https://1wvgdg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:49 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Jan 2023 13:36:58 GMT
etag: W/"63d7c7fa-165eb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EM5dryH7tX%2Ft6Oy%2FXzYSn8aU5cvM%2FsY93hageMuj5iCawUMNMAA4TLhmg0gt1vddEDpW9RpotI3Tw55BZupnuoEf%2BJvb%2BfryzZatoFvsy3o7lmyD8etIEFbHDnTeCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd435cf3b0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/belatra.259628ea.svg
104.26.5.11200 OK 11 kB URL HTTP/2 1win-cdn.com/img/belatra.259628ea.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4338)
Hash 47cfd64efdce8a596640c910e12dc6c9
e8ea3dae84076150e3d6d704ca0df242976ac916
f340b6b18f60a4314aab1099ba006748519ad7d6583043f8118498b7a73259ae
GET /img/belatra.259628ea.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1818"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XR%2FOtoEI7KYcLDN2l%2F8yAbVY31Z5VESrSnFt5sN5BI5PG6hmsNRDJJdVhFE8AwXYAi6xErOJVv2XCW6rXaQWzGI2wsClVIrsZJ16%2BRt1EMc2ynuL0khajAjrL%2BxZew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4524aa5b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/betsoft.c6b04922.svg
104.26.5.11200 OK 9.1 kB URL HTTP/2 1win-cdn.com/img/betsoft.c6b04922.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1628)
Hash 5bc90661c313a00ac513b081ed92b48c
018476c31d223fcd3adcd3f1837fa6ded49cdc66
0319d9bf76f127f6fc1597fc3cc14ee8f8803a2090faccdbfc73c6abdaac9902
GET /img/betsoft.c6b04922.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-14a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3394281
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGHSN5KoqaMoyBx14KaxRxUXroVC3mKVvWPpcbPt5csjaPSmEwt8p3hHU%2FN3hFQ%2B5Uc9GZdrdKZa%2Fzqg4Pv8aiQvJ3Splkcpzsq7xbbe5KI66yqBfumza3ml%2BEPLLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4524aaab505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/booming.a167e59f.svg
104.26.5.11200 OK 17 kB URL HTTP/2 1win-cdn.com/img/booming.a167e59f.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2116)
Hash f9e5bd1450805a8586fb788cb4e6b8e3
d11ee49e9875ae28ee359195be314a821fefed23
8b079c389186ed4653d4dc8b65b1e96dc4508b96e24520d0022aeb4a75ef2949
GET /img/booming.a167e59f.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-8b3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393512
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKABqEo229TjjapOHpU%2FP7gAZEzo4cgFGqzEb9L5gVnJ5JoIAgfrZSqsj1ZocxOsRs%2FZIujNa550xSMMLSLKG8i%2FozjV0qVLbcmjhCZdCYWZN7sOJsuv1yOXHAiiZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4526ad7b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/electric%20elephant%20.0f5be6ef.svg
104.26.5.11200 OK 6.4 kB URL HTTP/2 1win-cdn.com/img/electric%20elephant%20.0f5be6ef.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c878e86200d022d48117d16b785e3e59
f8cab31f7ec588d66dfe6be78436d96fa5c06b4c
4668c7046d18ba783d0f154f09aff33b141890bdf0ce74e074083dfd159df430
GET /img/electric%20elephant%20.0f5be6ef.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1cdd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393511
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mWQ9owYfqF8EXYSsmgFxcKTzHyt0%2F09VHQqPNhOulfJaqIYvL07tiSTr7QZs36FEB44HqJLEWb%2F3PNn7VcL3U%2FK2ybGKie8gKS0sbHTO6xKO0uG68ExeTmxEHDuhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4527b00b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/elbet.90c78268.svg
104.26.5.11200 OK 13 kB URL HTTP/2 1win-cdn.com/img/elbet.90c78268.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (843)
Hash 6f4d1e314d4411209d566447ae9b7af6
3c5b8ded6d7e43e4a7fa9c4437fb3054312ea432
b64cb56ef848a9da87794876ded4f75479f995fff71072f5b2a59ab5fae8476d
GET /img/elbet.90c78268.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-70f7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5D5gbpWqCqZ8bZlgxpd2GCzanj0F4sR1uqa2%2FhmcthnlRVawq44PldGWTMdBkYEiU0E%2F0Jss8EH6DQF6Z2%2Bb1e5nV%2FawnKI9UihaOifYF83Bg4fmngL1JLUfHN93uw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4527affb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/bet2tech.bb2f3549.svg
104.26.5.11200 OK 10 kB URL HTTP/2 1win-cdn.com/img/bet2tech.bb2f3549.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (561)
Hash e1baee36a89fe3662964a2b841e3d3d2
2b545668b18350e50d7d4225fcac9128b6422096
4009a88e598eb1c6919e69bf7a5c6b62c556d11c5e91cdf3a02784146f27a8c3
GET /img/bet2tech.bb2f3549.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-5e6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSIWfkdQ3IIk%2Bwy63SgAfT1%2FrMu%2B8QSNn2UU6RLcPdCS9TnMSRYDyXnKA57OeuCZSBvpz%2BH0V5kov9i%2F04Sx7B0kMeoX2KqeoisGQnHQcRrzFdvDpk2cgEe8TQc0kg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4524aa7b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/betsolutions.9f618e22.svg
104.26.5.11200 OK 7.4 kB URL HTTP/2 1win-cdn.com/img/betsolutions.9f618e22.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2085)
Hash 052af5cf3aec3544b6cfcc897e220ca3
9a7a92587d53b6da5b681c345d051191e719a680
a20af43097af1f855ba693ceae7244b1bbeb14c88d9cc593faa75bffe73c9d76
GET /img/betsolutions.9f618e22.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-911"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBV8y5fS7qo8e8HwTGkg15CzEYs%2FUqDXsYCTjsMk1hN080AAOkQgPE%2BPd6D0QS12Y5OuEgDlO5dt3YdUchwDMs3D0d9bM%2F7uXd7NN4R5fx6T%2FTXSE%2Bvws0DixSq0kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4525aabb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/elk.f78317e9.svg
104.26.5.11200 OK 10 kB URL HTTP/2 1win-cdn.com/img/elk.f78317e9.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1578)
Hash 06b37ef95d9fa8f5bc9247eae2a71e8b
81beb287d5cde59741ac4c770f1df1c63cc650e3
33abc27f5176335b344376c0b0e2b945b8bfff67a5c9386764107fbed9f7a3f6
GET /img/elk.f78317e9.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-d7f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393511
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLeLEkYPU9RGEbYcqYi2t3GAAUVTzIy%2Bf3KAgsiQBraAFnbCiWXbDUchf9473KAyGo8LNunGdu0mVb2j%2BIGqNhKjZy1F8kfdBkps3jJCRjb%2FyXGR8Un2%2FTsY4LAx3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4527b13b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/big%20time%20gaming.848cd084.svg
104.26.5.11200 OK 9.4 kB URL HTTP/2 1win-cdn.com/img/big%20time%20gaming.848cd084.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0e8dd7c6de961afbcf84d80b49816d5f
f6c9c9dbd357e51239c2a387f15d0eeb17084dc6
85d209d7b3e109166d2848d19c709811089a9c5455d52496d29191be948cafee
GET /img/big%20time%20gaming.848cd084.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-209a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0VCA7HIw7n6yoQdCIxd3c4trpyPKutkBFuysG9zao2p8g4UuenFpagLQSH%2FqBDB4BQ2PJZ63fMoODVamTzK0ni8a1fBZJLZbMGOZsPxqz%2BNVpVmG9dTybHrDTzk0iw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4525aceb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 30 Jan 2023 17:11:54 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Mon, 30 Jan 2023 18:11:54 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wvgdg.top%2Fbets%2Fhome&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A956%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A921447478384%3Ahid%3A474270006%3Az%3A0%3Ai%3A20230130171204%3Aet%3A1675098725%3Ac%3A1%3Arn%3A323863009%3Arqn%3A1%3Au%3A1675098725320639644%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C259%2C97%2C0%2C368%2C0%2C%2C205%2C1%2C%2C%2C%2C1722%3Aco%3A0%3Ans%3A1675098721272%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675098725%3At%3A1win%20-%20Loading&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.250.119200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wvgdg.top%2Fbets%2Fhome&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A956%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A921447478384%3Ahid%3A474270006%3Az%3A0%3Ai%3A20230130171204%3Aet%3A1675098725%3Ac%3A1%3Arn%3A323863009%3Arqn%3A1%3Au%3A1675098725320639644%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C259%2C97%2C0%2C368%2C0%2C%2C205%2C1%2C%2C%2C%2C1722%3Aco%3A0%3Ans%3A1675098721272%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675098725%3At%3A1win%20-%20Loading&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash aa75cfde9568df1c15bf239e6bcf7d73
b96d69e34626861c3c07b0164fead4f482a5c2d6
5aa1d021203e9bce8d63b438a764ff30c6a5df5e68e96aa26d457ecec06efaed
GET /watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wvgdg.top%2Fbets%2Fhome&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A956%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A921447478384%3Ahid%3A474270006%3Az%3A0%3Ai%3A20230130171204%3Aet%3A1675098725%3Ac%3A1%3Arn%3A323863009%3Arqn%3A1%3Au%3A1675098725320639644%3Aw%3A1274x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C259%2C97%2C0%2C368%2C0%2C%2C205%2C1%2C%2C%2C%2C1722%3Aco%3A0%3Ans%3A1675098721272%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675098725%3At%3A1win%20-%20Loading&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wvgdg.top
Referer: https://1wvgdg.top/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Mon, 30 Jan 2023 17:11:54 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://1wvgdg.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 17:11:54 GMT
last-modified: Mon, 30-Jan-2023 17:11:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
1wvgdg.top/sw.db344b25.js
190.115.19.101304 Not Modified 0 B URL HTTP/2 1wvgdg.top/sw.db344b25.js
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw.db344b25.js HTTP/1.1
Host: 1wvgdg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: visit_domain=1wvgdg.top; 1w_lang=en; _gcl_au=1.1.220436822.1675098724; _ga_548949LWLW=GS1.1.1675098723.1.1.1675098724.0.0.0; _ga=GA1.1.1816004527.1675098724; core-sticky=http://10.233.107.135:80; 1w_locale=1; _ym_uid=1675098725320639644; _ym_d=1675098725; amp_494ccc=KfXgoB5YLHDX3dw6wIuhmq...1go1qk6in.1go1qk6in.0.0.0; _hjSessionUser_2606090=eyJpZCI6ImM2YjJkN2MyLTQ2MGItNTEwMS04YmI5LThmMWM3ZjM3YjRhZiIsImNyZWF0ZWQiOjE2NzUwOTg3MjY3NzcsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2606090=eyJpZCI6ImU2YWRiOWEzLWVlOGMtNGQ5MC05N2FmLTliMmU0ZjdiYzQxNCIsImNyZWF0ZWQiOjE2NzUwOTg3MjY4NjEsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0; _hjHasCachedUserAttributes=true
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-Modified-Since: Mon, 30 Jan 2023 13:37:13 GMT
If-None-Match: W/"63d7c809-18bf"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
server: openresty/1.19.9.1
date: Mon, 30 Jan 2023 17:11:54 GMT
last-modified: Mon, 30 Jan 2023 13:37:13 GMT
etag: "63d7c809-18bf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
X-Firefox-Spdy: h2
1win-cdn.com/img/aviator-game-logo.2fb50dc0.svg
104.26.5.11200 OK 3.9 kB URL HTTP/2 1win-cdn.com/img/aviator-game-logo.2fb50dc0.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2997)
Hash 753a7c9a4454f97f694f6b41a3e4874e
395a535c8af82fb5660e7be481fa155ca2438be3
7b4059c7008e393307274ad63217d9051bd8e8f3973e49ba513d257c220a46b1
GET /img/aviator-game-logo.2fb50dc0.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-bfa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3395399
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzPB5%2BDqt1ri1gw5EGBn%2Bm1ybhsJOyP8f6BZkZJKn45734Wy57CVT6qFyYvhRPKiKtQaQjWOAyUZyTxIJiqA2xF6Zx7E316nnlPcwdU6ngrQCTb6uzgzfzfc%2BQB1Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4438d7ab505-OSL
content-encoding: br
X-Firefox-Spdy: h2
ps250.1win-service.com/push-server-v2/?Language=en&snapshot_time=1675098723300&shouldCompress=true&EIO=3&transport=websocket
172.67.209.1101 Switching Protocols 0 B URL HTTP/1.1 ps250.1win-service.com/push-server-v2/?Language=en&snapshot_time=1675098723300&shouldCompress=true&EIO=3&transport=websocket
IP 172.67.209.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /push-server-v2/?Language=en&snapshot_time=1675098723300&shouldCompress=true&EIO=3&transport=websocket HTTP/1.1
Host: ps250.1win-service.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://1wvgdg.top
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UnrVdXycsTV+lq3CKQ/SVQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 30 Jan 2023 17:11:55 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: 8Dh0wCoNBHFMCB8ASQc/4+BxatY=
sec-websocket-extensions: permessage-deflate
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fuLcychRJLwjGpKRAcmYt%2FCkeSdAhrCWg403opXFfO6B9UqZFg7E%2FbXjhfCfdbvPXxKw6uGNExx9%2BsuYlhEJ4SoweWiqt7BUUv8ELV%2FrOqajrRHnZyMeGr%2BBPTAm5AdEwH0g6fiVji1Z"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 791bd458d9440b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/s/gts1p5/bD9xEdP9SoU
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/bD9xEdP9SoU
IP 142.250.74.131:0
Hash 93a1dc234a3eedb1ed83af1967fedd1f
33ace8917af555351a08ea32c6a4cc5b743dd88d
36486e331e2358df2041545ec6d7e81a4f5bf9b7b2b2f1cbe1522f6ee8f4943c
POST /s/gts1p5/bD9xEdP9SoU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:11:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1win-cdn.com/js/icons-pack-casino.243be753.js
104.26.5.11200 OK 23 kB URL HTTP/2 1win-cdn.com/js/icons-pack-casino.243be753.js
IP 104.26.5.11:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7a6c293c5ecbab17ecd255edd39e38b5
07dad8c57660bbb8e1d4aeef4ab3c9538574f353
fb4c27ee61164a298b079ca52dd535cf58c913020ff84b1cc3c1e5d58a35fd6e
GET /js/icons-pack-casino.243be753.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=93639
access-control-allow-origin: *
etag: W/"63a42a53-16dc7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3395471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLikCuVRNFoX1k%2FqILVkLonrwUZfk5qbwckkMx%2BdHN%2BmpZ5mZ0Wo4FgBMqnaZeVzkNqQuC%2FhAHTLHaVESTxihFaD0gg6sz3ANx127fJldz3yt7SNlWtqJ8Z8Ch%2BMcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4522a55b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/500_i18_bg.0e037ee1-1320.webp
104.26.5.11200 OK 40 kB URL HTTP/2 1win-cdn.com/img/500_i18_bg.0e037ee1-1320.webp
IP 104.26.5.11:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1320x427, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 14de8fd7c8de24bb9f6f89ddd3c2d480
9635193c712dafa2c58339dee09588880a96a980
633593c73a175eabb2a5716a04aa84b1b49fc8e4ac4687b07509db36350076b7
GET /img/500_i18_bg.0e037ee1-1320.webp HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:57 GMT
content-type: image/webp
content-length: 39614
last-modified: Mon, 30 Jan 2023 13:36:59 GMT
etag: "63d7c7fb-9abe"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0akhuD64SNpzDrSliCxNOmjNdlatN6hNu0H92bMFkb%2BKUSXIbz7AgAIFmkS8FfNSRDaASyW6Z26tANChJswMBTHezZWhyzNVCohuWIIQut92MYRx0I7B40%2FJY%2F19A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd465ca22b505-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/bf%20games.a530d147.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/bf%20games.a530d147.svg
IP 104.26.5.11:0
GET /img/bf%20games.a530d147.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1374"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Io4esPspsq6syt2poQMCO61C66v3v23%2FvKpk6u1TyTG%2BbClfjrKYfg%2FFaZobB7Q57LqfQqyaOC1n%2BpHf8ebLWNuR%2BkcdNwGZxoenpf6XXvlQqH2GGeWQPnOsLF97Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4525ac9b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/golden%20hero%20games.815c7431.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/golden%20hero%20games.815c7431.svg
IP 104.26.5.11:0
GET /img/golden%20hero%20games.815c7431.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-ba94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQzyOr2He%2F87fZA2%2BA3D8toBQBax2TIeQLW21D%2BPrrv6Z2V%2FKRSMtUPPiLsaroqT4xZ8D9J8%2B9LCOWym9gAZMVt39rCfcy6ZQBnaJYLZN8Ejd91%2Fhl1VhtIjWA%2FZHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452ab47b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/hollegames.04d23aa8.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/hollegames.04d23aa8.svg
IP 104.26.5.11:0
GET /img/hollegames.04d23aa8.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2121"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Nr5Tbvwt5G1E8HUuQuUD1cYKmh6QyBsh2WK7zRBGo7Qj3rb3k4seph1LKuuW%2BtN4GjV%2Bu0irBocPKoUONTB45Z%2BUH1%2FeMaUwSRDgkPtfOfwru3FqypDhBSIYFAmMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452bb5eb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/synot.becc85e0.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/synot.becc85e0.svg
IP 104.26.5.11:0
GET /img/synot.becc85e0.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-b94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwyoWcpyodOAn6gFX2JI0w9Wzv2kK1LV%2Fl%2Bg3Hx1sQ6tm0qJAQiRleYUYzpugRZA09fR77Ho8GHx0srRh4g4r38RiPLcSi19s7L38fw7kJpg%2Fl%2F7LvB66bpSBVB0bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4530c06b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/thunderkick.93d20b41.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/thunderkick.93d20b41.svg
IP 104.26.5.11:0
GET /img/thunderkick.93d20b41.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-1f2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 317508
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqNOzdDJ46KmrV5yn0BT6LWMmTdcMM3XrVduPaMYDInEtmTZL6vUp4ZK0hmbm%2FSI5DW9GZYY%2BCp3OGMEbsJXC7jxekWCszASH8ijUmcgdw0Fu6YQL4Bp8z0fVs9Xyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4531c0ab505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/icons_football.2e809939.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/icons_football.2e809939.svg
IP 104.26.5.11:0
GET /img/icons_football.2e809939.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Referer: https://1win-cdn.com/css/5616.80aa74eb.css
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:55 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-32f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 329410
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYpW4UIlNVq2m2nC%2B2ma%2BQNhecqqPi7GfwwmziZ6o2l1gWMiN2OrgtSPf2tqrt9sZbgEbj3djLwso%2BHNIIQu3D5U6DUwqNvSOnX9ajHWrkI5KcfjVFi%2Fm8WAcGC4qA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd45bfd1c0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/atmosfera.2954041c.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/atmosfera.2954041c.svg
IP 104.26.5.11:0
GET /img/atmosfera.2954041c.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-156d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2BTCdEXzNPUWDrhyB1nPs815sd2Y69%2B%2BT8p2f5ZaL9Fj1DCAfo4MaN2PQxHEeLzZ%2Fs7ag1cNHn6xU0KSTY1bqQwCOjCFfFq8puUnDFT9J1eNd9xVPgG9AiVqTeBT9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4524a8fb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/apparat.982be0d4.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/apparat.982be0d4.svg
IP 104.26.5.11:0
GET /img/apparat.982be0d4.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-177"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sofTzxopML3rtvfy%2BYS%2FtimnCxs%2BddrsGeq1uqsI1JjNGoG%2FdIkj12%2BmeB6vY4G5K%2BXFuyGd7KIuTLsA%2F6IJA5zYI01cKeOatddWiSG9qSHIBVLKpv2nFyayuHfGvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4524a8db505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/netgaming.aac206c0.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/netgaming.aac206c0.svg
IP 104.26.5.11:0
GET /img/netgaming.aac206c0.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-127cf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=So0UiZPlGitfYZvDVDOJD%2BOfJJGf2maqnaCoxsi%2B9lTCl7BCR2IBsU1ZywD%2FziErWcvMG5elQ2Q8LLPOD2UneOorXhkH5VSeQC4c65aD9PQsOQrZ0PfTgVCWxscf2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452eba7b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2606090.js?sv=6
54.230.111.8200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2606090.js?sv=6
IP 54.230.111.8:0
GET /c/hotjar-2606090.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wvgdg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 30 Jan 2023 17:11:29 GMT
cache-control: max-age=60
etag: W/296802cf79e1a469540ff29fd339d6b4
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: afEv_q5ytwgCNp4ou-KJEwdwQtHZr54L4G4ZTXz7N33jtZ9y1520vg==
age: 24
X-Firefox-Spdy: h2
1win-cdn.com/img/7mojos%20live.0bbc237e.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/7mojos%20live.0bbc237e.svg
IP 104.26.5.11:0
GET /img/7mojos%20live.0bbc237e.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-144e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sR6vvKHjkULdb1UkuOEmy2RcYltc74O4xNQ0EmSH3FrwzDTijz1043sIHwFvF4LbzAt8RVuQnVdF%2BFOct86fcn3ctZmju0haTLyYljk7F1uymKzwJYyRE%2FdWHvA6Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4523a77b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/dicelab.f8f3d560.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/dicelab.f8f3d560.svg
IP 104.26.5.11:0
GET /img/dicelab.f8f3d560.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-f89"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=If7TuGtzg%2F8hPz8a831RSXHh8uNo3i1cXNukV50I6XUsMv6uBYYRG0forXjIy%2FzxEQ%2BXwE8NvoHC%2Fmq%2BVzbzZu9DWe0oGYwTpp3LQ1z2GlpOtw1ro2J4vPzjofcEEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4527af3b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/redtiger.81376ac8.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/redtiger.81376ac8.svg
IP 104.26.5.11:0
GET /img/redtiger.81376ac8.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2a9f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3394153
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VrI8hkovDfu5uBHAx7NXM3M8JtzbSHbzu3WmuW9%2Bhxva49Ox8i3%2BsGxZop1pldQ0uqRJXn6u1TmnTrt%2F5EtqFyUwiq5bLrUbnZ20Ni91geNOSDx0aNidUuuJlXX3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452fbd6b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/icons-pack-home.e8bf03cf.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/icons-pack-home.e8bf03cf.js
IP 104.26.5.11:0
GET /js/icons-pack-home.e8bf03cf.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=80069
access-control-allow-origin: *
etag: W/"63a42a53-138c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3395399
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cKnhX%2B%2BeAnez4jboHNnzvDahJiytta0stO2ISVrMPZ0Mk5Pvf1zZpoHRCTH163VLHSUZm006ZgbKpKeQhdZuoIxjbQiyethu6HvcjQ0BMCKvFHqoO6YSM9SfWCauw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4438d7db505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/relax.c4362d19.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/relax.c4362d19.svg
IP 104.26.5.11:0
GET /img/relax.c4362d19.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-1994"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 317508
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zMbzEMCBj3ky9eOWrLRV88lVGORb2b8Lul5wls2I6vgbd3S2w7Z31qu%2FNh72J52MRgVTbzaz%2Fw6Ls1B%2BXFsHo9CFJ%2FkDFuMCPg%2FR20a8cw88Bqe1i9U8KgXmo3C%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452fbd8b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/agt.a6dc1f1b.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/agt.a6dc1f1b.svg
IP 104.26.5.11:0
GET /img/agt.a6dc1f1b.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-13fc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wz4uYvka09mXUWLcw79Kjp2KQbp%2FmbIXVKsoWqlNRpv%2BrrqsM0fYNMesA%2FyAHrrUeXyMrBA5nxrTLUHh5cTWtukSrhSpaWiGcla%2BV0U27qBpVDKEYJd0npZnmaNwDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4523a84b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/igrosoft.81ca5abc.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/igrosoft.81ca5abc.svg
IP 104.26.5.11:0
GET /img/igrosoft.81ca5abc.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2243"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnpBScPZr0fJ3nRaE%2BwuTk2gJVy9vdCqGZGrJfkcKhyr8P7JxWIwtyqdFCeDWe4ZunYe2%2Fo5j92jOjn8qX1v3EZJLrZ706rObwMNlP7wvuB60cfL0wIS8CALg9y81A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452bb60b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/common/banners/all-v2?lang=en&type=desktop&bannersType=main&localeId=1
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/common/banners/all-v2?lang=en&type=desktop&bannersType=main&localeId=1
IP 104.26.5.11:0
GET /common/banners/all-v2?lang=en&type=desktop&bannersType=main&localeId=1 HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wvgdg.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wvgdg.top
vary: Origin
x-frame-options: DENY
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zNj%2FHc7JP8d50lbuT76AiN3nOAu9edxaHgfOt1DULh2K6XkR1duUDrkBB32HCUvB9zT5xZutCycXbu49U5%2FMHJM%2Fly5BbL%2FO4fFsTZTW%2F7Qy4J%2BcgppXtRYSR57GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791bd4463af00b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/539.6905ae30.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/539.6905ae30.js
IP 104.26.5.11:0
GET /js/539.6905ae30.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=22657
access-control-allow-origin: *
etag: W/"63d7c7fa-5881"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 30 Jan 2023 13:36:58 GMT
cf-cache-status: HIT
age: 11734
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVJ8gN3eQWRmvKI0%2BtF54PlfRhWL8jqPPmFN%2BhmkXAxTI5Fvu7yPcM1K6hjWShniiXv4rE5vOYMPUbFdYlhCGle7DJuhiyZjmfHruGL7vvjFNLjfjsoNi678A4YR3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd43f6fd0b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/boldplay.018c7f09.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/boldplay.018c7f09.svg
IP 104.26.5.11:0
GET /img/boldplay.018c7f09.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-1603"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 991935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lru%2FpUGvx2z%2B6jOMo9SOzyLwjcXbpVHqvVECzOCwENgAABLQQbLghK1A6POgz%2B8mj1SpoBQZMLv09RVJzf7%2FFrFsKibNSOap2kjJTkQKBujBb1VR%2Fx4NUW7x1JEnRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4525ad1b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/quickspin.9b693b27.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/quickspin.9b693b27.svg
IP 104.26.5.11:0
GET /img/quickspin.9b693b27.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-16a6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3394153
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMM3uaqk1gAvAuiZQiHafsXhTz2soAIJhzWPdk4s4Fk4dsD7a8aQjo0mrBqWyt40UC5A4NmJ8L9%2F6eBnG%2FKlBYA1671HZo7XSCQ3kAQutz0adx34%2FjwVuK0la6DGlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452fbd4b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/cool%20games.5793050c.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/cool%20games.5793050c.svg
IP 104.26.5.11:0
GET /img/cool%20games.5793050c.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-d49"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393511
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXSqTs168xalZuQgFCkqmcmRghx5tu2QOY7sXK59bPSzMKJmZfrZpqKfIwDIhHVmW6bELMmEQPqWxkGfJ71yS416Eg%2FYI5wuxLXdkijz0PLpxR92ZgopwMclr1junA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4526ae0b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1wvgdg.top/
190.115.19.101200 OK 0 B IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: 1wvgdg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Mon, 30 Jan 2023 17:11:49 GMT
content-type: text/html; charset=utf-8
x-frame-options: DENY
content-encoding: gzip
X-Firefox-Spdy: h2
1win-cdn.com/img/gameart.bec40c08.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/gameart.bec40c08.svg
IP 104.26.5.11:0
GET /img/gameart.bec40c08.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-a20"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZTRJDhifRhBWwQs%2BzlVhE%2F6UvUtRgQvqQQoDfTMjI15pia%2B6JpNNhKh8G1%2BGVCFw5pIXMWRE7%2B%2BdQKfBYpuTAvLMiO0kcGsKPsFdJHQGXI7mqqqO%2Bx2u4IDbsevBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4529b2fb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/gamomat%20premium.5db51aa0.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/gamomat%20premium.5db51aa0.svg
IP 104.26.5.11:0
GET /img/gamomat%20premium.5db51aa0.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-7f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 317508
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQB6ABjs8UnoNy%2BSDrl2lmv4F4V2PXE8zTadoyWiiHJpgVrV0xcfogf2YtpKq7FZhXG8F24k%2BisaDNm2OP7gRGbfPZDOPjTeXURwBExAGIphlnjuoEDIXvkbbQ%2FBSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4529b32b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/iron%20dog%20studios.8a9aca7b.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/iron%20dog%20studios.8a9aca7b.svg
IP 104.26.5.11:0
GET /img/iron%20dog%20studios.8a9aca7b.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-23e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGJWIiTmtw2XBlR3bzKF8dRR20vuMsMrwiUTlWulzv8RJPXCDE%2FG8zdiWAZe6iICCRbjVZiKRld23X0HVP4COXUE9GBE6VNCUGwlX6t1I5jghvou4daj8l25U74m%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452bb61b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/icons/5854b4e4a7f257ddbd20e3d9c5478b419bf00f6f.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/icons/5854b4e4a7f257ddbd20e3d9c5478b419bf00f6f.svg
IP 104.26.5.11:0
GET /icons/5854b4e4a7f257ddbd20e3d9c5478b419bf00f6f.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Referer: https://1win-cdn.com/css/5616.80aa74eb.css
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:55 GMT
content-type: image/svg+xml
content-security-policy: block-all-mixed-content
etag: W/"90e9db743f3a66903b2e41c8be5ba5fe"
last-modified: Thu, 15 Apr 2021 11:54:52 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 173D8827C4D105CF
x-xss-protection: 1; mode=block
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sv%2B9lauUo00zXDjRg%2FYdiigiBl0uDRz6QQdQt6EpxOAd4M802wmFgTHJ8dgohlDgYtqYS2JOS2SMDUaCjxVNjhynFNksQwIiuPpwCrOYWN7ja4WSNCspBgpvepJMuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791bd45bfd300b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/nsoft.694e7d47.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/nsoft.694e7d47.svg
IP 104.26.5.11:0
GET /img/nsoft.694e7d47.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-532"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dqmh2MVxfcOfb4UbK%2BRCSvx%2FBHSZj9kxKEuz9HrR40%2BRVfkIzLQewTphZxObrXLPxAI%2B5%2FP93yQnEdZGC0MoVYeR6J5b4qQebQh%2FO9GCfNzQF2aepkazG7is2MP%2Bfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452ebaeb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/reelplay.7c34e6a5.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/reelplay.7c34e6a5.svg
IP 104.26.5.11:0
GET /img/reelplay.7c34e6a5.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-6070"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 991936
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFrlNIR4RCFfcQn1V%2B4MBkDXs4EAiF1a6q7wPjVCyELxGiuLjhf9%2BRPGxNVRgJqjHgSN2VEndIqGlXFAhwTBkED2%2BRSLc1v6fE9IWj8UOM6KfyrxBxIuHwbJcGyS8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452fbd7b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/bgaming.8e34f448.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/bgaming.8e34f448.svg
IP 104.26.5.11:0
GET /img/bgaming.8e34f448.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-41d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxA%2BdUUxJqvrcz3DgIE%2FNecFxW1qnTbv4imv%2Fb1%2Bo8IAO7mWTpmxnaNaRPGmy8b0jmdCAVaIzxMZl3a64uSKElPt12T%2BZwtnne9q1FZfYspCEdQehC1fSn7GqGDfEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4525acdb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/icons-common.c0259c25.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/icons-common.c0259c25.js
IP 104.26.5.11:0
GET /js/icons-common.c0259c25.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wvgdg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=231782
access-control-allow-origin: *
etag: W/"63c6800f-38966"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 17 Jan 2023 11:01:35 GMT
cf-cache-status: HIT
age: 1145360
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=125PYpMZRnrfGq3ZObV9IPVocU3BpmfOUHnd65OCJZYMPWDRtxiOMttaCCVyIfbHcN1DLshbcSJjxRQJtCScbVU%2Bif%2FSv3B440ygEmmZGvjSo3nyHBiWQyYGRzCsYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd439ff3fb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/allwayspin.ef1458a7.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/allwayspin.ef1458a7.svg
IP 104.26.5.11:0
GET /img/allwayspin.ef1458a7.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-db6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtB2MXNdLH0rPyZleQ%2F9yKeydgKePhXFzQLJncCm6xIzx4NKP5yhCkIBBieaeb1zs7dBGy%2BKxp3oIEuIk0lZXrj8Lr263EBTULQNo9Np1hzIhfT1B7pgz%2F38x1m3uA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4523a87b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/fazi.0731b5cf.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/fazi.0731b5cf.svg
IP 104.26.5.11:0
GET /img/fazi.0731b5cf.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-27b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uo57I3gg8QSYM%2BkESSha0mlXDFvumim%2B4Ea3gC3SvpjfF4zSwnU8BTMswhG9oYcJgo59N%2FK6LcKTCHLbwMW4yiiuOUpEbcsFbySHJe2p79DLJKytA4FI22bWCpwmUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4528b21b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/gamzix.f7270646.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/gamzix.f7270646.svg
IP 104.26.5.11:0
GET /img/gamzix.f7270646.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-f15b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCTylJ4TIyOT7S0wHjvwwpVAII%2BNWitXm17NyrllWU1mAcnfbKnbhkrQjoLmEMubusWhmoZvZOTGmvUe6KxuORj1tyBusFB4l1uOjZxce9SH6PFPR3c8URiyITzZjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4529b3cb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/green%20jade.c62a1806.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/green%20jade.c62a1806.svg
IP 104.26.5.11:0
GET /img/green%20jade.c62a1806.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2aee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G38Q929nZGvHz%2B6bTLIkfM1qchkhy51Sy39NFgoEbyTFYjE%2BboNrZednFOzVol4PPK6j0PD%2FK%2FTyL8pQVtxZwS%2BCetq0LqFnIc96xPesEhWt0otvPQDDU6FzTE2BPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452ab4ab505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/kiron.4a0c7f94.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/kiron.4a0c7f94.svg
IP 104.26.5.11:0
GET /img/kiron.4a0c7f94.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-264"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBQUGSgV68sr5iJd8wDtX8YM%2BrKqSo4tFUF2GW5CXM3doBo2ndnYHjRP9Tnqli%2FP85OqyZCD8jo4IaTihkA85ZeyLMrzqOEWncubQmWkw28KsBURmIs6OVnAWMYY8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452bb68b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/pushgaming.bc19137b.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/pushgaming.bc19137b.svg
IP 104.26.5.11:0
GET /img/pushgaming.bc19137b.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-e19"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dq%2Bf0eTYCli98DpvH6H0TIVymtExX6%2F4kAV2c%2F%2FdGnD%2Fg8To4gEa1Zs00ic1Hoc2vd5REVachhvze%2FLwaTUacfWE9WNzjka58%2BDkq7Glx1Yu4toHq50rCnumtbXsBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452fbd3b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/turbo%20games.bfc7405e.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/turbo%20games.bfc7405e.svg
IP 104.26.5.11:0
GET /img/turbo%20games.bfc7405e.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-18b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1023948
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dP1rJpfrlI1nHksP2dpBrJ99f9uSs6MpWNUnW92DW26j3gEET0u4Wuj6TLLR6z1VA6oadCBehnm9ArJ8FyuAtHC9snQ37hLLwVbKVNU%2FMYKDqtFA0SP%2BkCcveQlbEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4531c11b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/liw.06ac3b16.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/liw.06ac3b16.svg
IP 104.26.5.11:0
GET /img/liw.06ac3b16.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1df5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXoNKCWls3SaBJq1wfe%2FDdKQ8x4pgXs7cxsCUzgRclnZxXll4o5IiQIVTkOPSYxZ6q1ERYnK0sSEEhN4EKnyvgI45Ku9LmNxgg7y05%2BHUp4DfSPayid5ckd%2BFkdwqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452bb6cb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/triplecherry.ca9e4ee4.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/triplecherry.ca9e4ee4.svg
IP 104.26.5.11:0
GET /img/triplecherry.ca9e4ee4.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-d37"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=esk6G3B%2FKqLvp%2Fl1R%2BzTpY%2BsCUq1iwGmDiA%2B6xjh9pTzkOMQe7O0APEv65sQ7S%2F17TxybGP2qWE7%2BwvvOjdng0VICsvcMohgPWn1vYCfjMllUbwzVzeSZYsidCuP4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4531c0db505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/chunk-vendors.65b7581c.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/chunk-vendors.65b7581c.js
IP 104.26.5.11:0
GET /js/chunk-vendors.65b7581c.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wvgdg.top
Connection: keep-alive
Referer: https://1wvgdg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:49 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Jan 2023 13:36:59 GMT
etag: W/"63d7c7fb-68484"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oH2e0B8HCJBSLl835qfocoZdeVSI%2BiaCq644I3rA%2FwfcFJ09oKTwlTkDdS9D%2FHJsFJqdBtNPqRVrwaFw%2F5YKLu6YcsKWH%2FG3ioW%2FOehk0n2Ma5Dl4kKP8QfiqCCRJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd435cf380b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/authenticgaming.08e94926.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/authenticgaming.08e94926.svg
IP 104.26.5.11:0
GET /img/authenticgaming.08e94926.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2813"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfNqxrWmWM6Ps18Ltq79C6kWnkPoxh%2BYBRCC0qaPpsnMS%2F8uI1fFHvoU4Boh1EzWggptb5%2FVkhwOvdPbdApuCokwsUCT5tJQzKko9ZaDH%2BCNh7YGsWOUl6eQM1xp6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4524a98b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/hogaming.f8502380.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/hogaming.f8502380.svg
IP 104.26.5.11:0
GET /img/hogaming.f8502380.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2cde"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7mFhV6ennUGov1yc%2BVSESMW8q8bh63m8K9OuR1zx%2FayFD3fc6rvavEHUhO2vqoPj0XZPEce9AlicUlLdzgaRUb23fQcykzslcMT1HELPrxVqJ5ivwZeEVsN7f1dzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452ab52b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/high5.4aa8a605.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/high5.4aa8a605.svg
IP 104.26.5.11:0
GET /img/high5.4aa8a605.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-1314"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 991936
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wG3wQtujzyWEvxNapUQrvfaoJ4qVOebblbRk72yx2rl5YCWT7XpVU9obgDToVernBwXvWFRyCxQDjQ53OV94yBfjvIzbMFME3pg2UeyWtCQP6jOhdl7cnjxtRknZgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452ab50b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/max%20win%20gaming.d504cecb.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/max%20win%20gaming.d504cecb.svg
IP 104.26.5.11:0
GET /img/max%20win%20gaming.d504cecb.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-a04"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0whRGLqpX119Sxh%2BmfythpU4VjYA9cfAwol4QdU8Vol1nPu3uvkRYQK6E3C2CymmZy%2FWbCsRCd920NDKcDnST1oZXpsi%2FNLrpFTy%2BQh3pZrpGWIRC5SmToPEm4rmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452eba5b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/truelab.c0496875.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/truelab.c0496875.svg
IP 104.26.5.11:0
GET /img/truelab.c0496875.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1043"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCAd8VR%2BGWL56RPO8qkZ8HyxoeqFdT02zt2dqgt8u93ubqVVgWF3hwUhZfTcz9bLzUPsZy8xWa4PdF1fLJ%2BLn3vL2fdqt37AUEEY0yrow6%2BbFYpmgXOBRvOtGrHIeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4531c0fb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/vivogaming.41d892b8.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/vivogaming.41d892b8.svg
IP 104.26.5.11:0
GET /img/vivogaming.41d892b8.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-f228"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 329409
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlBp3oEXHVLkIuDe8Ld5dfFBYYWEpxmDOVwHzHwscBo5d5uO15fPg8rI81JvliLSmyZzyJWpo6pd3ARIoqMe%2FuChsXV5D%2Bml75k2U8L9h5AY%2BRw3IF5yoWjED5uhpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4532c26b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/sthlm%20gaming.a42e0c70.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/sthlm%20gaming.a42e0c70.svg
IP 104.26.5.11:0
GET /img/sthlm%20gaming.a42e0c70.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-3199"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2P1sB62Ha6UL248WRA3WaSogkAbW2rBOIEf3KlA26kEzH%2Fr15QGAillzA0GLFnrMMCQ7fiwiCCy9Er21gy653imTcj0RZqcgCxjyv3YTM6SY7GKK9V%2BDTie91klWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4530bfeb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/chunk-common.cb71208d.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/chunk-common.cb71208d.js
IP 104.26.5.11:0
GET /js/chunk-common.cb71208d.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wvgdg.top
Connection: keep-alive
Referer: https://1wvgdg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:49 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Jan 2023 13:36:58 GMT
etag: W/"63d7c7fa-4176"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jHrlgyFzi9kyFn0k3FIcZ45rVkSVt9JcItWd5EuOViakkp6tFtu%2FEDSW%2Btu3MFMS4rwITPuc7%2BhgyhpOgWo1hYEEVICI2PbCEI1H00Ex3oZDojgQWG2E335KP2iyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd435df480b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/icons_tennis.4b25aa6e.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/icons_tennis.4b25aa6e.svg
IP 104.26.5.11:0
GET /img/icons_tennis.4b25aa6e.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Referer: https://1win-cdn.com/css/5616.80aa74eb.css
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:55 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-6b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 329410
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rhtckdXxR%2FQHVD%2Bz7e%2BuWFWiE5oT6Yxtt7oMvCJBC0xydzdQdaXeqWc7wHZPyveGupVXzzuFxdt6XxzEDBBj8wtd%2BbAPxjbfuQtxIgkauNUjzw3GvwOdfkjqCNaOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd45bfd230b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/genii.5614cd78.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/genii.5614cd78.svg
IP 104.26.5.11:0
GET /img/genii.5614cd78.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-e7f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qark3OvbvHpL%2FR%2BlwC0J8jgsW76JbDyGu1S3hwvVsAYEwiJUxNnOmw%2BVm%2BD6lcepAfHN6Ja0leANVjxyfX5un%2BaBMIpUUern6VrfVU9RDC674S4jKc5yF7SKeb6Diw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4529b43b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/goldenrace.423ead5c.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/goldenrace.423ead5c.svg
IP 104.26.5.11:0
GET /img/goldenrace.423ead5c.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-7198"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gY5TM%2BbXjBaCpwG0hf%2Fr4Qnsp%2BA74ZhBT%2FVC9Q6M%2F6NoYOepz4Bam6X%2BuIzwTRHoVzre0aw%2BHSQHsiWJyr9um9J1RfZvz2o8FxtXRuhwnnZd46tAuwmqcmfeeo4LcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452ab49b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/hacksaw.ba9f22a5.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/hacksaw.ba9f22a5.svg
IP 104.26.5.11:0
GET /img/hacksaw.ba9f22a5.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-110b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGZBWRpXyrTpMoe0qLlg6stTEazoJKRYBREpdQYtVEaDe3Hd1bcrXS3sKauNWrI%2BckkSv2C0sybx%2B3s%2FMGQDa3XX8goPmToxP5n7ua7jMtsoGCfzWZEW8KsGGD1Ycg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452ab4eb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/platipus.62dd70ad.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/platipus.62dd70ad.svg
IP 104.26.5.11:0
GET /img/platipus.62dd70ad.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1368"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CzPP02yNkSVlCyfO3SnYa2ylHkmvM%2BMtu74WIR3wymWGrhpo9h%2BDrJBCYHgCcdp6TKfNOxI8ZOci7zRMWwlzOCqiAfi80F2mpbZni9G38%2BULmfNky0FwRKz%2FN56aw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452ebbdb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/sagaming.4e1b794f.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/sagaming.4e1b794f.svg
IP 104.26.5.11:0
GET /img/sagaming.4e1b794f.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1060"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2TONMIQc5HAuB%2BjFPqtuNTupPap%2FJyS2q6r%2FhUvF6SGAxOX4VvYUJrqbkHo7Dvw9QH%2FEbS8SCwM2Mp%2Br9FpD1W5eVIfdIpvaqLMG%2BD5Hs5o1FH1il%2Btt08s7SXGBMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452fbdeb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/1x2gaming.9c41eb85.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/1x2gaming.9c41eb85.svg
IP 104.26.5.11:0
GET /img/1x2gaming.9c41eb85.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-f4c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewtSAgc7%2FIMMn8IIaQLsYhGYlYZfhp3os3ceWWSceTl4YTDWXvt9%2Fe%2BkGAnT4ixj8mgG8LUumz9YBtc9Rz7rkIfUeAeDI8x9t7gI3B%2B%2FsXhGj5jFU7c7YGApCwRtdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4522a65b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/5%20men%20gaming.81b340c2.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/5%20men%20gaming.81b340c2.svg
IP 104.26.5.11:0
GET /img/5%20men%20gaming.81b340c2.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1ac8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FjUFqNIG7MyoFFnh38oPRmFkeyQsZEd3hW3ENzgqLnsRJHk7pWsBoK%2B8DMKmj%2B7tCKKBNPjNy29n%2BVQjwNctt7%2F%2FhcEkMsf4bU790qgQuQBbaKe3iIpj%2BXIixKiCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4522a6fb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/mrslotty.366e094c.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/mrslotty.366e094c.svg
IP 104.26.5.11:0
GET /img/mrslotty.366e094c.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-8d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3394282
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkXgOqqngIFbeS36I1sQTRe4ASEcWB3zvKhW3fzwUFaNepnXoVfA5uoLJrqTNY5%2F1%2BMxNj3Kg%2BIZvJ6Y438rHYDkCU%2BQzO6PPSIa9uNcNF%2BaP6veJiYesWwlb5%2FnsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452eba6b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/revolver.1a5adf31.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/revolver.1a5adf31.svg
IP 104.26.5.11:0
GET /img/revolver.1a5adf31.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-e61"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChC4aeu6BKsiGKqaKTF6mJ9KyYiNRzWur8wEqJthEgPfM7DvTWZdZndVPoTtwObNQ4SUzRK4vc5LeMTuJ88HBsbjjcx6XZoRkM0XIdMnubXrC4c%2BHSa9HRPxdyYAUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452fbdcb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/silverback.e3f805e2.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/silverback.e3f805e2.svg
IP 104.26.5.11:0
GET /img/silverback.e3f805e2.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1c185"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cArV2A2My6SiU28E%2FpGTl7aVaTq%2F9g%2FVG6UEKJ7HoSp7LiYnMS%2BeZJVsR8mPrcWiLLMoQvJtfpDQDQmnwBAeOj6zooDiLtxKUHBBpN2gFKeHKi2LpLgUmQojx6G7Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4530be9b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/yggdrasil.6666231e.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/yggdrasil.6666231e.svg
IP 104.26.5.11:0
GET /img/yggdrasil.6666231e.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-12ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cK09Wjt%2Fa%2B4ph5%2BicYsIYDXRJ6y3tkf%2FqNYv9Y79kyasmdb7J2HO7P3gr2Ljw7kq8PVMHi6%2BPhHcCA0XFpoiaY2j5up9KA3yHeW%2Bo7GkRpdpyPe%2BD7FaNGxH4JPLbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4533c2eb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/4theplayer.1c19371a.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/4theplayer.1c19371a.svg
IP 104.26.5.11:0
GET /img/4theplayer.1c19371a.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-25e5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9Od1hZFIY7L4TaqYh7kHb8XBEforpSTuF64r4GKVQVWSA7OH6luSlNKzqQEKWJl%2BNXA8l1KRt%2FzzTioA8p39DcOetSYlqq4k0Ou0Ir%2Fc8M%2FPVUXKDmh4rIYpTiU3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4522a6db505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/simpleplay.21ac090f.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/simpleplay.21ac090f.svg
IP 104.26.5.11:0
GET /img/simpleplay.21ac090f.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-a01"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 329409
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BimmWTQDb09D%2Ffu0lIVZNTnYyTsoIP9uiEq2BouppPIjZF7zI2OCrNYvjzQ42rO3%2FlGmBqHNtuYK%2BS2fqdIDJ5TcAtYTG%2BzaES6aOAJyTT%2BWiZ5VTE5dy%2FtfHoXU4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4530becb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/spinomenal.30d1dc2d.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/spinomenal.30d1dc2d.svg
IP 104.26.5.11:0
GET /img/spinomenal.30d1dc2d.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-6e7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3394153
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WY2iZ0HCQg85fm6YEIdVYhFS0VmBwXi6ChnmYFUjBN6rGlipYiav%2Bx3lxSgkJJPNPMq%2FTWTDuR0bQ%2F9ZmPVgvJpawInij3wbEr3KeReZxW4QeJslzXUbfHgumcgXqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4530bf6b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/icons-pack-social.11d06b0b.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/icons-pack-social.11d06b0b.js
IP 104.26.5.11:0
GET /js/icons-pack-social.11d06b0b.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:52 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=20146
access-control-allow-origin: *
etag: W/"63a42a53-4eb2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3395401
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8H5hebbknroL4sLf%2FV7SXn8GmaQ3KFJ5lU8XkJBiCwwlYacLE6mrC95OrJS0VtP6y%2FHMVjyQ3pKQ0gkmT4gmuzWuXvPs1e7Y4mUuYOoqmp7p2lMe7HuehRinOhQ%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4463971b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/css/desktop.31e6deb9.css
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/css/desktop.31e6deb9.css
IP 104.26.5.11:0
GET /css/desktop.31e6deb9.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wvgdg.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:49 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=95906
access-control-allow-origin: *
etag: W/"63d124be-176a2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
cf-cache-status: HIT
age: 324081
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGp5dqM3qksLo6d%2Bcws4SrlLJ9Tfq2haUoLCfvLar0SQrnacQwotVpzOCjXOeK5aQ6SJAglSySFN6sQai9myAtMaTlZDjXsbPprxNwHXtYEJ8z9QqArz1ZX2sYj9QA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd435d979b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/endorphina.bf6a0cf2.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/endorphina.bf6a0cf2.svg
IP 104.26.5.11:0
GET /img/endorphina.bf6a0cf2.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-3a771"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393511
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDdcxBcTN5P2judJ%2BdS500ToShvvrsc83QeUzXi5Xjf9M57s9e6iJXZqgQ29molDSDdRo56dPOfVKsjZMhXbAM%2F1zcg%2F0kGOMAQKwBGE6CV1hWeXevZpsX52FBdgdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4528b19b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/kalamba.f208b29d.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/kalamba.f208b29d.svg
IP 104.26.5.11:0
GET /img/kalamba.f208b29d.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-5343"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FxXUYmcv5vK9QycmSoCVEk3gaszBzb5yYCf%2FIfRCwsv6iGLX4OaH4%2Fvmor1WY06LzqyY8CwIv3v4sFFoxZSiVw81TCVKMpgQtQlJF3FebXY1HMosMfdyj%2FHkS4vmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452bb65b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/wazdan.63223c78.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/wazdan.63223c78.svg
IP 104.26.5.11:0
GET /img/wazdan.63223c78.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-cac"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzfvcT%2BdbdCiVXnCEFw2quKJVUcHQq9JbeZiJG9cUeBD%2F5u5mHN8zqf6Jq7NKwQYweEvOPHOyhbW7IHCMpuD%2BiH%2FGooCB%2F9CD4PrrkfwD04e4MlPDNQWRvF9QzT2dw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4532c27b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/2950.f32fe8c6.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/2950.f32fe8c6.js
IP 104.26.5.11:0
GET /js/2950.f32fe8c6.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wvgdg.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=540141
access-control-allow-origin: *
etag: W/"63d7c7fb-83ded"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 30 Jan 2023 13:36:59 GMT
cf-cache-status: HIT
age: 12871
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rlc2wcF24dIh7Luih9BbEF%2FjTm9PU6WuzvvVlHIh2ygL2FZCPaYhix84RQOcq56blSekdSM429Vxewor2%2B4a%2F1%2F2kfyUXRcXWHVSV48Yb1pY1K9JMmSdQJAVwL4BVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd43a0f53b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/7mojos%20slots.d3a1137d.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/7mojos%20slots.d3a1137d.svg
IP 104.26.5.11:0
GET /img/7mojos%20slots.d3a1137d.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-22be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 991935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2c5%2FXJst%2Fup3ddBEpZkU6MBt18%2FYO1umVtVfPzJBIRHw1znyVxT6fQakx4kJprD2E9RN7z0YywB7Sb%2F8Fw2oyb22LJ%2BaA%2FGA69%2FgXDfm9xKJH0RFwpLHry8bS3g%2Fxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4523a7db505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/oryx.ef29a7af.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/oryx.ef29a7af.svg
IP 104.26.5.11:0
GET /img/oryx.ef29a7af.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-507"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqTxub%2FBBqhcL4tyzNbAmpTY5A25W6yEAwgCaq%2BvokwPKz6NCm8vBqHuKeEu2zc4s8K6Xfs9QbvxDbHfkNjeRMNK15pB%2BiEkKH%2FfYeycc3CZLXdm9XQHE2UdWp3%2Brg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452ebbbb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/salsa.aa6535b1.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/salsa.aa6535b1.svg
IP 104.26.5.11:0
GET /img/salsa.aa6535b1.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-246f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9l%2FSq7qD0u6J%2FwaJ4OaYie328bQcYoruo3rn1Q4XsPBJzfCnjw%2BqOUBisduqPe0jnUBVplSYO98GrKW%2BOmnmMkaER76bFFsI41lo%2BgQvc129oIrFvKnuz%2BeLHtThw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452fbdfb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/tomhorn.8e656e09.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/tomhorn.8e656e09.svg
IP 104.26.5.11:0
GET /img/tomhorn.8e656e09.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1811"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0gpMed0xkIZvwgvJw1eVbLEt14wmuGCF2cBtfL4O%2FX17dH5dHz%2B6Xlo%2B6kpT5HduxOmL3cTl6H943mHGcSkeIrTwjyJ%2FD68Pl2BvOt50MNw2fHzXTHRfVNfc0pL9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4531c0bb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/vibragaming.4b28676d.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/vibragaming.4b28676d.svg
IP 104.26.5.11:0
GET /img/vibragaming.4b28676d.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-22a4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFEpRRq9rUAtqnjZhuspFzMfsXqRHb9lsvQKK%2FWHQrO2bXdfv4mRqmHQ%2BucghPrLzrph%2FFr7wIHp0CHGXI0QpB9q8floa%2FkSXneVj1Fl%2F1xMEpG0dgJu2PZmW3rSUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4532c20b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/evoplay.f05734bb.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/evoplay.f05734bb.svg
IP 104.26.5.11:0
GET /img/evoplay.f05734bb.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-a08"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393511
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXYTTzO%2B8u2tsDbfDoLFl3XlruVVhcmohaj9tmnndCdHKgW8aY7F4oJiy1beUjLP2f6e0G7%2BsYd6hdVD%2FasRFO19pRIoZXfgOUQacmBNEyzwAK69YqbKjxnNwiKEzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4528b1eb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/felt.10413409.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/felt.10413409.svg
IP 104.26.5.11:0
GET /img/felt.10413409.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-17fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Haa%2BRINHquCLhitkHCN1qraaDvTbIEBNLJfWS4bUT%2BF4MuMrWzZskn5YBzKm%2B3D0Sv5fs7WTgX29JpZS7NfTmOlVV7qcIhI8rg6oUrgiNqqeI%2Fl82ECPFvYQG9PnaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4528b28b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/tvbet.c92ea7dc.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/tvbet.c92ea7dc.svg
IP 104.26.5.11:0
GET /img/tvbet.c92ea7dc.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-3edf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8yMtJsu2PihN1X5vBZN%2BApJW4pDn4q36YhKjUDbBF1iBbOzJqU0ef3I1UKXnxbrhpxb2AsNYEWcNDziegQlX6X26bsBENpQz4iO1YsbSw2nT8ioUkHROVyi6R1yaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4531c13b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/gamomat%20standard.7d28ae64.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/gamomat%20standard.7d28ae64.svg
IP 104.26.5.11:0
GET /img/gamomat%20standard.7d28ae64.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-31a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFTIe20V53nsA%2FkNpe0efCjU9jyCZ4xHK%2Bbu%2F3kea8z7uHeX%2FCFWt6xcYhVRCM8V6Zc%2F%2FjXodHzFN%2B%2BXh%2FehDzGk6atfpyF4xeH4BcntTJ3OVZCbJaRYw3nKtItAqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4529b35b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/habanero.5aca5f39.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/habanero.5aca5f39.svg
IP 104.26.5.11:0
GET /img/habanero.5aca5f39.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-1077"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 404319
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dv2L4cN37VAqvUmUUfVliKJXqwD0I6bqg1%2BWn6RSG7F2zkRicJ9W7vF4E0po%2FONlEjd6IXuf9h0NqnzalFyWcCxezCDJVtpARffFQRUp4Gt%2FB7lJLnnpLrEf9bRRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452ab4db505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/mancala%20gaming.792c2e8b.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/mancala%20gaming.792c2e8b.svg
IP 104.26.5.11:0
GET /img/mancala%20gaming.792c2e8b.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-305d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNIPKRjle1BSOiXWu26lSBo78cseEH97IdmWduIBWpZbW%2BZ4tkEcarFWriU0Mf6njTuCSZkGZnym3Vj5PdN094y%2B0bICGQmO3L6YpH2dcG7qth6MHgIS0Lhhlyf56w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452db9ab505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/nolimit%20city.73ea77ec.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/nolimit%20city.73ea77ec.svg
IP 104.26.5.11:0
GET /img/nolimit%20city.73ea77ec.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-21a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGSeOjfMf6mKCsMnXd0IpZpxYE3V5Yy0a9uN1wyyqoZsRxPv%2FxigwDY7FeWs4OsPaH2NYqEfBROReZJZu5zL5p1zXuepPiMqtR7eRrD36aKF%2FrdfleadLc0pxOFEOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452ebacb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/onlyplay.820ab1cc.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/onlyplay.820ab1cc.svg
IP 104.26.5.11:0
GET /img/onlyplay.820ab1cc.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-648"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 317508
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hIBDsHxiTf2mFIqkJAm1oF2e0l240wGskSZdRMxSYRbZbQ8UUJIWBksAPUb%2FvTy9yuAUr4gpP1J%2BQtXQSSRRSBUWqKRYWcqvPJmR6mnzSBrhta1xbYgigU0ZHVdLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452ebb9b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/spinmatic.6decf00d.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/spinmatic.6decf00d.svg
IP 104.26.5.11:0
GET /img/spinmatic.6decf00d.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-24b3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVQCTNkCS%2BNmKPahGGdobEI6q7J5tTjl9WysMireUH2O2J78PunS4gGWx%2BCQx%2Byy88Tb8%2F5ipNScgFHWzYD%2FBerWPBGftpDPatCQhqrRFs4M8dkUpzzdlmH8VGmYjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4530bf2b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/blueprint.92d09945.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/blueprint.92d09945.svg
IP 104.26.5.11:0
GET /img/blueprint.92d09945.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2a4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393512
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0N5zWzq0PqJ6JZs3ujXru0FIlJ%2BizISu1s1izUCF5YnlFMiboaMlmpDXMKqwfVkNSPrPpd%2F%2FBqGgiN3MNjjIeIihT7p3jDU9YJ8yO0QbZO9WNJ%2BPjrUZAFWTXqsyPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4525ad0b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/givme%20games.9c29bc7b.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/givme%20games.9c29bc7b.svg
IP 104.26.5.11:0
GET /img/givme%20games.9c29bc7b.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-961"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMedr4d5Q347yIshhFTcyosYkDAy%2Fw1pE5mfsZ4JFa9GOv2iiWARFNZE64pfpQbIm1fxZ%2Fa8MawAWWDTffcUKCzbZI%2FAAhltG6H7pw%2FLeZ5B6XTDnygHohS64u6cPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452ab46b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/onetouch.8550a163.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/onetouch.8550a163.svg
IP 104.26.5.11:0
GET /img/onetouch.8550a163.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-3ad4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgI7OkBTuyJZiixpfWmYY%2BdLW0hhKqa60fMCU%2BXewBpfoGddEGPXDTndKIovaNVlQsjPugOyqGV2XBicEW2QRZaMRIVGQV8JB6q7N3LtWpZ4hXBNKF5fnt%2BKrTOARw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452ebafb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/retrogames.513aab74.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/retrogames.513aab74.svg
IP 104.26.5.11:0
GET /img/retrogames.513aab74.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-815"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2F5jOpfDkoRQDHBGR8uzR6pgXYJjww0qEsNSLjPV458aoNEnHqlLZBZssVPlSdSxVhhEZVbT9lKYg7sXspO5gMgrpfP9VS%2FajBGMGugVGFCF2gLj8TmNpLm%2B9iFQoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452fbd9b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/tpg.b2c2a9df.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/tpg.b2c2a9df.svg
IP 104.26.5.11:0
GET /img/tpg.b2c2a9df.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-a6f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 991936
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRz1ek0LviA1C1S6SQIkhZcGDDkidP85qhwmQd%2FrNmkH4eslj1l8Uvh6qs4AEKVy9uwsA2wyysgtxpWddEfIIPgwoO2D6IYl0qat6%2FLdJ9I43GiyApDZXxfsDcylGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4531c0cb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/worldmatch.767ba51a.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/worldmatch.767ba51a.svg
IP 104.26.5.11:0
GET /img/worldmatch.767ba51a.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-1f6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 991936
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Qz7mgKa%2BierrySY0EZr7Aru7h0kU6GAvKag0LBDYKZ28YIFJUoQPkWdrVtOqaPksYrA0V3XRJmtFDTh7pjw9f%2B5foBOHvBdXRRQoRbnADgcHYU94p%2F0Lku2LurWwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4532c2ab505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/zeus%20play.8ccc9002.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/zeus%20play.8ccc9002.svg
IP 104.26.5.11:0
GET /img/zeus%20play.8ccc9002.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-3d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTrsTiH8Nh2cvqd4klsuqdT1wdFNEvv%2F9rDaxQqUd9fkRpG1nACyZRmBd2f62pGjmw%2BRkJTEAaGkyJZBL0shRth609RHw5fXJyeAZ%2FBehnlFP%2FJS%2Bv8GRsnktRiRNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4533c30b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/blackpudding.ab318dcd.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/blackpudding.ab318dcd.svg
IP 104.26.5.11:0
GET /img/blackpudding.ab318dcd.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-141e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8vP6mHl19R2kSZtYcSMTjoCSDbZzyb0we32wDIO8ZGn5hB9xfXymnEWw25C7b%2FV9sLkE7iagphe8Zn1IFYL61GauG5cBePxvCg2c2Mam7ACRuaWMJmGqNg6%2FMbCGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4525acfb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/fantasma.7a456c94.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/fantasma.7a456c94.svg
IP 104.26.5.11:0
GET /img/fantasma.7a456c94.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2397"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRLN8Z%2Fa0JHLPTzlj0NJ4wJO395ADG03UWE04WwQK8qsrdhTyveS7OoXh3kdk1S3hXxonYNZEOQDBn%2BJA0p4hvWxw%2FBEHi2NyGOrkmEzODyUXBlt4AE%2Fps%2BGPpfWZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4528b20b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/mascotgaming.fbac2f51.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/mascotgaming.fbac2f51.svg
IP 104.26.5.11:0
GET /img/mascotgaming.fbac2f51.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-b64"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lx1udc77%2BWSj0exeZtETy0UZ%2BV8fC7LUicSW%2FPzC0mU1biD5OdUKjp2OggAe0vpIhPgw7BrakchVYP%2BhI9PscgyoJNxx7LCZ89P4RyTe5JX8BDdD559cBNs7EWYH%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452eba4b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/northernlights.efa65c9f.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/northernlights.efa65c9f.svg
IP 104.26.5.11:0
GET /img/northernlights.efa65c9f.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2699"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdtVtcKjI7ttBb8ZsiOlQ4iT%2F2vGTqOaVRVUt2sHvKAdwwISck4cBIorj4GnVpZdJxBDgLikGYJiZWLWgsek6pBKYbWVR7RoNChdj%2BfRcFVzIBMlET3E6uXfrGgVrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452ebadb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/pgsoft.5ab7874f.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/pgsoft.5ab7874f.svg
IP 104.26.5.11:0
GET /img/pgsoft.5ab7874f.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-d6f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdNQIYtQGpexOcl4mu1IrvGEj5W5L7ofu6q4DVgXKSTulw6MiTwOOw3QgTbNTgQC1RM4zA9iFrAlaia0fNbKq%2Ftr%2B7jKJ44vmnT%2Bxu24TjjvVq2T%2BUY4rZse8a0E%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452ebbcb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/virtual%20generation.76588830.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/virtual%20generation.76588830.svg
IP 104.26.5.11:0
GET /img/virtual%20generation.76588830.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2e89"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McL9%2BwpADI5pZOEEfSzEYhwbsY5QUPY5fC9WWnCSjYEIvNY22lFzKUn408cnAR%2FcsYcdUivlAal5PE2suL5G6ukFVIRDmCyYZemqVTs6kyMUqWIQlgCIC3tYDXG3GA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4532c22b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/cq9.bd2145b0.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/cq9.bd2145b0.svg
IP 104.26.5.11:0
GET /img/cq9.bd2145b0.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1169"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393511
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYCWZdDF5tNV4qVv%2BW1icCiRVcJSTEmdU6WgJYKvJAcWbyIlY2q3dMe4gGpawWTEQnMgq2tbYNN9g5C7YnaAk0GyeUrvw7r%2F0ukaxkOp2QRZ1f3yO%2B%2FElYpsKkaaAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4526ae9b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/pragmatic.fd2b7bb4.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/pragmatic.fd2b7bb4.svg
IP 104.26.5.11:0
GET /img/pragmatic.fd2b7bb4.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-52f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgsmLSikV3oZe6LTeBC0zVnG6LNAXukK1Q32vcOcnxCM6n9DC7%2BfakEAZjrvnYm6%2FH93BRy%2ByL6dmgdVSroTRD%2B7l%2Bh10jELV%2Fdm4AO5cb3jNmyTI6hDMg2f7OquNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd452fbd2b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/edict.209e128e.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/edict.209e128e.svg
IP 104.26.5.11:0
GET /img/edict.209e128e.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2f34"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393511
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0dv6BnbsugNSMXj9dTr1TuJ7KTNDFuxRDGtlcVvjQC6sQ5OMmCjfzo3P3Xf3X%2B6GgAZ1T1g2B9OsfaCZI0L4JYM5EruRBGPdM8fK17xFOhgLSQl00pwAvn6uTJuEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4527af4b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/icons-pack-sports-promotion.9bb32256.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/icons-pack-sports-promotion.9bb32256.js
IP 104.26.5.11:0
GET /js/icons-pack-sports-promotion.9bb32256.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:51 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=19260
access-control-allow-origin: *
etag: W/"63a42a53-4b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3395400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbPP8pwz8LdpIIcxTrnmm6qmlRkrdvI3%2Fwb%2BSb8UjZF7H6yLEF3ZZSqxq6DL%2F9fS4N6p76EfXQD5fD1pbIRIr9Wx95fCxeaQ3sI2BLso4DnkB8WoHTrKmYo15l4yGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4438d82b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/boomerang.ce3752d9.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/boomerang.ce3752d9.svg
IP 104.26.5.11:0
GET /img/boomerang.ce3752d9.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:53 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-81cd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393512
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGF3dGtCHtz2d2iIz7iXy9M88o58JZNQ3WBON45JqRNpjP76rt9TpL55GTgx8EExoLOlMtLs0eEFe4T5JJYPtMQAdPRV2eO9GFexyfYxIb8eV3EH352QOcVd82E8BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4526ad4b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/fugaso.a193ab53.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/fugaso.a193ab53.svg
IP 104.26.5.11:0
GET /img/fugaso.a193ab53.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-4c1e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3394282
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXdkU6OTYIZXmL69zI%2BBztehAOEwbppfzyiTm%2F7xGFN0oMCtVp6BT2ih898prAqxQetLdQQIwQYcoC9r5mFuYWVnkmq6H7ZQmCf%2B6ybF8XttUIMgM6%2Fef4tWaLYOBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4528b2bb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/smartsoft.55c81c76.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/smartsoft.55c81c76.svg
IP 104.26.5.11:0
GET /img/smartsoft.55c81c76.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-149b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxogdyNSpsivf5fyv%2B%2B60YCMvvCQaK4qMchWthjpuD5jQKDP%2Flx%2BZAP%2BKV3f4kjBUiUa8XoCszHQLn4XHUR1TYIzdsyRfdHuOJkzcVNyI31GVeL7jCSrv5meHzXPMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4530befb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/spadegaming.eebb41d8.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/spadegaming.eebb41d8.svg
IP 104.26.5.11:0
GET /img/spadegaming.eebb41d8.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wvgdg.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:11:54 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2d62"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3393510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30gWc07SnEYWkda9tRDSHdeOzWSzLMD%2BlfOFxsaANaCy04DSEmQKLsADBd5fx10dhBI%2B8t64Nde4tlJGmxuSVXAyMYqQkXeOuQa4EBwMNib%2FVreyuodHCxvTfT81DA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bd4530bf0b505-OSL
content-encoding: br
X-Firefox-Spdy: h2