1wduef.top/
190.115.19.101301 Moved Permanently 175 B IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 27d3037d4815f88b7bb724cb258524e1
092678ca1f61e13d97f37f7be9438e7b32b722e9
0c0a343c76a265d5b6b5b3708383afaf77f187eaa7f3fa8f1fec18cdf4ebe198
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: 1wduef.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: openresty/1.19.9.1
Date: Wed, 01 Feb 2023 17:21:30 GMT
Content-Type: text/html
Content-Length: 175
Connection: keep-alive
Location: https://1wduef.top
X-Frame-Options: DENY
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3287
Expires: Wed, 01 Feb 2023 18:16:18 GMT
Date: Wed, 01 Feb 2023 17:21:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5083
Expires: Wed, 01 Feb 2023 18:46:14 GMT
Date: Wed, 01 Feb 2023 17:21:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20534
Expires: Wed, 01 Feb 2023 23:03:45 GMT
Date: Wed, 01 Feb 2023 17:21:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 16:36:02 GMT
content-type: application/json
age: 2729
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4woT9WeOYImUHdxih9iXdfhBl2VBxNgHbEBOYx0bEfg9ihYDBdJhllK9+3k1UeazB7cJzgE6Ei4=
x-amz-request-id: S3X4YGAF6GJR0283
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 16:22:44 GMT
age: 3527
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 17:21:31 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9caaef6d0110b9743c4b59b92510dd26
7ca8c4531ab2c387023159f2fbc7d841f4cf9f78
766cfd6602dde4e23a5b71d8b8d55bfdfd68058d484008f60c25d248e326debf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "766CFD6602DDE4E23A5B71D8B8D55BFDFD68058D484008F60C25D248E326DEBF"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21493
Expires: Wed, 01 Feb 2023 23:19:44 GMT
Date: Wed, 01 Feb 2023 17:21:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 16:41:42 GMT
age: 2389
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3464
Expires: Wed, 01 Feb 2023 18:19:15 GMT
Date: Wed, 01 Feb 2023 17:21:31 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/Qcxua71jizE
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Qcxua71jizE
IP 216.58.211.3:0
Hash cbd2ff56eff9cafd0e57af8f2c537efa
2b8f0bc20f267bf772e4f5a4687184a52ef79add
a0ecf1788cb20c04c5601dbdd168787ca4c01883e2b95974c848f0bc2f9c4c28
POST /s/gts1p5/Qcxua71jizE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:21:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Qcxua71jizE
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Qcxua71jizE
IP 216.58.211.3:0
Hash cbd2ff56eff9cafd0e57af8f2c537efa
2b8f0bc20f267bf772e4f5a4687184a52ef79add
a0ecf1788cb20c04c5601dbdd168787ca4c01883e2b95974c848f0bc2f9c4c28
POST /s/gts1p5/Qcxua71jizE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:21:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Qcxua71jizE
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Qcxua71jizE
IP 216.58.211.3:0
Hash cbd2ff56eff9cafd0e57af8f2c537efa
2b8f0bc20f267bf772e4f5a4687184a52ef79add
a0ecf1788cb20c04c5601dbdd168787ca4c01883e2b95974c848f0bc2f9c4c28
POST /s/gts1p5/Qcxua71jizE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:21:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Qcxua71jizE
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Qcxua71jizE
IP 216.58.211.3:0
Hash cbd2ff56eff9cafd0e57af8f2c537efa
2b8f0bc20f267bf772e4f5a4687184a52ef79add
a0ecf1788cb20c04c5601dbdd168787ca4c01883e2b95974c848f0bc2f9c4c28
POST /s/gts1p5/Qcxua71jizE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:21:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1win-cdn.com/css/6610.4f034e44.css
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/css/6610.4f034e44.css
IP 104.26.5.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/6610.4f034e44.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wduef.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:32 GMT
content-type: text/css
content-length: 0
cache-control: max-age=315360000
cf-bgj: minify
access-control-allow-origin: *
etag: "63c7c775-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
cf-cache-status: HIT
age: 1167353
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAfsIyk1d3pBKrKKEjaxlTXW95DHSkN%2FFynrNHSfwn1bIO5BwjWciY2GlJ6YIM1RmGcaYjrjMEp3R08QU3dwHHpoLxoF9vK8zmKNEAgimM4gpu1%2BZ%2Ff%2FIXqZ%2B2i1Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d2f2cdbb521-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/Qcxua71jizE
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Qcxua71jizE
IP 216.58.211.3:0
Hash cbd2ff56eff9cafd0e57af8f2c537efa
2b8f0bc20f267bf772e4f5a4687184a52ef79add
a0ecf1788cb20c04c5601dbdd168787ca4c01883e2b95974c848f0bc2f9c4c28
POST /s/gts1p5/Qcxua71jizE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:21:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.34.31.66101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.34.31.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ka0o9NlaDb71OW619DdrWw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mWxNja4YIHnCjqfF5xPkcYu90C8=
1win-cdn.com/js/chunk-vendors.7fe08395.js
104.26.5.11200 OK 133 kB URL HTTP/2 1win-cdn.com/js/chunk-vendors.7fe08395.js
IP 104.26.5.11:0
File type Unicode text, UTF-8 text, with very long lines (65469), with no line terminators
Size 133 kB (132612 bytes)
Hash a493e7e2b6536b26405269501ce53378
b3da913b5629ad7be243357554ce378284bd2114
2571d0f76af55b56614d3af64cd22f5884931e635ab8d87bfcc6afb4db2ed47e
GET /js/chunk-vendors.7fe08395.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wduef.top
Connection: keep-alive
Referer: https://1wduef.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 01 Feb 2023 10:19:55 GMT
etag: W/"63da3ccb-68484"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2F5epSYfuC5Q2jek5FzNPZyIRVjUeRL7Nz5gCLg3Gw5BjL%2B9loPk6B%2B17b5JAKFZFgPeu4QqmLyKkLc3xue%2Ff3MtOhaYTu5uv20KXa%2BuI3Ry8LPuQm7zw0yc5D%2F%2FKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d2f2a51b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
1wduef.top/img/icons/apple-touch-icon-152x152.png
190.115.19.101200 OK 29 kB URL HTTP/2 1wduef.top/img/icons/apple-touch-icon-152x152.png
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 152 x 152, 8-bit/color RGBA, non-interlaced\012- data
Hash 0182e90098bff38de2e9e6e5d85edc95
d64a156fb3c8c98d09c8e178ec659124258534af
d047c554c99242545a47aee401fbf84bc037057653cb7a967e089ea0aa796a85
GET /img/icons/apple-touch-icon-152x152.png HTTP/1.1
Host: 1wduef.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wduef.top/
Cookie: visit_domain=1wduef.top; core-sticky=http://10.233.107.204:80
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 01 Feb 2023 17:21:32 GMT
content-type: image/png
content-length: 28672
last-modified: Wed, 01 Feb 2023 10:20:08 GMT
etag: "63da3cd8-7000"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
accept-ranges: bytes
X-Firefox-Spdy: h2
1win-cdn.com/js/1895.80662a88.js
104.26.5.11200 OK 25 kB URL HTTP/2 1win-cdn.com/js/1895.80662a88.js
IP 104.26.5.11:0
File type ASCII text, with very long lines (60374), with no line terminators
Hash 1192f81cbd03b5432714cb29ba95ebe6
e61a7587f076ec0952fea05831e629bd5076159b
844bf491ecba2db132544b053d855707fe2fdb66a4fc00a3890a7a1bc91c0245
GET /js/1895.80662a88.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wduef.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:32 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=60416
access-control-allow-origin: *
etag: W/"63d7c7fa-ec00"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 30 Jan 2023 13:36:58 GMT
cf-cache-status: HIT
age: 186253
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Zy4L%2FTTFF%2BwhwhLdYml3mQ2WORKD3ZfhRUKLyDzy0jenNpbxR2MU2MJOQIUIgoE%2FG%2Blb34pqKVtlWyde9syvk3I9uDOvIAKC5vmz0se%2FHpjCtw45gE2MAEbOcNxiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d322a52b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/css/desktop.31e6deb9.css
104.26.5.11200 OK 405 kB URL HTTP/2 1win-cdn.com/css/desktop.31e6deb9.css
IP 104.26.5.11:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 405 kB (405139 bytes)
Hash f9d48ee5836ddf86c8cc2ee7f7a4c028
3e4c3ac0a121d5e7b0b2610a7b56dd39635f196e
f8d8a02b0fb185753e9390af911be95b1bcb7d3b9cc217bb28d1356f9c257031
GET /css/desktop.31e6deb9.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wduef.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:32 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=95906
access-control-allow-origin: *
etag: W/"63d124be-176a2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
cf-cache-status: HIT
age: 497464
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wig5PhPObQzHSUiQt3%2F80ia2cnNtbkJQ56iXLT%2F6J%2Fa8%2B70MXpF6fnVFDll1Iy2H%2FiSKFScNZr8iIE7GZvcX1CRqBx1xBDKqcPl%2FAWlGRUOWyA6a22i7nEZnk0BSxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d2f1cc9b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:21:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
172.217.21.168200 OK 57 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
IP 172.217.21.168:0
File type ASCII text, with very long lines (13682)
Hash a58798ec394f7daa6c324a7806991028
a8226f7cded63f79cfb018ce36eacb297157cc3b
93f4fc694a100781422fcfb6c590eaecafe0965f7a1dd885e3cfdb28f70e1c13
GET /gtm.js?id=GTM-KGKQDC7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wduef.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 Feb 2023 17:21:32 GMT
expires: Wed, 01 Feb 2023 17:21:32 GMT
cache-control: private, max-age=900
last-modified: Wed, 01 Feb 2023 17:04:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 57211
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1wduef.top/firebase/8.1.1/firebase-messaging.js
190.115.19.101200 OK 12 kB URL HTTP/2 1wduef.top/firebase/8.1.1/firebase-messaging.js
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
Hash a4c3452092a9c21c04b4d732a3f9c004
84bf54edf6eb226bd8543c6286fb874811606a25
459ffc66da757058686d8efac738f354f967e5bf3acf9108cc47f77ee064d276
GET /firebase/8.1.1/firebase-messaging.js HTTP/1.1
Host: 1wduef.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wduef.top/sw.db344b25.js
Cookie: visit_domain=1wduef.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 01 Feb 2023 17:21:32 GMT
content-type: application/javascript
last-modified: Wed, 01 Feb 2023 10:20:08 GMT
etag: W/"63da3cd8-9f25"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:21:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a456cd9684a2ff020b854f178c06b509
b5a9e34f112cbe6d41b695ce7234cfe83de1356e
75b3ff1ea527598880cd41f65ebc03440b0ed019d53f8de1b4588de04bc4919e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:21:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a456cd9684a2ff020b854f178c06b509
b5a9e34f112cbe6d41b695ce7234cfe83de1356e
75b3ff1ea527598880cd41f65ebc03440b0ed019d53f8de1b4588de04bc4919e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:21:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=578836803170;gtm=2wg1u0;auiddc=1952519474.1675272115;~oref=https%3A%2F%2F1wduef.top%2F?
142.250.74.70200 OK 233 B URL HTTP/2 12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=578836803170;gtm=2wg1u0;auiddc=1952519474.1675272115;~oref=https%3A%2F%2F1wduef.top%2F?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (447), with no line terminators
Hash 322cd0a3e392e942f4fa90feb4d761ff
0c460c1d92f89b215960a4450bae5d3f2b665331
397004907abebf4584222fb59f0e8e71c92b94d45e227ae5e809170fdfc146a4
GET /activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=578836803170;gtm=2wg1u0;auiddc=1952519474.1675272115;~oref=https%3A%2F%2F1wduef.top%2F? HTTP/1.1
Host: 12688802.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wduef.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 17:21:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 233
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 01-Feb-2023 17:36:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2606090.js?sv=6
54.230.111.113200 OK 3.8 kB URL HTTP/2 static.hotjar.com/c/hotjar-2606090.js?sv=6
IP 54.230.111.113:0
File type ASCII text, with very long lines (7535)
Hash d5eeccf68390edd1d44b65c26542eb69
25a9453a02f4e2ca3d724e201167703b6afd323f
4150fdee83c8e136913a1ce57112d1b8d7f3b3d16f6b44bdc842a36043cbcb75
GET /c/hotjar-2606090.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wduef.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Wed, 01 Feb 2023 17:21:16 GMT
cache-control: max-age=60
etag: W/46c993e0765c3bb38676b5a556b0124d
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KIahYECgZQ6qGoJ7RJcITK8qzJtF1R4NSx0764wLY0d3m5aPb0a-zQ==
age: 18
X-Firefox-Spdy: h2
script.hotjar.com/modules.4b160a4831adaf5337e6.js
54.230.111.79200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.4b160a4831adaf5337e6.js
IP 54.230.111.79:0
File type Unicode text, UTF-8 text, with very long lines (48602)
Hash 3315b6999637291711ab85ba678211fa
d1bba723aa49e6276dfdb0f1313a9bf0b64be153
b3bd4f702044ae91c9227ce2d5c8411d3fec3abb82c9c1b7a9b69d2011c520e5
GET /modules.4b160a4831adaf5337e6.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
HTTP/2 200 OK
content-type: application/javascript
content-length: 68316
date: Mon, 30 Jan 2023 16:06:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "3315b6999637291711ab85ba678211fa"
last-modified: Mon, 30 Jan 2023 16:05:37 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yAwKaQdeIxZP62228jvaB2utaGiPdMPR2zOJNd9fP74VVf35ZuvosA==
age: 177327
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a456cd9684a2ff020b854f178c06b509
b5a9e34f112cbe6d41b695ce7234cfe83de1356e
75b3ff1ea527598880cd41f65ebc03440b0ed019d53f8de1b4588de04bc4919e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:21:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 55f843aa50059ed477ea1562d3c1bf19
a1dc7548036ada96d9bd54793b70e06d22c52c97
176568b84f4286bb3da51dcffd689dcd9b155e63289fec721f215e1e1a01b091
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 17:21:33 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Sun, 05 Feb 2023 16:10:05 GMT
ETag: "a1dc7548036ada96d9bd54793b70e06d22c52c97"
Last-Modified: Wed, 01 Feb 2023 16:10:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 868
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792c5d363820b50f-OSL
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:21:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:21:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=578836803170;gtm=2wg1u0;auiddc=1952519474.1675272115;~oref=https%3A%2F%2F1wduef.top%2F
142.250.74.66200 OK 233 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=578836803170;gtm=2wg1u0;auiddc=1952519474.1675272115;~oref=https%3A%2F%2F1wduef.top%2F
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (446), with no line terminators
Hash 22ddbd72bfbd9e0a74a39b43bde2b69d
79637b782d69fadfbfce6c3196edc4ba4e4b86f4
7bb19c25d30a3112c41e73d509e9134fc9a178887dfc96eaaa21489ac4514a0b
GET /ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=578836803170;gtm=2wg1u0;auiddc=1952519474.1675272115;~oref=https%3A%2F%2F1wduef.top%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://12688802.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 17:21:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 233
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=963938819477.2225;~oref=https://1wduef.top/
142.250.74.66200 OK 277 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=963938819477.2225;~oref=https://1wduef.top/
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (519), with no line terminators
Hash 75d563268a7caa4bd7e67bea6db4ffc6
6c31d733a1da114cd61fd2edfa77536d70311fc0
d76fdbdcaa76694d49ae1157d6a7d3f2e4f678e4b412eda7f12071487fd47449
GET /ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=963938819477.2225;~oref=https://1wduef.top/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 17:21:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 277
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:21:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/tag.js
87.250.251.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash a236c7014c1f1a1e52d356f59e5d665a
b66c638eb2346287364c37725819bbab1f409d66
ad2d57579e453af0eac49156840bcd1dcfbd802a82135af98f41f714d7e698f2
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
HTTP/2 200 OK
content-length: 73769
date: Wed, 01 Feb 2023 17:21:33 GMT
access-control-allow-origin: *
etag: "63c93a4b-12029"
expires: Wed, 01 Feb 2023 18:21:33 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9231
Expires: Wed, 01 Feb 2023 19:55:24 GMT
Date: Wed, 01 Feb 2023 17:21:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9231
Expires: Wed, 01 Feb 2023 19:55:24 GMT
Date: Wed, 01 Feb 2023 17:21:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9231
Expires: Wed, 01 Feb 2023 19:55:24 GMT
Date: Wed, 01 Feb 2023 17:21:33 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:21:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:21:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:53:10 GMT
age: 34103
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 22:03:43 GMT
age: 69470
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2998f7f50ac0eec931c348e8a0fb0c60
f5e411cda74cb7fb4a662f4787e9543b9749c8b5
0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 64EbarGrn6AIpXOE8TIfiBeGFQinx-P9lUIvmiQ1ivZgFrxl7_W4EQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:57:42 GMT
age: 69831
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec7e808a5e82552c46c3417a5b32b836
f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd
f16d982224dfeb0753eaf9d4eb87d80fd1111f682fd8fa36f3177aad5bf926a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6819
x-amzn-requestid: a0368695-4182-40bd-9a28-c50ae783a7a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRHGnoAMF0Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-624285eb16110b8c2360dec5;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4MpUHqMYJoNA7QuRuQwbJIodNkhizq6EL5SPbIoSKFQjtoAKQgLuEg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:25 GMT
age: 70208
etag: "f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
1win-cdn.com/js/2950.b108f851.js
104.26.5.11200 OK 158 kB URL HTTP/2 1win-cdn.com/js/2950.b108f851.js
IP 104.26.5.11:0
File type Unicode text, UTF-8 text, with very long lines (65459), with no line terminators
Size 158 kB (157571 bytes)
Hash 72cd6438f8502883659dffbca0eccbd4
136c857cf2a8b4f3c2ec3654723daf7de3ce5e69
f305c976a127961b022fea3b6df506f3fbda3af7c77b8fb1be3451494d3eff20
GET /js/2950.b108f851.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wduef.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:32 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=540139
access-control-allow-origin: *
etag: W/"63da3cca-83deb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 01 Feb 2023 10:19:54 GMT
cf-cache-status: HIT
age: 25276
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5oJa4Oi1vpIxVhGtqmn0j9JpIbEYId57a%2FqGAxw8p95O6UqoGCdJ3tolpI29hVI35cXCi3xxN0ZofKuHqAHhhZmmFrG1DlVnSCfQe%2F3XX%2FRX9R6BD3Bh1qKZLn%2FjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d322a61b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pU_436f27nMZKPxZZWqZekERHFTvcG5NT5p_CYEXHRPtIWjDtSA-uA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:15:18 GMT
age: 36375
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=578836803170;gtm=2wg1u0;auiddc=1952519474.1675272115;~oref=https%3A%2F%2F1wduef.top%2F
216.58.207.194200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=578836803170;gtm=2wg1u0;auiddc=1952519474.1675272115;~oref=https%3A%2F%2F1wduef.top%2F
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=578836803170;gtm=2wg1u0;auiddc=1952519474.1675272115;~oref=https%3A%2F%2F1wduef.top%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 17:21:33 GMT
expires: Wed, 01 Feb 2023 17:21:33 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=963938819477.2225;~oref=https://1wduef.top/
216.58.207.194200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=963938819477.2225;~oref=https://1wduef.top/
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=963938819477.2225;~oref=https://1wduef.top/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 17:21:33 GMT
expires: Wed, 01 Feb 2023 17:21:33 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.lab.amplitude.com/sdk/vardata
151.101.2.132200 OK 2 B URL HTTP/2 api.lab.amplitude.com/sdk/vardata
IP 151.101.2.132:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /sdk/vardata HTTP/1.1
Host: api.lab.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1wduef.top/
Authorization: Api-Key client-Ss5BFx7UDrTj948TJHfc5ZUoTW67EjvZ
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS41LjUiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkZpcmVmb3ggMTA1IiwiZGV2aWNlX21vZGVsIjoiV2luZG93cyIsInVzZXJfcHJvcGVydGllcyI6e319
Origin: https://1wduef.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
access-control-allow-origin: https://1wduef.top
access-control-allow-credentials: true
x-amzn-trace-id: Root=1-63da9f9d-7a7050f00d9a985e4d9d0540
x-content-type-options: nosniff
accept-ranges: bytes
date: Wed, 01 Feb 2023 17:21:33 GMT
age: 0
x-served-by: cache-bma1666-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675272093.209823,VS0,VE177
vary: Origin, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:21:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 01 Feb 2023 17:21:33 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Wed, 01 Feb 2023 18:21:33 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wduef.top%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1095%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1484278489431%3Ahid%3A921536655%3Az%3A0%3Ai%3A20230201172155%3Aet%3A1675272116%3Ac%3A1%3Arn%3A442602060%3Arqn%3A1%3Au%3A1675272116189071300%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C274%2C394%2C0%2C242%2C0%2C%2C147%2C1%2C%2C%2C%2C1704%3Aco%3A0%3Ans%3A1675272113170%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675272116%3At%3A1win%20-%20Loading&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.251.119302 Found 407 B URL HTTP/2 mc.yandex.ru/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wduef.top%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1095%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1484278489431%3Ahid%3A921536655%3Az%3A0%3Ai%3A20230201172155%3Aet%3A1675272116%3Ac%3A1%3Arn%3A442602060%3Arqn%3A1%3Au%3A1675272116189071300%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C274%2C394%2C0%2C242%2C0%2C%2C147%2C1%2C%2C%2C%2C1704%3Aco%3A0%3Ans%3A1675272113170%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675272116%3At%3A1win%20-%20Loading&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash edbe2291ade32d93dd53f148f1c7c26d
31a9085ddd9aecf312c3b2dfde9839b1830f1cf9
36bfd67b815e1046894171375d29d734fd5280105074010c05a59a2ee6ac7e15
GET /watch/92006234?wmode=7&page-url=https%3A%2F%2F1wduef.top%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1095%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1484278489431%3Ahid%3A921536655%3Az%3A0%3Ai%3A20230201172155%3Aet%3A1675272116%3Ac%3A1%3Arn%3A442602060%3Arqn%3A1%3Au%3A1675272116189071300%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C274%2C394%2C0%2C242%2C0%2C%2C147%2C1%2C%2C%2C%2C1704%3Aco%3A0%3Ans%3A1675272113170%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675272116%3At%3A1win%20-%20Loading&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wduef.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 302 Found
location: /watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wduef.top%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1095%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1484278489431%3Ahid%3A921536655%3Az%3A0%3Ai%3A20230201172155%3Aet%3A1675272116%3Ac%3A1%3Arn%3A442602060%3Arqn%3A1%3Au%3A1675272116189071300%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C274%2C394%2C0%2C242%2C0%2C%2C147%2C1%2C%2C%2C%2C1704%3Aco%3A0%3Ans%3A1675272113170%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675272116%3At%3A1win%20-%20Loading&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Wed, 01 Feb 2023 17:21:33 GMT
access-control-allow-origin: https://1wduef.top
set-cookie: yabs-sid=763937211675272093; Path=/; SameSite=None; Secure
i=SYnnNKalW5gV4+KwJp23aS3xK5lqSIu6iaBv6EhjrF+vOUtwI8Q7HKR/aYhS777T7Pd0pEltTLX2nnooLaDZfWc0q4w=; Expires=Sat, 29-Jan-2033 17:21:32 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=3950461561675272093; Expires=Thu, 01-Feb-2024 17:21:33 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3950461561675272093; Expires=Thu, 01-Feb-2024 17:21:33 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706808093.yc.1675272093#1706808093.yrts.1675272093#1706808093.yrtsi.1675272093; Expires=Thu, 01-Feb-2024 17:21:33 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 01-Feb-2023 17:21:33 GMT
last-modified: Wed, 01-Feb-2023 17:21:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
1wduef.top/1.txt?1675272116028
190.115.19.101200 OK 8 B URL HTTP/2 1wduef.top/1.txt?1675272116028
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
Hash 48cfef8b3001a8c220dc815870f9916e
b77e871e72a3083c4bb31d6bcb5a257557181269
3d2c759213949af96fbdcd756a5146f64a9acadf9625bd7a9feb04bb4517b4f9
GET /1.txt?1675272116028 HTTP/1.1
Host: 1wduef.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1wduef.top/sw.db344b25.js
Connection: keep-alive
Cookie: visit_domain=1wduef.top; core-sticky=http://10.233.107.204:80; 1w_lang=en; _gcl_au=1.1.1952519474.1675272115; _ga_548949LWLW=GS1.1.1675272115.1.0.1675272115.0.0.0; _ga=GA1.1.798814146.1675272116; _hjSessionUser_2606090=eyJpZCI6IjExMGJhMGY2LWQxYzYtNTQwZS04ZTJkLTYxNGQwNzM0ODU1MCIsImNyZWF0ZWQiOjE2NzUyNzIxMTU1ODYsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2606090=eyJpZCI6IjA4MjZhNjE2LTQ2ZmEtNDNkNy1hMDhiLWRiNjMxMjAxMDI3OSIsImNyZWF0ZWQiOjE2NzUyNzIxMTU2ODYsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0; _hjHasCachedUserAttributes=true; _ym_uid=1675272116189071300; _ym_d=1675272116; _ym_isad=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 01 Feb 2023 17:21:33 GMT
content-type: text/plain
content-length: 8
last-modified: Wed, 01 Feb 2023 10:20:08 GMT
etag: "63da3cd8-8"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
1win-cdn.com/css/7057.6c4e5731.css
104.26.5.11200 OK 12 kB URL HTTP/2 1win-cdn.com/css/7057.6c4e5731.css
IP 104.26.5.11:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6d3bf0b0fe464e6891fa9bc81f0fdeda
e33a6db9287efa856d7348e60c63497d8cded0a1
39afc4fa0ff110648ba4184c47ee4031c5bbb533e5afafc6dc00c9f9bd45b04a
GET /css/7057.6c4e5731.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:33 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=68681
access-control-allow-origin: *
etag: W/"63cfcc7b-10c49"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 24 Jan 2023 12:18:03 GMT
cf-cache-status: HIT
age: 707461
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACNCA4HHpefDMaXCAtgbcZWzZHCuso6ohKmIL%2BJK8bOoCHm%2Fy8yhaiiIi52wxepPc1q%2Fftdzqu2xnIkfqi4GkLWV%2BQUbDY8rMwLHNA82eqDzrZOWMmIS8BY4Hg0ZUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d398ed0b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/1883.ce7803cd.js
104.26.5.11200 OK 5.2 kB URL HTTP/2 1win-cdn.com/js/1883.ce7803cd.js
IP 104.26.5.11:0
File type ASCII text, with very long lines (13690), with no line terminators
Hash 4788305fb84b838410357650ebb51333
e4c5f100565fcdc24cfa031b5138b43045b63d93
4b76cb14c8ad885dc6de8a6227233b005d1130ad58c00bcb3ba1c5b1e688c79a
GET /js/1883.ce7803cd.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:33 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=13732
access-control-allow-origin: *
etag: W/"63a42a53-35a4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3568755
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GoAJwN9qCcfA14LmKzBwXvdBL4h63Jv3gM%2FmshvTU8TuJJ9%2B0few91plxgDA8NQwtIx8KtCuf95O8HZ9W5mbXDexgJJ3O6%2Fo6%2FCQeEioaR5lvL6MHiEetmJkDO3waQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d397eb1b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/css/5616.80aa74eb.css
104.26.5.11200 OK 7.4 kB URL HTTP/2 1win-cdn.com/css/5616.80aa74eb.css
IP 104.26.5.11:0
File type ASCII text, with very long lines (20616), with no line terminators
Hash 8a27bd6a83a5c8a60a02fa4ad61148e4
531e92e186187dc67de2b5203a1e1b9f7908e003
bec9f832b06e50cdf3c6210ebb6e001ad712bf3ac10f4ddf3a3c6b8500abdbf4
GET /css/5616.80aa74eb.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:33 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
access-control-allow-origin: *
etag: W/"63a42a53-5088"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3568800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AGszIagQJ3vAESrKFxW%2BwUOCrNi70UFhdrJAt0atgex%2BEM9ts6TpS%2BnzXy4KNxiZNrMGcBanty%2B2JpJ0MsO5EzscVm6XGeCWxGHgtNKH4XihcfqUntwWGo87wGeWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d397eaeb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1wduef.top/pwaNotFound.html
190.115.19.101200 OK 30 kB URL HTTP/2 1wduef.top/pwaNotFound.html
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65356), with no line terminators
Hash 46a597af22b7f8f4343a38ab79a49fff
a9447665d8cc702845b6a04b01e231d8e4c09660
e30a2861c7521fc4526c6755593ca4e3cdc3b997764b2027c5ca5d542fbcfeb0
GET /pwaNotFound.html HTTP/1.1
Host: 1wduef.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1wduef.top/sw.db344b25.js
Connection: keep-alive
Cookie: visit_domain=1wduef.top; core-sticky=http://10.233.107.204:80; 1w_lang=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 01 Feb 2023 17:21:32 GMT
content-type: text/html
last-modified: Wed, 01 Feb 2023 10:20:08 GMT
etag: W/"63da3cd8-136c"
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-548949LWLW>m=2oe1u0&_p=1015888924&cid=798814146.1675272116&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675272115&sct=1&seg=0&dl=https%3A%2F%2F1wduef.top%2F&dt=1win%20-%20Loading&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-548949LWLW>m=2oe1u0&_p=1015888924&cid=798814146.1675272116&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675272115&sct=1&seg=0&dl=https%3A%2F%2F1wduef.top%2F&dt=1win%20-%20Loading&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-548949LWLW>m=2oe1u0&_p=1015888924&cid=798814146.1675272116&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675272115&sct=1&seg=0&dl=https%3A%2F%2F1wduef.top%2F&dt=1win%20-%20Loading&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wduef.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://1wduef.top
date: Wed, 01 Feb 2023 17:21:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1win.direct/socket.io/?Language=en&EIO=3&transport=websocket
134.122.54.186101 Switching Protocols 0 B URL HTTP/1.1 1win.direct/socket.io/?Language=en&EIO=3&transport=websocket
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?Language=en&EIO=3&transport=websocket HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://1wduef.top
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oax0hOHI63M4SCZ1LNAoqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Sec-Websocket-Accept: hCiDwJrvB6sV/mDmK0PtQys5vXE=
Sec-Websocket-Extensions: permessage-deflate
Set-Cookie: core-sticky=300bce1683c333c5; Path=/; HttpOnly
Upgrade: websocket
1wduef.top/sw.db344b25.js
190.115.19.101304 Not Modified 0 B URL HTTP/2 1wduef.top/sw.db344b25.js
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw.db344b25.js HTTP/1.1
Host: 1wduef.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: visit_domain=1wduef.top; core-sticky=http://10.233.107.204:80; 1w_lang=en; _gcl_au=1.1.1952519474.1675272115; _ga_548949LWLW=GS1.1.1675272115.1.0.1675272115.0.0.0; _ga=GA1.1.798814146.1675272116; _hjSessionUser_2606090=eyJpZCI6IjExMGJhMGY2LWQxYzYtNTQwZS04ZTJkLTYxNGQwNzM0ODU1MCIsImNyZWF0ZWQiOjE2NzUyNzIxMTU1ODYsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2606090=eyJpZCI6IjA4MjZhNjE2LTQ2ZmEtNDNkNy1hMDhiLWRiNjMxMjAxMDI3OSIsImNyZWF0ZWQiOjE2NzUyNzIxMTU2ODYsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0; _hjHasCachedUserAttributes=true; _ym_uid=1675272116189071300; _ym_d=1675272116; _ym_isad=2
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-Modified-Since: Wed, 01 Feb 2023 10:20:08 GMT
If-None-Match: W/"63da3cd8-18bf"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
server: openresty/1.19.9.1
date: Wed, 01 Feb 2023 17:21:34 GMT
last-modified: Wed, 01 Feb 2023 10:20:08 GMT
etag: "63da3cd8-18bf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
X-Firefox-Spdy: h2
1win-cdn.com/img/present-with-light.bd57fb06-151.png
104.26.5.11200 OK 6.7 kB URL HTTP/2 1win-cdn.com/img/present-with-light.bd57fb06-151.png
IP 104.26.5.11:0
File type PNG image data, 151 x 161, 8-bit colormap, non-interlaced\012- data
Hash 6e2f4fff39b3a495fecefe5fee863c51
d358f1c8d7fe7298feea325c7ea6d145a3634026
4800fa860802fd0e46629776201afccd5adc1bf6b8b5a45a5e7c46d8d3b2a690
GET /img/present-with-light.bd57fb06-151.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: image/png
content-length: 6732
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-1a4c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3568783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FFyChbb1Bt0%2BYcVADWA1MqC158kKEf%2F2XxWuySKXtW1TljSsfwO1JFwQt7JQKv61vhPfqtliw6ERQecplL3eoPxGZ0Wru%2Fi0f%2FcQrF3om5Tu%2BhJsYeBWIAJjP79%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3d5c1eb521-OSL
X-Firefox-Spdy: h2
1wduef.top/common/title?path=bets&lang=en
190.115.19.101200 OK 16 B URL HTTP/2 1wduef.top/common/title?path=bets&lang=en
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /common/title?path=bets&lang=en HTTP/1.1
Host: 1wduef.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1wduef.top/
Connection: keep-alive
Cookie: visit_domain=1wduef.top; core-sticky=http://10.233.107.204:80; 1w_lang=en; _gcl_au=1.1.1952519474.1675272115; _ga_548949LWLW=GS1.1.1675272115.1.0.1675272115.0.0.0; _ga=GA1.1.798814146.1675272116; _hjSessionUser_2606090=eyJpZCI6IjExMGJhMGY2LWQxYzYtNTQwZS04ZTJkLTYxNGQwNzM0ODU1MCIsImNyZWF0ZWQiOjE2NzUyNzIxMTU1ODYsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2606090=eyJpZCI6IjA4MjZhNjE2LTQ2ZmEtNDNkNy1hMDhiLWRiNjMxMjAxMDI3OSIsImNyZWF0ZWQiOjE2NzUyNzIxMTU2ODYsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0; _hjHasCachedUserAttributes=true; _ym_uid=1675272116189071300; _ym_d=1675272116; _ym_isad=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: application/json; charset=utf-8
content-length: 16
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
1win-cdn.com/img/casino-mentor.f6b6387a-172.png
104.26.5.11200 OK 2.0 kB URL HTTP/2 1win-cdn.com/img/casino-mentor.f6b6387a-172.png
IP 104.26.5.11:0
File type PNG image data, 172 x 50, 8-bit colormap, non-interlaced\012- data
Hash 1c8fa7ed406056b760b1171b49f8fd73
601643736f0c6bdce0531f5bc5252a96879d1ad1
c4ff5a6ee1315f5e5eeb287189912baaae7e032f178ccad3c575d6f8d99d4916
GET /img/casino-mentor.f6b6387a-172.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: image/png
content-length: 1976
last-modified: Wed, 21 Dec 2022 11:04:29 GMT
etag: "63a2e83d-7b8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3636823
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssPt1sFiDRbB%2Fxzr9kdfkr65hGJwnDbQMj%2F4dnpnKMddHTiGOImPNyLK27B67ddgBGk9gvaf5I%2B%2B%2B6rOq72erQw8QDs5kMz3j7fbyoGG1wcAcByHgib2pSlOfiaxWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3d7c58b521-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/casinos-analyzer.896bc525-182.png
104.26.5.11200 OK 2.0 kB URL HTTP/2 1win-cdn.com/img/casinos-analyzer.896bc525-182.png
IP 104.26.5.11:0
File type PNG image data, 182 x 50, 8-bit colormap, non-interlaced\012- data
Hash 75b2e733b195a4dc9229efa156e5a67a
f1755917d01bb31e56ab6e68c16656f6ffa9c38a
58a6718ce885d0923e0c0cdf64b8017396068f6c4c7ebda40fe951221dfb7475
GET /img/casinos-analyzer.896bc525-182.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: image/png
content-length: 2047
last-modified: Wed, 21 Dec 2022 11:04:29 GMT
etag: "63a2e83d-7ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3636823
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FUe0w84bK0dMSir23Cqq%2F3%2BZtZsq6emlHpDyD84ZjYA8oZnmtKrZyMgXq5D5ZMyEflTKc5JhAYn%2BIdqjAYh082KephX%2Bgr92WEwy%2Ftsf61hlqCcZOq5OYH%2BjrgvuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3d7c5db521-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/cricket-betting-guru.cfe7d426-500.png
104.26.5.11200 OK 9.2 kB URL HTTP/2 1win-cdn.com/img/cricket-betting-guru.cfe7d426-500.png
IP 104.26.5.11:0
File type PNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data
Hash 3c6da1041cc0873ff73533fd0e03f5a0
0666e13970c0698cf09ffafc9467ea705258c552
dfeed2cdb884b7769b5ee0fde60457b4b5380b7608c296b67e26c48dc1ca3f08
GET /img/cricket-betting-guru.cfe7d426-500.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: image/png
content-length: 9249
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-2421"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3568783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvlp3odhdqMI%2FRxge%2FdxiAws8DKiSupMSDRhm%2BfGG%2BjGEQ5n%2FyRqOBXnw4TgJEuuCRo3GMAkGbdxvZCAK22nt9EGPmUquHwbtcbp%2FsKzBr7WKKh0ZKrAfIKfIam2gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3d8c64b521-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/best-bitcoin-casino.9c1716b1-50.png
104.26.5.11200 OK 1.0 kB URL HTTP/2 1win-cdn.com/img/best-bitcoin-casino.9c1716b1-50.png
IP 104.26.5.11:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash d17d9ae707b485a356eec325e36aa505
650fc9b7790343d87eacfa5f5466ecf659f3b9a7
5bca66d0040f92e3f15089ebc1f46687cf7bde68d46db0fb286113aaba9ac57f
GET /img/best-bitcoin-casino.9c1716b1-50.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: image/png
content-length: 1035
last-modified: Wed, 21 Dec 2022 11:04:29 GMT
etag: "63a2e83d-40b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3636823
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3UUyGoUWGXHrIOgLKalMikTCsQ2qlM8%2BQVVP%2B%2F2qFfKW%2Blfsj6TwGI6ngl1j861yqmcFlNJRpm38rgRalNPs9wlxXtSnoM4PDX9qLtt%2FlbG%2BiITxt6BJh5DUtt6iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3d7c5cb521-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/free-money-link-image.4433e497-120.png
104.26.5.11200 OK 6.3 kB URL HTTP/2 1win-cdn.com/img/free-money-link-image.4433e497-120.png
IP 104.26.5.11:0
File type PNG image data, 120 x 97, 8-bit colormap, non-interlaced\012- data
Hash 8c77c77c33189721a876fefeadf5ca83
0b197aa9e55fe824b28e55b9e0591f8631b6c3c8
b2a4295182c1f7c9619a4d2f842be12f4cbc6c4bb8d2ea607f06ff3bc4099486
GET /img/free-money-link-image.4433e497-120.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: image/png
content-length: 6292
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-1894"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566885
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XsdSExnP6djyDE4L1w7ILNkMOLu9V1JP5zJpHZkLuQBdS61EcQBjl9tDNsFuTd8Knvyps0a6xO6O853hJgHsreqbdwix1ttAKLAOUlVKg5hGPHTmg5mKh%2FmLRw%2B0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3d8c68b521-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/flags/en.svg
104.26.5.11200 OK 3.2 kB URL HTTP/2 1win-cdn.com/img/flags/en.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash bcde8f62b1c249add842960873333c72
0ed88732e2853a15a046c39abac22fce906811cd
f272c2a255aea78df8b1609d9fe38b5418c139d03f56bb31819a451ba4e4c3f2
GET /img/flags/en.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 10:56:34 GMT
etag: W/"63ce67e2-8ae"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 799684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCvr6PpvzaGX4bpP6bpjrNCcaZNJXSJ0dKMOjhoGtdpJviU9FW5hO9%2BDdGvTdJ%2BFzH1EC3uc8t7RXqQEjmnjbVH5ROVWTI7gPoHfiGsGXQXC55OQVhbjwlyANoheWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3d5c24b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/aviator-game-logo.2fb50dc0.svg
104.26.5.11200 OK 6.0 kB URL HTTP/2 1win-cdn.com/img/aviator-game-logo.2fb50dc0.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2997)
Hash 76904ada4c480689f9631efa8eb959b1
a714e94cad492cb43ec350d29519d4150e4a9921
dc929f20bb99f98822aead8e716a63183f4097e9a596661f03fe53df22d95215
GET /img/aviator-game-logo.2fb50dc0.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-bfa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3568782
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxJxnhf6kUfORm%2BlvRmlEjKD3UaYNn5ORl3AXEWa5DySOBpEA7KaxJQDIhlHcjcBZQAVpn4gOO9UljO4qTezArKuukmMCm1BHoExLWTPgeg4TK2%2FUsbmYuttnECkVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3d5c2cb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-roulette-frame@2.76ea5a24-256.png
104.26.5.11200 OK 30 kB URL HTTP/2 1win-cdn.com/img/sprite-roulette-frame@2.76ea5a24-256.png
IP 104.26.5.11:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash fa83f73358ed73cbd8a0faf0d8e6c019
586b95f1e5e1945abd0248e995f79274463c1cd8
ede3848497b96e7defd4c5d53133cf2e374487411186a66a6146191ae5692f77
GET /img/sprite-roulette-frame@2.76ea5a24-256.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: image/png
content-length: 29770
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-744a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566884
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pq2HeosRyfHTwDgDeyDqZB5yTFUPOgsGL7A7X%2B0PrscryCDzDlA8G1uSWxeuUt7s56k6YsIFNFQ2xNV4ChEp1aCxf%2FPQU98NRQKowxT9C8TUbZOgrWozeOrbPD77Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3d8c74b521-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-tvbet@2.888adc8e-256.webp
104.26.5.11200 OK 354 kB URL HTTP/2 1win-cdn.com/img/sprite-tvbet@2.888adc8e-256.webp
IP 104.26.5.11:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 354 kB (353842 bytes)
Hash 8df817e5ef0af5dc8279d3f20cae9bc3
12c85bcc74a48053c92f3f75ce3c14e1a19e46d3
61a0f98511e6c60430ab044d1f80e1c9eff83f577064d465cc5f893ba3ce0fee
GET /img/sprite-tvbet@2.888adc8e-256.webp HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: image/webp
content-length: 353842
last-modified: Wed, 01 Feb 2023 10:20:00 GMT
etag: "63da3cd0-56632"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 4444
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlPmP9Cg%2FnrtKhf%2Bj0HWvuPQAmliJc6eyiN334OS5evlkLhSPtksRu%2B4HtlOJuFH%2Bkz6Cty6Ba7ps82Cdl%2BlY%2BqfmbM5lWLJD7sZBjdq%2Bidaf9q7DQpn2kBpyqEoSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3d8c71b521-OSL
X-Firefox-Spdy: h2
1win-cdn.com/js/541.d536ea95.js
104.26.5.11200 OK 21 kB URL HTTP/2 1win-cdn.com/js/541.d536ea95.js
IP 104.26.5.11:0
File type Unicode text, UTF-8 text, with very long lines (11173), with no line terminators
Hash 3e3081e83965cd1ea423c395e4cea9a4
4b4742737f47fc512f5d6ba6d03bfa102cfb99e6
60f796cf280e38c9764ed96057ac159a9dd9c497f954f9d0fb4b40e51fcc8576
GET /js/541.d536ea95.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:33 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=11217
access-control-allow-origin: *
etag: W/"63a43d6a-2bd1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 11:20:10 GMT
cf-cache-status: HIT
age: 3564049
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3QHZPjsTouyJnmoOrUPXv%2B8dxt3dOKFKNRguhBvPGfU1bb2b1sg%2F8jZdejviLwaCrPaW4aarse3kBlB2zmTxHzpkDEuA%2FXDeYxpXO3Qz5dXoN8WKfOZF2vAX7VQpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d397ec5b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-poker-frame@2.1caa31af-256.png
104.26.5.11200 OK 10 kB URL HTTP/2 1win-cdn.com/img/sprite-poker-frame@2.1caa31af-256.png
IP 104.26.5.11:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 74023900d89b98987ea3248f4a89a218
4ea53a2415cf89647c40a32c69b50bde861a40ed
484183c9f4d5b2d68649d3025af4d2b95a5cb71f40a1cf960d62e0e3560162ab
GET /img/sprite-poker-frame@2.1caa31af-256.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: image/png
content-length: 10453
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-28d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566884
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKUe%2BfknEiwMmMGhGwE45kTtmu5oyYWmLfVokH1SU3jNRq4XftuB7SHFsrTAm4eEhYQcc99TGjQJR%2Bt5U0vmil2xe0LP7H%2BhRtReX0sWZ73ODBcAFKgkOoRD06BU5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3d9c85b521-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-dice@2.6e1ac0ed-256.webp
104.26.5.11200 OK 430 kB URL HTTP/2 1win-cdn.com/img/sprite-dice@2.6e1ac0ed-256.webp
IP 104.26.5.11:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 430 kB (429680 bytes)
Hash abaa6833958bdc5427e6fa573cbfa70a
d43989916cc382e4e3d983933d9cd52a7d1dbeb2
51ba8ea694483e38020360731af53be7cd411671786008119b70b2a320e3bd92
GET /img/sprite-dice@2.6e1ac0ed-256.webp HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: image/webp
content-length: 429680
last-modified: Wed, 01 Feb 2023 10:20:00 GMT
etag: "63da3cd0-68e70"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 3765
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUy6ojWeN%2B4zuNX9jhF3QWqtRLZUpLCXT2eDBFtiMez974yMcJjKBT%2B2lo94VtaJzCUjF5t37g%2FipNnZAM3fVeXybsuFsZMbXWuID6vy647KCvY0cEZ0BCtbRe%2BmcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3d9c80b521-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/home-poker-banner-bg.87d81897-600.webp
104.26.5.11200 OK 12 kB URL HTTP/2 1win-cdn.com/img/home-poker-banner-bg.87d81897-600.webp
IP 104.26.5.11:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d42d6b091c917baad89cc62f34b1ef8d
6915e60ae50f4b00af5083ce1217a7dab04df42d
9ac95cc43cf590f1f9a5dd85b5b0bf04d98e38d3005b6e4b436f8c04d09a66e9
GET /img/home-poker-banner-bg.87d81897-600.webp HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: image/webp
content-length: 11812
last-modified: Wed, 01 Feb 2023 10:20:00 GMT
etag: "63da3cd0-2e24"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 457
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BcBuKp0%2BDudD7T3%2BjJ66v194wBk%2BHqPWymBpoDJ%2B9poUd6NXdDhv0ezzwiEQSXUMGuguStne3hcEEA4WRPRy0ytIkhpqjUevMqX60arQluo%2FPidrT%2BiTJCdpOs2ZSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3dac9bb521-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/pwa_android_en.b229a444-690.png
104.26.5.11200 OK 38 kB URL HTTP/2 1win-cdn.com/img/pwa_android_en.b229a444-690.png
IP 104.26.5.11:0
File type PNG image data, 690 x 450, 8-bit colormap, non-interlaced\012- data
Hash 8b6daeaca5784288934eb5c3dbc3401d
2df52222cb03510733d5f5c616278143e7f93f2d
53ee238e1169d7940016da0159e72a214403576447cf1b8cb384942a6200d191
GET /img/pwa_android_en.b229a444-690.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: image/png
content-length: 37637
last-modified: Thu, 22 Dec 2022 11:20:11 GMT
etag: "63a43d6b-9305"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3562555
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQkTt83wJCWILXfescqXUzfyR1SjRgybaXDezaZFy2VvcDClW%2FmzgiRrsCzWOJBaPljgiLcrwk9Esz%2Fk6bJrkYgWEneixS%2BpTqWN3I5ddRDwbSDUkwxTKs8tuhE58g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3dac9ab521-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-poker@2.a38733e7-256.webp
104.26.5.11200 OK 361 kB URL HTTP/2 1win-cdn.com/img/sprite-poker@2.a38733e7-256.webp
IP 104.26.5.11:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 361 kB (360930 bytes)
Hash 3da44652926631bc4fc847cfcbad6c71
a5f7955272162e543d5db897e200d00d3af22b22
354fe37cee669fe141e1e1dcb3b5a12df1ff2b9b34be38b4f2e20dd46fdb7d2a
GET /img/sprite-poker@2.a38733e7-256.webp HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: image/webp
content-length: 360930
last-modified: Wed, 01 Feb 2023 10:20:00 GMT
etag: "63da3cd0-581e2"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 4444
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEAFevibY9go54fWGVuo%2Ftd%2F9FyoZez6rkSt%2FWDuQnF54%2B5GEh07Qn%2B1NF3Qr7Dk59YV8Sps%2BZ7f%2B%2Fk1Ctni462EXgSI49AOn42k9nGrHs5sLFPP8n%2F%2Fp9ikdR1Jcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3d9c87b521-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/pwa_ios_en.f08ddb1e-690.png
104.26.5.11200 OK 39 kB URL HTTP/2 1win-cdn.com/img/pwa_ios_en.f08ddb1e-690.png
IP 104.26.5.11:0
File type PNG image data, 690 x 450, 8-bit colormap, non-interlaced\012- data
Hash 2b063a8e2fb87b84cbf377d7a7fd389e
5c12f02ca086902c7fd9a5bd5de9eabce82c22a1
aa8f787e4db589a38a5c5a56bdb03f69329bfedc64649454f9fd370b78820b49
GET /img/pwa_ios_en.f08ddb1e-690.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: image/png
content-length: 39066
last-modified: Thu, 22 Dec 2022 11:20:11 GMT
etag: "63a43d6b-989a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3562554
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aC%2FbJpZXH%2F55xitytOViaHWb91Ima0wn%2FQUA2AgIi2hfxaJj8WdK5cVws0INpY3zJ7zgnaHOS6xKOiLxjJgAz6fije1AbkxvVwsdQzMCgRSCbr0bVlF1GVdZP0qJgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3dbcb8b521-OSL
X-Firefox-Spdy: h2
1win-cdn.com/js/icons-pack-home.e8bf03cf.js
104.26.5.11200 OK 23 kB URL HTTP/2 1win-cdn.com/js/icons-pack-home.e8bf03cf.js
IP 104.26.5.11:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f7531bd8eeb7cc71b167b90a2bebd0d6
63f980b3d7909b277f6dcd9c93d498beb3fb4062
fe98111f79b66ec7c8805d429074e0225a90ef483ab117cf24110d6b01498cb5
GET /js/icons-pack-home.e8bf03cf.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=80069
access-control-allow-origin: *
etag: W/"63a42a53-138c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3568782
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgvmVeZdj34g0dZgRJHqyBZJwgujvABEHClsj8r2RdbUrCHXztxUJvxa3%2B8RB5ojdx96lk2CgEq17qa7pl9pF50sgf%2BKI5S1nrQnWOQ7saZ0A6O1fpPz1z5F8boS9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3d7c4eb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-cashback-casino.png@avif
104.26.5.11200 OK 7.9 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-cashback-casino.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash f86f39dc44e8f92cc5658a394e833352
54093f2e69f448e122e771ec7c63d3cce35ffbdf
3fded209043aa6ec28cdff6321cff18c41238215a062dc02fab1af3915c637fe
GET /unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-cashback-casino.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: image/avif
content-length: 7940
cache-control: public, max-age=604800
content-disposition: inline; filename="bonus-banner-cashback-casino.avif"
etag: "afr-jhlkuoDx_XrwjiuFbkzj6HdVsjvDmAeQvV8BbYs/RIjYxYTRlY2U4LTYzNWI4Ig"
expires: Thu, 02 Feb 2023 09:59:18 GMT
x-request-id: uzFsF7HGLMtmmodlVn6LF
x-cache-status: HIT
cf-cache-status: HIT
age: 105357
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JPIhG3UOsnFpmObT0viscDeOE0naGFC0fazC4IoFQ4vRvks%2Fn1UjKEChBpECa3lMqD6XMkPCjzbBIU2Ev9YPZyC2S0V4ZJoLKc5uYGRlPL3VIg5H4vtjbF%2F2tVD4aAH1F%2BbqWsmrOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3dcccbb521-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-deposit.png@avif
104.26.5.11200 OK 4.3 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-deposit.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 22a160f55908549771f823852d5eaeea
267d86356fc72824681f08d9fd1207b77530c08d
bb19dc50ecc9dd60ce8760b73843ce465df86b78a76de6a924c813fc770a2f23
GET /unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-deposit.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: image/avif
content-length: 4323
cache-control: public, max-age=604800
content-disposition: inline; filename="bonus-banner-deposit.avif"
etag: "afr-jhlkuoDx_XrwjiuFbkzj6HdVsjvDmAeQvV8BbYs/RIjYxYTRlY2UwLTU0YWIyIg"
expires: Thu, 02 Feb 2023 09:59:19 GMT
x-request-id: k_UiPjjC7eUn-KF9U943Q
x-cache-status: HIT
cf-cache-status: HIT
age: 105357
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cxpe%2BC%2B8KFhuVpjch0EcEYd3dZPpO42A%2B%2Bd2d7mafiou4ZGpT5QE6gBtTwfSF9itl3x3xa0v2gFKEhVxJdNI4%2B4PV7uaSshK7Lxl5HV%2BvSH%2FimM1Oz7wGYyq4gqe%2BmuFSB2DbNeO7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3ded09b521-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8639a889791b8731a8d25f96bfaa609e
71733d374c08f545c174afac195555766ec4ec3e
560a987635531f2ed8e1d564c0548bae9711d7fc69bb2c8a5e0a4fb2485cc3e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560A987635531F2ED8E1D564C0548BAE9711D7FC69BB2C8A5E0A4FB2485CC3E7"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16407
Expires: Wed, 01 Feb 2023 21:55:01 GMT
Date: Wed, 01 Feb 2023 17:21:34 GMT
Connection: keep-alive
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wduef.top/
Origin: https://1wduef.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wduef.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Wed, 01 Feb 2023 17:21:34 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=ea0755b956748598; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wduef.top/
Origin: https://1wduef.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wduef.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Wed, 01 Feb 2023 17:21:34 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=b89dcdbbbcfcec31; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win-cdn.com/js/icons-pack-social.11d06b0b.js
104.26.5.11200 OK 6.1 kB URL HTTP/2 1win-cdn.com/js/icons-pack-social.11d06b0b.js
IP 104.26.5.11:0
File type ASCII text, with very long lines (20091), with no line terminators
Hash 9224acccb4cf5651daa0f9d9a767f146
570c2b529637abe8a2d5b0f58ff312de48c6466f
074370b6fb0cf375925654b41b3e670df6e15b27123a733a5ee54d36e8d97733
GET /js/icons-pack-social.11d06b0b.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=20146
access-control-allow-origin: *
etag: W/"63a42a53-4eb2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3568783
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXPnRYHlSoxuV6dvE7JRX71SXq70BXadgevdr1yGzddP7qqZHs%2FI3YJIGBKU4Fmhk1jMHK%2FW7uu%2BteibL7haZt5zseRIGDO51V%2Fa7TyK7foMVAj%2BaL26C76yjKA9vA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3e6dbfb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wduef.top/
Origin: https://1wduef.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wduef.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Wed, 01 Feb 2023 17:21:34 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=ebcd995aeb55076d; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wduef.top/
Origin: https://1wduef.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wduef.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Wed, 01 Feb 2023 17:21:34 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=780879a3a57fb48e; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wduef.top/
Origin: https://1wduef.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wduef.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Wed, 01 Feb 2023 17:21:34 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=16f815f09e880af8; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wduef.top/
Origin: https://1wduef.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wduef.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Wed, 01 Feb 2023 17:21:34 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=f60db939e0a16459; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wduef.top/
Origin: https://1wduef.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wduef.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Wed, 01 Feb 2023 17:21:34 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=f4f1c528362b963b; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2.7 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (43897), with no line terminators
Hash 2f0d65832b38510812c17e643451d78e
5ca72f36ae8f1c28aaa52ec83e138a063c56c33d
a36a74165ce3cea1fa85f48e7cb83c5a058f53f4b820e478e2b478596e3a4c99
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 71
Origin: https://1wduef.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wduef.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 01 Feb 2023 17:21:34 GMT
etag: W/"a91-XKcvNq6PHCiqpS7IPhOKBjxWwz0"
set-cookie: core-sticky=fa3fe99d546ad6ba; Path=/; HttpOnly
x-powered-by: Express
content-length: 2705
X-Firefox-Spdy: h2
1win-cdn.com/fonts/SFNSDisplay.2b5dc965.woff2
104.26.5.11200 OK 295 kB URL HTTP/2 1win-cdn.com/fonts/SFNSDisplay.2b5dc965.woff2
IP 104.26.5.11:0
File type Web Open Font Format (Version 2), TrueType, length 295048, version 1.0\012- data
Size 295 kB (295048 bytes)
Hash a54910c24518869ec095d604c76adb74
cd8ed32dd18b7f672bf502847242b0a9eee4c2c8
efdc0e9caf5e1b3f650e8ecd022ecd000bb070e1b0cf359eeb228603c325384b
GET /fonts/SFNSDisplay.2b5dc965.woff2 HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wduef.top
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1win-cdn.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: application/octet-stream
content-length: 295048
last-modified: Wed, 01 Feb 2023 10:20:00 GMT
etag: "63da3cd0-48088"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iudkosSZ%2FahL9DWN2UkqlgfymreEG6QIAhh6FdR8y5lyHRdppbWMTLV6V30drvZbjUAPKnzftJs%2FEzEgQ0Rhtuc0wmMxirsC73j4GEBLS0wPgAP2uxjW26RrgOa2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3d8c78b524-OSL
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 3.4 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (17749), with no line terminators
Hash b1da0f55def6bae6eca720e54c5b8a1d
206692db7f4b3e76399da513e790f6fa7b18633b
2fbed773e4d7a4e04c956ed38b8f2f667b452cb4b6add9df05e91463314c5af5
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 101
Origin: https://1wduef.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wduef.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 01 Feb 2023 17:21:34 GMT
etag: W/"d22-IGaS239LPnY5naUT55D2+nsYYzs"
set-cookie: core-sticky=146a6151e4dbdff0; Path=/; HttpOnly
x-powered-by: Express
content-length: 3362
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2.7 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (43897), with no line terminators
Hash 2f0d65832b38510812c17e643451d78e
5ca72f36ae8f1c28aaa52ec83e138a063c56c33d
a36a74165ce3cea1fa85f48e7cb83c5a058f53f4b820e478e2b478596e3a4c99
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 71
Origin: https://1wduef.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wduef.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 01 Feb 2023 17:21:34 GMT
etag: W/"a91-XKcvNq6PHCiqpS7IPhOKBjxWwz0"
set-cookie: core-sticky=d7c6494501d2f0b6; Path=/; HttpOnly
x-powered-by: Express
content-length: 2705
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 14 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 96702e934c5a5ae50644297fc8edf00c
58997e475787f6237b171d1030e17bbb51c54ec3
df9f2aeb5928cb01d22754b7097b5d24df82f29933983f175527a90479bc26c3
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 67
Origin: https://1wduef.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wduef.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 01 Feb 2023 17:21:34 GMT
etag: W/"378f-WJl+R1eH9iN7Fx0QMOF7u1HFTsM"
set-cookie: core-sticky=ac72e5cfe2deb3e4; Path=/; HttpOnly
x-powered-by: Express
content-length: 14223
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 99 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash c7c93c58b91e7f2aefe867425b3b9710
c326c817585f11d0c31ac63207b2b7dc90c51556
3c25944f1b74b97ee33dfd07d72f2a0dc69c459a2f481fc1fba1ddae4cafb6c5
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 98
Origin: https://1wduef.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wduef.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 01 Feb 2023 17:21:34 GMT
etag: W/"1813a-wybIF1hfEdDDGsYyB7K33JDFFVY"
set-cookie: core-sticky=acb4c542d51afb5a; Path=/; HttpOnly
x-powered-by: Express
content-length: 98618
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 3.4 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (17749), with no line terminators
Hash b1da0f55def6bae6eca720e54c5b8a1d
206692db7f4b3e76399da513e790f6fa7b18633b
2fbed773e4d7a4e04c956ed38b8f2f667b452cb4b6add9df05e91463314c5af5
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 88
Origin: https://1wduef.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wduef.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 01 Feb 2023 17:21:34 GMT
etag: W/"d22-IGaS239LPnY5naUT55D2+nsYYzs"
set-cookie: core-sticky=f00e2df9a6729095; Path=/; HttpOnly
x-powered-by: Express
content-length: 3362
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 14 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 96702e934c5a5ae50644297fc8edf00c
58997e475787f6237b171d1030e17bbb51c54ec3
df9f2aeb5928cb01d22754b7097b5d24df82f29933983f175527a90479bc26c3
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 80
Origin: https://1wduef.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wduef.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 01 Feb 2023 17:21:35 GMT
etag: W/"378f-WJl+R1eH9iN7Fx0QMOF7u1HFTsM"
set-cookie: core-sticky=6cad6dbfe8eefab5; Path=/; HttpOnly
x-powered-by: Express
content-length: 14223
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 102 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size 102 kB (101546 bytes)
Hash 6f01d15c8e19a9cae843d24509bf57df
c560c2e96fd3d792e79899ea18fc5ae4b27577f4
713f8481062983e37cd2c6e356a552b0a37cae44319142fa86b23cb701e96329
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 85
Origin: https://1wduef.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wduef.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 01 Feb 2023 17:21:35 GMT
etag: W/"18caa-xWDC6W/T15LnmJnqGPxa5LJ1d/Q"
set-cookie: core-sticky=fa4e6dd89bbf23e1; Path=/; HttpOnly
x-powered-by: Express
content-length: 101546
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/5b4ab347-f37c-44e4-93e6-2c1c0efa069e.jpg@avif
104.26.5.11200 OK 5.3 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/5b4ab347-f37c-44e4-93e6-2c1c0efa069e.jpg@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 76a502c1036d076e2317739f0cc878d8
480303b6e1e68b1d04e998d9bcd26224429db376
e377abb67003f9b87b6c67e87b9814b99bb3c1de68f286546d9af4e6d6377351
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/5b4ab347-f37c-44e4-93e6-2c1c0efa069e.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/avif
content-length: 5302
cache-control: public, max-age=604800
content-disposition: inline; filename="5b4ab347-f37c-44e4-93e6-2c1c0efa069e.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzOTM2OTc5LTJiMmQxIg"
expires: Thu, 02 Feb 2023 09:59:10 GMT
x-request-id: hS5nFRN0pTfRoKGm08TCF
x-cache-status: HIT
cf-cache-status: HIT
age: 105359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ux63u6v96sVa4FhvLdeilorhf1hcPkhgVIki0p8tbsxjT2EPg1GaSbaEyRYmXseVWlm8BtNhShXYVgJoxmFaY4vDIJLFtSduYmE1piWFzH%2BzmRrDqJyCOAbOI3t12wV51JWTMfT7gA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4acf6ab521-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/576a0d3a-0df0-4a5b-ac90-7e9f2ab73407.png@avif
104.26.5.11200 OK 4.3 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/576a0d3a-0df0-4a5b-ac90-7e9f2ab73407.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash d5f05284c21b7798248cd9fa99bfd299
bf9b3b55c3aa5508d51c2935e6494a6f91fb21b9
85a15ca1b3ad7e7569214ac1e02596a70b806eccd8ebf2b9fb079ca53986a0d4
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/576a0d3a-0df0-4a5b-ac90-7e9f2ab73407.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/avif
content-length: 4304
cache-control: public, max-age=604800
content-disposition: inline; filename="576a0d3a-0df0-4a5b-ac90-7e9f2ab73407.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzOTM2OTZmLTIwOWY5Ig"
expires: Thu, 02 Feb 2023 09:59:11 GMT
x-request-id: qdWArseWFiQPH7191DrZi
x-cache-status: HIT
cf-cache-status: HIT
age: 105359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NsSyNgyrA1%2BKCfGZInN%2F75YNzDWk67aAZrujDZwgzPfKw5ftPus6eONDvyXe%2BObbwIeD8Rhx7oGAcD6FoLwxTM%2Bl12Z1pv7F8rN%2BPihIeXMcxWHcqx2rqgTI%2FPpjgUIFqy%2BsUk490g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4adf97b521-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/81c5273a-ebb1-47f6-8535-6376c353ea74.png@avif
104.26.5.11200 OK 3.6 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/81c5273a-ebb1-47f6-8535-6376c353ea74.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 38274844df1004bd9a0e2ebaa78fc880
ef316b9b62257b1e930eb064f30c1baecd86f2b9
5d128fbc4ca805ffd77a5d0c93ed6c15e548157d1b6a68b16c2849a98799a6a6
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/81c5273a-ebb1-47f6-8535-6376c353ea74.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/avif
content-length: 3601
cache-control: public, max-age=604800
content-disposition: inline; filename="81c5273a-ebb1-47f6-8535-6376c353ea74.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzOTM2OTc1LTY1Njk0Ig"
expires: Thu, 02 Feb 2023 09:59:15 GMT
x-request-id: 3_3K_XaC4gvPsdkGmWl7c
x-cache-status: HIT
cf-cache-status: HIT
age: 105359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khdvThwIw%2BBxSXiv6Hs7kR8ndPEAKeg9qNiDknVMmVtyw2%2BnyLk2UZ%2FPnF6X65LK0QlfDAjEfdhJHOuA1%2FS7HA%2B39EDS%2FGBNkWVDSvZY%2FysX45Ov8Xnl0PnhEiw%2BiAAb00Iu9OlmiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4aefa0b521-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/f736e1ff-fdf7-40e5-93b5-2daa1b472e4d.png@avif
104.26.5.11200 OK 3.3 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/f736e1ff-fdf7-40e5-93b5-2daa1b472e4d.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash bbb2a9093140015e4ebcb4b1ade5b171
dc35c677bb7d9b9e222f93e844793afc4fc06b2a
769a8489bc32f748e268b35024e9726719ef2a65d32665b0a5a54ca6d28789d9
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/f736e1ff-fdf7-40e5-93b5-2daa1b472e4d.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/avif
content-length: 3255
cache-control: public, max-age=604800
content-disposition: inline; filename="f736e1ff-fdf7-40e5-93b5-2daa1b472e4d.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzOTM2OThiLTFiYzYyIg"
expires: Thu, 02 Feb 2023 09:59:15 GMT
x-request-id: yhDgjau2hqJoacHHecauB
x-cache-status: HIT
cf-cache-status: HIT
age: 105359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0scBhctZhTzqODxRk2U7XZ6NYhla7vUyw42KYawErFwqkV1IKQIOWhCDFN2%2FufGRTVhNswGzylKiNX8LROk7gwBGpCbtyeqVX6qckXA2J4QIX58CJ%2Fgi6sDtk80JOde2gJcnVU5w8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4aefacb521-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/9dd18146-c273-48b4-ab55-70c3042a3f64.png@avif
104.26.5.11200 OK 5.8 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/9dd18146-c273-48b4-ab55-70c3042a3f64.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 8b9dae655791a2c093c33da8a8f41277
c564561f1f54aa7ce97a26a5c0d869fd05ba59da
179311580e45d0faa648f3673f12b5cb2235d2a367c4864febdc818f3a5d27fe
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/9dd18146-c273-48b4-ab55-70c3042a3f64.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/avif
content-length: 5759
cache-control: public, max-age=604800
content-disposition: inline; filename="9dd18146-c273-48b4-ab55-70c3042a3f64.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzOTM2OTU5LTJhM2VmIg"
expires: Thu, 02 Feb 2023 09:59:12 GMT
x-request-id: 1b79iucWvgm-kD0B9wRn0
x-cache-status: HIT
cf-cache-status: HIT
age: 105358
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPIa0KO%2F2K0ESi4WW8qeSeQ6hs%2BdvbKSAdCdi3i10h8dKzYmidKkNmVXtfsmHwip%2BIF8GdITkgKWpG9JAm97U7kWP9rBNmHaCMCnNlObMYmhbpEF7tuZ3uv%2BycWgFvSiC1PMWvs%2BhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4c099fb521-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/c_b5002cf1b271be724f0d8b178a102015.jpg@avif
104.26.5.11200 OK 7.7 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/c_b5002cf1b271be724f0d8b178a102015.jpg@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 4978abee923c6f9e7f4f3d3e69f436f1
0847445ae053a46263fdd47c52c262f2412c419d
79f37d209fad28ebfbd314af0cf6756bfa87fa1e950f811137d4e05bb0eab5d6
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/c_b5002cf1b271be724f0d8b178a102015.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/avif
content-length: 7706
cache-control: public, max-age=604800
content-disposition: inline; filename="c_b5002cf1b271be724f0d8b178a102015.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYxYzRhMWI0LWJiYmMi"
expires: Tue, 07 Feb 2023 18:42:09 GMT
x-request-id: dd4ksBNyf_6nIhqpHWnrR
x-cache-status: HIT
cf-cache-status: HIT
age: 79128
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmK2bbKTDlnA%2BoQzX2vASR%2FM3KiQa%2BHPzfRSPAizx8%2BmJARttzUYsi%2BamXLtmzfYJJhllkMmY7819co5kIr1aVYPnHteg7sl4R2RSM3eCtQse%2Be%2BTya3MDIigQzSKragCvKGuEfyog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4c09a0b521-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/evoplay/c_629b5b7ecad77eca213957740c0ac78c.jpg@avif
104.26.5.11200 OK 5.0 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/evoplay/c_629b5b7ecad77eca213957740c0ac78c.jpg@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 3076cecb5519fe3ab82562ba350f69b5
cc77dcda234ae49c57fd0534ebddaf1b1fb9fe82
5ee40b48c9b99199aa92cb5c9832626d77f5ba97a362ff617fcc12f94017f9a1
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/evoplay/c_629b5b7ecad77eca213957740c0ac78c.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/avif
content-length: 5026
cache-control: public, max-age=604800
content-disposition: inline; filename="c_629b5b7ecad77eca213957740c0ac78c.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjVmODQ0YWFmLTRmNjQi"
expires: Thu, 02 Feb 2023 10:04:25 GMT
x-request-id: oMLdXJ5uFDVAqqILg_OdH
x-cache-status: HIT
cf-cache-status: HIT
age: 105358
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t26%2BAA0rF4ksm4DkQ4HtwbjyvTa9gGF0Dkjuh7wdE5vIfeSRc2fl78bHZZk%2FWYJssRQ6xVB0hCTM8hy8Zp%2FZvfXnLfwaqvYlg8oZ4yoVne2hs5wQ81u73Rne3vRGHVXx6MEWr22B7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4c09a5b521-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/spinomenal/c_a22bbabe873d4222894f3db111ff329b.png@avif
104.26.5.11200 OK 7.4 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/spinomenal/c_a22bbabe873d4222894f3db111ff329b.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 6e142c64f0ac65b1c4e7eb9a2012fb7f
fc70960a64c98e276554e6fb9aa9bced809fb098
07f8f7e847c2515bc0ddd73fb042ca83c3c5e85450d130c1586a5e96c257250a
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/spinomenal/c_a22bbabe873d4222894f3db111ff329b.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/avif
content-length: 7402
cache-control: public, max-age=604800
content-disposition: inline; filename="c_a22bbabe873d4222894f3db111ff329b.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYyMzFjZWQzLTUzNDIi"
expires: Thu, 02 Feb 2023 09:59:24 GMT
x-request-id: UxfFGtDl6gh2gJLuZCKGt
x-cache-status: HIT
cf-cache-status: HIT
age: 103659
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALrSvet1W%2BreCnir73UrKh8pEi5zt034Gpd0uoK2Df4rhfQkYE7cJV5bRSnaD3SAitv%2Bum3Y3%2BJGr0YuJn0udz6Ezv%2Frv5tqdGrZ4xzO2ASEteVYz%2FdAspk%2F2P3a3w0TtJsFKJM%2BqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4c09a3b521-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/spinomenal/e8c6ec93-32f6-423b-b5e0-574778b0383e.jpg@avif
104.26.5.11200 OK 17 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/spinomenal/e8c6ec93-32f6-423b-b5e0-574778b0383e.jpg@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 10efcdb8a9e6e4d6e26335cb5f6f22e5
6dea345a0cbd5d7a467315dd9ebb48949e761b60
6ac02eb9d12d1a9b448180af552bed3ed48b749345c0979ad991650f81c063ce
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/spinomenal/e8c6ec93-32f6-423b-b5e0-574778b0383e.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/avif
content-length: 17157
cache-control: public, max-age=604800
content-disposition: inline; filename="e8c6ec93-32f6-423b-b5e0-574778b0383e.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzNjNiNWM4LTE0ODkzIg"
expires: Thu, 02 Feb 2023 10:05:16 GMT
x-request-id: KL7T5SHGdCoCVOyCw9Vca
x-cache-status: HIT
cf-cache-status: HIT
age: 105358
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQyDv%2FiO7dyGMDGZFKhQeh5TZvj2sJK4bMvGfPQ3jPD15UaUfSVcG3THUSOf0bnNN0Dx65dCgo%2Fucst4bKQo3Wk2gtzVkJuXeb59asPvX6rb1rVa0LerED7C8v%2FgztzGJHnmLJkBtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4c09a6b521-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/relax/c_94cc97c49ba7b5bfb8d87df7f7794644.png@avif
104.26.5.11200 OK 7.2 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/relax/c_94cc97c49ba7b5bfb8d87df7f7794644.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 9cdba6ed7aae308072e20a393417288a
59f69f09ab47da27a1b553e9870f318470ffcc7f
453018c61ea71a4c26e295fa68b9259c9d9caa2b3770f318747d91e8e4c4ac42
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/relax/c_94cc97c49ba7b5bfb8d87df7f7794644.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/avif
content-length: 7156
cache-control: public, max-age=604800
content-disposition: inline; filename="c_94cc97c49ba7b5bfb8d87df7f7794644.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYyYWIwYzI1LTc2ZmEzIg"
expires: Thu, 02 Feb 2023 10:09:49 GMT
x-request-id: NW1CY0zdi0qjFpAWrO5AS
x-cache-status: HIT
cf-cache-status: HIT
age: 89956
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdGhyBWzRLweeu%2F5Rn3mMqlfELy9xiJOzLKZlQK2z4rUubZ8OTvF6zJQ3f9Cts%2BZ9rkIZqgFoKtOvysT7oFvQyQOjuQWClufiH6XgS4KsTsNY3RnSPBf8K9EKoYqLKO0Px%2BTgjlKuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4c09abb521-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/bgaming/194f01dc-eaa3-4379-831d-5a792c1eca57.png@avif
104.26.5.11200 OK 8.9 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/bgaming/194f01dc-eaa3-4379-831d-5a792c1eca57.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 17026de42f18fb450b84240abe77801b
aac5ef93d090c0f7711e949da60170ceeb09e291
954db7309a3f64c0f1784e7a72542a54a4216f182ea865080ad6efbaa71414e0
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/bgaming/194f01dc-eaa3-4379-831d-5a792c1eca57.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/avif
content-length: 8870
cache-control: public, max-age=604800
content-disposition: inline; filename="194f01dc-eaa3-4379-831d-5a792c1eca57.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzYzkwNDMzLTY0MWJhIg"
expires: Thu, 02 Feb 2023 08:50:36 GMT
x-request-id: XaEAK-kY2gZKSLFgjEWKA
x-cache-status: HIT
cf-cache-status: HIT
age: 105358
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqU8XLJx4RndxzPL2B9PN6c29Swv5mmbZfHXFfsOog%2Bv1lHHVMj%2BBwTo8JlGd9xAhb%2BaHqs3MVGvfuFvOuyC2Z%2FQuzTXpEOGREUaLZR5V057D2BOjm7fAjsn4J0iI0avCiU5zPxeDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4c09a4b521-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/endorphina/c_a7a3a6c91c477defb558aaaa3474f556.png@avif
104.26.5.11200 OK 6.1 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/endorphina/c_a7a3a6c91c477defb558aaaa3474f556.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 04d165298871006dd1c85a662edc6e9b
1d0fad43e67f4214254105720a43d5af5ab61f83
b292c081556ad9a860ee6c5295992c7e792a08e4f35fcb05e7dedbc7c13b9d39
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/endorphina/c_a7a3a6c91c477defb558aaaa3474f556.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/avif
content-length: 6126
cache-control: public, max-age=604800
content-disposition: inline; filename="c_a7a3a6c91c477defb558aaaa3474f556.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjVmODQ0MGU1LTNiYzEi"
expires: Thu, 02 Feb 2023 10:02:20 GMT
x-request-id: wFNKaLuuw6sLc2f7cwoYq
x-cache-status: HIT
cf-cache-status: HIT
age: 105358
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nQZNGhqYxmS26Zpw7UbZ4%2Fvxt9UExQXxr6c1KKn8BUYUqxqFSVtC2fNCc%2FPogDKATuzg%2FzsYDnzfcEPDKFsF%2BlSSoO3C7GERjIlZ4hE4b97tzObANCBzfqJdLrM06nmr56mMWl8aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4c19b9b521-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/eb768ea8-8c0f-4c1d-a465-b8273ca51b7b.png@avif
104.26.5.11200 OK 7.2 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/eb768ea8-8c0f-4c1d-a465-b8273ca51b7b.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 346cd8e0efd877ab4b3be5e25dcccf98
e9b425456024f04cd54718964de4460a030ece5b
24c523648df2f1021c092a6a6e217f892a6192c3828d71af9ff2177ae77a8cff
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/eb768ea8-8c0f-4c1d-a465-b8273ca51b7b.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/avif
content-length: 7168
cache-control: public, max-age=604800
content-disposition: inline; filename="eb768ea8-8c0f-4c1d-a465-b8273ca51b7b.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzNWZlNTkzLTU2ZTRhIg"
expires: Thu, 02 Feb 2023 09:59:55 GMT
x-request-id: H1Z6wD1jtNxW1mPqoxQDi
x-cache-status: HIT
cf-cache-status: HIT
age: 105358
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=donfkqzimURzugqr8UCKYj9AqOwfyX9VgWMuEV0wMEKHIMdWInIhJaXb8fY3Il4AIkul%2BXncjaM4f9PIS3r211WLXC%2FXswa3KjgdusTtqhf0i4TaPMUT8q7TKj1y7AjLisYbCnd7nw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4c09a8b521-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/26b06924-2e59-423a-b6ef-9bd9c97f41ae.jpg@avif
104.26.5.11200 OK 5.7 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/26b06924-2e59-423a-b6ef-9bd9c97f41ae.jpg@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash d43bad364c5a03c96a9609f5817e6150
15772d42d72303f27a057a208ffa73a5e2cd79c5
fc301e54c3cfd5b3a1ae24e06ce4df85391d488199b163e44fe653027fc014e4
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/26b06924-2e59-423a-b6ef-9bd9c97f41ae.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/avif
content-length: 5690
cache-control: public, max-age=604800
content-disposition: inline; filename="26b06924-2e59-423a-b6ef-9bd9c97f41ae.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzMDc2Zjg5LTEyZjkwIg"
expires: Thu, 02 Feb 2023 09:59:43 GMT
x-request-id: TX1K5cWHXpyP0FUMhzS8Y
x-cache-status: HIT
cf-cache-status: HIT
age: 105358
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4QCTqNncYmQabKp19PPoFsNUXATOe0vsl15OooLL69riJXnF0kTygjFnxTHCWzdW%2Bm96lrrF6Rimxdg7E315TqQAOsfAreiaD9Imz5IUjE8Fh31T6ClW2fttmxaI36wWJ3goHpQMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4c19bfb521-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/02afd62b-235b-4d6b-ad9c-58457d5b4b5d.jpg@avif
104.26.5.11200 OK 4.5 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/02afd62b-235b-4d6b-ad9c-58457d5b4b5d.jpg@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 485b06f67fd25afaea1ab08a605e830c
5adb1ff31fd9a405ab2ddb9a6ec1b3155ca3c9b5
7ebd2ded354fa906d7dea21ee2bb392051524a2f05760986f27271323c3430d1
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/02afd62b-235b-4d6b-ad9c-58457d5b4b5d.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/avif
content-length: 4529
cache-control: public, max-age=604800
content-disposition: inline; filename="02afd62b-235b-4d6b-ad9c-58457d5b4b5d.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzY2ZjY2VmLWJiOTAi"
expires: Tue, 31 Jan 2023 12:22:29 GMT
x-request-id: w225OA76XNK_lGesHFlS2
x-cache-status: HIT
cf-cache-status: HIT
age: 105358
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYWxrKIsl0hjsRGvDEKoXeXxsv9%2FqZaIn2kLb6fGb7mQgwvlw7ZihIzDrnko4ZLxIgGb76r0gbWZGeQuJp2Lk8%2F%2FQLtMYqscd3%2Bxv%2FGJGF07HKS8UEubcl9gchIoDGPxqcZMsX4B6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4c19bdb521-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/elbet.90c78268.svg
104.26.5.11200 OK 22 kB URL HTTP/2 1win-cdn.com/img/elbet.90c78268.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (843)
Hash ec4eaa28832e41d3149a45157a970011
c105653306110735a86d5a252002c7a2508ff94e
8ad833c012dcce8f05fc0ae13e7a920540f566873868f267923f36ca56badaf7
GET /img/elbet.90c78268.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-70f7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566893
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wwnp%2BY%2F7dIVtwl29CftIFz0lYjzkObRU2aP58cK9VtjRlYSLQx7nlFEV19oHvf2wwm0H7LRSn2uqtwqXpfuZVN%2BbfwjsA3TPCKbJn1GW2y7Sno%2BA%2FAotobPGssu%2Frw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b4860b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/dicelab.f8f3d560.svg
104.26.5.11200 OK 11 kB URL HTTP/2 1win-cdn.com/img/dicelab.f8f3d560.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b1470082d414c06c429e4d34df1ca993
9e303a18af4ddc463e4a6d6335ce129a50f3f7f5
34b088c6b51a23d59ff9f8cab6926e96e086652ba037607e3e00db6b2ec03f4f
GET /img/dicelab.f8f3d560.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-f89"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566893
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0TcRbx0E7X7KuDx8kneJq2BnjjLHKJceoRmdDkoomnQoxlquyRMXPY02ES0ijiS%2BJ1Bg%2BJrOnYhWjkOFzdsI5jup7YNj2def%2Fa8x7424y5f%2BwOtf5xK5OWoPpqf3Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b485cb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/edict.209e128e.svg
104.26.5.11200 OK 20 kB URL HTTP/2 1win-cdn.com/img/edict.209e128e.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1910)
Hash 099339d4069391eb99a07cb4eecd68db
ba3fec7b44714e05c4c908bf9978f833c6a78d78
1753a7c7002a1b9c0de572418deeb3f1293a8c5058e7679bb65f1fc07cf0a8ec
GET /img/edict.209e128e.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2f34"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566893
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdFyjrRwkiiKI0VQCzM3cLsHg%2BjQOOzLPtcdLVu88%2B%2B4199Z9ZfQTye3uVh%2F%2BRSW56%2BlVru0EOUNxty%2B8do2igRNXB%2BuiQHT3pub%2BaJW3AcUZ8p6G3IgPcOp4ZFazw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b485db521-OSL
content-encoding: br
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/9c28de57-91e1-4f72-945e-801abb65cbf6.png@avif
104.26.5.11200 OK 9.3 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/9c28de57-91e1-4f72-945e-801abb65cbf6.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 5384c840a28f33c5223c3dc8863a88f0
400b2d5ace998cfab6e5229b11a6c332a2f985a4
b910e4305a4e86b5281c60ebc32ae254422c03c0df2cc971f8a8b68c0657d29b
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/9c28de57-91e1-4f72-945e-801abb65cbf6.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/avif
content-length: 9338
cache-control: public, max-age=604800
content-disposition: inline; filename="9c28de57-91e1-4f72-945e-801abb65cbf6.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzYTlhMDc3LTVhMDZmIg"
expires: Mon, 06 Feb 2023 13:41:24 GMT
x-request-id: Vmb8z1SVFZnz7WDlEAuVD
x-cache-status: HIT
cf-cache-status: HIT
age: 104213
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quWQku4MT1CkZc9FoMglSePQjSsiawPNeYBRwHrcjltelP8Usrnqa3UeMt0xZ96X%2BeyzTGvefrAl%2F8pwswLg%2BNn3paTQ9uf1lEpl2qnd8bW2TR0q6uWc0%2BM85q%2FzU60UWuNSpDhp9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4c09a7b521-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/electric%20elephant%20.0f5be6ef.svg
104.26.5.11200 OK 9.2 kB URL HTTP/2 1win-cdn.com/img/electric%20elephant%20.0f5be6ef.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d1c3ebc9223d51c5a4b77ef555a15a91
f34ccb584a6bd2fb0a8c2c1b21a75b4895693395
ab461a88e2a4d05f300d0443c902d701d69391d631f1475055455059f9c738b2
GET /img/electric%20elephant%20.0f5be6ef.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1cdd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566893
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQI%2FJseja3ZIH95z5jfzbn9JUbGH%2FcR93f5ST7hp7YgewWnNxV3fJpJuGwL7aeBjpZPLvdtUL35hyKXqvqbAY1EaD0MsqsXDPa5menQh2L8ZbSLgn4odRHkJhO93ig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b4863b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/elk.f78317e9.svg
104.26.5.11200 OK 5.7 kB URL HTTP/2 1win-cdn.com/img/elk.f78317e9.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1578)
Hash 0d7dd46f8d5345a655c221d1c3c0d1c9
f78106cdaae78e31d1b8e40193b36266071c8c55
7c26bf1d679682c39223006a1e58c0490877f6a9d5e9d09726df0d6ed33ac440
GET /img/elk.f78317e9.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-d7f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566893
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIzahZ2fagYEbAGh98UQqjFhwwXYf4VqgtsRWn0gdmhFeMho2i2DxX1zrGYgwRwY%2FzAOSNrocnWgioGhGJLHCxuGQs8%2Br5%2FTvk35mif61tznwyUFmAiuiYt0wQSFtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b4865b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/c_171d11fea2c7d05d6a86e9d1d16b550f.jpg@avif
104.26.5.11200 OK 7.6 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/c_171d11fea2c7d05d6a86e9d1d16b550f.jpg@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 7b1c5c217520a7f481efbacb3260d9a4
ed7c8c5563bd2dba071938994725b8d51b498781
691a0da9dc1e49511aed52b3170ff6601ea46403967f1180c29c86e12b26ce6c
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/c_171d11fea2c7d05d6a86e9d1d16b550f.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/avif
content-length: 7556
cache-control: public, max-age=604800
content-disposition: inline; filename="c_171d11fea2c7d05d6a86e9d1d16b550f.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYyNGRhMWY3LTU3NmE5Ig"
expires: Thu, 02 Feb 2023 09:59:50 GMT
x-request-id: UI7a1cl6h0X7HocY_viEf
x-cache-status: HIT
cf-cache-status: HIT
age: 105358
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbfDu4FglBOQjaCQaVjPg7CqwDaEqa%2BilgMQZaAoZPSX0to8985d2C6QfU8aDiQXpzx8m9laId1b57ghRaKDg4Qy2DgWEDoZEkQSRbL7V2IjnjSn0Vv0rjlrICcZtj%2BDcIWyFWrxxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4c29d1b521-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/endorphina.bf6a0cf2.svg
104.26.5.11200 OK 31 kB URL HTTP/2 1win-cdn.com/img/endorphina.bf6a0cf2.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65440)
Hash ef119f5437205ea8459ab14da0179ccc
6b661ae5126f480feb8e546b83e3c434e6379fcc
86dd72f25ec05dfbc79b4627b738e46f0cd6f0a7dd811666efe00597b2dc9e3f
GET /img/endorphina.bf6a0cf2.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-3a771"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566893
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Kj6fARBu92rHQFTldLCVNYwUYTKeWsd%2F8uw0tp65mz%2BU7Nf2G%2BsTvyX0POTjembuxNq4kASTfJtviykSZgFbCWlPIN7xFA4LxIpYB7kQ%2BuVUhn4DKlnjz7sHUBScA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b4869b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/evoplay.f05734bb.svg
104.26.5.11200 OK 7.3 kB URL HTTP/2 1win-cdn.com/img/evoplay.f05734bb.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1381)
Hash e29591cf9bbaa3b7edec0e3019dffcea
40f9cc5735f043644a8015fa19522cc22c0ac7a5
a7524f9ee13f60fe10ec42cc19f8bdf75b10869149fd1ccb71d4849c0f08d01a
GET /img/evoplay.f05734bb.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-a08"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566893
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0C3a87uplI7GRlS%2FnhPUnTrm1z1m0%2FZWhy8QecJs4bRMhWi%2B3BYG35ATT9cZokAaKxzfGLLxndEeYX9g3nCdgzrOcegd9xmqOziQAbOOqskUvxdWbReGeYk6XQLZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b587cb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/fantasma.7a456c94.svg
104.26.5.11200 OK 13 kB URL HTTP/2 1win-cdn.com/img/fantasma.7a456c94.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash 7783c15f5dae07489bde2f8ec87a65dc
67c8a6f03454f2d0ba142f92d7e8c3e2abcac698
3bebb63f577ef51dbc50f7ebea8d6a463aded42fae2dd3a9f6fb83377b94344f
GET /img/fantasma.7a456c94.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2397"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bT%2BzG8zDc8pBpLUUmLuImrApaD48JTCKVCcnGMHapWkQq7bUZHHUNK2P%2B9eB8MivnUW2ALNpRdSgt0zXf9xVyYV18rrZqRzjgr5KwjwvdQbZ8GLNCe7zB%2Fk9yridDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b587eb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/fazi.0731b5cf.svg
104.26.5.11200 OK 6.3 kB URL HTTP/2 1win-cdn.com/img/fazi.0731b5cf.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash f4bb6c62df43e0d3686e361ba9e2ce77
ee054f1bc4915f9e62152791dd6881774c5012de
9f0cd00d27e96dadba84825ae326aac20a7b88b7f6bb6b4f99010e5e85aea81b
GET /img/fazi.0731b5cf.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-27b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DG7j6zOLQnXM5tJ8Y0DYaY0gUlbkPCm9g061PDZ3pHVe0UCAfcB8q7VvTkztiR6gz2zPoCy15e9Azrfi88EVjJ0wiaZhpetEgrtKbXjeZLKk4%2FZOeIC7KIbtnSP1%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b6889b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/green%20jade.c62a1806.svg
104.26.5.11200 OK 4.1 kB URL HTTP/2 1win-cdn.com/img/green%20jade.c62a1806.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e295b2092be6ce194f5dc98c8cf7174a
211432915e3171ba5096243b70ec238c3e0c63cf
2a22c4178871b505a5e76c3979e097f0dd1944ae9ec5c4003df044627f418087
GET /img/green%20jade.c62a1806.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2aee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7UHkPylqMWWTV0%2FTIglMGWQ35ra8i5bMF%2BPI5kkaVwFcL703M105Vf8eSrdcZKdRsUeKNNlLAWSBn7t2bR2eqw3weUd%2FcUZZLmsFMx99D07YrDSva3xllaH5fF5Org%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b78afb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/genii.5614cd78.svg
104.26.5.11200 OK 1.7 kB URL HTTP/2 1win-cdn.com/img/genii.5614cd78.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2272)
Hash 084becd6b9cf70441cf61cb57c54d6cd
785ea4fc04ec69ae91a05ef654cea068e6a4ef74
db0607e9514fa3bcf818c976880e36e60567646ff1aa318f62270aa3f29ca33b
GET /img/genii.5614cd78.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-e7f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22HvmjfXeob2%2F0q3Zb8ae9v018RxeMu9rUUCo%2B7mxPS%2FEhEjInnXnkBrJ5LykjsF5uAG6FUBLfcAq10K64LEdKHpHfPuo5GvfmPoYkLRwZf8WElrCFAaMVDqUwmEwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b789db521-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/bD9xEdP9SoU
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/bD9xEdP9SoU
IP 216.58.211.3:0
Hash b3fafdc828bfa168c8315e78d238f2d8
cae4a0999572b2d63cf606d8f6103980b84d0417
d190bf4fcaca75583da781ef1daaca6a98c0000c3562165708f04386ce27198d
POST /s/gts1p5/bD9xEdP9SoU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 17:21:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1win-cdn.com/img/hacksaw.ba9f22a5.svg
104.26.5.11200 OK 10 kB URL HTTP/2 1win-cdn.com/img/hacksaw.ba9f22a5.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b8ab676edaac08f7ddfb26936b8dc734
deb18c2d6c2b00c8dfc13ba725f3eebe2bf34668
881d5164527cc6ff3729a90306aea6c89580fcf315750c4590c41b11bb22dd87
GET /img/hacksaw.ba9f22a5.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-110b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5LvfBXJA%2FOS9iIs%2B0WZLNG%2BluRHv%2F5HRntIz1x6CJYqE9%2B6lJLApCu2iCZnBZvqSfH13VB%2BKz7%2B1xXJERDs%2BRdK3dHHMMqt%2Fa1XmpI788X90k%2F7hLWos%2Bv%2B1FrOKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b88c3b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/agt.a6dc1f1b.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/agt.a6dc1f1b.svg
IP 104.26.5.11:0
GET /img/agt.a6dc1f1b.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-13fc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhpkOYDqt55MYd8gar%2F2wd5%2B7k6IVW8EQIyQ2cdKzdl5ns%2BArL6rnxXrLotBXDq4jx7WStcj8p7d1Gn%2Bz2%2FG5NIKM2MB8R1sNY%2FEkAvuYP0NkNhn0Kym3qza%2BLepfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4affd3b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/bf%20games.a530d147.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/bf%20games.a530d147.svg
IP 104.26.5.11:0
GET /img/bf%20games.a530d147.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1374"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2Fv8ImS65DcQw5hMdTQqCAjjvdpATfSjdHp2m4l2TmtyE5CmHYn0PyNyuHaHxUjTI3QGmEJc%2FuamVgFGDkc5ExIM7GGEq2z62ajlFr8N6PprsPTM1dD88DzXFg2VHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b0ff0b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/bgaming.8e34f448.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/bgaming.8e34f448.svg
IP 104.26.5.11:0
GET /img/bgaming.8e34f448.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-41d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcPk2ZpEr1hiC7wv6%2FDgcHmXtjdfl4NQfKC0m4uIwKR8JGRfPK9xlbQxthjC65Gb5bzCAgQAdSR8sfxVrzjIzqeI9r%2FmHGEdj6q%2FtQ3qftX0xzJ13owhIQdvvsOFWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b1801b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/blackpudding.ab318dcd.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/blackpudding.ab318dcd.svg
IP 104.26.5.11:0
GET /img/blackpudding.ab318dcd.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-141e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBf%2BGc9gsjA8h74XFsg5uR4TVNcar7b6Uo9ilZlFFwdn%2BGcQuMQoQXSAcvONjYYnz7oBjD%2Fm79hiSEBfvKcpXwXsbNE%2FwBPTHEgF6e21%2By4AbWCxPPw%2FBGKZyXFgsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b1813b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/caleta.4b134d78.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/caleta.4b134d78.svg
IP 104.26.5.11:0
GET /img/caleta.4b134d78.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-502"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566895
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyJt7VdbfUshD8Pd9NAeTQ4dLJDQkVQEsOqrzDk6%2FIKnLSVjemPYRDapdeUohydZQo2eLCgoOXQudU6quvQvKvsLkDeCWFeVRBBWN52TSzIxHWTUvVrfVcP5qVJhPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b3834b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/cool%20games.5793050c.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/cool%20games.5793050c.svg
IP 104.26.5.11:0
GET /img/cool%20games.5793050c.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-d49"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566894
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDPsenYjhaat6rxK65QKOtou2HVpbZwIrVYMsOWtm0KaLAjHcRTgOQ0aRanAb%2ByPvS3sdoEri6s99jLnLvZoJR3P%2BDwrW2tsm51VIBHBjH51yzWLnVJmJPmanoN5ww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b383ab521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/desktop.cc218ee9.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/desktop.cc218ee9.js
IP 104.26.5.11:0
GET /js/desktop.cc218ee9.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wduef.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:32 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=119486
access-control-allow-origin: *
etag: W/"63da3cd0-1d2be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 01 Feb 2023 10:20:00 GMT
cf-cache-status: HIT
age: 24778
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYjB9d5rqRWoCdG%2FK29XWu%2BsDjtRZqDbxtadGvCTJH5l2Ti2TdVlQAaEZy95ed7UgUgIKIJ9AfoHt0RgnY6uF%2FCGIiKPefRxgge%2FeNnDjppaFQOozadnm4BHwKfkYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d2f1ccfb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-roulette@2.25507485-256.webp
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/sprite-roulette@2.25507485-256.webp
IP 104.26.5.11:0
GET /img/sprite-roulette@2.25507485-256.webp HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: image/webp
content-length: 719644
last-modified: Wed, 01 Feb 2023 10:20:00 GMT
etag: "63da3cd0-afb1c"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 3765
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tssAUA3%2FLkprRxn4dAyH8Dk9uLsYGxJW1WfOEquMYzR3MVkTZyEty45yMcLSmv5qnOJpOxarnTCpm5BKU%2BxS8Vlc%2FIQkl4Jm8YSPSQtyKYj2Sa%2B24r%2BnaV%2FKn8kchg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3d8c79b521-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/iron%20dog%20studios.8a9aca7b.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/iron%20dog%20studios.8a9aca7b.svg
IP 104.26.5.11:0
GET /img/iron%20dog%20studios.8a9aca7b.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-23e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXj3mgWafOp0SjKVAdwrYrftIkTsMtxAzE2pSjBi4s220NacFU0dh4bYUP8ty0yIQjzOtJjlucOdn75weq39u62ArFUfqPQBsOZgTuA0MMvQYQWNcJX%2FVIvQDaiQrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b98d9b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/smartsoft.55c81c76.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/smartsoft.55c81c76.svg
IP 104.26.5.11:0
GET /img/smartsoft.55c81c76.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-149b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73%2FD5%2B%2Fyhw7pY185Q2irjxv9ioL%2F9atd8UTcv8Q61NOeknuT1qez%2BAN6LMHkt9lzJuYltod1XeB4QvHxgUFJhKJ%2FX%2Bmkfsj9%2BVbGFJDcdsdnksosVJtP%2FLyKbdxBPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4be968b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/icons_tennis.4b25aa6e.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/icons_tennis.4b25aa6e.svg
IP 104.26.5.11:0
GET /img/icons_tennis.4b25aa6e.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Referer: https://1win-cdn.com/css/5616.80aa74eb.css
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:40 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-6b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 502795
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYQM50i2WVBkiNnEmQqCPLRSSqFql6mlgKQIQdXLKMqHS4wWZ%2ByB2U5WDBQgH%2BAPnirruQCAzIcH0oyDT5NwapbrNemSzYBZ5PxeESyTE7pDrgEObJJ1Oc2mxFscdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d670c1bb524-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/felt.10413409.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/felt.10413409.svg
IP 104.26.5.11:0
GET /img/felt.10413409.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-17fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGomJ995%2BwOEPo9YhoBCPZFHxXvp6Bk3FvxqR8gdlGF0u9XNDxzDZY0TzUZghr%2FiUEEtZBNcdVyDXamwDyz%2FYWiaabc%2B0cc8N%2F4tslen1%2FV1pPpo8UeBVUFl9LvzsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b6895b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/icons_football.2e809939.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/icons_football.2e809939.svg
IP 104.26.5.11:0
GET /img/icons_football.2e809939.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Referer: https://1win-cdn.com/css/5616.80aa74eb.css
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:40 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-32f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 502795
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWBwFZ%2Bb6tXhvP40NmNQlO0iNSJxwE39hcuIiSqW0n5znGtzMXlFPRoG5Fyc1rc1wW6iDAzbxOhMtGfRRnYjTP5cq2jPlQg3wJ0Uv%2FJI9BLvMzN%2Fn6YobLgcrMJEnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d66fc0ab524-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/high5.4aa8a605.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/high5.4aa8a605.svg
IP 104.26.5.11:0
GET /img/high5.4aa8a605.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-1314"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1165318
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9eQ6oFe8HNGRNs5kwBrlDz3vkIHYhjvirAuo6slGVsqC239p9Mgl9TIkH6hxyDT57ucAJXNFLleVBMChMlQiJlr9IT9F6K5c5F%2FgX8AKAdMixw8wIrUjrd17xaaT2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b88c9b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/betsoft.c6b04922.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/betsoft.c6b04922.svg
IP 104.26.5.11:0
GET /img/betsoft.c6b04922.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-14a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3567664
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OvGyb37xJ84pKhTdvkKlNpMXLdfDpYQ3cBcfLKnigoa0SvAbgGZ28B55MOIv3hKkDKUJRtXXZJJyBlOk0HFpHN1m3gsXosl7Q41pwFjVDROOGBrzX9T5%2FeDxqNR%2FEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b0fecb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/boldplay.018c7f09.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/boldplay.018c7f09.svg
IP 104.26.5.11:0
GET /img/boldplay.018c7f09.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-1603"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1165318
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCH8zTAJewgCl28bAwKYNE9xhVJ7fSihrDygtEk7t0FBcSaIEdN2JDNEO93NUCCZvbr7D7cikg2RFE8OQhkesOUEVDy9DM7cYoK9QlxFHCGaCUn5E3KjsdRbZncD3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b1818b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/habanero.5aca5f39.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/habanero.5aca5f39.svg
IP 104.26.5.11:0
GET /img/habanero.5aca5f39.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-1077"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 577701
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4dBGG4qUKBqZRtfRerWZv2MqBZ1gEzVLWRaPzdQnojUryIbKWWe9Ey7wh27dPr1dfGVHoGcxqnJa1r32QtToq18udrLrxVcN%2BvbpWmofzbXcmVd1enFlETbW1y6Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b78b2b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/hollegames.04d23aa8.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/hollegames.04d23aa8.svg
IP 104.26.5.11:0
GET /img/hollegames.04d23aa8.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2121"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8%2BJeHmASd88uOtQHTCaY%2FHvW1n7hdR3nknoHE2WVwKGMFIIgXheqr9l4M1AldzkAcoJ%2Fz9Ht5woZsH5fE1M7CXKcoP%2FpSPImFY%2BWXufziV%2BrJbo7Tg%2F5uiva0iLmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b88d3b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/kiron.4a0c7f94.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/kiron.4a0c7f94.svg
IP 104.26.5.11:0
GET /img/kiron.4a0c7f94.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-264"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ve6cIKFD%2BPFCYAQ2L5RbWA6UdiShkg%2BuhutapX2mZUHleWedrIbtx8prGQDYsB%2B%2F6MVelg1FkPWlDnUAn5kagrMykcckH2%2FRoZHbW4IJDpKlocIIqepyue7cvdWvpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b98ddb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/silverback.e3f805e2.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/silverback.e3f805e2.svg
IP 104.26.5.11:0
GET /img/silverback.e3f805e2.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1c185"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzY1mRosksq4MC6DcUjMpW7H0GIbx3Tn6UCNPBVfKxDvkdrYA2w1FVBw7lgQn2p12K24h5R77b20xhtAHJAw54P1g9sHQd8C4a2FGxBhFvDBky3LuarMooRC3p9kNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4be95db521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/tpg.b2c2a9df.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/tpg.b2c2a9df.svg
IP 104.26.5.11:0
GET /img/tpg.b2c2a9df.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-a6f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1165318
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQstv0shY9TL9QlHdomO%2FGq8E3nbOY5n5ESrIjPxrdqogu%2BHDAYKIPHsGOjZeuHBTOCa6UaAHLtrMPOihwnX92n43fEBQi8U6%2FwnOvsWu9PyDVBiqAZSbxn47bnBsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4be979b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/7mojos%20live.0bbc237e.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/7mojos%20live.0bbc237e.svg
IP 104.26.5.11:0
GET /img/7mojos%20live.0bbc237e.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-144e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tcuebgX4jQDAJuWg6y%2Bjqgx0TrtyJyjxticJ83v7C6xI714keT0P0x9pxbIePjvM%2BXPUaSLa6Zlv%2FCteBNdoM0AfHtlMfi9R4z7jxIw3MYK9VgSy6vYaUcjofn9ow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4affceb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/atmosfera.2954041c.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/atmosfera.2954041c.svg
IP 104.26.5.11:0
GET /img/atmosfera.2954041c.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-156d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ze9BiBV54wytzQCe2rOEuR8JI1JExteoTAVj%2Fq86vjLVJfxoo%2BAn8layRpGIuCZV4F0yh%2BQO3Htq9ibJNfF7cUz9Pz9570IIOqxqXcN3zLQ8x8nYeSUFMN%2BWbeWkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b0fe1b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/bet2tech.bb2f3549.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/bet2tech.bb2f3549.svg
IP 104.26.5.11:0
GET /img/bet2tech.bb2f3549.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-5e6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fz9%2Faog%2FzPzruhf6WRQY5%2Boq9Ch%2FvMuwIkE2JMs689S2IKWgNecpBzK3je9YbBfvSvj%2FdIOSD9bDUBnup8HRNhqF7n0a9Ho82kjpZCSAxaJxejCca3biCkTXNHwsLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b0fe9b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/redtiger.81376ac8.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/redtiger.81376ac8.svg
IP 104.26.5.11:0
GET /img/redtiger.81376ac8.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2a9f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3567535
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3j0%2BzSohDUmYN20iP1%2FobtscgkmV4vDz0zdNS%2B8BZtAxbvafK7h8r8KN4ydV9eYmc79QXg8xf54XZzUXJ4CpF3vUypHzgXVJ7S5Z7gDQBmO4f9olHsI9NCodVrJH8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4bd945b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/tvbet.c92ea7dc.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/tvbet.c92ea7dc.svg
IP 104.26.5.11:0
GET /img/tvbet.c92ea7dc.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-3edf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glzs6vDBorLwB8886QPQc%2Bu83CAFKWVjW87Y3V%2F4ckNPlaOP9ywV1CHbZeWSBJXApOJj%2B%2FvJq%2FNrsjmpoVUAiH0oVgiqfEq%2F%2BA6EkKEwGPgHbAZy66jA98hjWl%2FP%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4be985b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/rubyplay.ba93a714.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/rubyplay.ba93a714.svg
IP 104.26.5.11:0
GET /img/rubyplay.ba93a714.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-245b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJ1IOlo3v%2Fi8Ns%2FuJvvCBtf8r8sK483RoJ5r2A3Gs9q1vioo8gO%2FlPtVvgaLJmbgO3Nq7n7QKx8EF1hTKQGx3w8xx9OqHNibvt3UV0t1r8ZAMlDGTDikK4UaLe4aqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4c39eeb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/css/2950.0a35ca33.css
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/css/2950.0a35ca33.css
IP 104.26.5.11:0
GET /css/2950.0a35ca33.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wduef.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:32 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=19535
access-control-allow-origin: *
etag: W/"63ce67e3-4c4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 23 Jan 2023 10:56:35 GMT
cf-cache-status: HIT
age: 800641
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2bQYIwzo8AWEbYR0WdZVpZdb1dadZ1Z9yo12Fzb3UAgh3efGnu7tp6MgWo7r9oTdR03Bu%2FIDE%2BPnZFKrIO6sojRkzKxqrAUxnUWEN11w97OqTppYdF8iCUwOC5w9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d322a5cb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/apparat.982be0d4.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/apparat.982be0d4.svg
IP 104.26.5.11:0
GET /img/apparat.982be0d4.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-177"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OC9gmbpv%2Fi%2B8tfYhnD7P2tQ4G%2BUyD6I9Io2IK%2BcUmWDmUtyhUIDTf6RPOA023a18lk4eb0fRXDHe7bpplMQEwSmwAzwPyY9zuNLcm6aQ4HWa20FGIi%2BHHgnHWTH6%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4affd7b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/givme%20games.9c29bc7b.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/givme%20games.9c29bc7b.svg
IP 104.26.5.11:0
GET /img/givme%20games.9c29bc7b.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-961"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9CwjwlYkwVZymvPGSvtLgVmrJ4rqa4xjHB%2Beu0ZNsG32LZDfxTLckKn0a4IyAXMCtIs6rRy9hFt3jqTq8O%2BK1wbyUe36sodz96qQdG1tWnSbOXa7Ih%2B%2Flezga8M0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b789eb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/sapphire%20gaming.474064f5.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/sapphire%20gaming.474064f5.svg
IP 104.26.5.11:0
GET /img/sapphire%20gaming.474064f5.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-3bfe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNX7cv73Acom4%2B5LHlGNd82z%2FBF4h8suiqhtA5BN2mSv8GodQZKcMtglunJAR8edJvd32OGh5UhueabQeli3e18hqZRemn2ktP4vZD2VXskvjJve8LmZeCGaxx2F%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4be95cb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/fire.47bc0337.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/fire.47bc0337.svg
IP 104.26.5.11:0
GET /img/fire.47bc0337.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-244"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566884
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Q3XC6BqwEtMjDcGjrwYR1Uag8nhhOg%2BILkclGqMiQB0ychHNBIP4onr6Wc%2B8pjyYoYicqeMRgPXG2PYNKcjzDCx6HSs%2FmsPJGYELCAZAW3Nzwj2y7WTSMuCokppww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3d7c51b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/belatra.259628ea.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/belatra.259628ea.svg
IP 104.26.5.11:0
GET /img/belatra.259628ea.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1818"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3w9l5r7dD9xoiEV75Tnm5f4ABa9ycQJE0jn2kjmFUX2JWnIPbbLRhU6gyokckz8wMgNHv1IspjbwDxIZlCTZSQjSBkb7UL7g9ULRCfeyzKjm5WYNKoBfwj5LUwy9bA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b0fe5b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/superlotto.164bda58.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/superlotto.164bda58.svg
IP 104.26.5.11:0
GET /img/superlotto.164bda58.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1a77"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqFjjlwHDzHGZhh45yMV8z3zFMVNyIELJRQd3Y8G7huWAO1mBmdhqgpM12qQchMECDY1qZ0iQVZ57lN%2B629XVGiyN4Bet79lJVggwoVNeyx%2FsVWrjXtLnPOKIkv1Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4be973b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/spribe.e535371c.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/spribe.e535371c.svg
IP 104.26.5.11:0
GET /img/spribe.e535371c.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-843"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZtEpetMBfm1LL1HEGatWBpIO6t0RhNdHmwBV5JF9yYOqocaokwpeVxR%2FXzbYnNbQ3AAroKNENFeMr7cZsq7GnI80ElKsVNTX4jbCPsw85DBEkqy%2BWXrXhE%2Bemi32w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4be96fb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/common/banners/all-v2?lang=en&type=desktop&bannersType=main
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/common/banners/all-v2?lang=en&type=desktop&bannersType=main
IP 104.26.5.11:0
GET /common/banners/all-v2?lang=en&type=desktop&bannersType=main HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wduef.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wduef.top
vary: Origin
x-frame-options: DENY
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiX9junHmD1yXM507PvAgCXifODFZvqP22NW4i%2BOfX2z18%2BPKq8iC7cSkTsV6ygKjgeW0ldavjoUyV3wouPkPsCECvzTzMWm5uNJLWjrN3NKWZHlUEzA8cwyeipiIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792c5d3dacabb524-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/big%20time%20gaming.848cd084.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/big%20time%20gaming.848cd084.svg
IP 104.26.5.11:0
GET /img/big%20time%20gaming.848cd084.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-209a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sAeVQb1wSHm7UZVLF9iuwVLr5s2Uhq0zBvthcp2MRF3hJ75ZFgtRpZoJaIAUDzCKHMLHQ5LpXOijRf3gWvu0Eky%2BtXKWvPhReFgIg8lqvV709a4s3Lw0K39hd2Njaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b1807b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/icons-pack-sports-promotion.9bb32256.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/icons-pack-sports-promotion.9bb32256.js
IP 104.26.5.11:0
GET /js/icons-pack-sports-promotion.9bb32256.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=19260
access-control-allow-origin: *
etag: W/"63a42a53-4b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3568783
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhfMZ26B8H1fljd2%2FOOxXk2C7S76fVs3fWUHeiBJ0Tu7Kbvx1kD8X1Gb5xDX6IdfPO8x2wbHqDHhHP78m6aRCD5DCUaKNKmTuy6E1lqSnITy6Ue8ofFBu%2FOaxMnHCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3d7c55b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/authenticgaming.08e94926.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/authenticgaming.08e94926.svg
IP 104.26.5.11:0
GET /img/authenticgaming.08e94926.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2813"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vl1Qu6Fm9LwmyQWGs1MGuHAmY9VNqVl11z3BAMD9%2BmduabUBMgzhsBit9IO79LJKkWI%2FUCSWBKG5iMrs80eyeRtBX9PEAL8fs9O2o6F7tQeHC5dHnMaECuVrt8e%2BQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b0fe3b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/fugaso.a193ab53.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/fugaso.a193ab53.svg
IP 104.26.5.11:0
GET /img/fugaso.a193ab53.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-4c1e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3567664
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=610gVFv1OerDK1cDwcFsgKAeRjbXBDzo9ZRqu9XQRCPnUPEYGOvNNTamvM0C2TTpe10lmCfLgnCSXpBc8CDX6Y%2Be9NiCat1QdYhoyaPlUqgGMwbavkSRZR7SqgrAJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b6896b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/tomhorn.8e656e09.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/tomhorn.8e656e09.svg
IP 104.26.5.11:0
GET /img/tomhorn.8e656e09.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1811"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDtavwFuaKsT%2FRW041fNZcKzRfYADQ7LF2L9pryGFKsFMBw6tyxAaWB9zmwRd321T%2BGMvHxTondHOMTmyHJBckqStjEJp1grdO0I0F4wulHtObSPd9xM7Tljvn2EEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4be977b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1wduef.top/
190.115.19.101200 OK 0 B IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: 1wduef.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 01 Feb 2023 17:21:31 GMT
content-type: text/html; charset=utf-8
x-frame-options: DENY
content-encoding: gzip
X-Firefox-Spdy: h2
1win-cdn.com/img/5%20men%20gaming.81b340c2.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/5%20men%20gaming.81b340c2.svg
IP 104.26.5.11:0
GET /img/5%20men%20gaming.81b340c2.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1ac8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Ijc8VwnlnYvn8fmvvszLHYMBsHdv%2FPzQ74FawwqSWP9CMAJGs8nfaoz7Zw42e6CG%2FQpo3YgnrEK2j%2FVboXCVf%2BzPw9mrCliT9A69rFkkc%2FYTYXyHuTjzWUAiahMgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4affcab521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/1win.e3630873.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/1win.e3630873.svg
IP 104.26.5.11:0
GET /img/1win.e3630873.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-60f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHvSoj%2Fu4MKDC9JKo0%2B9KhdMXCe2TP1OApb7LSX4b90znqUtotZ7jUR1dM05JStEJ5cMgztaRYspws4PrsS6N3uhrvN4GVGecnmW%2BXfrRgZRoPDd4kq9ANXQrinHcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4affb6b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/apollo.72eae79f.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/apollo.72eae79f.svg
IP 104.26.5.11:0
GET /img/apollo.72eae79f.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-312f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3567664
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfxGFPiYLoNc%2Fq4SFjr6vtFtCfrTPkz3Kqt4Z3asWwCYo%2Bw1leFbI5Pv2Ipn5LidGt3nJ%2FNIhXd%2Fp%2Fv5%2BaBvpREYK36NPMFTzkfCNSpJ7XyV%2B2H%2BvnTpp2vE3XqWtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4affd4b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/boomerang.ce3752d9.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/boomerang.ce3752d9.svg
IP 104.26.5.11:0
GET /img/boomerang.ce3752d9.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-81cd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566895
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CLplnHvL6Gf9%2FymhuYJTgQVccm9%2FCL7P6CByz34x8CsofTRQyksdGARReQOmrO%2FHae%2BB4i%2FeGOtHBUqz03vuiFO2dmYM865SRQPeXCcxMHIDXH2wGzkJvGMJECvnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b281bb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/salsa.aa6535b1.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/salsa.aa6535b1.svg
IP 104.26.5.11:0
GET /img/salsa.aa6535b1.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-246f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hihdk3V9cOUQ3XwVuypEbt2YJEnEWX%2BYrwViIlYRD9ni%2BkmtbYG0SLrIGXBDzf%2Fy74Mw9nLc5H5Nmpk6J3olwD4UVWtdFNJPQ7ArYN75V4zXEvmCsrUlMlI0abCKDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4be95bb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/spadegaming.eebb41d8.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/spadegaming.eebb41d8.svg
IP 104.26.5.11:0
GET /img/spadegaming.eebb41d8.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2d62"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyfi5agKKieWwSkEpAK3AxqFKtiuYTOn%2BZBG1l4QjsweFRhPiwdtIxQFfhVFd2dMZ5ooSSv%2FBaa%2B7YqE%2F0C02VBCXU7LwjQuKn7Pa%2Fcs3oivkfIzn8DQra45ykTcbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4be96ab521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/spinomenal.30d1dc2d.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/spinomenal.30d1dc2d.svg
IP 104.26.5.11:0
GET /img/spinomenal.30d1dc2d.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-6e7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3567535
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwhtSr25PCLm2ND5xtafXe7u3AlMOeEqtyPwX2az%2B6IvX3nWCyeMWFhgBqOWDmXQ0mxAXRLr7t%2FNAOSXMCohqIPIOEDZ7KLvQYUgvlMvO%2BOORDqxQxHb%2By2fMVO2HA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4be96eb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/icons-pack-payment-full.6272cc58.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/icons-pack-payment-full.6272cc58.js
IP 104.26.5.11:0
GET /js/icons-pack-payment-full.6272cc58.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:34 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=112398
access-control-allow-origin: *
etag: W/"63c7c775-1b70e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
cf-cache-status: HIT
age: 1167350
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vb7jMLx%2BRUdpEijInCSzwcF0lXKsqeTLygGJWW%2FRjafvqXr01QjGH3Pxh8fR%2BP21ZuXoCQZK2WSK4muKs1pxWHRGViHjHIVaPns3aEQjq8xs61AXyOAi9DpLD%2BrhDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d3d7c57b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1wduef.top/sw.db344b25.js
190.115.19.101200 OK 0 B URL HTTP/2 1wduef.top/sw.db344b25.js
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
GET /sw.db344b25.js HTTP/1.1
Host: 1wduef.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Wed, 01 Feb 2023 17:21:32 GMT
content-type: application/javascript
last-modified: Wed, 01 Feb 2023 10:20:08 GMT
etag: W/"63da3cd8-18bf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
content-encoding: gzip
X-Firefox-Spdy: h2
1win-cdn.com/img/skywind.61796511.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/skywind.61796511.svg
IP 104.26.5.11:0
GET /img/skywind.61796511.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-15e3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1165318
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJYEIKpNJJKAs4FThYs1ZekZf5r5qkyD%2BqhW%2BF%2Ftpv17gi%2Fgxw9DuPZqLrp8AQ8AamdGC24qEalJoOL08pu5B7I8CwQumDqDf6fY%2BIFPY58lT%2F6j6xaWuxZ2YnKiNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4be964b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/thunderkick.93d20b41.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/thunderkick.93d20b41.svg
IP 104.26.5.11:0
GET /img/thunderkick.93d20b41.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-1f2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 490890
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6oM4UmIkO52ZwuG4ZlPv4Txzazui9dSX7SFzA1yHEjahuN06fGeZ0vx%2BME3Q1tS%2FOyg%2B8MZXqC4m%2BKYeqBwHjbBhQfNiDs1U686yGG%2F9j7BB7JHZl%2BqK%2B7k%2FlUl6FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4be976b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/vivogaming.41d892b8.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/vivogaming.41d892b8.svg
IP 104.26.5.11:0
GET /img/vivogaming.41d892b8.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-f228"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 502791
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9jpBuTmSsWTJDCvmXdU00opG6OJF6x60GKTf%2FJB8jPkl5fqtri3677Lu%2BH5betKuO8EmDqmN71nmxRB3ri%2BxhO6BX060VGco3J66LbDzXZXT9m770lKwXNYGT6cyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4bf98fb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/7mojos%20slots.d3a1137d.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/7mojos%20slots.d3a1137d.svg
IP 104.26.5.11:0
GET /img/7mojos%20slots.d3a1137d.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-22be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1165318
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZajRBshMfkrwZPRizNmkZKxVRGCYaPYaySRqI9%2Fa9j7CHv03ZQ3Ze3BrVIQeyTBm1jc9eYK7DirE7XoDnz%2Bvn4ufnDPMublqbLCLccSLa1RW%2FvJeyrAL4S2OeB0Apw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4affcfb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/revolver.1a5adf31.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/revolver.1a5adf31.svg
IP 104.26.5.11:0
GET /img/revolver.1a5adf31.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-e61"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gw%2BOUloCy6XFtT%2B37RMPgYZFfPk5sWaTn3DTLcBSMuCPcBv%2FErjsniPoRu%2F4Oxmued58XNhFLU0%2BJpOf%2FD7SteD%2B7jDbjo3DRM0gm02hCPsEdjmA%2FyC1%2BIvAbedsIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4bd94cb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/champion.2f4e5fd3.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/champion.2f4e5fd3.svg
IP 104.26.5.11:0
GET /img/champion.2f4e5fd3.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-a80"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566894
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEi%2FZ04jLYmGVZelsxRZMR5jgbicJOPCNX1OXgwwHcJnX%2BUBSnguQyzB3zPpV6H6nLCBjeKzsv9a5wnwvrdhZxoaA23I7LS9FntsFL9xbLGuGzP%2FLnL%2FLSaIP8BhdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4c39e4b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/sagaming.4e1b794f.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/sagaming.4e1b794f.svg
IP 104.26.5.11:0
GET /img/sagaming.4e1b794f.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1060"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QoFTacjMwkfchYW8npIcFQKspS4Te5SCh%2BLtGF8fvy6wWsDTF7tWR%2BYMuUJcqQRLv38bLPPACVbN%2F8PB83dE%2B19Q3lxTOFGklBULUfNO9ZGzNdt6XidMLZEB1ciT4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4bd94eb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/spinmatic.6decf00d.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/spinmatic.6decf00d.svg
IP 104.26.5.11:0
GET /img/spinmatic.6decf00d.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-24b3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FUckLue551o4tRQK1QzBzjZ6UjbiVFjO1GrBBdr8LU7e%2FkzWgBIF3KTo4w1b%2FCaZp5HLeWOG0t8W57Ik41zLgUl%2BHvljzNenHccmEaSi0lSni7NDw6RY1bLPTNRIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4be96bb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/booming.a167e59f.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/booming.a167e59f.svg
IP 104.26.5.11:0
GET /img/booming.a167e59f.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-8b3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566895
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkeTqV%2Bf3PKjvoA3fqTlnx38wAF3rRnXtu%2F3aTxs6hudvdBjL%2FxNSPCr7YRoLV5zxM%2BI%2Bb0iYDfNDuWwf%2BhodIUZQls7TI6mW%2FGvxjBGLPrGQqoHUMGh7ZmdLFi3OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b2822b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/cq9.bd2145b0.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/cq9.bd2145b0.svg
IP 104.26.5.11:0
GET /img/cq9.bd2145b0.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1169"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566894
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2F4EU2dKXb7XlZmALU5C1INTEwAADDpogu3EcLiHMcRbs7LdzBkKFUVEII5OeOqys1xixCPX1MY%2BGiNTMQL9MGmAfGbKsaEj6KYxZ5acuWoUJi5rHY97jA84%2FtZOPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b4848b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/icons_gandball.a82d6ed8.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/icons_gandball.a82d6ed8.svg
IP 104.26.5.11:0
GET /img/icons_gandball.a82d6ed8.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Referer: https://1win-cdn.com/css/5616.80aa74eb.css
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:40 GMT
content-type: image/svg+xml
last-modified: Mon, 30 Jan 2023 13:36:59 GMT
etag: W/"63d7c7fb-371"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 133591
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1M8sXlC5n5Z6YWP5Dg%2F8mU%2FbSpw%2B0dkjfR7X%2Fu1GJiQsNm%2FCCILrOqixhzXx6Kym1CAsIswzNq0RpiIQta%2FPXdwkJ39F38VUvVdR9SXI322nbrmLgpjYueTd5uOTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d670c2eb524-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/golden%20hero%20games.815c7431.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/golden%20hero%20games.815c7431.svg
IP 104.26.5.11:0
GET /img/golden%20hero%20games.815c7431.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-ba94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVDd2AdaWsh%2By%2FIww5hOs32MVvAKb1oIH3mGMq7QowTe0dZPuOZ0U6SN6TUWBFvwlTqgjM5G0mlZmgNWiMkcE0fLJ6hOd7k8huJc%2FDYrG5Aecyiy5emGr%2FWhUIXeYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b789fb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/gamzix.f7270646.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/gamzix.f7270646.svg
IP 104.26.5.11:0
GET /img/gamzix.f7270646.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-f15b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AcNIHU5CAnbZWJhPv4H1PBQ8h8j6FlQgNg9koBvgzr32p0LaEuHcH%2FKqeBlo3cttohkggOTnN2lKDxQS1cO9vBTqusz8npclpODbUmhrTmoAzIzZSJc8USE4M69ksQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b789ab521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/hogaming.f8502380.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/hogaming.f8502380.svg
IP 104.26.5.11:0
GET /img/hogaming.f8502380.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2cde"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkIq6CiGlSN%2FNC6LRnVCzMIZpK9SzYQ3vs4jU2XYfqssnL7gNJGSoVP%2BJZ9Z0sAhL30rv8jz9T8JELEcliIM%2BP5%2Fr363bubvUWl4QEFaxs%2BgYY190SHxkIq4WZAxAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b88ceb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/wazdan.63223c78.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/wazdan.63223c78.svg
IP 104.26.5.11:0
GET /img/wazdan.63223c78.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-cac"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAKHj6OASLPY9q79dJR6MfkEJcIRBDCkP2JpVr5b9W0NQfqbzpT85A3CvK8sfRJR9z54f0rpfzmqQbKtGA3iZ8AOg%2B6MOlkxwC3Leu5yN6uwq3MSHJii8kbQBvB5zg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4c099ab521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/chunk-common.09968c8c.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/chunk-common.09968c8c.js
IP 104.26.5.11:0
GET /js/chunk-common.09968c8c.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wduef.top
Connection: keep-alive
Referer: https://1wduef.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 01 Feb 2023 10:19:57 GMT
etag: W/"63da3ccd-417b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATRdbHMMAxJZl0ea9y869%2FqkkNRAdFpi4cHpxA5CihjcouB30ff28PxVaWn6V8LoQ7cmtxkjBnCRkRYIs2O3UdQgvSGtuhV91QkL2I1Z%2Fh5rJurLUEe8jSm9EReKwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d2f5abbb524-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/5862.39aa5820.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/5862.39aa5820.js
IP 104.26.5.11:0
GET /js/5862.39aa5820.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:33 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=95351
access-control-allow-origin: *
etag: W/"63c68016-17477"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 17 Jan 2023 11:01:42 GMT
cf-cache-status: HIT
age: 1318291
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEgsvWBXfTvnr9qxJORsPIsMho7Rb5WAgLvqZAabgij6yOC6yjAdPC2VmqvFFYDOi6F%2FhILm45PeAOdZ5gT17YpHpt%2FcbVJP05GDAsgw5aipQpp1NSp6L7VmHl8p0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d397ebeb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/1x2gaming.9c41eb85.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/1x2gaming.9c41eb85.svg
IP 104.26.5.11:0
GET /img/1x2gaming.9c41eb85.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-f4c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lb7hUxtEaUUxNrlEyuQacFPVmtGYIJvLnq2ImOIvxsNkU1QsB8lmTFqnvOypXcy9bwqJOwhdZnvVvwqZRIjkh8NpUMyF5g5%2BKHNZLbL0q5Pw2YLrEV6TVXwBtDhhTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4affbcb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/539.677ecef1.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/539.677ecef1.js
IP 104.26.5.11:0
GET /js/539.677ecef1.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:33 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=22657
access-control-allow-origin: *
etag: W/"63da3ccc-5881"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 01 Feb 2023 10:19:56 GMT
cf-cache-status: HIT
age: 24747
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0Atc5CZWCXyZQ6GI0QxdI6X76YbWKKX%2FP5DV6eALz1A3wlmqprDyK9Vn5SAhOwDw%2FsE%2Ba1JqhPg8nsFJfcuSxeq9F7jbXFBxTq9fflAJ0bzulSy4I4VBq1Cg19nFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d398ed9b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/icons-pack-casino.243be753.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/icons-pack-casino.243be753.js
IP 104.26.5.11:0
GET /js/icons-pack-casino.243be753.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=93639
access-control-allow-origin: *
etag: W/"63a42a53-16dc7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3568854
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=haXThYRj2jKzQAo9k1SKU8JrW7oTl%2FyqsbgxxCISRHOLiBA4Hbx2Z2HLPNm1F4SoR4alQLmJ30UuGBSjz5s8TB%2FcuLyozZZ0Cv4ehdkJdmPUbrWzIGGhlR8HgLTcrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4aefb3b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/blueprint.92d09945.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/blueprint.92d09945.svg
IP 104.26.5.11:0
GET /img/blueprint.92d09945.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2a4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566895
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iv96kgi%2Bb8OOEHJEblgmGdHaGLBa34FS62A9YC6Kg42H7PJRy8lITrGzXvgw%2FSj5F%2Fie2Gcdh88RJ5eMMSxBIEv09VGsKvPT9CfiZgp65sBVfbm%2FFBNW9FtIlB1eww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b1816b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/goldenrace.423ead5c.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/goldenrace.423ead5c.svg
IP 104.26.5.11:0
GET /img/goldenrace.423ead5c.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-7198"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ejb35yJ5ATlV8fA%2F4l%2Fi4Os7hrogdzy7kqplBUN3y4RZTg263XSfrXpXjnEcek5cpKDw1q%2BPCrRos%2F%2F0gJ6Fp2uGjyC4lSc47o2ekp6ymSGSyFAXlWBQRiGdDtXIwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b78a2b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/synot.becc85e0.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/synot.becc85e0.svg
IP 104.26.5.11:0
GET /img/synot.becc85e0.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-b94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QaDHznj%2B9h4H4Ew2dDh33Kvn8Fj4q3BDOPImOXsy0XwuJT23ei6KepXh8DEqDDVW%2BGwBFxbWXDiQ8qkCsbf3Hew%2BzF3hiVGzfHbkPqBF0Pk%2B1WpgLjDoT7jnbSxPJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4be975b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/sthlm%20gaming.a42e0c70.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/sthlm%20gaming.a42e0c70.svg
IP 104.26.5.11:0
GET /img/sthlm%20gaming.a42e0c70.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-3199"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wqh3%2FYheUDO32tzEV5CGEhHZTqUV%2F639mHn%2FTkjmwKNto%2BJ15IUELuWB0mZdSKq1aXHweZTS%2BZN0bEdgovfUsp41W8iARXfjYcennF2W1qcMbty8aMoqlA6OG%2B0srA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4be970b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/yggdrasil.6666231e.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/yggdrasil.6666231e.svg
IP 104.26.5.11:0
GET /img/yggdrasil.6666231e.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-12ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHeeHZpb2n9TSm4awBSYCKmyZB3Hb1ND7omGL4L%2FQVnP9DSNy2mSjOb0ZQgsk1QWhf4fozvtLG5eSitUI9yGNz%2BunalGUAofdsNIuT2Bfc35ifN%2B0iXNsFovRcqn6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4c099cb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/7057.25a522c3.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/7057.25a522c3.js
IP 104.26.5.11:0
GET /js/7057.25a522c3.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:33 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=99219
access-control-allow-origin: *
etag: W/"63da3cca-18393"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 01 Feb 2023 10:19:54 GMT
cf-cache-status: HIT
age: 24748
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFnxnDG%2BxrbA7IGYRvggB3R0v3eP8Btb9YK4SxkeZyN1HDwUuDCjNyv%2BHCseSlqNoBuYipxxioc8ogyVtsTP1Wpytnu2l%2Bryv4gCh2wfRDUkRm7S94SVsphmrXLiYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d398ed2b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/4theplayer.1c19371a.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/4theplayer.1c19371a.svg
IP 104.26.5.11:0
GET /img/4theplayer.1c19371a.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-25e5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdgaeBSM1xtg%2FP5vYpJn6gnCymBEcMvvHC7022WtTAtpkCq1uKxs%2FxdwFAYknGOI1y2oLo6gsuTzhcQd4SyVk8421z2%2BaTIzoU%2Ffl0eaYKIoGFqzKcb5MyyE1PLyNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4affc6b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/simpleplay.21ac090f.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/simpleplay.21ac090f.svg
IP 104.26.5.11:0
GET /img/simpleplay.21ac090f.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-a01"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 502791
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3pNwd4RCHMi5CDM7rXhZ2nU3N7mqrwWvBsq%2BUyOyyEqk1AgLTFacoDe9ov08yfuqiToOVipONGOQpvd17%2BYZoS5B1z%2BiBftQEt1%2FiSAldNjGKeAugwv1aI0XYw6VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4be963b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/virtual%20generation.76588830.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/virtual%20generation.76588830.svg
IP 104.26.5.11:0
GET /img/virtual%20generation.76588830.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2e89"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baBfu7jJsNStPEO3p%2ByiOTk4GrZtrhPqoMA0BMJ%2BtDY9u9bM798ou1aOCYqZNRgKxq3vFB5rvZG4OagMl7SRRui7YdntWQo4tGLo0wf7WjelzzlKaYNvX2R0YC095Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4bf98ab521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/worldmatch.767ba51a.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/worldmatch.767ba51a.svg
IP 104.26.5.11:0
GET /img/worldmatch.767ba51a.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-1f6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1165318
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MefcxPgiqRw09hmiQmCM4Qsk%2BectUIgfyMQFrA%2FrjX3dc%2FM6QzRiTUoe%2BdEOUo1G8FOEvb7QwoxhiaOM%2FhVKUnTZ1SU2hzAWPL8bFZzQ9rEBNjnUshBbRlOUmon1eA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4c099bb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/css/546.f10717d0.css
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/css/546.f10717d0.css
IP 104.26.5.11:0
GET /css/546.f10717d0.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:33 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
access-control-allow-origin: *
etag: W/"63c7c775-2bb4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
cf-cache-status: HIT
age: 1174579
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5OZwvs1DqpaRvkXF6qGAZaB%2FgjWxzNu4j7s3IH55CQeorS0nFzPCv7BCGUx4z3kAzK1A19aFZBdH9hrVrbh7hwrw4CWnnt%2FP3X6R3x%2Fl10E13vvxGmJlJP1sJEYwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d398edbb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/gameart.bec40c08.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/gameart.bec40c08.svg
IP 104.26.5.11:0
GET /img/gameart.bec40c08.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-a20"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RfXZden5iZWv%2Bpws9AJOIwHrOa8F5wVD74Wk4byPUGjEjHf3X8NlZkpSgQbDXrsLS6owi1fNnKDBz7FiZsL4K6jzSLAe4TVZjw%2BImsQYjHQndRM7BEl5MCPDOSviA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b6898b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/zeus%20play.8ccc9002.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/zeus%20play.8ccc9002.svg
IP 104.26.5.11:0
GET /img/zeus%20play.8ccc9002.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-3d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67CckBC2IsvTfuJXzXX9m7FQIKVTBbQdHhLPN2NNlwRxvjLGm6jWEqR4imDF4EoPzDEoTRNHuZZ%2F054hsAmfRaGek%2B8F6K3KyqrSRgodltr9cevJlla40ZLc4LEZ8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4c099eb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/index.ecc6b6a5.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/index.ecc6b6a5.js
IP 104.26.5.11:0
GET /js/index.ecc6b6a5.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wduef.top
Connection: keep-alive
Referer: https://1wduef.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 01 Feb 2023 10:19:56 GMT
etag: W/"63da3ccc-165eb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IylTpTK4F4e039B3lpFGCjzSdimaDRK4a2QhnkYUWzpqVO5x0Yf4OAUD%2B3MXKlQjYoubBqt6lKGtSz3GkzAhS7enC5bxLJSmLteMJIt%2FUlgZY33cQXOYtrpZsitNOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d2f2a67b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/retrogames.513aab74.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/retrogames.513aab74.svg
IP 104.26.5.11:0
GET /img/retrogames.513aab74.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-815"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UooFuZ3ifz1HM6NVup5lppRB7atstbdQqcKqbuHZ9yjG2tG1GVRpZhcFHK7u2BCEU2TlVdo51%2FuBkE8G59pzwaYB0nc2Phk2xUYeTc2iDihmbkzfTP6lfPL6i7cNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4bd94ab521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/igrosoft.81ca5abc.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/igrosoft.81ca5abc.svg
IP 104.26.5.11:0
GET /img/igrosoft.81ca5abc.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2243"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Awm5YEcoIhzYKHRXpvXz2TnmjwjfG%2BUK9bqHTiKzNGC9BBRDjMaAqvjUpitnxW2yZwXY53Gdvq2P8nE9sEq%2Fk1usn21ucxZZ7MsblYyxSdnPKT5RJ3R%2FwpP%2Frp%2BKig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b98d4b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/mancala%20gaming.792c2e8b.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/mancala%20gaming.792c2e8b.svg
IP 104.26.5.11:0
GET /img/mancala%20gaming.792c2e8b.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-305d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbwIsD4alQiLQPTXD3wElUCK4u8BDcyRLk%2Fc7n0Ec2az6lRjeBtY0jhqocs4bM4i2zprAa%2FGvVFKbrWjxIoOgNV%2Fio4baeX27oCI8WH%2FyYSp9zrRrwILdw2Ozcu4Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4ba8f5b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/mascotgaming.fbac2f51.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/mascotgaming.fbac2f51.svg
IP 104.26.5.11:0
GET /img/mascotgaming.fbac2f51.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-b64"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvLh0jRVbt9Gd%2F56qZjSdg5CJEEhaUPohjDp%2FGYQffJiofCOie4yRtQcNIsewqhcuA4bQ6SUo6UPbCbTo%2FxT6xYfGrBcLei%2FhOofPeOeR4YihkqBAK%2FMMpSyCMLlGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4ba8f9b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/betsolutions.9f618e22.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/betsolutions.9f618e22.svg
IP 104.26.5.11:0
GET /img/betsolutions.9f618e22.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wduef.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 17:21:36 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-911"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3566886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKNsp4fB%2Brx2MN0cCiBL174ZfkvBxT5bLsf37eS05z8DZEobCYIJ%2FdJfeSZ1ffWAbNuQrzN26MMxjXVuvX%2FJjw1Gi68LuOqQuGgpWHdYOe2KRaeRZIXCt%2FH1x2r8Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792c5d4b0fedb521-OSL
content-encoding: br
X-Firefox-Spdy: h2