www.refpakagynce.top/
104.21.37.153303 See Other 0 B IP 104.21.37.153:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: www.refpakagynce.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 303 See Other
Date: Fri, 03 Feb 2023 04:55:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: no-referrer
Location: https://1wswqf.top/?open=register&sub2=12675#79i6
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IcJLO7O7iA%2B28lECxbUk5hwxr%2FHerGyIdb1FhR5OH2nlKhXEcuWVqKlYxzUYPRSY%2FEOBfhkEuU83EPuwrwfuOfw%2Bv2Tvk5golruyW2wtJBSE3itMIJ8mywmgcB615PHRUVv8ejErQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79389325483b0b39-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10982
Expires: Fri, 03 Feb 2023 07:58:33 GMT
Date: Fri, 03 Feb 2023 04:55:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5382
Expires: Fri, 03 Feb 2023 06:25:13 GMT
Date: Fri, 03 Feb 2023 04:55:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 04:36:09 GMT
content-type: application/json
age: 1162
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16696
Expires: Fri, 03 Feb 2023 09:33:47 GMT
Date: Fri, 03 Feb 2023 04:55:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6z2oUoaHYNmcAoW6Ba5B7+a/gQTdSxo2rDJZhMqcO0/1wFoJAipcbZ3f9L2WWjYoKEktEJW1VXs=
x-amz-request-id: BXXCW28B5HH6VEND
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 04:52:16 GMT
age: 195
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 04:55:31 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dac40e7d707f3080dd81d0e3ee140d90
9cb212f4da52f1b581a3dc685711e99284e93c65
949a528f47785e003aa3b5f4403197e8b258e142ed69ac11d39ba3fee4471969
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "949A528F47785E003AA3B5F4403197E8B258E142ED69AC11D39BA3FEE4471969"
Last-Modified: Thu, 02 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12490
Expires: Fri, 03 Feb 2023 08:23:41 GMT
Date: Fri, 03 Feb 2023 04:55:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 04:07:19 GMT
age: 2893
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11587
Expires: Fri, 03 Feb 2023 08:08:39 GMT
Date: Fri, 03 Feb 2023 04:55:32 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/Qcxua71jizE
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Qcxua71jizE
IP 142.250.74.3:0
Hash 48ae2d22feec03d883cfc66b532c7b45
7b4336285ab1fb34892f892d7d270048148a343b
2d6e83cccb3effd9782f9b73a88c251e82fe76819b004b8a20fc3375aa7a276c
POST /s/gts1p5/Qcxua71jizE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:55:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Qcxua71jizE
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Qcxua71jizE
IP 142.250.74.3:0
Hash 48ae2d22feec03d883cfc66b532c7b45
7b4336285ab1fb34892f892d7d270048148a343b
2d6e83cccb3effd9782f9b73a88c251e82fe76819b004b8a20fc3375aa7a276c
POST /s/gts1p5/Qcxua71jizE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:55:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Qcxua71jizE
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Qcxua71jizE
IP 142.250.74.3:0
Hash 48ae2d22feec03d883cfc66b532c7b45
7b4336285ab1fb34892f892d7d270048148a343b
2d6e83cccb3effd9782f9b73a88c251e82fe76819b004b8a20fc3375aa7a276c
POST /s/gts1p5/Qcxua71jizE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:55:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Qcxua71jizE
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Qcxua71jizE
IP 142.250.74.3:0
Hash 48ae2d22feec03d883cfc66b532c7b45
7b4336285ab1fb34892f892d7d270048148a343b
2d6e83cccb3effd9782f9b73a88c251e82fe76819b004b8a20fc3375aa7a276c
POST /s/gts1p5/Qcxua71jizE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:55:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Qcxua71jizE
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Qcxua71jizE
IP 142.250.74.3:0
Hash 48ae2d22feec03d883cfc66b532c7b45
7b4336285ab1fb34892f892d7d270048148a343b
2d6e83cccb3effd9782f9b73a88c251e82fe76819b004b8a20fc3375aa7a276c
POST /s/gts1p5/Qcxua71jizE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:55:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1win-cdn.com/css/6610.4f034e44.css
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/css/6610.4f034e44.css
IP 104.26.5.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/6610.4f034e44.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:32 GMT
content-type: text/css
content-length: 0
cache-control: max-age=315360000
cf-bgj: minify
access-control-allow-origin: *
etag: "63c7c775-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
cf-cache-status: HIT
age: 1295393
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ST8WR6SZqCLdxv30lfC%2F8Htz6NbAAfsUDOSY%2BMoEljayYelI0lERvWTAsdJCqUmUzpVTDPyR5P67%2Bybn3Lu3xWLhiAVJMQH0%2BasUUFSdnGS%2F%2FpkXoAecIQoB79FIEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938932d0863b529-OSL
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.228.1.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.228.1.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WGVNyCh7VWVKHu0Z75yuHw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LNTLCVzWcmDIalW+gpQTXlWGQwE=
1win-cdn.com/js/desktop.d41825b9.js
104.26.5.11200 OK 31 kB URL HTTP/2 1win-cdn.com/js/desktop.d41825b9.js
IP 104.26.5.11:0
File type Unicode text, UTF-8 text, with very long lines (65495), with no line terminators
Hash 7f2f9396f4fedfb356073ce119fa80f6
699793c03c9dd36ae081e7e8dd4c3b90bc46cb77
7633c344a6c0eb1c736e39edb8627464b16c7c7635405cff97119917d502e534
GET /js/desktop.d41825b9.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:32 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=119138
access-control-allow-origin: *
etag: W/"63db9176-1d162"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 02 Feb 2023 10:33:26 GMT
cf-cache-status: HIT
age: 65185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwNmskL0JTQ1XOCylNB516rZPS%2B%2Ff6lekddzWgQfWyZCzvahRRXE1eZMvVuazSIzyOfyqxHfMvcl8gVxuaQKr1zDI36NqqVXWPKh08SkqEsAiL9kSwHGpGW89SmH5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938932d0861b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/1705.d306728f.js
104.26.5.11200 OK 389 kB URL HTTP/2 1win-cdn.com/js/1705.d306728f.js
IP 104.26.5.11:0
File type ASCII text, with very long lines (29271), with no line terminators
Size 389 kB (389179 bytes)
Hash e985767c50d4327c9ab489fdda3d1bf3
4b7f62b72b38d367a4f5a73d32b58c1a9a71b9dc
c6876924c8e1ee28a92988839ca8e04d4d7118cbbbbe5e6a9efec665723be3d3
GET /js/1705.d306728f.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:32 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=29313
access-control-allow-origin: *
etag: W/"63a42a53-7281"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3695989
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjuD9K55ANE5TChDC%2BCmjxQ%2F1vv1zZdvZNBZowku47hvOT%2Bj%2Bvuis132me3dYCIKVrXdQuOaLQrOngDpYDJCubo1nUrYCDw%2BnS8Rqlp0hH4hrCfDxBrrWRIAb%2B%2Bh9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938932dd8b6b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/chunk-vendors.b204489a.js
104.26.5.11200 OK 164 kB URL HTTP/2 1win-cdn.com/js/chunk-vendors.b204489a.js
IP 104.26.5.11:0
File type Unicode text, UTF-8 text, with very long lines (65469), with no line terminators
Size 164 kB (163598 bytes)
Hash bb3f67db619def1787ff0477df06fe91
6f549a859370d2b7beb0cb7f25b7048f91dae430
0560a4ceaecb5111fb411695e47cf5148a26a94db063de34d10b28985e3a9c5d
GET /js/chunk-vendors.b204489a.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wswqf.top
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:32 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=427140
access-control-allow-origin: *
etag: W/"63db9175-68484"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 02 Feb 2023 10:33:25 GMT
cf-cache-status: HIT
age: 65695
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NiYW7U%2F4arr96h3Zx0oC5XznU7AOAE3A7q3Iqfa1fnI3Bd%2BDk7WKU2h6wDDMg5thHUj%2FsfuwElByYrvlclFKtuHGBpEeQ%2BhFUrTxP6Hv%2F4FmmpsaCavyjU2bVelaAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938932cf84ab4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
1wswqf.top/img/icons/favicon-16x16-darkmode.png
190.115.19.101200 OK 410 B URL HTTP/2 1wswqf.top/img/icons/favicon-16x16-darkmode.png
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash c7a60b79929bf150e44e5ac28fcd0d4e
f1ecf72f71d7b4153b151e7a27d40bf0c926b09e
f2b53ffbd8af9378b2e1d160500d2a2f3fae9b963cf4d6a3e88108a765a548cf
Analyzer Verdict Alert quad9 Sinkholed
GET /img/icons/favicon-16x16-darkmode.png HTTP/1.1
Host: 1wswqf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/?open=register&sub2=12675
Cookie: sub_ids=sub2=12675; visit_domain=1wswqf.top; partner_key=79i6; core-sticky=http://10.233.97.208:80
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Fri, 03 Feb 2023 04:55:32 GMT
content-type: image/png
content-length: 410
last-modified: Thu, 02 Feb 2023 10:33:35 GMT
etag: "63db917f-19a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
accept-ranges: bytes
X-Firefox-Spdy: h2
1win-cdn.com/js/2950.f117965c.js
104.26.5.11200 OK 154 kB URL HTTP/2 1win-cdn.com/js/2950.f117965c.js
IP 104.26.5.11:0
File type Unicode text, UTF-8 text, with very long lines (65459), with no line terminators
Size 154 kB (153725 bytes)
Hash 5227979a65d6a4cbfcf7f538716ce49b
9490bbea27de1d487eb7b635d102f3e52d2ed664
8ef5ecf333635409eb4df1b445547afefdd48c5cd92054188db1df83c26f8e4b
GET /js/2950.f117965c.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:32 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=540139
access-control-allow-origin: *
etag: W/"63db9176-83deb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 02 Feb 2023 10:33:26 GMT
cf-cache-status: HIT
age: 66026
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPSdJV63xkTTUjrKDH%2F4aeefo%2B7plhThTTZ2mjTmPoYEKwFFNv41C77ujOj60bL5dLE1f6RA7TR29KH2yctjffBrb%2FxGPVW0ocKkDG4Rggg8isXk06qgBMBpyYY%2F3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938932dd8bab529-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:55:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
142.250.74.168200 OK 57 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
IP 142.250.74.168:0
File type ASCII text, with very long lines (13682)
Hash f66e8d87dfba2afdb73b440ce3e9ff2e
3f9ba8283d9ca68f3a3bcc020eb47c5710e9d33a
70446533a71a7019c7ececfa05fc5e6eadf2391c8b7a8e4c71aaf63fe9f58357
GET /gtm.js?id=GTM-KGKQDC7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 04:55:33 GMT
expires: Fri, 03 Feb 2023 04:55:33 GMT
cache-control: private, max-age=900
last-modified: Fri, 03 Feb 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 57241
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:55:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.hotjar.com/modules.4b160a4831adaf5337e6.js
143.204.55.40200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.4b160a4831adaf5337e6.js
IP 143.204.55.40:0
File type Unicode text, UTF-8 text, with very long lines (48602)
Hash 3315b6999637291711ab85ba678211fa
d1bba723aa49e6276dfdb0f1313a9bf0b64be153
b3bd4f702044ae91c9227ce2d5c8411d3fec3abb82c9c1b7a9b69d2011c520e5
GET /modules.4b160a4831adaf5337e6.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
HTTP/2 200 OK
content-type: application/javascript
content-length: 68316
date: Mon, 30 Jan 2023 16:06:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "3315b6999637291711ab85ba678211fa"
last-modified: Mon, 30 Jan 2023 16:05:37 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1bonlt50cTp0NIQci4rKkxbZCFC3qd0veWGbRAzWF-DBjnfb9zmswg==
age: 305367
X-Firefox-Spdy: h2
vars.hotjar.com/box-2722367854ce9702c28ea74c51e2a23f.html
143.204.55.105200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-2722367854ce9702c28ea74c51e2a23f.html
IP 143.204.55.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 8665e233ef6caaf010ca89793f27b6f8
5c593fa5f33e55b3081308b43e6e801b56c047f7
435a3ca7c1c49cbfac193647d056e46217e5c3f9c65c354974ad7acdfb8925ac
GET /box-2722367854ce9702c28ea74c51e2a23f.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Mon, 30 Jan 2023 16:06:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "8665e233ef6caaf010ca89793f27b6f8"
last-modified: Mon, 30 Jan 2023 16:05:37 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mnXNsp5ywCU_AJPIenXxfZzeFhYh8BmDxF3XvotFFV26EU8sFE0e-w==
age: 305367
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 636897389814ca4d23aa4009b8fb1458
14394dbd8f0e226b71e1bd35c6da2278828feae4
85bcc6e816cf5ea2028e9dc4862f3de068d0606949b3fef3fcc5b32fab37ad86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:55:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.amplitude.com/libs/amplitude-8.17.0-min.gz.js
54.230.245.120200 OK 27 kB URL HTTP/2 cdn.amplitude.com/libs/amplitude-8.17.0-min.gz.js
IP 54.230.245.120:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e5211b7cbee53b6912f07a1cd72a4582
097096657cc1484ad9509b2c990a81a48990efdc
008014793f2666c663f98c7a3405db81b2db301c6a3caf2c05e6e9556085aa78
GET /libs/amplitude-8.17.0-min.gz.js HTTP/1.1
Host: cdn.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wswqf.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
HTTP/2 200 OK
content-type: application/javascript
content-length: 27400
date: Sat, 14 Jan 2023 17:39:11 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Fri, 25 Mar 2022 19:53:18 GMT
etag: "e5211b7cbee53b6912f07a1cd72a4582"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: wr63ICD3duh0Opi8j2KDhI34Ow38BHG0
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x036oHTAIjuP4AtvRKjrko0OJwtNxH0-idtuBFcCZKjqvxGQDQz8Ug==
age: 1682183
X-Firefox-Spdy: h2
12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=6064437871144;gtm=45He3210;auiddc=1004294856.1675400163;~oref=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26?
142.250.74.166200 OK 274 B URL HTTP/2 12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=6064437871144;gtm=45He3210;auiddc=1004294856.1675400163;~oref=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26?
IP 142.250.74.166:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (471), with no line terminators
Hash 08204b124023f690442c259a9bae000d
d145ad315b41072287d21d3044c9384c6cdf810a
c948c80f15a0046c3a793791aabe9b7a23e874e4c6af49a9148476959244315f
GET /activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=6064437871144;gtm=45He3210;auiddc=1004294856.1675400163;~oref=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26? HTTP/1.1
Host: 12688802.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 04:55:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 274
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 05:10:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 636897389814ca4d23aa4009b8fb1458
14394dbd8f0e226b71e1bd35c6da2278828feae4
85bcc6e816cf5ea2028e9dc4862f3de068d0606949b3fef3fcc5b32fab37ad86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:55:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6040165481661.473?
142.250.74.166200 OK 274 B URL HTTP/2 12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6040165481661.473?
IP 142.250.74.166:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (520), with no line terminators
Hash 7874185ae1b39a485ce97825925dfd62
0b5038b687e96655ab391891bab7c1990e4b7933
967a826b985814462358a4e9d0d12c6b902287724011791800ba690426634200
GET /activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6040165481661.473? HTTP/1.1
Host: 12572451.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 04:55:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 274
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 05:10:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1wswqf.top/firebase/8.1.1/firebase-messaging.js
190.115.19.101200 OK 13 kB URL HTTP/2 1wswqf.top/firebase/8.1.1/firebase-messaging.js
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
Hash f94005993564653247246ea21471d57a
4cbf5123ca6b8334ae7e13e67c73cbcdaea76057
7331ede9e9ca870d8456960ab6a9b81b00312035ee9820061b2fb703c570f740
Analyzer Verdict Alert quad9 Sinkholed
GET /firebase/8.1.1/firebase-messaging.js HTTP/1.1
Host: 1wswqf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/sw.db344b25.js
Cookie: sub_ids=sub2=12675; visit_domain=1wswqf.top; partner_key=79i6; core-sticky=http://10.233.97.208:80
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Fri, 03 Feb 2023 04:55:32 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 10:33:35 GMT
etag: W/"63db917f-9f25"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 636897389814ca4d23aa4009b8fb1458
14394dbd8f0e226b71e1bd35c6da2278828feae4
85bcc6e816cf5ea2028e9dc4862f3de068d0606949b3fef3fcc5b32fab37ad86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:55:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.lab.amplitude.com/sdk/vardata
151.101.130.132200 OK 2 B URL HTTP/2 api.lab.amplitude.com/sdk/vardata
IP 151.101.130.132:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /sdk/vardata HTTP/1.1
Host: api.lab.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1wswqf.top/
Authorization: Api-Key client-Ss5BFx7UDrTj948TJHfc5ZUoTW67EjvZ
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS41LjUiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkZpcmVmb3ggMTA1IiwiZGV2aWNlX21vZGVsIjoiV2luZG93cyIsInVzZXJfcHJvcGVydGllcyI6e319
Origin: https://1wswqf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
access-control-allow-origin: https://1wswqf.top
access-control-allow-credentials: true
x-amzn-trace-id: Root=1-63dc93c5-0b9286bc210e347a3c8f3baa
x-content-type-options: nosniff
accept-ranges: bytes
date: Fri, 03 Feb 2023 04:55:33 GMT
age: 0
x-served-by: cache-bma1644-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675400133.262030,VS0,VE187
vary: Origin, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 636897389814ca4d23aa4009b8fb1458
14394dbd8f0e226b71e1bd35c6da2278828feae4
85bcc6e816cf5ea2028e9dc4862f3de068d0606949b3fef3fcc5b32fab37ad86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:55:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:55:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:55:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=6064437871144;gtm=45He3210;auiddc=1004294856.1675400163;~oref=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26
142.250.74.162200 OK 276 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=6064437871144;gtm=45He3210;auiddc=1004294856.1675400163;~oref=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (470), with no line terminators
Hash 9addfd5d970f427b14c3c3ba71a577c1
9e766ed2fcf41a0bdcecd5a5a3b74a96469b4a91
413e654a40588bd25394d928864c4820cbca3b428fea605c0d3668d1678ec239
GET /ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=6064437871144;gtm=45He3210;auiddc=1004294856.1675400163;~oref=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://12688802.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 04:55:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6040165481661.473;~oref=https://1wswqf.top/
142.250.74.162200 OK 276 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6040165481661.473;~oref=https://1wswqf.top/
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (519), with no line terminators
Hash b280a86257f48feb0e979fc095e34998
20d0d1e0a7e7d5c87d15ee1dbaf7d08a1c01677f
835dfcc9295d386f851bb26431e7fdb5a15c34891c329ab21d044813668d10d5
GET /ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6040165481661.473;~oref=https://1wswqf.top/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 04:55:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
87.250.251.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash a236c7014c1f1a1e52d356f59e5d665a
b66c638eb2346287364c37725819bbab1f409d66
ad2d57579e453af0eac49156840bcd1dcfbd802a82135af98f41f714d7e698f2
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
HTTP/2 200 OK
content-length: 73769
date: Fri, 03 Feb 2023 04:55:33 GMT
access-control-allow-origin: *
etag: "63c93a4b-12029"
expires: Fri, 03 Feb 2023 05:55:33 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:55:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.hotjar.com/c/hotjar-2606090.js?sv=6
143.204.55.84200 OK 3.5 kB URL HTTP/2 static.hotjar.com/c/hotjar-2606090.js?sv=6
IP 143.204.55.84:0
File type ASCII text, with very long lines (7535)
Hash 4f73b28be533b3f832a324251ce7c7b7
5bb63d25ca8fd45c96010c1ce20a47913d6a7d65
46eff2ef7c9a9c64ac7befc53158e7bb22f589e19da78c23caf23ea162726f0c
GET /c/hotjar-2606090.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 04:54:43 GMT
cache-control: max-age=60
etag: W/c1b2abc9b3fa88d1b281047172e41fc7
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VQeqyVnlgb4Jd7KWkzEyFFkxQACALILzQIpFR3k381xSO91USDOe3Q==
age: 51
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2bef39ac599211fe23ad884ceacf1c9b
c19b32a600412658c49a3e55d5d8353a5101c31d
0ff4181df99351d3aa3490540d2f19474531fb07e13ee457b9339efab1a47ad9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:55:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2bef39ac599211fe23ad884ceacf1c9b
c19b32a600412658c49a3e55d5d8353a5101c31d
0ff4181df99351d3aa3490540d2f19474531fb07e13ee457b9339efab1a47ad9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:55:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6040165481661.473;~oref=https://1wswqf.top/
142.250.74.98200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6040165481661.473;~oref=https://1wswqf.top/
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6040165481661.473;~oref=https://1wswqf.top/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 04:55:33 GMT
expires: Fri, 03 Feb 2023 04:55:33 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=6064437871144;gtm=45He3210;auiddc=1004294856.1675400163;~oref=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26
142.250.74.98200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=6064437871144;gtm=45He3210;auiddc=1004294856.1675400163;~oref=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=6064437871144;gtm=45He3210;auiddc=1004294856.1675400163;~oref=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 04:55:33 GMT
expires: Fri, 03 Feb 2023 04:55:33 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2bef39ac599211fe23ad884ceacf1c9b
c19b32a600412658c49a3e55d5d8353a5101c31d
0ff4181df99351d3aa3490540d2f19474531fb07e13ee457b9339efab1a47ad9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:55:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5813
Expires: Fri, 03 Feb 2023 06:32:26 GMT
Date: Fri, 03 Feb 2023 04:55:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5813
Expires: Fri, 03 Feb 2023 06:32:26 GMT
Date: Fri, 03 Feb 2023 04:55:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5813
Expires: Fri, 03 Feb 2023 06:32:26 GMT
Date: Fri, 03 Feb 2023 04:55:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5813
Expires: Fri, 03 Feb 2023 06:32:26 GMT
Date: Fri, 03 Feb 2023 04:55:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5813
Expires: Fri, 03 Feb 2023 06:32:26 GMT
Date: Fri, 03 Feb 2023 04:55:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XTZJAn0LMAfFtaQ2bN8z58cCsUT5GzxDMnHVB_iw9E_NskHQ-BgbRQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:19:26 GMT
age: 84437
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d005c4-44bd-4c69-b179-e966a5e62bc4.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d005c4-44bd-4c69-b179-e966a5e62bc4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 08efac01fbe2d2949d81cfa427e8f360
e354cd76c38a72a10eddad9298b43415f8f04ed1
a5edf287aefdfb2f4c33d19b322b2574553fc9f5646f147359a3dcf8c1d75cb1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d005c4-44bd-4c69-b179-e966a5e62bc4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7700
x-amzn-requestid: 11dd2ef1-f809-4a95-aeef-361cfa745eea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYyFIHUVIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d363ba-7841e2a6249f0e5d7aa91c8d;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 05:40:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gYmuJEgMngPXgeLlAQfRoP-EtCgH--hkvSt6OPTUlYXxetmf5zAtVg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 25652
etag: "e354cd76c38a72a10eddad9298b43415f8f04ed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4242d4999b7b033873b81a482c319c2
bc4c004065ce9f558f210d508844c123a85737a1
ab35a5c1a7c1a0a548aee3b9c301893799680ec1922c13e7a16d44ca457cd91d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a53e95-81db-4f71-84bc-169a72e11b24.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7237
x-amzn-requestid: f6aa0d26-8df4-40fe-8984-1aac7c76097e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVr4jEdeIAMFTYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2269c-58a038d6491d8f461e9168d4;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:07:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XNO6ArxsjiZTxcoSn1Fmhso5bpWNIvzT9nplF6UGTiHVxXlJiv7bJA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:58:40 GMT
age: 25013
etag: "bc4c004065ce9f558f210d508844c123a85737a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c9d26d7-b28f-485c-91d6-67a0813a0f3c.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c9d26d7-b28f-485c-91d6-67a0813a0f3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0c1c2a5a291f23be6591c9b19db47b47
2f67cdba4a3d5a8cf6f6eb7951d2a1bda6e01619
327efb8c72421819992900ab0f8f267da7d28122c710b8694979116579d512c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c9d26d7-b28f-485c-91d6-67a0813a0f3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3083
x-amzn-requestid: 7a4f094b-a423-401e-a9e7-8d9f130e2e40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi1drEtKIAMFuYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76924-66751080608a6cd2650b853d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:52:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UoXATdGOgEK3Unxszcp4ulAK3b1BuHS2MbUzTHe-qxjNZkb2eoxE-A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:44:49 GMT
age: 25844
etag: "2f67cdba4a3d5a8cf6f6eb7951d2a1bda6e01619"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a92e881554205ebbe3721a7bbaeab40
b620fc82bd15b55b581bd8c3a699e1b16563ad2e
ff753b8411bfa0df54938a5f829ce25acbad863a2a3540b3bacca02baf9a2c7d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6398
x-amzn-requestid: 843fefd3-8cf4-44ee-bb7c-a010d4149442
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuv1XFXQoAMFe5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2cee-76739fd87b4c0d203eca4114;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2cGZEXolULcBUgvrZ55IWnR825LgkHDFmJFJ5i9lcl4KYbDte3-N1g==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:43 GMT
age: 25070
etag: "b620fc82bd15b55b581bd8c3a699e1b16563ad2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 25652
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
1wswqf.top/1.txt?1675400163225
190.115.19.101200 OK 8 B URL HTTP/2 1wswqf.top/1.txt?1675400163225
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
Hash 48cfef8b3001a8c220dc815870f9916e
b77e871e72a3083c4bb31d6bcb5a257557181269
3d2c759213949af96fbdcd756a5146f64a9acadf9625bd7a9feb04bb4517b4f9
Analyzer Verdict Alert quad9 Sinkholed
GET /1.txt?1675400163225 HTTP/1.1
Host: 1wswqf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1wswqf.top/sw.db344b25.js
Connection: keep-alive
Cookie: sub_ids=sub2=12675; visit_domain=1wswqf.top; partner_key=79i6; core-sticky=http://10.233.97.208:80; 1w_lang=en; _gcl_au=1.1.1004294856.1675400163; amp_494ccc=Vd2OcWm9TcrhcmuefxuDr1...1goaq3bd0.1goaq3bd0.0.0.0; _ga_548949LWLW=GS1.1.1675400162.1.0.1675400162.0.0.0; _ga=GA1.1.1279123172.1675400163; _hjSessionUser_2606090=eyJpZCI6IjA0NmNmY2Y0LTVjNTgtNWFhZC04OGYyLTc1OGM1MWUwNWY3ZCIsImNyZWF0ZWQiOjE2NzU0MDAxNjI2MTQsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2606090=eyJpZCI6IjIwZmY5MmI2LWNkY2QtNDc1MC1hMDEzLTZkYTZlZGYxNDQ1MyIsImNyZWF0ZWQiOjE2NzU0MDAxNjI3OTQsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; _hjHasCachedUserAttributes=true; _ym_uid=1675400163351337349; _ym_d=1675400163
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Fri, 03 Feb 2023 04:55:33 GMT
content-type: text/plain
content-length: 8
last-modified: Thu, 02 Feb 2023 10:33:35 GMT
etag: "63db917f-8"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
1win-cdn.com/css/5616.80aa74eb.css
104.26.5.11200 OK 3.7 kB URL HTTP/2 1win-cdn.com/css/5616.80aa74eb.css
IP 104.26.5.11:0
File type ASCII text, with very long lines (20616), with no line terminators
Hash af89d94a62b6c21133052e567de4e323
ece7cc18f959d26a8cefeb7914cb0919a0610c0b
54295da12022880ab66093b7ce5295916fa04d75bc6f6b5ec7a9f07d46569841
GET /css/5616.80aa74eb.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:33 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
access-control-allow-origin: *
etag: W/"63a42a53-5088"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3696840
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZY7eiOtaDGnhJ6OERPfwmEBra1DhqW4qzNsCb%2B4M%2BI0N54rX7Q2dyNKkdWz0afwQqRzPxkZZTlPExIGhYELO0oMhyFZ31g5lCZWLiARp2aFm5GdRksjDHdJwNZuIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389334fbcdb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/541.d536ea95.js
104.26.5.11200 OK 4.0 kB URL HTTP/2 1win-cdn.com/js/541.d536ea95.js
IP 104.26.5.11:0
File type Unicode text, UTF-8 text, with very long lines (11173), with no line terminators
Hash 320ce985095c116f60fd8e6bc4aaf9f6
93f6c9fb90e8fae386309792c39656bcf2d08164
bb6484984e2add5bde7501ed4341dc45905582fe11d9b390356382c1d892851e
GET /js/541.d536ea95.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:33 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=11217
access-control-allow-origin: *
etag: W/"63a43d6a-2bd1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 11:20:10 GMT
cf-cache-status: HIT
age: 3692089
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lg%2B%2B3mhBwH1Ii16KPhe9toBeNqIUdexEoA7%2BveSuIhDwNY4UQAGfPrr8RVjpniXZnRS13s0CUCsEzn%2FjFkUWqMRPa%2BGutpSDadtrBSjmsukiYDAHGhWXbHancGGImw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389334fbd8b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1wswqf.top/common/title?path=bets&lang=en
190.115.19.101200 OK 16 B URL HTTP/2 1wswqf.top/common/title?path=bets&lang=en
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Analyzer Verdict Alert quad9 Sinkholed
GET /common/title?path=bets&lang=en HTTP/1.1
Host: 1wswqf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1wswqf.top/?open=register&
Connection: keep-alive
Cookie: sub_ids=sub2=12675; visit_domain=1wswqf.top; partner_key=79i6; core-sticky=http://10.233.97.208:80; 1w_lang=en; _gcl_au=1.1.1004294856.1675400163; amp_494ccc=Vd2OcWm9TcrhcmuefxuDr1...1goaq3bd0.1goaq3bd0.0.0.0; _ga_548949LWLW=GS1.1.1675400162.1.0.1675400162.0.0.0; _ga=GA1.1.1279123172.1675400163; _hjSessionUser_2606090=eyJpZCI6IjA0NmNmY2Y0LTVjNTgtNWFhZC04OGYyLTc1OGM1MWUwNWY3ZCIsImNyZWF0ZWQiOjE2NzU0MDAxNjI2MTQsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2606090=eyJpZCI6IjIwZmY5MmI2LWNkY2QtNDc1MC1hMDEzLTZkYTZlZGYxNDQ1MyIsImNyZWF0ZWQiOjE2NzU0MDAxNjI3OTQsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; _hjHasCachedUserAttributes=true; _ym_uid=1675400163351337349; _ym_d=1675400163
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: application/json; charset=utf-8
content-length: 16
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
1win-cdn.com/js/539.677ecef1.js
104.26.5.11200 OK 7.2 kB URL HTTP/2 1win-cdn.com/js/539.677ecef1.js
IP 104.26.5.11:0
File type Unicode text, UTF-8 text, with very long lines (22614), with no line terminators
Hash 4ffa82377b90b698fe84af3870a6ef0b
4b8d70e41a7d8ae887f30f311bcd55a798f16ada
0b39083cec74161427a8227bc295a128804c69cec0f34722e86d49d7f40f1002
GET /js/539.677ecef1.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:33 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=22657
access-control-allow-origin: *
etag: W/"63da3ccc-5881"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 01 Feb 2023 10:19:56 GMT
cf-cache-status: HIT
age: 152787
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCk3QQBP17WOxmF0giRRcrvlZCFVGshJa1jMPYLpYBwCjx%2BVBhgLLCin%2BwhBhR3Qd%2FIRVMoPwdHqlODkP0%2B9wXizD3B%2FqNIgfj6nD%2F4daGCWwOgy1Ka1D%2B9gtm1tuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893350bdeb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/index.f3d3990d.js
104.26.5.11200 OK 31 kB URL HTTP/2 1win-cdn.com/js/index.f3d3990d.js
IP 104.26.5.11:0
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Hash 1882e4fd255bb0f93baf93cab7835918
93b0a17ce4f4af267c7b480575bb9215235618e5
8f92b494fde2195588a7f4fc9448b0c33912bcbbeda187ff8ca626da81c8f2ac
GET /js/index.f3d3990d.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wswqf.top
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:32 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=91474
access-control-allow-origin: *
etag: W/"63db9174-16552"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 02 Feb 2023 10:33:24 GMT
cf-cache-status: HIT
age: 65695
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFyM0TDhIdC7daEaf%2Fi8r6tU9OAXXVEcfv2k1LI9dGYGbI4HdufzTgynbf4HKPVBWw9Yw9HYQPv7u1hC%2B%2FbtNi5MJij3K9%2Boi7N35%2FRHNxdgVkqYsCf64rC18pogBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938932d0855b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/10.fff54e18.js
104.26.5.11200 OK 4.5 kB URL HTTP/2 1win-cdn.com/js/10.fff54e18.js
IP 104.26.5.11:0
File type ASCII text, with very long lines (11261), with no line terminators
Hash 06b2006f45c41224b2f8678aebdb043a
3f6f268b6d2ef4af217c2a163789f561101ec098
34108ce6a15a023c73f93296b1455d1972409ecf4750e66160cce5d6222cc570
GET /js/10.fff54e18.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:33 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=11301
access-control-allow-origin: *
etag: W/"63cfcc79-2c25"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 24 Jan 2023 12:18:01 GMT
cf-cache-status: HIT
age: 835501
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2QKoOBapNAmgAyhkf9qjFr%2BHjjiONNpUAIUWMCfWgBMlHt%2F0nj2V29D2bT2HClBGDMtUgD8%2BCl8KrnKMvCJMG4glW25IjV5%2FIzoI4ItSG1wVMAvO364QX1BKSAM5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893350bdbb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
mc.yandex.ru/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1065%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A26215640540%3Ahid%3A250907987%3Az%3A0%3Ai%3A20230203045603%3Aet%3A1675400163%3Ac%3A1%3Arn%3A1001040849%3Arqn%3A1%3Au%3A1675400163351337349%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A16%2C193%2C404%2C0%2C300%2C0%2C%2C126%2C1%2C%2C%2C%2C1439%3Aco%3A0%3Ans%3A1675400160674%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675400163%3At%3A1win%20-%20Loading&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.251.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1065%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A26215640540%3Ahid%3A250907987%3Az%3A0%3Ai%3A20230203045603%3Aet%3A1675400163%3Ac%3A1%3Arn%3A1001040849%3Arqn%3A1%3Au%3A1675400163351337349%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A16%2C193%2C404%2C0%2C300%2C0%2C%2C126%2C1%2C%2C%2C%2C1439%3Aco%3A0%3Ans%3A1675400160674%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675400163%3At%3A1win%20-%20Loading&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch/92006234?wmode=7&page-url=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1065%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A26215640540%3Ahid%3A250907987%3Az%3A0%3Ai%3A20230203045603%3Aet%3A1675400163%3Ac%3A1%3Arn%3A1001040849%3Arqn%3A1%3Au%3A1675400163351337349%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A16%2C193%2C404%2C0%2C300%2C0%2C%2C126%2C1%2C%2C%2C%2C1439%3Aco%3A0%3Ans%3A1675400160674%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675400163%3At%3A1win%20-%20Loading&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 302 Found
location: /watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1065%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A26215640540%3Ahid%3A250907987%3Az%3A0%3Ai%3A20230203045603%3Aet%3A1675400163%3Ac%3A1%3Arn%3A1001040849%3Arqn%3A1%3Au%3A1675400163351337349%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A16%2C193%2C404%2C0%2C300%2C0%2C%2C126%2C1%2C%2C%2C%2C1439%3Aco%3A0%3Ans%3A1675400160674%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675400163%3At%3A1win%20-%20Loading&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Fri, 03 Feb 2023 04:55:33 GMT
access-control-allow-origin: https://1wswqf.top
set-cookie: yabs-sid=852386391675400133; Path=/; SameSite=None; Secure
i=J0A6vOH39WSPOQn99CxKEouBL0bkqNB6v6StMwwbRzKSyCmPqoOMlGib7pg/bRyqqdXwn7G02REIQSkxGXt4YtqYF1M=; Expires=Mon, 31-Jan-2033 04:55:23 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=5328520991675400133; Expires=Sat, 03-Feb-2024 04:55:33 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5328520991675400133; Expires=Sat, 03-Feb-2024 04:55:33 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706936133.yc.1675400133#1706936133.yrts.1675400133#1706936133.yrtsi.1675400133; Expires=Sat, 03-Feb-2024 04:55:33 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 03-Feb-2023 04:55:33 GMT
last-modified: Fri, 03-Feb-2023 04:55:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
1win.direct/socket.io/?Language=en&EIO=3&transport=websocket
134.122.54.186101 Switching Protocols 0 B URL HTTP/1.1 1win.direct/socket.io/?Language=en&EIO=3&transport=websocket
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?Language=en&EIO=3&transport=websocket HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://1wswqf.top
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2QtXEeBY/k3VBwxwbl9OOA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Sec-Websocket-Accept: 1UyJ4PSZ9z1+hRjK6Nhb3ESmRcw=
Sec-Websocket-Extensions: permessage-deflate
Set-Cookie: core-sticky=b3669d481e2fe329; Path=/; HttpOnly
Upgrade: websocket
1win-cdn.com/js/7057.890c5529.js
104.26.5.11200 OK 26 kB URL HTTP/2 1win-cdn.com/js/7057.890c5529.js
IP 104.26.5.11:0
File type Unicode text, UTF-8 text, with very long lines (65531), with no line terminators
Hash 249abcc42970b607c31931e9a9a9f281
697f28979a78d80b71bdf8a41cd4569d50fda8d4
23fe669a4c1406fac1762a40dfc73aa3aaa7bbca9645a3619f2fcf43a7fc3b77
GET /js/7057.890c5529.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:33 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=99219
access-control-allow-origin: *
etag: W/"63db9176-18393"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 02 Feb 2023 10:33:26 GMT
cf-cache-status: HIT
age: 65184
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfPaGEa9dt3knLM77JxVB5wAPMAKfboACKy70ByOxPybZHE0f1C4DvBOseB3QTQjiJzT250JQUUwIOeJdDCIPEZ1MtKqLQgxv8yZm6I07HQuJ9gltZthyG%2FoUZlyOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893350bddb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/present-with-light.bd57fb06-151.png
104.26.5.11200 OK 6.7 kB URL HTTP/2 1win-cdn.com/img/present-with-light.bd57fb06-151.png
IP 104.26.5.11:0
File type PNG image data, 151 x 161, 8-bit colormap, non-interlaced\012- data
Hash 6e2f4fff39b3a495fecefe5fee863c51
d358f1c8d7fe7298feea325c7ea6d145a3634026
4800fa860802fd0e46629776201afccd5adc1bf6b8b5a45a5e7c46d8d3b2a690
GET /img/present-with-light.bd57fb06-151.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: image/png
content-length: 6732
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-1a4c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3696823
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TS66WKv176sJh4xOzqTUw2evHSETPcme8Hjtr7Os%2BFyHs3SRuPaUpez06T3HoFUdbZovYFxDxgNCLIh3TSXdUpZKStz%2F9PWgGfcOYcYIVPzFWfXrpby8gXeyheYycw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893394d78b529-OSL
X-Firefox-Spdy: h2
1win-cdn.com/css/4454.54a750ef.css
104.26.5.11200 OK 7.4 kB URL HTTP/2 1win-cdn.com/css/4454.54a750ef.css
IP 104.26.5.11:0
File type ASCII text, with very long lines (30877), with no line terminators
Hash 8d2f30c42aa4e55a4eb73bb88c66d8e3
7b5cdaeef356d861eb3077ec5ba4be434f41ed3a
ec07dc52a9f5664df7669e3cc4fb1923adf1fea58d360387d90fbe470bace9db
GET /css/4454.54a750ef.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=30879
access-control-allow-origin: *
etag: W/"63db9178-789f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 02 Feb 2023 10:33:28 GMT
cf-cache-status: HIT
age: 65185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2o2R9tI3kJ4Rmx3I6cep5iIlD0dgA74XPIIl06eV7MNTdyJeszJciO3P%2B3BbOFUSP25OVY4lcYRtgIw1C%2FMVwI%2BxHgZ1BX6yTu0dfKo1aaOPRFXAejIyMnXd2sLLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893390d63b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/casino-mentor.f6b6387a-172.png
104.26.5.11200 OK 2.0 kB URL HTTP/2 1win-cdn.com/img/casino-mentor.f6b6387a-172.png
IP 104.26.5.11:0
File type PNG image data, 172 x 50, 8-bit colormap, non-interlaced\012- data
Hash 1c8fa7ed406056b760b1171b49f8fd73
601643736f0c6bdce0531f5bc5252a96879d1ad1
c4ff5a6ee1315f5e5eeb287189912baaae7e032f178ccad3c575d6f8d99d4916
GET /img/casino-mentor.f6b6387a-172.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: image/png
content-length: 1976
last-modified: Wed, 21 Dec 2022 11:04:29 GMT
etag: "63a2e83d-7b8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3764863
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lu6P8RdHE8%2Fh8pNriMNGFlcq75xOQtEYKHE%2FXZu%2BmYbQjJzJ5VuUWFt4a5JGJs0ipJHhsBL2%2FojDoNLRI2F5cBvC6XvzH%2BdRthIZHvr51gdzL3M6bDXHtewDCpa2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893397d95b529-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/best-bitcoin-casino.9c1716b1-50.png
104.26.5.11200 OK 1.0 kB URL HTTP/2 1win-cdn.com/img/best-bitcoin-casino.9c1716b1-50.png
IP 104.26.5.11:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash d17d9ae707b485a356eec325e36aa505
650fc9b7790343d87eacfa5f5466ecf659f3b9a7
5bca66d0040f92e3f15089ebc1f46687cf7bde68d46db0fb286113aaba9ac57f
GET /img/best-bitcoin-casino.9c1716b1-50.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: image/png
content-length: 1035
last-modified: Wed, 21 Dec 2022 11:04:29 GMT
etag: "63a2e83d-40b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3764863
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AlidD6ep81Cis10c0DIlzfrZip0LpQT6z7l8Drfgr1h9Jkrpu%2BV2%2BEzyG459TNaJchY4cqzKUFS3uXPVGgLSIK9z4eOXzXBkHmxnqE7ACyw8LkCqIN89vzga2Wnaog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893397d96b529-OSL
X-Firefox-Spdy: h2
1win-cdn.com/js/4454.fa968e48.js
104.26.5.11200 OK 15 kB URL HTTP/2 1win-cdn.com/js/4454.fa968e48.js
IP 104.26.5.11:0
File type Unicode text, UTF-8 text, with very long lines (44803), with no line terminators
Hash a343522e741b933b8709f283a59b1518
90246147cb9d35f17cbbbf0f7aaec9a793732830
fed7c3364792473b207ebb964fd58e33aa91f6cabb5a61cc26f2ff1f13b663ad
GET /js/4454.fa968e48.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=44847
access-control-allow-origin: *
etag: W/"63db9176-af2f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 02 Feb 2023 10:33:26 GMT
cf-cache-status: HIT
age: 65185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yre3hbBc5YcPt%2B8q8bu6nStlfEgaHPABGnBFK%2B4aX1tt2xQkOXgBI2OS9L2JUFFl4b66OhgJ20jpZmhD6aQUstLV%2FZ%2B6SGNwMh3X633Vd4N1DxU6Y5jjbTJA4JKNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893390d64b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/cricket-betting-guru.cfe7d426-500.png
104.26.5.11200 OK 9.2 kB URL HTTP/2 1win-cdn.com/img/cricket-betting-guru.cfe7d426-500.png
IP 104.26.5.11:0
File type PNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data
Hash 3c6da1041cc0873ff73533fd0e03f5a0
0666e13970c0698cf09ffafc9467ea705258c552
dfeed2cdb884b7769b5ee0fde60457b4b5380b7608c296b67e26c48dc1ca3f08
GET /img/cricket-betting-guru.cfe7d426-500.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: image/png
content-length: 9249
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-2421"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3696823
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2kfX7b6vG2pOpzW8Z9PWGh53XoM%2BZCpzEo7G6TbCG8bAFmUJZJNBxddq4bEkPOV8W6butA2Nywaorl0KUGnjrip7eaiGLFxtb6DVWfojBdEZnEaR%2F1Zmg0HidhJjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893397d9db529-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/free-money-link-image.4433e497-120.png
104.26.5.11200 OK 6.3 kB URL HTTP/2 1win-cdn.com/img/free-money-link-image.4433e497-120.png
IP 104.26.5.11:0
File type PNG image data, 120 x 97, 8-bit colormap, non-interlaced\012- data
Hash 8c77c77c33189721a876fefeadf5ca83
0b197aa9e55fe824b28e55b9e0591f8631b6c3c8
b2a4295182c1f7c9619a4d2f842be12f4cbc6c4bb8d2ea607f06ff3bc4099486
GET /img/free-money-link-image.4433e497-120.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: image/png
content-length: 6292
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-1894"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694925
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3Qv0JyDDQFb9GnEB3SCs6TKB%2Bue6BIadOw8jcmUQ9CS4Rs37dgdFEi%2FmOFXzL%2FldpQAN59lLYHzC4t9DN1WSTI%2FGIBFGRPumy9N69jf5uxbgUXpVykHYcXnOK2nLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893397d9eb529-OSL
X-Firefox-Spdy: h2
1win-cdn.com/fonts/SFNSDisplay.2b5dc965.woff2
104.26.5.11200 OK 295 kB URL HTTP/2 1win-cdn.com/fonts/SFNSDisplay.2b5dc965.woff2
IP 104.26.5.11:0
File type Web Open Font Format (Version 2), TrueType, length 295048, version 1.0\012- data
Size 295 kB (295048 bytes)
Hash a54910c24518869ec095d604c76adb74
cd8ed32dd18b7f672bf502847242b0a9eee4c2c8
efdc0e9caf5e1b3f650e8ecd022ecd000bb070e1b0cf359eeb228603c325384b
GET /fonts/SFNSDisplay.2b5dc965.woff2 HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wswqf.top
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1win-cdn.com/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: application/octet-stream
content-length: 295048
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: "63d124be-48088"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 649407
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmaCHLxNVYuCXxZgpcSxfEaD6ndWg75k6CpEPpbrNUM%2BVB%2Fqlx6WgnMHX%2FgA5OJBKRTFGnjSLM%2BvUo7edAiDOx3lUuoq%2FpMOEJXQdwNThz22zZAebseDCQSOC1DtPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893397da9b4f4-OSL
X-Firefox-Spdy: h2
1win-cdn.com/js/4801.2c1c51b1.js
104.26.5.11200 OK 13 kB URL HTTP/2 1win-cdn.com/js/4801.2c1c51b1.js
IP 104.26.5.11:0
File type ASCII text, with very long lines (25513), with no line terminators
Hash 5747d81ee91be321060b191460453e54
5ae6f3f6d807cded4d41db09b1a312a0e7245ee3
5c9bc506f90ffd9a80a5bba1754a189639c059449f6ca70b140728b69cc180ed
GET /js/4801.2c1c51b1.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=25555
access-control-allow-origin: *
etag: W/"63a42a53-63d3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3696823
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F53gXC3Q28uINbGbF29Kgl9tA2ygUTKz5JjIRVt56m59ke51Jiwu3tgIvgmKKq%2FCK%2ByiC8dRFIyVIkYkTVrgtM1lx7ANfanKz5BhRBatBHWYSNYMuTG9b239qmClQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389338fd60b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-roulette-frame@2.76ea5a24-256.png
104.26.5.11200 OK 30 kB URL HTTP/2 1win-cdn.com/img/sprite-roulette-frame@2.76ea5a24-256.png
IP 104.26.5.11:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash fa83f73358ed73cbd8a0faf0d8e6c019
586b95f1e5e1945abd0248e995f79274463c1cd8
ede3848497b96e7defd4c5d53133cf2e374487411186a66a6146191ae5692f77
GET /img/sprite-roulette-frame@2.76ea5a24-256.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: image/png
content-length: 29770
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-744a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694924
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McXi8ByZPnRFN%2F8aV3LVOKLP5mFq5WnKS9XHPRsu7rx4EAduSvbThlB2c74PzzAP957gv8shnHgPY%2FcTSU4Kpiq8FyKyXeWd%2FYxYojlx2FvC5hlCr0vkg1Z3opaSpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389339adacb529-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-dice-frame@2.8e0d7067-256.png
104.26.5.11200 OK 17 kB URL HTTP/2 1win-cdn.com/img/sprite-dice-frame@2.8e0d7067-256.png
IP 104.26.5.11:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash b5469917695caf597285ce3e08c0e314
8d6b57a1590baf7531d688d5dde729ede7d02108
3353862bc343fe2f92faf7e59595d9aa80d2fbdc90c6677437daf3a9acd84b32
GET /img/sprite-dice-frame@2.8e0d7067-256.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: image/png
content-length: 17269
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-4375"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694925
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMxL3Lnj1WaJfw4d5qu4hmw%2BhA2KG6KQTzZ5jmbXvFlEDYmlEEvTtLH%2FxHwXtTbVrSCbM%2FQvkRSHRjhWADMNUL%2FXOgs2DMKPJK23wNzWKUr5FyUF6Fc%2Bvgjc9wP%2BrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389339adaeb529-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-poker-frame@2.1caa31af-256.png
104.26.5.11200 OK 10 kB URL HTTP/2 1win-cdn.com/img/sprite-poker-frame@2.1caa31af-256.png
IP 104.26.5.11:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 74023900d89b98987ea3248f4a89a218
4ea53a2415cf89647c40a32c69b50bde861a40ed
484183c9f4d5b2d68649d3025af4d2b95a5cb71f40a1cf960d62e0e3560162ab
GET /img/sprite-poker-frame@2.1caa31af-256.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: image/png
content-length: 10453
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-28d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694924
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyQMSWNfBVU%2BIXHRKlb5kXmHS9Z%2FOflTaC4IXStBokDiOJzAM5Xt9DwsyxEgd3YvOzGgghBh69NpKgWqgHsLexIoJWokGPyPHW61WBiwQeWShy4WVj1KCReeFHa7sA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389339bdb0b529-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/pwa_ios_en.f08ddb1e-690.png
104.26.5.11200 OK 39 kB URL HTTP/2 1win-cdn.com/img/pwa_ios_en.f08ddb1e-690.png
IP 104.26.5.11:0
File type PNG image data, 690 x 450, 8-bit colormap, non-interlaced\012- data
Hash 2b063a8e2fb87b84cbf377d7a7fd389e
5c12f02ca086902c7fd9a5bd5de9eabce82c22a1
aa8f787e4db589a38a5c5a56bdb03f69329bfedc64649454f9fd370b78820b49
GET /img/pwa_ios_en.f08ddb1e-690.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: image/png
content-length: 39066
last-modified: Thu, 22 Dec 2022 11:20:11 GMT
etag: "63a43d6b-989a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3690594
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjwIv0YyH2r5E73mlWTfuWh18DgDxdAwaRzYIV7XifEYCMuoccKhUJvtrnHGcV6yJK%2FWPbgED%2BIQXJ2Kq2M9mbCr8Ew9vxiv61N5ISaYb65QOpMFTF20dLZnCWNWQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389339bdb4b529-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/pwa_android_en.b229a444-690.png
104.26.5.11200 OK 38 kB URL HTTP/2 1win-cdn.com/img/pwa_android_en.b229a444-690.png
IP 104.26.5.11:0
File type PNG image data, 690 x 450, 8-bit colormap, non-interlaced\012- data
Hash 8b6daeaca5784288934eb5c3dbc3401d
2df52222cb03510733d5f5c616278143e7f93f2d
53ee238e1169d7940016da0159e72a214403576447cf1b8cb384942a6200d191
GET /img/pwa_android_en.b229a444-690.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: image/png
content-length: 37637
last-modified: Thu, 22 Dec 2022 11:20:11 GMT
etag: "63a43d6b-9305"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3690595
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9WavLEUq3NmMsvDGUqxmxvvL1m864fNmoj8KkbC330hmjIAUKtaR1JSE95wvzbFNiNTNPEGLQY2iX4%2F%2BOFVUzzjX2giDDKD%2BVGvQ5lY3Xbv%2BWVaIGmCfytxMp2Kew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389339bdb2b529-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-cashback-casino.png@avif
104.26.5.11200 OK 7.9 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-cashback-casino.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash f86f39dc44e8f92cc5658a394e833352
54093f2e69f448e122e771ec7c63d3cce35ffbdf
3fded209043aa6ec28cdff6321cff18c41238215a062dc02fab1af3915c637fe
GET /unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-cashback-casino.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: image/avif
content-length: 7940
cache-control: public, max-age=604800
content-disposition: inline; filename="bonus-banner-cashback-casino.avif"
etag: "afr-jhlkuoDx_XrwjiuFbkzj6HdVsjvDmAeQvV8BbYs/RIjYxYTRlY2U4LTYzNWI4Ig"
expires: Thu, 02 Feb 2023 09:59:18 GMT
x-request-id: uzFsF7HGLMtmmodlVn6LF
x-cache-status: HIT
cf-cache-status: HIT
age: 233397
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbFyy%2BmilCkqZs0JLzg2hNNvtLHOxg8bMUDLxGPwJwl23inPSASXpZPc2zBKMqHhGTu8PM9IQPmEvLvYTCnICuPz0NB0CgsVsouJvccluS%2BAtMYbuJUWt69K43ddZ%2BVQAAzIkvd58g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389339ddcab529-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-deposit.png@avif
104.26.5.11200 OK 4.3 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-deposit.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 22a160f55908549771f823852d5eaeea
267d86356fc72824681f08d9fd1207b77530c08d
bb19dc50ecc9dd60ce8760b73843ce465df86b78a76de6a924c813fc770a2f23
GET /unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-deposit.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: image/avif
content-length: 4323
cache-control: public, max-age=604800
content-disposition: inline; filename="bonus-banner-deposit.avif"
etag: "afr-jhlkuoDx_XrwjiuFbkzj6HdVsjvDmAeQvV8BbYs/RIjYxYTRlY2UwLTU0YWIyIg"
expires: Thu, 02 Feb 2023 09:59:19 GMT
x-request-id: k_UiPjjC7eUn-KF9U943Q
x-cache-status: HIT
cf-cache-status: HIT
age: 233397
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuXFFOyI5hxrNmWxBLBbL%2BydQk3Y6%2FXmHh2dRx8NBnCPtMHmmh%2BN7tGVTtXyzE3d73qMRDuwAEtipfm4i5CxWxbYOWTDf1RARjiPjVE7lEnX2UnEXYM0LIZpfFMrQh3EMX7YiIC37A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389339ddcbb529-OSL
X-Firefox-Spdy: h2
1win-cdn.com/js/4709.abb5ceeb.js
104.26.5.11200 OK 31 kB URL HTTP/2 1win-cdn.com/js/4709.abb5ceeb.js
IP 104.26.5.11:0
File type ASCII text, with very long lines (27827), with no line terminators
Hash b26a55e6c72970c8312b031091a8dd28
27cd39a4e9881b0b63704178b21e522e34550482
b33da28ebbd95a2f6bc23338120efccfcf2db04b229d8554c1c3f7c79512214b
GET /js/4709.abb5ceeb.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=27869
access-control-allow-origin: *
etag: W/"63d39636-6cdd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 27 Jan 2023 09:15:34 GMT
cf-cache-status: HIT
age: 583059
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddjNnT8%2FrTIB1nlJ%2BcFeiYTQ0XkH%2BP6dIqcPKQLPEWjdaAduf3AUfIFYec3TXLI3SPvGh6lDt%2FURzQzHZUhA8jxvh7uhiPE9wT6xUdMoKb6%2FJAXoOA3yVAiWlmDk1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389338fd62b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wswqf.top/
Origin: https://1wswqf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Fri, 03 Feb 2023 04:55:34 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=4460359ad9048dbe; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wswqf.top/
Origin: https://1wswqf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Fri, 03 Feb 2023 04:55:34 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=cf7349d66f356115; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wswqf.top/
Origin: https://1wswqf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Fri, 03 Feb 2023 04:55:34 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=4cf6d5a178c788d2; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win-cdn.com/js/icons-pack-social.11d06b0b.js
104.26.5.11200 OK 6.1 kB URL HTTP/2 1win-cdn.com/js/icons-pack-social.11d06b0b.js
IP 104.26.5.11:0
File type ASCII text, with very long lines (20091), with no line terminators
Hash 9224acccb4cf5651daa0f9d9a767f146
570c2b529637abe8a2d5b0f58ff312de48c6466f
074370b6fb0cf375925654b41b3e670df6e15b27123a733a5ee54d36e8d97733
GET /js/icons-pack-social.11d06b0b.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=20146
access-control-allow-origin: *
etag: W/"63a42a53-4eb2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3696823
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIDxYKQP4NbWGj8pDvAFRfeaui59MpAKBTcWiIeqZIo9726JBeGprahwlZYCWhE0CmZfeF4vvwrNVFeQ%2F54UwUw5bA4PBm2BOXD1FZGDOPBQ18Bwh5N0KQjJnbXOEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938933a4df0b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/flags/en.svg
104.26.5.11200 OK 355 kB URL HTTP/2 1win-cdn.com/img/flags/en.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Size 355 kB (354578 bytes)
Hash c25627625f6cfa7c0e7aed29cdf17788
ac23c1e231ec27e7283deae6beb28457be49b5b5
19e51f252ac7c638d951ac2d912637dd4734c3b890d433779dd94726c21fab61
GET /img/flags/en.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 10:56:34 GMT
etag: W/"63ce67e2-8ae"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 927724
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THsrPqmMsG4Mk0l5iuELfJRDtovxTG8gC0lJUgP1A2TkyPqwvErYUSBchIG5FoQTOO2u6JrYdFWzhH5QvPlbsv5CNRc38HeeY3xUWr4CkAQ25LkPNZ07mFFOaNLCIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893394d79b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wswqf.top/
Origin: https://1wswqf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Fri, 03 Feb 2023 04:55:34 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=4a27e18fcce02634; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wswqf.top/
Origin: https://1wswqf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Fri, 03 Feb 2023 04:55:34 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=72d0c93006b1d206; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wswqf.top/
Origin: https://1wswqf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Fri, 03 Feb 2023 04:55:34 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=dfb135aa588b1c47; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win-cdn.com/img/aviator-game-logo.2fb50dc0.svg
104.26.5.11200 OK 1.5 kB URL HTTP/2 1win-cdn.com/img/aviator-game-logo.2fb50dc0.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2997)
Hash d53a683c4843602818e11baa869d1183
0acd16f7af219821ad927c08aebf5c3fc66d9590
6710227e415500fb18c84e70947a3fd7726a005c6bdc8fe1e3a0f138f389dbe6
GET /img/aviator-game-logo.2fb50dc0.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-bfa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3696822
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzhAXPgNiz6VYw20h6yL7suOAHMj8Sf7E8MjOmr0gCXnrRB1bNK0Y5bSVTlH8hFiiLIRPP3kK1K6dJX45ZxBXW78cVI5qQB06ajEZgaOna8lGX0tZGQ2wPdivD2ehA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893394d7ab529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/home-poker-banner-bg.87d81897-600.webp
104.26.5.11200 OK 12 kB URL HTTP/2 1win-cdn.com/img/home-poker-banner-bg.87d81897-600.webp
IP 104.26.5.11:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d42d6b091c917baad89cc62f34b1ef8d
6915e60ae50f4b00af5083ce1217a7dab04df42d
9ac95cc43cf590f1f9a5dd85b5b0bf04d98e38d3005b6e4b436f8c04d09a66e9
GET /img/home-poker-banner-bg.87d81897-600.webp HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: image/webp
content-length: 11812
last-modified: Thu, 02 Feb 2023 10:33:28 GMT
etag: "63db9178-2e24"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nbo1JblymMMf3lHMlBJhI0dcd9Rqlm6FcZ5uVkG2WUnPMcbQ545L9jQdCFU4BUyARjKpDqSuBiGboBWk%2BKlxn8U9F8l%2FcoOz40DOOt4rLCY9aZ6S8D6%2F6%2BmrolIQwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389339bdb3b529-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-roulette@2.25507485-256.webp
104.26.5.11200 OK 720 kB URL HTTP/2 1win-cdn.com/img/sprite-roulette@2.25507485-256.webp
IP 104.26.5.11:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 720 kB (719644 bytes)
Hash 344d71695bd0f387fedd84fba6ace2c1
1d37e2d66ab1098072febc0a0dc3769d44090048
7775854f4b641fa2c9f954c79de9d4bd51ffea8b9bc74d8e01768718cc438003
GET /img/sprite-roulette@2.25507485-256.webp HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: image/webp
content-length: 719644
last-modified: Thu, 02 Feb 2023 10:33:28 GMT
etag: "63db9178-afb1c"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Whwq5Es8i%2FstdEOWiFCzPBSvLeA6MgxWWsQYRR7kPS7%2FkzBdNq3WJef%2FZorX6iA6FyiW8ZaHuYDQFDH5a6gS%2F%2F4H1E%2FEBjB95tevMStgM3WZTFZKBk7tEKXKHfVk2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389339adadb529-OSL
X-Firefox-Spdy: h2
1win-cdn.com/js/chunk-common.e248ac5d.js
104.26.5.11200 OK 366 kB URL HTTP/2 1win-cdn.com/js/chunk-common.e248ac5d.js
IP 104.26.5.11:0
File type ASCII text, with very long lines (16689), with no line terminators
Size 366 kB (366274 bytes)
Hash 21d2708efbefe7ad691be606bb2c9095
c189dd34ec896790a9fd6268c84875b473f1e7f4
bf8fc41589abe276dcd1c9a58eb0f23d4a118dedb58207fc27b60e33e02e3200
GET /js/chunk-common.e248ac5d.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wswqf.top
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:32 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=16739
access-control-allow-origin: *
etag: W/"63db879b-4163"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 02 Feb 2023 09:51:23 GMT
cf-cache-status: HIT
age: 68173
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TKGtMv2pHdQ4IvQ95RIUZRBR1l3wfI9Ry57yUzMz90Es8do6eOMF2wtg7B8nVJi%2FJAXB3V8KY%2BncYObJT1i21VgAHN%2B62jc%2F63P13gWkntZpEpaSpDQzQZPaxXXXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938932d0856b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 28 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash e89dfe32f99338486191e7caec8e10f0
1b1f0f4e37d2f9a8be7282f7fe9ab2d4bffe8225
02378abe4eb8e1a6844ad217e3bac6a35bf4b0645c3323418323642d97296385
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 85
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 03 Feb 2023 04:55:34 GMT
etag: W/"6bb7-Gx8PTjfS+ai+coL3/pqy1L/+giU"
set-cookie: core-sticky=fb146959f0fa693f; Path=/; HttpOnly
x-powered-by: Express
content-length: 27575
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-dice@2.6e1ac0ed-256.webp
104.26.5.11200 OK 430 kB URL HTTP/2 1win-cdn.com/img/sprite-dice@2.6e1ac0ed-256.webp
IP 104.26.5.11:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 430 kB (429680 bytes)
Hash abaa6833958bdc5427e6fa573cbfa70a
d43989916cc382e4e3d983933d9cd52a7d1dbeb2
51ba8ea694483e38020360731af53be7cd411671786008119b70b2a320e3bd92
GET /img/sprite-dice@2.6e1ac0ed-256.webp HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: image/webp
content-length: 429680
last-modified: Thu, 02 Feb 2023 10:33:28 GMT
etag: "63db9178-68e70"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=894mQ%2FttX24ooUHwDqZsnA%2FKRWJWM0tD73pGsT0eRT2CnzXzDOVZSL2QJyOAliADPXA8LlXHKROzuDSoXKH29VyhE0xBG3wb9Jl64Pe0BzPkREXW08KI6FeQDSzjPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389339adafb529-OSL
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 31 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash e2a016f9666030043d12c0c363a716a6
a6418200e6c6f6ad382903bf0105769987a63817
7aaf4f4df1b86e2e6907a5c33f6241d8c9dc33ff75d7f1827cb504b9b478b401
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 67
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 03 Feb 2023 04:55:34 GMT
etag: W/"77c9-pkGCAObG9q04KQO/AQV2mYemOBc"
set-cookie: core-sticky=2b93716ae54563bc; Path=/; HttpOnly
x-powered-by: Express
content-length: 30665
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2.7 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (43897), with no line terminators
Hash 2f0d65832b38510812c17e643451d78e
5ca72f36ae8f1c28aaa52ec83e138a063c56c33d
a36a74165ce3cea1fa85f48e7cb83c5a058f53f4b820e478e2b478596e3a4c99
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 71
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 03 Feb 2023 04:55:34 GMT
etag: W/"a91-XKcvNq6PHCiqpS7IPhOKBjxWwz0"
set-cookie: core-sticky=9533d586d9d823b3; Path=/; HttpOnly
x-powered-by: Express
content-length: 2705
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 3.4 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (17749), with no line terminators
Hash b1da0f55def6bae6eca720e54c5b8a1d
206692db7f4b3e76399da513e790f6fa7b18633b
2fbed773e4d7a4e04c956ed38b8f2f667b452cb4b6add9df05e91463314c5af5
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 101
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 03 Feb 2023 04:55:34 GMT
etag: W/"d22-IGaS239LPnY5naUT55D2+nsYYzs"
set-cookie: core-sticky=a9e5b1312933625c; Path=/; HttpOnly
x-powered-by: Express
content-length: 3362
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 3.4 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (17749), with no line terminators
Hash b1da0f55def6bae6eca720e54c5b8a1d
206692db7f4b3e76399da513e790f6fa7b18633b
2fbed773e4d7a4e04c956ed38b8f2f667b452cb4b6add9df05e91463314c5af5
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 88
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 03 Feb 2023 04:55:34 GMT
etag: W/"d22-IGaS239LPnY5naUT55D2+nsYYzs"
set-cookie: core-sticky=24cd456294f74640; Path=/; HttpOnly
x-powered-by: Express
content-length: 3362
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 28 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash ffe85bffba8c6acace2aa0dbdb785479
0fc0009490e270c598158967a45ba0e6aeb62744
11eb442382e3eea5ade1efa25804ab83447466ef7eb969c811e85e9752b2d6fe
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 98
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 03 Feb 2023 04:55:34 GMT
etag: W/"6e54-D8AAlJDicMWYFYlnpFug5q62J0Q"
set-cookie: core-sticky=b65f91b089fa3848; Path=/; HttpOnly
x-powered-by: Express
content-length: 28244
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 31 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash e2a016f9666030043d12c0c363a716a6
a6418200e6c6f6ad382903bf0105769987a63817
7aaf4f4df1b86e2e6907a5c33f6241d8c9dc33ff75d7f1827cb504b9b478b401
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 80
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 03 Feb 2023 04:55:34 GMT
etag: W/"77c9-pkGCAObG9q04KQO/AQV2mYemOBc"
set-cookie: core-sticky=24b179712a267e39; Path=/; HttpOnly
x-powered-by: Express
content-length: 30665
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2.7 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (43897), with no line terminators
Hash 2f0d65832b38510812c17e643451d78e
5ca72f36ae8f1c28aaa52ec83e138a063c56c33d
a36a74165ce3cea1fa85f48e7cb83c5a058f53f4b820e478e2b478596e3a4c99
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 71
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 03 Feb 2023 04:55:34 GMT
etag: W/"a91-XKcvNq6PHCiqpS7IPhOKBjxWwz0"
set-cookie: core-sticky=658b153f654f732c; Path=/; HttpOnly
x-powered-by: Express
content-length: 2705
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/bD9xEdP9SoU
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/bD9xEdP9SoU
IP 142.250.74.3:0
Hash 007393d879cff44333e083d737bd580a
72f03ed590db8a49d5a5f5554f51ab31ffb9ef7b
e724b5bdca505c94acdb42eae37b5a7323e0ab9689c4185c6fdedf3aa9dd023f
POST /s/gts1p5/bD9xEdP9SoU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:55:37 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ps250.1win-service.com/push-server-v2/?Language=en&snapshot_time=1675400162335&shouldCompress=true&EIO=3&transport=websocket
104.21.53.47101 Switching Protocols 0 B URL HTTP/1.1 ps250.1win-service.com/push-server-v2/?Language=en&snapshot_time=1675400162335&shouldCompress=true&EIO=3&transport=websocket
IP 104.21.53.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /push-server-v2/?Language=en&snapshot_time=1675400162335&shouldCompress=true&EIO=3&transport=websocket HTTP/1.1
Host: ps250.1win-service.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://1wswqf.top
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XxeI9EgNqdv6FIFWU4O92Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 03 Feb 2023 04:55:37 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: qmJzb6koF2L0UhnHWJ6JiPXMziQ=
sec-websocket-extensions: permessage-deflate
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsvfAnHAUHn6rkykMdvrWviwHqsrO6aa3t1vwMC5M7xUEMlywgiflP2o%2FHMTpccKJvInw2M674Zlj7APU7xnMosxE3qQiq6GquGQukxyR7qLLYxoOowbNrUsJL0Vbar8v7V%2FxwMCwFgZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793893496ac30b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/s/gts1p5/bD9xEdP9SoU
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/bD9xEdP9SoU
IP 142.250.74.3:0
Hash 007393d879cff44333e083d737bd580a
72f03ed590db8a49d5a5f5554f51ab31ffb9ef7b
e724b5bdca505c94acdb42eae37b5a7323e0ab9689c4185c6fdedf3aa9dd023f
POST /s/gts1p5/bD9xEdP9SoU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 04:55:37 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/576a0d3a-0df0-4a5b-ac90-7e9f2ab73407.png@avif
104.26.5.11200 OK 4.3 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/576a0d3a-0df0-4a5b-ac90-7e9f2ab73407.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash d5f05284c21b7798248cd9fa99bfd299
bf9b3b55c3aa5508d51c2935e6494a6f91fb21b9
85a15ca1b3ad7e7569214ac1e02596a70b806eccd8ebf2b9fb079ca53986a0d4
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/576a0d3a-0df0-4a5b-ac90-7e9f2ab73407.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/avif
content-length: 4304
cache-control: public, max-age=604800
content-disposition: inline; filename="576a0d3a-0df0-4a5b-ac90-7e9f2ab73407.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzOTM2OTZmLTIwOWY5Ig"
expires: Thu, 02 Feb 2023 09:59:11 GMT
x-request-id: qdWArseWFiQPH7191DrZi
x-cache-status: HIT
cf-cache-status: HIT
age: 233401
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLLTUnQJsK499NfgEvr12jAyMN7C9Y%2BFkIjYOGpNqjiQurus%2F%2FGm3cMImrFZ9BbViegZhaxVK1MGLCnUznIEqhQt1buCuYLG5vCc%2FGgqXOjQ8BAvUwObvuwq8BbQvljgT2s8cLjRkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389353691bb529-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/5b4ab347-f37c-44e4-93e6-2c1c0efa069e.jpg@avif
104.26.5.11200 OK 5.3 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/5b4ab347-f37c-44e4-93e6-2c1c0efa069e.jpg@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 76a502c1036d076e2317739f0cc878d8
480303b6e1e68b1d04e998d9bcd26224429db376
e377abb67003f9b87b6c67e87b9814b99bb3c1de68f286546d9af4e6d6377351
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/5b4ab347-f37c-44e4-93e6-2c1c0efa069e.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/avif
content-length: 5302
cache-control: public, max-age=604800
content-disposition: inline; filename="5b4ab347-f37c-44e4-93e6-2c1c0efa069e.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzOTM2OTc5LTJiMmQxIg"
expires: Thu, 02 Feb 2023 09:59:10 GMT
x-request-id: hS5nFRN0pTfRoKGm08TCF
x-cache-status: HIT
cf-cache-status: HIT
age: 233401
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbbviaOFowXsO5eE32V8mtD%2Fg8kdBk2h1ZjidP8y2RbGZ0L%2FZ1MOoce81ZWzsIf8kL0EqGVP66lVN3IDGp3HK5wpChOZ%2BFQGuUWsJt%2Bf9AJ8SDQI%2B6l3BwWTZdj1rCGmVdrqJWTg1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389353591ab529-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/f736e1ff-fdf7-40e5-93b5-2daa1b472e4d.png@avif
104.26.5.11200 OK 3.3 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/f736e1ff-fdf7-40e5-93b5-2daa1b472e4d.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash bbb2a9093140015e4ebcb4b1ade5b171
dc35c677bb7d9b9e222f93e844793afc4fc06b2a
769a8489bc32f748e268b35024e9726719ef2a65d32665b0a5a54ca6d28789d9
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/f736e1ff-fdf7-40e5-93b5-2daa1b472e4d.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/avif
content-length: 3255
cache-control: public, max-age=604800
content-disposition: inline; filename="f736e1ff-fdf7-40e5-93b5-2daa1b472e4d.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzOTM2OThiLTFiYzYyIg"
expires: Thu, 02 Feb 2023 09:59:15 GMT
x-request-id: yhDgjau2hqJoacHHecauB
x-cache-status: HIT
cf-cache-status: HIT
age: 233401
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fz0o%2F0yWLF2%2BwIJpmn9lQl7HC%2F8%2FtqkO4Ae3tisj8fpN938L4k0JgK03sGUiKwZs5c1M8SptNxk16CzniRjMOMwkSRnjeG%2BmwOIdEQpb4m9C6tsccrIhL5QFarRVjQgg3eH%2FByMorA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389353691fb529-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/81c5273a-ebb1-47f6-8535-6376c353ea74.png@avif
104.26.5.11200 OK 3.6 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/81c5273a-ebb1-47f6-8535-6376c353ea74.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 38274844df1004bd9a0e2ebaa78fc880
ef316b9b62257b1e930eb064f30c1baecd86f2b9
5d128fbc4ca805ffd77a5d0c93ed6c15e548157d1b6a68b16c2849a98799a6a6
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/81c5273a-ebb1-47f6-8535-6376c353ea74.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/avif
content-length: 3601
cache-control: public, max-age=604800
content-disposition: inline; filename="81c5273a-ebb1-47f6-8535-6376c353ea74.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzOTM2OTc1LTY1Njk0Ig"
expires: Thu, 02 Feb 2023 09:59:15 GMT
x-request-id: 3_3K_XaC4gvPsdkGmWl7c
x-cache-status: HIT
cf-cache-status: HIT
age: 233401
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkLUEiL%2BxdTRPf2Ma9N2tAmRh3CtuxIqjPolqBARTHa8FMhkv85z4Z6AohPYpO1o3U5Tsa4KxE%2BTO0nrsgAnB0rf5ybeDX%2FmCYqmzDgqyKZ1j%2FuITejrmCAqzmnTNF3VXN%2FPdA4jqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389353691db529-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/emoji-soccer.1a6d4eca-160.png
104.26.5.11200 OK 7.9 kB URL HTTP/2 1win-cdn.com/img/emoji-soccer.1a6d4eca-160.png
IP 104.26.5.11:0
File type PNG image data, 160 x 160, 8-bit colormap, non-interlaced\012- data
Hash 531c59f255f2998443131a8503a6244e
5288df4ace6d3e89a393af2b58c1e6c38a0042a8
575412b54e344b5f40a21bb5b799f0430919cfb4ba807f9832c040e13711dc8e
GET /img/emoji-soccer.1a6d4eca-160.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/png
content-length: 7896
last-modified: Wed, 21 Dec 2022 11:04:29 GMT
etag: "63a2e83d-1ed8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3764857
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BeTZ9VQ3hG1n60TDKbRx0XoLndIz%2FgrWQ5LnyQngDZ%2FHR7fzay3w0CIrcHlSf9VOZde4nhgb%2FucYfxBoCkVfb0IrF%2FP5OO0Fr%2BEyDiF1BKThFTMYJRi6Pi%2FsnDOPOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389353b952b529-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/emoji-slots.1c6e965b-160.png
104.26.5.11200 OK 9.0 kB URL HTTP/2 1win-cdn.com/img/emoji-slots.1c6e965b-160.png
IP 104.26.5.11:0
File type PNG image data, 160 x 160, 8-bit colormap, non-interlaced\012- data
Hash 1dc08d167f60360991bc58d8b3573355
55d11fb2d5a5b46b6ad68e8cfc40d59d4a434700
f2fc8f2712717b32157f7741b1c723d6fe1d430c41652cfafd39c68980db20bd
GET /img/emoji-slots.1c6e965b-160.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/png
content-length: 8977
last-modified: Wed, 21 Dec 2022 11:04:29 GMT
etag: "63a2e83d-2311"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3764857
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WclvgnLgXcYvgnLAbb1qrYLS37iuRX1I%2FOvbu6NVGy%2BMZocrZWWFpkcX8mK%2Fu6yzlXRa8t0zDmLhNm9z7QmWIguQe%2FuXlW8Sxq6FhV72iOZZ7XO5t%2B43UEzRFxMugw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389353c953b529-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/9dd18146-c273-48b4-ab55-70c3042a3f64.png@avif
104.26.5.11200 OK 5.8 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/9dd18146-c273-48b4-ab55-70c3042a3f64.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 8b9dae655791a2c093c33da8a8f41277
c564561f1f54aa7ce97a26a5c0d869fd05ba59da
179311580e45d0faa648f3673f12b5cb2235d2a367c4864febdc818f3a5d27fe
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/9dd18146-c273-48b4-ab55-70c3042a3f64.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/avif
content-length: 5759
cache-control: public, max-age=604800
content-disposition: inline; filename="9dd18146-c273-48b4-ab55-70c3042a3f64.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzOTM2OTU5LTJhM2VmIg"
expires: Thu, 02 Feb 2023 09:59:12 GMT
x-request-id: 1b79iucWvgm-kD0B9wRn0
x-cache-status: HIT
cf-cache-status: HIT
age: 233401
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhvw0xEBFdXLMw6j2qVU%2F%2BAWqgmNIXMod4Fl77QgDNcVCCz5NrzUR6baDKJG6cm0YqMjf3fpHA0N6XAqKlYDxUE4K9TlA8SsTJzFQs3%2FgvEWhToPekcmLv0BIxaN9JbcyACBwsBrgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893556a70b529-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/evoplay/c_629b5b7ecad77eca213957740c0ac78c.jpg@avif
104.26.5.11200 OK 5.0 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/evoplay/c_629b5b7ecad77eca213957740c0ac78c.jpg@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 3076cecb5519fe3ab82562ba350f69b5
cc77dcda234ae49c57fd0534ebddaf1b1fb9fe82
5ee40b48c9b99199aa92cb5c9832626d77f5ba97a362ff617fcc12f94017f9a1
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/evoplay/c_629b5b7ecad77eca213957740c0ac78c.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/avif
content-length: 5026
cache-control: public, max-age=604800
content-disposition: inline; filename="c_629b5b7ecad77eca213957740c0ac78c.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjVmODQ0YWFmLTRmNjQi"
expires: Thu, 02 Feb 2023 10:04:25 GMT
x-request-id: oMLdXJ5uFDVAqqILg_OdH
x-cache-status: HIT
cf-cache-status: HIT
age: 233401
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F00krLHEP2U5BfoXA60NEvcVHLp7lJPDeY4oNU8xDNkRdCD1NwzYvt9bIZun1i1U5oPgibKF015ISAlma3fTdGR%2BSLUoBRTZA6Uku7eFX9cElnZlceBJyReSBKH6jCwkIUYi5li7Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893556a75b529-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/bgaming/194f01dc-eaa3-4379-831d-5a792c1eca57.png@avif
104.26.5.11200 OK 8.9 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/bgaming/194f01dc-eaa3-4379-831d-5a792c1eca57.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 17026de42f18fb450b84240abe77801b
aac5ef93d090c0f7711e949da60170ceeb09e291
954db7309a3f64c0f1784e7a72542a54a4216f182ea865080ad6efbaa71414e0
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/bgaming/194f01dc-eaa3-4379-831d-5a792c1eca57.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/avif
content-length: 8870
cache-control: public, max-age=604800
content-disposition: inline; filename="194f01dc-eaa3-4379-831d-5a792c1eca57.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzYzkwNDMzLTY0MWJhIg"
expires: Thu, 02 Feb 2023 08:50:36 GMT
x-request-id: XaEAK-kY2gZKSLFgjEWKA
x-cache-status: HIT
cf-cache-status: HIT
age: 233401
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKO80vA3SnXZaDsEdj0BHrYCFt9rXIttoqeim3FH04pkAB%2FxoUGETQmEiOasEJJkcEg5aNqBe6PvS3iBN9WJWURDg2YdmneXJkw1q6nM9Y4fY2Xy15xabqbi6zneTzl91W72f1wW6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893556a73b529-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/spinomenal/c_a22bbabe873d4222894f3db111ff329b.png@avif
104.26.5.11200 OK 7.4 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/spinomenal/c_a22bbabe873d4222894f3db111ff329b.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 6e142c64f0ac65b1c4e7eb9a2012fb7f
fc70960a64c98e276554e6fb9aa9bced809fb098
07f8f7e847c2515bc0ddd73fb042ca83c3c5e85450d130c1586a5e96c257250a
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/spinomenal/c_a22bbabe873d4222894f3db111ff329b.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/avif
content-length: 7402
cache-control: public, max-age=604800
content-disposition: inline; filename="c_a22bbabe873d4222894f3db111ff329b.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYyMzFjZWQzLTUzNDIi"
expires: Thu, 02 Feb 2023 09:59:24 GMT
x-request-id: UxfFGtDl6gh2gJLuZCKGt
x-cache-status: HIT
cf-cache-status: HIT
age: 231702
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpjQsWPusotAo3ySnrSxXLNOq5%2FLXVGogfRtWd9tmnjuzDBzrJKkCzSOlszQTMehoLokODQei93s13Qy13hNU74eK%2FH9j0CV3h6BEG51swqPRnOGA%2BP0SvElN5aRC12UYw9gCbzLkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893556a72b529-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/c_b5002cf1b271be724f0d8b178a102015.jpg@avif
104.26.5.11200 OK 7.7 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/c_b5002cf1b271be724f0d8b178a102015.jpg@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 4978abee923c6f9e7f4f3d3e69f436f1
0847445ae053a46263fdd47c52c262f2412c419d
79f37d209fad28ebfbd314af0cf6756bfa87fa1e950f811137d4e05bb0eab5d6
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/c_b5002cf1b271be724f0d8b178a102015.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/avif
content-length: 7706
cache-control: public, max-age=604800
content-disposition: inline; filename="c_b5002cf1b271be724f0d8b178a102015.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYxYzRhMWI0LWJiYmMi"
expires: Tue, 07 Feb 2023 18:42:09 GMT
x-request-id: dd4ksBNyf_6nIhqpHWnrR
x-cache-status: HIT
cf-cache-status: HIT
age: 207171
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhHHamvf3gsbEINkOodOH4SyBR%2FpiFCmswerMP0vViuA1JalBEAHc8YsCmumjNuG%2BkCV%2FhgpOG%2BK9ue0RuDn6V9%2BMjeUuLdD8qZCBQZR92zbustTdDBWfgpa9sZ48R9bxm9CWCnVtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893556a71b529-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/spinomenal/e8c6ec93-32f6-423b-b5e0-574778b0383e.jpg@avif
104.26.5.11200 OK 17 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/spinomenal/e8c6ec93-32f6-423b-b5e0-574778b0383e.jpg@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 10efcdb8a9e6e4d6e26335cb5f6f22e5
6dea345a0cbd5d7a467315dd9ebb48949e761b60
6ac02eb9d12d1a9b448180af552bed3ed48b749345c0979ad991650f81c063ce
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/spinomenal/e8c6ec93-32f6-423b-b5e0-574778b0383e.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/avif
content-length: 17157
cache-control: public, max-age=604800
content-disposition: inline; filename="e8c6ec93-32f6-423b-b5e0-574778b0383e.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzNjNiNWM4LTE0ODkzIg"
expires: Thu, 02 Feb 2023 10:05:16 GMT
x-request-id: KL7T5SHGdCoCVOyCw9Vca
x-cache-status: HIT
cf-cache-status: HIT
age: 233401
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3jslhBlqiBjcsIZHAjzPx%2BV69JB430NzxGRRF1IjTVT9JppPWEqA30%2FQromwEhqhbp618wB6cO7tA45FIfGy7wE%2B1K1y5w9seSPplgWqsM91xvdq4KeLXpvG5h5plOxZ%2B68aWeX6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893556a79b529-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/9c28de57-91e1-4f72-945e-801abb65cbf6.png@avif
104.26.5.11200 OK 9.3 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/9c28de57-91e1-4f72-945e-801abb65cbf6.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 5384c840a28f33c5223c3dc8863a88f0
400b2d5ace998cfab6e5229b11a6c332a2f985a4
b910e4305a4e86b5281c60ebc32ae254422c03c0df2cc971f8a8b68c0657d29b
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/9c28de57-91e1-4f72-945e-801abb65cbf6.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/avif
content-length: 9338
cache-control: public, max-age=604800
content-disposition: inline; filename="9c28de57-91e1-4f72-945e-801abb65cbf6.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzYTlhMDc3LTVhMDZmIg"
expires: Mon, 06 Feb 2023 13:41:24 GMT
x-request-id: Vmb8z1SVFZnz7WDlEAuVD
x-cache-status: HIT
cf-cache-status: HIT
age: 232256
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9hWRhwFSryxHcQyq%2Bg%2B5S33OKuGSgoImawVCWfiUFdXI%2FkcRknQyF3ZPrpdpySVRwMMKwCAY%2BQV17pnaLAdq2fUgYkMBvluznAjKslaS6qtBcNr43PO20%2BoW2OwC94FoTmrzHM0tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893556a7bb529-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/eb768ea8-8c0f-4c1d-a465-b8273ca51b7b.png@avif
104.26.5.11200 OK 7.2 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/eb768ea8-8c0f-4c1d-a465-b8273ca51b7b.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 346cd8e0efd877ab4b3be5e25dcccf98
e9b425456024f04cd54718964de4460a030ece5b
24c523648df2f1021c092a6a6e217f892a6192c3828d71af9ff2177ae77a8cff
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/eb768ea8-8c0f-4c1d-a465-b8273ca51b7b.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/avif
content-length: 7168
cache-control: public, max-age=604800
content-disposition: inline; filename="eb768ea8-8c0f-4c1d-a465-b8273ca51b7b.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzNWZlNTkzLTU2ZTRhIg"
expires: Thu, 02 Feb 2023 09:59:55 GMT
x-request-id: H1Z6wD1jtNxW1mPqoxQDi
x-cache-status: HIT
cf-cache-status: HIT
age: 233401
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68ywTEqWSmphwbBvZGl8IL3wQnI1M2lXqIXEIRUnsBTROsnsRNyw0%2BF0rkx6NACnBSXf3ebYAYBog3f1QF%2BLqqe4011QMg3%2FuxE78l%2B7Jv8KX0XQ1yAbN9JmoAPkQE0RMFMXMRZE%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893556a7cb529-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/relax/c_94cc97c49ba7b5bfb8d87df7f7794644.png@avif
104.26.5.11200 OK 7.2 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/relax/c_94cc97c49ba7b5bfb8d87df7f7794644.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 9cdba6ed7aae308072e20a393417288a
59f69f09ab47da27a1b553e9870f318470ffcc7f
453018c61ea71a4c26e295fa68b9259c9d9caa2b3770f318747d91e8e4c4ac42
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/relax/c_94cc97c49ba7b5bfb8d87df7f7794644.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/avif
content-length: 7156
cache-control: public, max-age=604800
content-disposition: inline; filename="c_94cc97c49ba7b5bfb8d87df7f7794644.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYyYWIwYzI1LTc2ZmEzIg"
expires: Thu, 02 Feb 2023 10:09:49 GMT
x-request-id: NW1CY0zdi0qjFpAWrO5AS
x-cache-status: HIT
cf-cache-status: HIT
age: 217999
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGysFhJDQsffb0xrpa54CcmKIaUygOYuo83Z%2B7QLe%2FIY09QPk4m52to24g0nhlTeBhX88cMGoFdGogZfT7XQegwy3aUTD%2FdoHK%2BegOMu4%2Fuo3rl2vqV5l6KH%2FAqXfhY2F4OjF8m7Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893557a85b529-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/endorphina/c_a7a3a6c91c477defb558aaaa3474f556.png@avif
104.26.5.11200 OK 6.1 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/endorphina/c_a7a3a6c91c477defb558aaaa3474f556.png@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 04d165298871006dd1c85a662edc6e9b
1d0fad43e67f4214254105720a43d5af5ab61f83
b292c081556ad9a860ee6c5295992c7e792a08e4f35fcb05e7dedbc7c13b9d39
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/endorphina/c_a7a3a6c91c477defb558aaaa3474f556.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/avif
content-length: 6126
cache-control: public, max-age=604800
content-disposition: inline; filename="c_a7a3a6c91c477defb558aaaa3474f556.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjVmODQ0MGU1LTNiYzEi"
expires: Thu, 02 Feb 2023 10:02:20 GMT
x-request-id: wFNKaLuuw6sLc2f7cwoYq
x-cache-status: HIT
cf-cache-status: HIT
age: 233401
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xudraWbbiqWFIytrAbykCKAlb%2FcW%2Fyx9Y7jcDQY1o2hApWiNcbfZYuu6dZ%2Flo8zxOE7hdBShnf6tuCRn1ChMxWkpKrQBuHI72LdR9umPFhADaOp1wiE6rJttMDkWxAVsGZPesqDkUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893557a86b529-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/02afd62b-235b-4d6b-ad9c-58457d5b4b5d.jpg@avif
104.26.5.11200 OK 4.5 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/02afd62b-235b-4d6b-ad9c-58457d5b4b5d.jpg@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash 485b06f67fd25afaea1ab08a605e830c
5adb1ff31fd9a405ab2ddb9a6ec1b3155ca3c9b5
7ebd2ded354fa906d7dea21ee2bb392051524a2f05760986f27271323c3430d1
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/02afd62b-235b-4d6b-ad9c-58457d5b4b5d.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/avif
content-length: 4529
cache-control: public, max-age=604800
content-disposition: inline; filename="02afd62b-235b-4d6b-ad9c-58457d5b4b5d.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzY2ZjY2VmLWJiOTAi"
expires: Tue, 31 Jan 2023 12:22:29 GMT
x-request-id: w225OA76XNK_lGesHFlS2
x-cache-status: HIT
cf-cache-status: HIT
age: 233401
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yw3n06aNQP%2BoF3n7p7F8TYYtdObqFuy7sLMJW18mEmPcm13NwfL5y398vnr%2B8SXOJcNqLtJQpy4AKQVSma0VSoEP85UZzw%2B3Ob9u9k6gMkzA1b217tP%2Bq389up2SuubXe%2FDryazYPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893557a8eb529-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/26b06924-2e59-423a-b6ef-9bd9c97f41ae.jpg@avif
104.26.5.11200 OK 5.7 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/26b06924-2e59-423a-b6ef-9bd9c97f41ae.jpg@avif
IP 104.26.5.11:0
File type ISO Media, AVIF Image\012- data
Hash d43bad364c5a03c96a9609f5817e6150
15772d42d72303f27a057a208ffa73a5e2cd79c5
fc301e54c3cfd5b3a1ae24e06ce4df85391d488199b163e44fe653027fc014e4
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/26b06924-2e59-423a-b6ef-9bd9c97f41ae.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/avif
content-length: 5690
cache-control: public, max-age=604800
content-disposition: inline; filename="26b06924-2e59-423a-b6ef-9bd9c97f41ae.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzMDc2Zjg5LTEyZjkwIg"
expires: Thu, 02 Feb 2023 09:59:43 GMT
x-request-id: TX1K5cWHXpyP0FUMhzS8Y
x-cache-status: HIT
cf-cache-status: HIT
age: 233401
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P715nWIo3BUuHP196i6DjYKxMGBl%2BMxwRw%2BgIhAdrpNl6cIYx%2BT%2Bgr2C1VPYtPWfTASOoXQmhX0riGpv1Z6EIPKHz00ouI%2Fy%2F%2FxvJ75OfTusNNtiRjiIAyyQPrVABJlt0mm4jhwHkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893558a91b529-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/genii.5614cd78.svg
104.26.5.11200 OK 18 kB URL HTTP/2 1win-cdn.com/img/genii.5614cd78.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2272)
Hash d3b5ac433d02863cb7c9ed16ab24d60a
92a6e3a06de337d383591e70d9450518333c84b8
bd4fef2bc2fd8115db74460ef13354bfb702b43eaaceb83a608d21f463a87414
GET /img/genii.5614cd78.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-e7f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RBxLVbGZpf1sjlQjqGqR08G69fZ7R%2FZRYYhzHVruAd49jYzClDiqsILgpVz%2FKm0QrvmIYzb0q0A42adpmYDWOwleCvTi7V%2FJ9TNBiWve465ZLMD90xa7%2BuPVmCu3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935469c6b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/kiron.4a0c7f94.svg
104.26.5.11200 OK 9.1 kB URL HTTP/2 1win-cdn.com/img/kiron.4a0c7f94.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash c303b7f0d274bbef4e010e46de01365f
141516cb541ccf7b587bfd961d091a78f85d967d
73e08046a7a429bb2761013607e815124f8626dd0f33bb1c9612f8dda3ebd6f5
GET /img/kiron.4a0c7f94.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-264"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xH9EisKv0VTzC5p2wB62XMhHp7weAJtBZ4oOEIvesE1i8v8%2BDjpjzPfGZs8HOG2k8Xt9S1U67smX0XEnzy9rCJzO7J2chJkZhHKCTh5NWVpUDoY2OWky%2FQ0I4LE2Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389354a9f5b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/mascotgaming.fbac2f51.svg
104.26.5.11200 OK 8.3 kB URL HTTP/2 1win-cdn.com/img/mascotgaming.fbac2f51.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1184)
Hash f52dee81813b392b72bd3dc55e59a31a
ecfd8c6c11897ff05be464c9279014346cab7914
cdf8e037d3a2cd812a7c192328203d6a4220b8b252317d55de62135d6159c936
GET /img/mascotgaming.fbac2f51.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-b64"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WR4HQBHjr%2BtqPfPWm%2Fi2QK1VjhY37NnHGo5Yt2nPsimlheHRepz2KPbo0edZycuHeMmh4DP4GLToKKZiVxECShx9o93R4lDY4GUqcpusK2cipaqn27j8qLuyh7jNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389354a9f9b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/liw.06ac3b16.svg
104.26.5.11200 OK 19 kB URL HTTP/2 1win-cdn.com/img/liw.06ac3b16.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (5382)
Hash a0569d0401fb8d874305b28b86469d0a
c5f37899b9829307c6392b5c408972cd34297128
b867046ce333c538c60e7301b4abfa8e8b7d7c15fb863c7633930fa997fbb215
GET /img/liw.06ac3b16.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1df5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJJuSlN1BFRdifOiFk8c9XV25BZCTNOvPfYNA%2BX%2BNK77fC%2FxfHXRx6%2BBBowSA1NHzO7%2BMqpZ3M%2BzTTE66ZexcitGOwsyrO4GuKCAvzZ0wrV%2BV7QHInHRKYzRgwzqiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389354a9f7b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/mrslotty.366e094c.svg
104.26.5.11200 OK 8.5 kB URL HTTP/2 1win-cdn.com/img/mrslotty.366e094c.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 4e268add5640004f5bcd47ce44f138f0
74d67b5c6f396c0e85e41d621604090dda1c9e36
71f5b48fe99a25e80e8890caacb0a5d4227bc4fb4ddb4c94f44a9bd0287560f7
GET /img/mrslotty.366e094c.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-8d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3695706
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSMrsYqe8Jkm8smtY%2F%2FUqIBtg7TfbaRpeAd4RNkaH19i2O5zi7Neqv9QQPqSOrwTpYQyL7jkdHPOtDVfzkC%2FyAFlced3BFtsrin1N9p%2BybE9HZpYCp3Rjpaosluoaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389354a9fdb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/max%20win%20gaming.d504cecb.svg
104.26.5.11200 OK 5.3 kB URL HTTP/2 1win-cdn.com/img/max%20win%20gaming.d504cecb.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash d910605cefe2716c0e00a22fd40da87e
386eeb7fc3745ef8d051e2596a18629e7d2037b2
69ee97299f3ca88cb4e0d31ba92828be1df23dec0284041e0f0194d1720f3c31
GET /img/max%20win%20gaming.d504cecb.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-a04"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wKfb4vDA43anRdGRqVwuZIl0S3onddzfrVSPpWqCfN%2FpytTEbix5dVcttEwjGri5P0mE5zyK6NqpLnyZUr6PDeIcDaOEGprMiWz5t3hm4U7jBgHwpwN7b9nuf6BFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389354a9fbb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/mancala%20gaming.792c2e8b.svg
104.26.5.11200 OK 13 kB URL HTTP/2 1win-cdn.com/img/mancala%20gaming.792c2e8b.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (12345), with no line terminators
Hash 65da3df0657bb2298dfdf399a44a90e2
303473e6a69a64110154fa779d09b084fea5ba70
e5e6193a95439b9cdd0d8ccbd85acac38c5218f48067b6b76fd7ff9b42ccba42
GET /img/mancala%20gaming.792c2e8b.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-305d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCNv0XwqtI0RJz673MbC%2BlEpxaMqLJk3xpQZokH47vd7zw8VLNl3u8DwtsKbld6Jev6IPL5YUb2LHzMk%2FYap%2BV2NIKeDHViOobwwMbwVTlMXD%2FU5lX04%2FBAMstrkfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389354a9f8b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/goldenrace.423ead5c.svg
104.26.5.11200 OK 27 kB URL HTTP/2 1win-cdn.com/img/goldenrace.423ead5c.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (28699)
Hash b7824895ec4807a2fff16796fbab3b59
718726f2ecbd581489d444b5c4886b3f043e168b
140e55b27782cfd433fb566790c74f892b1a86347baf0b82faebdbe923673622
GET /img/goldenrace.423ead5c.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-7198"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvNqghh6%2FIU5zj0E8e93ikpePphQ%2FX39QioIXrvW7novcbGmDaF5T1K2uJjsYiDDi8CqmEGXXwkgyO2MiAG9MNGtqGgl4PCAP1jfVfjjIPuJ6whWhLywySTmFNTxpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935469d0b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/hogaming.f8502380.svg
104.26.5.11200 OK 13 kB URL HTTP/2 1win-cdn.com/img/hogaming.f8502380.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1109)
Hash d6e979844592a81dc9c57717e10bc428
5c404b30842f3bb930eec64eed1444d133ba80b5
3c729fb7b86145b3ad0c15915f3d664f0722a07183a0827db9cbebe67346e8c1
GET /img/hogaming.f8502380.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2cde"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L27tWlSpcGmCHzOjTfNsdMOcj%2B91%2FESj%2FjlrF%2BY5Ctjog6n8GzzTrGAUXuN4NTfAGwoKE66iAQ0TBtFf5FjK2WvwxcSrGZw45QCOHTtSONCfwBezrvKQX08%2Bz2ObHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935499ebb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/atmosfera.2954041c.svg
104.26.5.11200 OK 12 kB URL HTTP/2 1win-cdn.com/img/atmosfera.2954041c.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1671)
Hash f1142a75102a3cde0f05db50471d9388
9259dc388cfe30fa0682ce4378a153bad0df8b6e
8c9d4a990b01dd8a5205654822df5f6d18d311304dd7ad1d81d8724daaa9782d
GET /img/atmosfera.2954041c.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-156d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZ9S4%2BmnqNDBcq%2FzS0kLWIAP2DkuvsPQRi9VsF8kTMoieZ8FN4VzhEobsdnv7waMF4QuAF2FEgziKLkyDQ45HyaOloaKGeBKeAtzMG0unsyczhkklq%2FNqkqBPWAvmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389353f979b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/netgaming.aac206c0.svg
104.26.5.11200 OK 22 kB URL HTTP/2 1win-cdn.com/img/netgaming.aac206c0.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cc082bb86d9826582542b9b22595262d
aa185ca0ed8d8e7d3749c3e43fe1a1f153e4685f
d68d3291a080ebae37648ab1df4bf395a73b2d34c60adfc94849b8e22b5cf8c0
GET /img/netgaming.aac206c0.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-127cf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNPGbtnIeWhHj7pCAgMBvv7A9UBMs7NUwqu%2B8c0aHn%2BOBD%2F4ALe5k87AZNY%2FNu4mpK8sm4A28Gl8HOporgF3rzmxFxZxqJKwoc7842sc3Om7Nqes%2F0bnDtjmNuH4uw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389354ba02b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/edict.209e128e.svg
104.26.5.11200 OK 5.3 kB URL HTTP/2 1win-cdn.com/img/edict.209e128e.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1910)
Hash 8ea3a3bc6d0a4fe2898d4c489938871c
10da4c2f564c81e5a868dc0a8954c45025d17c35
7cba22de1ca903d3f253d07f32f65c403e4698dd90ebf9d001e9f0006e3441fd
GET /img/edict.209e128e.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2f34"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16%2F4oBqLSDwmZzQKzpiBwhnMb8LncoOmERGms%2F6MTYeg0Z4RmmxZuvNG%2BNzTHgO%2BeyX3KzRHbdBLJRdnl0%2BF3ZAwphB754x%2FE1x1f2CinwqOa1ausfnlf2RjceeAIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935439a7b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/nolimit%20city.73ea77ec.svg
104.26.5.11200 OK 424 B URL HTTP/2 1win-cdn.com/img/nolimit%20city.73ea77ec.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (427)
Hash c78b0857ca583ecd75cab5972146e1bb
f99f5a9589e75be161e611fa96f96676a922c8af
fa8f70c85cbaa27f3bd82182f137cfe94da6241f00a2320c9ae4a4976742793f
GET /img/nolimit%20city.73ea77ec.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-21a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7DEO9ABo4pE9BAnEm8NZsOLN4efB%2FenmjE38lIhD3KULCkkH1oBPMdSWYgIC%2FP8d9u%2F3cIlCixehNonQ8HH3EIAAtYAr8GqvR5tSibdJoFUwETIjPV35ME9rT5bXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389354ea12b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/spribe.e535371c.svg
104.26.5.11200 OK 1.2 kB URL HTTP/2 1win-cdn.com/img/spribe.e535371c.svg
IP 104.26.5.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2011)
Hash 98f899430ba6531e3040652c1ebde93e
4a422553059f4cc567631536b73d61a1ddc0722e
ab8d1cc648e3e9c4d183955c58533e878248b69cf4cbdc1b24f3e388ffa2a84a
GET /img/spribe.e535371c.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-843"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWtOh000DoHn5gDIi4NuLRu5Kq9LQvmFwXo1w9ACcpdyd3iXl7Zwl3hjJH6rMBe%2FA3AjrU8hvrJkrXFLWThGYLJFMQs0fvHavP9WwG52dcWym3BaAddw59dR%2Fie2pA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893553a57b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/500_i18_img.cad2d5cb-1320.webp
104.26.5.11200 OK 25 kB URL HTTP/2 1win-cdn.com/img/500_i18_img.cad2d5cb-1320.webp
IP 104.26.5.11:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1312c2c31e69ae16717161d0b63e862e
1ea1ac50dccf074db7972fd01030d27764c647be
17e3ddf96f54278719c3951bdf7fd750f03eef6fa8f7e257b47bf04a7915fb81
GET /img/500_i18_img.cad2d5cb-1320.webp HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/webp
content-length: 25094
last-modified: Thu, 02 Feb 2023 10:33:28 GMT
etag: "63db9178-6206"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8Bvi0utBKTItnOhUq03WFJpX2%2F5sB7l4zqHIf05IFjbJ5Rv4Nqsn1YPUKJgqSFpDIITrRpB77%2BG%2F05q2QnOcS%2Fn9kplQeQww50q31Rg5%2F5xSOH6JR4K9oB2XFRIrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893557a8ab529-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/500_i18_bg.0e037ee1-1320.webp
104.26.5.11200 OK 40 kB URL HTTP/2 1win-cdn.com/img/500_i18_bg.0e037ee1-1320.webp
IP 104.26.5.11:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1320x427, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 14de8fd7c8de24bb9f6f89ddd3c2d480
9635193c712dafa2c58339dee09588880a96a980
633593c73a175eabb2a5716a04aa84b1b49fc8e4ac4687b07509db36350076b7
GET /img/500_i18_bg.0e037ee1-1320.webp HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/webp
content-length: 39614
last-modified: Thu, 02 Feb 2023 10:33:28 GMT
etag: "63db9178-9abe"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfW029icwqfpYWimrLU8DddDppl6o2Fmokrh2WmbLz%2B0T2Aiv8YRTDU6bhp%2FhZazSTO8YYLJbeQ97pV5tvtCRYMboLyrDpSZmHLnHoRV0UaGLCUVneo0VC4hMXB76w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893557a88b529-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02123eef9faa8560ff66b058d4e13a28
decf26282993d7f0b14cf4112d14fa39c97fa89f
28889ff20f1b2fe0b73f8f97e6569f1d68d77fe436eeb47cc06ee4f0822ff239
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9130
x-amzn-requestid: 09ad3fbb-1e71-4455-82df-6e59f65239a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuxiYEkqIAMFVZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2fa8-1dca116e4317f9bd14f6d45a;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:48:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _Bc2svrG-wX63DK9RPUyjh-n6AHVHaQe3QRmEL27L-amwCH2I_f_9g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:38 GMT
age: 25082
etag: "decf26282993d7f0b14cf4112d14fa39c97fa89f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
1win-cdn.com/img/synot.becc85e0.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/synot.becc85e0.svg
IP 104.26.5.11:0
GET /img/synot.becc85e0.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-b94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3f5xznF20T9r5wlJcgU07Y91hVwzN5sB6FVIy%2FNaRFaeCxQsPPTViG0P%2BxsjV2uFQcjKdQR%2BfKPSzkynp3TimOAqe8SDAOmbKFPrz9S3InRPcpW0BhdiThElQJKRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893554a5ab529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1wswqf.top/pwaNotFound.html
190.115.19.101200 OK 0 B URL HTTP/2 1wswqf.top/pwaNotFound.html
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert quad9 Sinkholed
GET /pwaNotFound.html HTTP/1.1
Host: 1wswqf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1wswqf.top/sw.db344b25.js
Connection: keep-alive
Cookie: sub_ids=sub2=12675; visit_domain=1wswqf.top; partner_key=79i6; core-sticky=http://10.233.97.208:80; 1w_lang=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Fri, 03 Feb 2023 04:55:33 GMT
content-type: text/html
last-modified: Thu, 02 Feb 2023 10:33:35 GMT
etag: W/"63db917f-136c"
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
1win-cdn.com/img/authenticgaming.08e94926.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/authenticgaming.08e94926.svg
IP 104.26.5.11:0
GET /img/authenticgaming.08e94926.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2813"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwsEMW8uVBwODWC%2Fw1c0DmnDSLf6r%2FQM72RnsgEQjokuQM5aJTnWXIPymnaitze6%2FpMo%2F25KWpLQYoEnWli%2FfWyqMzIa9fUKpdJy2EOQw4bAChOyu%2B6dCTFjLU5lzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389353f97eb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/kalamba.f208b29d.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/kalamba.f208b29d.svg
IP 104.26.5.11:0
GET /img/kalamba.f208b29d.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-5343"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZ7ERin%2BBVT5B1qO9%2F%2B%2Bbc29g%2BB7z153tZk2u5vMiphV%2FcZkpMr8cxfB8S9ZYdJQEV3Sdw9EuRmcODHKHbqlMgoCXi7ov6aJGdvFMGdfsCjmhc9n56x8Fmvn3Ipwiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389354a9f4b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/5862.39aa5820.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/5862.39aa5820.js
IP 104.26.5.11:0
GET /js/5862.39aa5820.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:33 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=95351
access-control-allow-origin: *
etag: W/"63c68016-17477"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 17 Jan 2023 11:01:42 GMT
cf-cache-status: HIT
age: 1446331
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAVhgfbw3C%2BbSFhrxJ09eBzg7r3bXU%2FHtJoD0dMCg9Vr4LcK89yVIGj7i66FowU09ECctuVVZf7H9rqBtKvvQ2Fm7O%2BXizalekC0P9b8NeSrGFHGP6xrtTrnKsbyGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389334fbd5b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/booming.a167e59f.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/booming.a167e59f.svg
IP 104.26.5.11:0
GET /img/booming.a167e59f.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-8b3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694937
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ID9zcbwqKb1kQL5gmUzaj8PKPSoRRkLbW32vhKdE6iRAnhRLEP4yMHq%2BEqLIZhueDZGPpNBv2XWPv21ABfk3UWVGQ1pb%2FJ9r7VsKePB2OLMr9f3qEqLMDO0Xfq%2BHxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935429a0b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/belatra.259628ea.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/belatra.259628ea.svg
IP 104.26.5.11:0
GET /img/belatra.259628ea.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1818"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxF3uWk0z7b9ftJMs60QZNb%2F8HYGR2o4SV2A6Vn%2FKFAPmb3sGq0p7Z933tsY5jv4DP8exc24DCbnBb3Ro30PrIYCeCZTTg68tX0NvSJMyMSWHy7PShbPkhTugloliA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893540982b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/endorphina.bf6a0cf2.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/endorphina.bf6a0cf2.svg
IP 104.26.5.11:0
GET /img/endorphina.bf6a0cf2.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-3a771"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cd%2FWf00azPP5HEg5%2BgMODL2nkJENMfLtA6vsljCqD0SY0ne2SPfqncMRzn4qOvZjRZaCCxILPvR3tS0xPUEgrJrBYfSZVLbSe4AdzVEPZjP1PyjqQGTukIlBQAO%2BfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935439adb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/css/546.f10717d0.css
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/css/546.f10717d0.css
IP 104.26.5.11:0
GET /css/546.f10717d0.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:33 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
access-control-allow-origin: *
etag: W/"63c7c775-2bb4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
cf-cache-status: HIT
age: 1302619
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hm2PLpsv7UMF2M0do8wq3hpW7iHtUZv0jm7Rjr%2FSKAyT3rCmBj0In4XcUr9RYf8ywM1apOjM6lx5iSte833erAZ9q06aV4VFQLyjhz3RebKxkTWYzB%2F8X0aVk8X%2Biw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893350be0b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/7mojos%20live.0bbc237e.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/7mojos%20live.0bbc237e.svg
IP 104.26.5.11:0
GET /img/7mojos%20live.0bbc237e.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-144e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNvC5n%2FiyJxhWFcidJV0KEimIYGJWWurKjr32UF1Vi9j0aXRzKcgHIq%2F8WdKt82k4Vygdi35Xgf7jFXxYGvL2R3JNpL5j1F7V%2FpDQFQBgwAXSl2%2B4aPbtM60dftZGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389353d960b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/7mojos%20slots.d3a1137d.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/7mojos%20slots.d3a1137d.svg
IP 104.26.5.11:0
GET /img/7mojos%20slots.d3a1137d.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-22be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1293360
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmuE11oEMzY0RsMOKNGWnm6%2Bt4gthTviEkM7QZQ8AaEuuUp57W9PlFMZsgudVzEFyo2ifCp6S%2Bc4NKyADxpZgXwxPBaKhc7HuXH%2BvFQEw%2FK825ZizjYvWzGuK%2FSGdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389353d963b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/fire.47bc0337.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/fire.47bc0337.svg
IP 104.26.5.11:0
GET /img/fire.47bc0337.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-244"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694924
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5FThRgC3n6mo1EJg4UueOekaSlqqrUlD5KBYziPmda3ZXYsBDcxOhVSRBmNVfi9kCZaTc50902USYfHeofa%2Bey%2FuLHLx3wV2xBTNBbX2T036gD8%2F2u61wGccsbXvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893395d8eb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/betsoft.c6b04922.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/betsoft.c6b04922.svg
IP 104.26.5.11:0
GET /img/betsoft.c6b04922.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-14a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3695706
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKB5daI675%2BDN6NL%2FwL9HYThGrJWJx%2FgLoQidscUql7Kw0QPlYt4zkZ7cBOmjWtdmK6vcty5%2BJPQwMqSq8ahObxUf74EjNeCsDSRqJCfdiAPl3d7XRE2ZzUiwSnlsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893540986b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/betsolutions.9f618e22.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/betsolutions.9f618e22.svg
IP 104.26.5.11:0
GET /img/betsolutions.9f618e22.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-911"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=myRzXN5QGSFxHA%2FKTbIPKUKbHLTKYuEMwUw%2BVi723qB%2BHkfijGzeVO6QF6ovy3z7nZ8toUu%2FmxP6aPz1CacLgVBuIEO5%2F8utqVzG1H5XZ%2FOzLhgOJ%2Bil%2BRRooDoMVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893540988b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/blueprint.92d09945.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/blueprint.92d09945.svg
IP 104.26.5.11:0
GET /img/blueprint.92d09945.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2a4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694937
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJIH5Vsk%2BcpyMgyf0BNBlu5ic44j8rVxVlz36onDng2WxoSzC%2FNG3HBl9MjBusJBbiU4g%2FPIkehHbahVfvudv3hbC9St2MqrtYJA0U0vlDbfZRbevPtQ8J5uCokVzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389354299db529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/fantasma.7a456c94.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/fantasma.7a456c94.svg
IP 104.26.5.11:0
GET /img/fantasma.7a456c94.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2397"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mdc5xMv46v5XqWORalUEt8gfC%2F9qjERWNLgQqNbxPY3ywxiDo88Q4loSc2X67S8LcifswUdgCy9v6xmxhAcs6VkodPe1SnnYKnmI%2BCpW353oq%2FyWGNmMYkF7w%2BgpGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935449b3b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/cashback.12a56595.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/cashback.12a56595.svg
IP 104.26.5.11:0
GET /img/cashback.12a56595.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-851"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwhfNLmX6kpC8HHxv83BnyThiiQk013C0M%2FQOzN9VDs0v7L2wd0u3r82l5oNqBF6CDqfbhiWbrNU20Aq5PKY5gM8iZk%2FwS6PzqeYunSqeVUktiCd40a1LcEz%2B7rPYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389353c954b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/css/7057.6c4e5731.css
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/css/7057.6c4e5731.css
IP 104.26.5.11:0
GET /css/7057.6c4e5731.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:33 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=68681
access-control-allow-origin: *
etag: W/"63cfcc7b-10c49"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 24 Jan 2023 12:18:03 GMT
cf-cache-status: HIT
age: 835501
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owApQ9z65YHrVZ2%2BtioJINETghLCFZqFZc9tMWS%2F7RBZ4WuGQ6RzvAEy1yjDTmjBBf1ZVtLyUQUGfIiznfrsSg9pGSWqcGzvtG%2Fo%2BVV9s2g22X8Nx4pUZ%2Bw1etNWFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893350bdcb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/1x2gaming.9c41eb85.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/1x2gaming.9c41eb85.svg
IP 104.26.5.11:0
GET /img/1x2gaming.9c41eb85.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-f4c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2TCAkiu7cROzQJyUQR1PqOljHesKNDWW%2BNtFIqDULk3B0qtwYedVxW4t2lIWsYflm8ttlRgj5hrerULKtBnxHNtZAYZskAa%2BKrasWFk9CRbqszXXC1VIPshUBLHoBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389353c95ab529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/apparat.982be0d4.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/apparat.982be0d4.svg
IP 104.26.5.11:0
GET /img/apparat.982be0d4.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-177"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmxtpZx0tN9%2B%2FffnDCx77kZxRHsXx8Ah27jJTuWB%2FriKtQzmGdVAib7nDU3fOvicqOyqMBfRVyyZqgcOPmV0G4uc%2FPOh%2BsA%2BmtTy37f93VG250Cz5w%2Bu%2FZ2mvKuIBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389353f977b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/oryx.ef29a7af.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/oryx.ef29a7af.svg
IP 104.26.5.11:0
GET /img/oryx.ef29a7af.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-507"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMbS2pbGhkZvJgX711pvqRgXyu8p%2B4jUrndmqCs%2BMQlkPa%2BL75QsoIe7zCFsAe5Hn1X9e8WiypVY2TCoviFBFTQjDmMqM9oz2nC9orHswa5dP4bEQs6REqmGWhQf6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389354fa1eb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/flags/no.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/flags/no.svg
IP 104.26.5.11:0
GET /img/flags/no.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Tue, 24 Jan 2023 09:47:24 GMT
etag: W/"63cfa92c-146"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 843030
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvAapN%2Fh4Seb0ZHWd%2BXZ5obr61b3P3bXPT7YJ8BYCZ5OJPv54a8PGaMl4NGbJaKb%2FCx0LLh5vW04u0l%2BYU2Vs5%2BaBL6%2BoUs%2BQharHcoBgJErdO3CqvNo5L26JeI6xA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893565afbb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/css/2950.0a35ca33.css
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/css/2950.0a35ca33.css
IP 104.26.5.11:0
GET /css/2950.0a35ca33.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:32 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=19535
access-control-allow-origin: *
etag: W/"63ce67e3-4c4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 23 Jan 2023 10:56:35 GMT
cf-cache-status: HIT
age: 928681
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2tXE9yOyfbcp%2BseNIhRaVBr2i6GXBb3utPebWwMhN6zlQw3TMm1xdPOwjC87ckESFXtfgIyRtm1oZ7ciBC2Z2o7IGpeT1sAsMYNRrnEz3oV3bquKyAX1n9vesiT9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938932dd8b9b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/5%20men%20gaming.81b340c2.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/5%20men%20gaming.81b340c2.svg
IP 104.26.5.11:0
GET /img/5%20men%20gaming.81b340c2.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1ac8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSlTZOcvB31zLCfhA0AVWEUMJ7K96HjsR3w4i%2BFTsVASEVlfLuIco9FI%2Fv4P6EnvZ%2FIoygG2VaAfoeltzD2S2JDRZLED066ELiNZiB7mPBp48eLbgaZQatwxAbQigw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389353c95eb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/retrogames.513aab74.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/retrogames.513aab74.svg
IP 104.26.5.11:0
GET /img/retrogames.513aab74.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-815"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0rbVHA3A8TRGiaiwkLAemHctEqZK8XRlyjMrJln6d4xjbDeJKQscrAolxiFkLeA2Dr52CC7Bi%2BqZ9R5gkqLXpsnTXWWxKSsJInyNtigDOn2bYV8nE2RqALWh3N96w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893551a37b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/spinomenal.30d1dc2d.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/spinomenal.30d1dc2d.svg
IP 104.26.5.11:0
GET /img/spinomenal.30d1dc2d.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-6e7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3695578
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GapJ6MlbbjGQfTbP7syF8fkp8HZmz3PYklEMKJEgpkZokpFrZXCO4SSTtFdNRCYO7qqq0bGIPkD0QK4r7GQhbAMYscbqMdUds%2FIRtQwPiqZ8U%2FmpEkdR6gPNUEggPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893553a54b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/boldplay.018c7f09.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/boldplay.018c7f09.svg
IP 104.26.5.11:0
GET /img/boldplay.018c7f09.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-1603"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1293360
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqqK1Ycr8tYnf2lXJcCW5%2FhZAPUPedIh3B0qZlD8vMThmSG4exBcGsIOgX7zYhJVyP%2FxNVsTKh94TzHz%2BhuPOuFpLX8uLDAjTFj65KFwcEZJTfP4VzTfWqoUP01sPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389354299eb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/igrosoft.81ca5abc.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/igrosoft.81ca5abc.svg
IP 104.26.5.11:0
GET /img/igrosoft.81ca5abc.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2243"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNHguqkKskDnyST6Wb9eugav%2B8mcm7LG7dzSMoju676H1tqlfd0jcMF6C0tXLfw1Ky0hVSKk5MBnJG8nHsjWyXyGJRDSDBtFSed3XQDRgBwaVv%2BkAaQEaa2iNUr6FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389354a9efb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/fazi.0731b5cf.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/fazi.0731b5cf.svg
IP 104.26.5.11:0
GET /img/fazi.0731b5cf.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-27b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpUO3o8ym0hacNwqVkI2HUdMTjs%2FlZuxD6szs6eZ45FxfoPp09JIVqn5UihvwgXNEJ3V6VePwQmPOy4sE5zVXlsA%2F8DPe4sOGwcb3zLm%2B4xAUjPIhBZVINlpKLJ%2Bng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935449b6b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/felt.10413409.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/felt.10413409.svg
IP 104.26.5.11:0
GET /img/felt.10413409.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-17fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FRRi%2BS7vQMaGtH%2BwrAgP0ER1vQiR0GleW6vgE2faiCmfaq8YznoUxfnQCk%2BpSSwFbDX7srS9nzLPlbGPiFGZaIB1CLHx02ioGTjcPTZmnYpeMiUyz6su1XARLM9ig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935449bab529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/high5.4aa8a605.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/high5.4aa8a605.svg
IP 104.26.5.11:0
GET /img/high5.4aa8a605.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-1314"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1293360
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yau8DXqfM79apEyXfQkWyKSG7%2FRPg6C4JusaYzh9w3KGVZTKN0GTN%2BIM3OiEZtKAalHQHl6mdGril%2Fi4%2B%2F9fLL2eO3z6dHYEsKjwQrZrQ1AL4JXxH2RI84T5Hd8Z8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935499e9b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/onlyplay.820ab1cc.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/onlyplay.820ab1cc.svg
IP 104.26.5.11:0
GET /img/onlyplay.820ab1cc.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-648"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 618933
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6zBtcReGdfbTA%2BprQRmQ2ZDgnfhxKffCZMgo%2Bprqf3zm14DZO123KUpeCJWCM7WSLgGDplqwgiJosEPqdUOoG9OyhmgqZy5Z72hYEw1YY0WkkFNPshAKINueUUAgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389354fa1db529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/common/banners/all-v2?lang=en&type=desktop&bannersType=main&localeId=1
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/common/banners/all-v2?lang=en&type=desktop&bannersType=main&localeId=1
IP 104.26.5.11:0
GET /common/banners/all-v2?lang=en&type=desktop&bannersType=main&localeId=1 HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:35 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wswqf.top
vary: Origin
x-frame-options: DENY
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jicGIEvfo8oVpRuxGxpw7I436uw4PvVzjZJTeFxAwhwAg0vCE35Q8DnZ%2FvoZ4aMn%2BV7MCcfptTRVCt%2BXPdwVCoBn2yF5GFP1NtyMB3G%2BiGRO8ftwfPaLIkDbJXNLlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7938933a4dfeb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/bet2tech.bb2f3549.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/bet2tech.bb2f3549.svg
IP 104.26.5.11:0
GET /img/bet2tech.bb2f3549.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-5e6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHQ9l2lLU5LIM8lQWDMbdYcpAjMNcO1Z8JQ3Xf3JKZEUjmohtIP4uXLR5HydsRt%2BgXFBfx2y3a2iCQvGPCuXYdf7Cqi57fvpNg1SHAas7c1keqkeLYecEnN59k%2BvUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893540985b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/cq9.bd2145b0.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/cq9.bd2145b0.svg
IP 104.26.5.11:0
GET /img/cq9.bd2145b0.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1169"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694936
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUx7rJbPFuXD9SvgMImhzuUt7V4wv8AliN%2FjjRp3MqRnkbqM29UYP61YC4Kq1VdR4II1tMyCGZ0YqHxpOyjVgJdUWfW5Mr06nbJN47c1Nyq6SkJAac2TCznbZUP97A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935439a5b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/elbet.90c78268.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/elbet.90c78268.svg
IP 104.26.5.11:0
GET /img/elbet.90c78268.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-70f7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXKJktINjgUsojWneGbZFLqVYd9qCG%2F7VyUZDhbOj9bhqNrntt0UaQA7ZdGC8zS8Zn6YaTnbig%2Bb1rvgARfyTEgGSjkUXzjDcIZf0DO5UKx4lkesYBqXzjHUIgI11w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935439a9b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/fugaso.a193ab53.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/fugaso.a193ab53.svg
IP 104.26.5.11:0
GET /img/fugaso.a193ab53.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-4c1e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3695706
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUoESUAwRUkI9eaH%2ByhEPedNhsOnYNSOB7h1QL7%2Bl4ColMsjW6ELCME6KL73cY%2B0WkQflfeu8Eqreu9fjkKnDsgrYbs%2FqhuV0jQvE8M2va48pE2yjg5iEHQNJQv04Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935449bbb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/givme%20games.9c29bc7b.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/givme%20games.9c29bc7b.svg
IP 104.26.5.11:0
GET /img/givme%20games.9c29bc7b.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-961"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IkauyDUxCpMzZggH3JxVptcLt6p17142HZ1UXJ%2FJELIdjZfegwN%2FpXmaikNmShEVOmXMLx19wEejfca3GlpWtA5IQ4dOrN9I%2F930GgAcer5M8mxrCeKkDLkNxrfFLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935469ccb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/platipus.62dd70ad.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/platipus.62dd70ad.svg
IP 104.26.5.11:0
GET /img/platipus.62dd70ad.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1368"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tahDhYZEQMvpOIHBf1wlap87t3SI4om9m%2BMW%2FZGuhAlBORw0p%2FrePaphA0D0zqXAVv%2BNdOQXeysmn%2Frub1m3vznXSn10RuZxWLI9ZPe2WLi77slwk9LbIAQhKSYYsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389354fa22b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/superlotto.164bda58.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/superlotto.164bda58.svg
IP 104.26.5.11:0
GET /img/superlotto.164bda58.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1a77"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfm8E38YAvq7yzOSA3WoTlpDH5817P59OtYro0HN%2BYSzaeP5ZZi2JPXyKaj2%2Bc5getVispUY9HbE2%2BubjPgnW5hc%2FceWSk3z%2FP9B7jpbuTwWAJeUSstevAeUhVLmQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893553a58b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/caleta.4b134d78.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/caleta.4b134d78.svg
IP 104.26.5.11:0
GET /img/caleta.4b134d78.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-502"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694937
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EivWaUYb3lhdRnNtkHPDxzlYJJrBwFjaM3Ii7vHGIBuuvblRY4f%2F1jLnjmiF5TGWQ5MycyouwTTLyI3yg4%2B7xpnTyO9YaU8jog9VU7cwdMDtnML8zSF2VnnCG6llLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935429a2b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/agt.a6dc1f1b.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/agt.a6dc1f1b.svg
IP 104.26.5.11:0
GET /img/agt.a6dc1f1b.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-13fc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5cM5Mmuj9Qf%2BYkXA%2FprhdMdScaqRo86FdTz4fPPGrh5Hr8vvTbIiX%2BIw50Ltn7H3%2F42EHJOaGW6aCTQS0UzeyQHl9yN%2BUElAFiXtfLROM5CC%2BEDd7sIhxoUIYccjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389353e96eb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/elk.f78317e9.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/elk.f78317e9.svg
IP 104.26.5.11:0
GET /img/elk.f78317e9.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-d7f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6LOT6vq19A9IUZMk%2B5vavm7nm3wroVSo6xIr6vSeoSXD4e5dzYbPJpPa9vdfB%2Be2hoBnRcs0HfKSFiQDCl7CE6gYMevVxOWhAb9Igty36wisLhzR4zT3hbsvrfiNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935439acb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/icons_hockey.0d49138d.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/icons_hockey.0d49138d.svg
IP 104.26.5.11:0
GET /img/icons_hockey.0d49138d.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Referer: https://1win-cdn.com/css/5616.80aa74eb.css
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-3fd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 630834
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vvi0vvY3%2Bkvv%2FU305PGGH4W8ao2Tt8DOZqhISLKHNtNdpTqPMLLGqzzMZf5JjodpG7Yd%2F9Y4r%2FpncyiwryQLff2yBpXDsLXs7adLJ5KH01Y3FzPz7VgDmwdKMLEykg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389355dadab4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/4theplayer.1c19371a.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/4theplayer.1c19371a.svg
IP 104.26.5.11:0
GET /img/4theplayer.1c19371a.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-25e5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EfiGm3nZ62cBNNq9xRhB9PwV2m6k424O%2FQcSNHYVyjytVi4S2GjLn5bXqAzAohlLEONnK9AvmEBx0R%2FEOjEpF9V2DsxE7ZJdpXHhbP54Imwt3zWfXrjJJus7MUSLLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389353c95cb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/apollo.72eae79f.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/apollo.72eae79f.svg
IP 104.26.5.11:0
GET /img/apollo.72eae79f.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-312f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3695706
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZARG7M7xQtJTyMn%2By3%2B0YywMBO2NQnOrlkiZ4RWCdPOJNl3NGogV2GDNHV81P7ALOs0jtyEU9ysPsfnsocxeA0vTwxlgCtyA5WIaRch55ho20fRp4W9hD3%2FZeVGp%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389353f974b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/smartsoft.55c81c76.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/smartsoft.55c81c76.svg
IP 104.26.5.11:0
GET /img/smartsoft.55c81c76.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-149b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQG%2FG2mWMZT%2BhGPacwAiJgJaGeKGZbxgmWlY%2B7tBOveqxZGFe9%2FqV9aR9jhBhQRBgtyqtJ0N25h6GQ3RWwpvgbWznBMnSUVGqZ0ikLOg2WBefCTSze9zCCIzv6VmxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893552a4cb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/zeus%20play.8ccc9002.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/zeus%20play.8ccc9002.svg
IP 104.26.5.11:0
GET /img/zeus%20play.8ccc9002.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-3d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0avG4E09dPEEY9Hx628Pmte3A2uQXDykD4in62DrjysNr9eW2tJJ3qF6kZW6wfcTO02YQNQIpPGX4TNeKpRkkSeQMn2%2BwG8nZeFDpeQ%2BHuV505%2BJ297O2qcRUMVNzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893556a6fb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/icons_basketball.aaa47453.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/icons_basketball.aaa47453.svg
IP 104.26.5.11:0
GET /img/icons_basketball.aaa47453.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Referer: https://1win-cdn.com/css/5616.80aa74eb.css
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-3c3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 630834
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkbQNqEv1M3vFnGP7QyLQ9x5WwdMfnm46Q%2BcCAltHbnCMWNiKe5IOszeB%2Bl97uwU%2FM2KpyDSgOG7vYI0eRBVEKKGO5OUgwTIsYL40G5NGsdJB7qbSdwHdDjBDYaNvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389355dad9b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/icons-pack-home.e8bf03cf.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/icons-pack-home.e8bf03cf.js
IP 104.26.5.11:0
GET /js/icons-pack-home.e8bf03cf.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=80069
access-control-allow-origin: *
etag: W/"63a42a53-138c5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3696822
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ff%2Fa%2FIKNYih%2BDwNywhMu9ptUEIEbY6qhuxmRbfP%2F8YKHRzsJ9TbjZP3gn4TU8iDrWV8kkwaZSskwCQYuVbNbEvOk5GcsXZ2lkxDhA8PYz8EXtCgeL7lUO7yfJwANQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893395d8bb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/gameart.bec40c08.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/gameart.bec40c08.svg
IP 104.26.5.11:0
GET /img/gameart.bec40c08.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-a20"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pK%2FhdpupfVjYQv1cqYhniqR50kgr9%2FRYlFAjTRQzzz3xZ%2Bg2JdNGOCVKbLuA5X7%2FZ1vgUYyINF0fYv29Y5niaXwPlThg2qlkNknpwYCNt13fUgDirXjTdqx17wLEVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935459bdb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/onetouch.8550a163.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/onetouch.8550a163.svg
IP 104.26.5.11:0
GET /img/onetouch.8550a163.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-3ad4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUw4rI6cmynsMM5XKUK78eSU6SZzLhPDp8morWL9I9nNcD4Sh9C0X%2BXQKxOH1i6iWzLe3tucjcaOo3iPWzQYTiJ23nDrsGzl3tLzbzFEMGyz2ahpXE6yoGtLKzbIRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389354fa1bb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/northernlights.efa65c9f.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/northernlights.efa65c9f.svg
IP 104.26.5.11:0
GET /img/northernlights.efa65c9f.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2699"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZsK0n8C4XGaWhrEHMs8IwA3bOo3fMywX3tUFdcEChv6A1f53AF70bK2LPzAWxEf%2Bp8S0j0lnhBIcseQHNqOOQqGqIE4JbEzfjVQf3tXw0egm78zcq89WYZxRTVpvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389354fa19b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/icons-pack-casino.243be753.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/icons-pack-casino.243be753.js
IP 104.26.5.11:0
GET /js/icons-pack-casino.243be753.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=93639
access-control-allow-origin: *
etag: W/"63a42a53-16dc7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3696896
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZZQKSFosv7qMoFOVEHB%2FrlS30m6tDOodR7mrsjQqd53kQDEngEMqTgXk1VjcolyWF7CyOZC7j9oqhyUvsBNR4%2FdcvguS%2BrwJZbm4QspooZfIk4oWRZVb4JJmd5LTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389353c955b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/gamzix.f7270646.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/gamzix.f7270646.svg
IP 104.26.5.11:0
GET /img/gamzix.f7270646.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-f15b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rn3Sh9YDeFhk5yJXiH26bG0HrfNbpR8Q17F%2BK6BcwV2xvmhEWCn26idwjSu7jv6WdTa%2FQL3AgfIN3uDLoKG9ZitWPhV%2F5SSMIr2exLXm%2BZ%2Bsa3It%2B4oxZ3AyjmygVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935459c4b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/dicelab.f8f3d560.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/dicelab.f8f3d560.svg
IP 104.26.5.11:0
GET /img/dicelab.f8f3d560.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-f89"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5T4dQl9kAhKCvFEg7pLUk8g7%2Bh6XupZZUINe1HJpndOL8G%2FSXe1HJobSb%2BEUda3J4wLJFPwj8rhmRnsl2d0JjIxdefz9shroeu6CInhK1YAOPdo8cWW072s3JksGjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935439a6b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/cool%20games.5793050c.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/cool%20games.5793050c.svg
IP 104.26.5.11:0
GET /img/cool%20games.5793050c.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-d49"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694936
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2b6nDuksiLevq2wb4MQUkztDyQW48htrKK9sC%2FXPAy3AUVVg4Gk3dffaRi5KQ8XVeV%2FiHRYEJeQFX4F7HxeTIAG1yy%2BqNTYQeIso4weRA0eGjutfUMm961uDHxV5sg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935439a4b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/evoplay.f05734bb.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/evoplay.f05734bb.svg
IP 104.26.5.11:0
GET /img/evoplay.f05734bb.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-a08"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BuRog3A74UH6taN04S3lDSslmboEztrg03IUuA9svPe2Cc%2ByZ%2BnQAMD13PjcrLLJQoApRItRRrK77uVn5p8pcKnRwFlPkuTkz%2FrwYYTR2BqajMux07Q2BCRmQyuB3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935439aeb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/nsoft.694e7d47.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/nsoft.694e7d47.svg
IP 104.26.5.11:0
GET /img/nsoft.694e7d47.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-532"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZJkXEAiqt0v0%2Bd8FAj8mEEfTqsV1uylrhLEGx9Okdcl3W6DJVAtK8PSNAaYnGxQDx6%2B3dxELSlbB%2Fe1gFItJNi5oIXiSf98P58Ks6DZRSUn7OmRrC9ggyYdfrkurQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389354fa1ab529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/1895.80662a88.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/1895.80662a88.js
IP 104.26.5.11:0
GET /js/1895.80662a88.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:32 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=60416
access-control-allow-origin: *
etag: W/"63d7c7fa-ec00"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 30 Jan 2023 13:36:58 GMT
cf-cache-status: HIT
age: 314293
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IpJbhrkBZBR%2FY35QysSJSO%2FSXgv55k0%2F0bD7%2FChLkcGC%2BTi95V5R5mbkE%2Fz%2BQATmuE8OsVsnAcQddpo4%2F2EIAO5XEAvXFUAheOa4ugxA775oYGqWL6IfTReNUpg%2BVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938932dd8b7b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/1883.ce7803cd.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/1883.ce7803cd.js
IP 104.26.5.11:0
GET /js/1883.ce7803cd.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:33 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=13732
access-control-allow-origin: *
etag: W/"63a42a53-35a4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3696795
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rtADREG09spqOIwS%2F6yd6rVajTjNUZcDJEDpUVqTmfXBO5IDYgLzpxoPV8fY4v83tOac77m7obg2l0ifhbiA4qFYOSKrDp0gD5gvsDsQSSGHF1nxillnw3FA8s9YA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389334fbd9b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/golden%20hero%20games.815c7431.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/golden%20hero%20games.815c7431.svg
IP 104.26.5.11:0
GET /img/golden%20hero%20games.815c7431.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-ba94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ho224QRH0%2BKDZaAbTYMn1CHsksk0WYw5cPGbzR8G9x5P4BOvk9OCMYn5tSxvw8N1M6JnNHiGGttyqC6A9PEt%2BtTblppCexpgY6GhJiVE8AnUtzV9AeCWeUtfulIkSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935469ceb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1wswqf.top/?open=register&sub2=12675
190.115.19.101200 OK 0 B URL HTTP/2 1wswqf.top/?open=register&sub2=12675
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert quad9 Sinkholed
GET /?open=register&sub2=12675 HTTP/1.1
Host: 1wswqf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Fri, 03 Feb 2023 04:55:32 GMT
content-type: text/html; charset=utf-8
set-cookie: sub_ids=sub2=12675; path=/; expires=Mon, 06 Mar 2023 04:55:32 GMT; secure
x-frame-options: DENY
content-encoding: gzip
X-Firefox-Spdy: h2
1win-cdn.com/js/icons-pack-sports-promotion.9bb32256.js
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/js/icons-pack-sports-promotion.9bb32256.js
IP 104.26.5.11:0
GET /js/icons-pack-sports-promotion.9bb32256.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=19260
access-control-allow-origin: *
etag: W/"63a42a53-4b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3696823
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TT0KvieritN%2FO1Kfdtg2ML0s%2Bsp%2BDTnkHOxrSrzTjQQnACpqtELxRJtwMiJokRZjg8nXo7kmXZW%2FMlmOr1k4%2BJqsEUWjEndb0XxCRApvqwW%2FuLB1tQaIMewrziDkrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893396d8fb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/bf%20games.a530d147.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/bf%20games.a530d147.svg
IP 104.26.5.11:0
GET /img/bf%20games.a530d147.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1374"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yq4hutasUE%2BaqhpYlgZrehzeI7K%2Bma%2FPc2xhwluKjNsfz1gAfgaS26fJCT1fKMgYYHmyZw2fb6D5gE96w4Wuc5iRSbWYnA7xZOvDwKStkomQMdaiwOJ8DLpXR6UlfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893540990b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/blackpudding.ab318dcd.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/blackpudding.ab318dcd.svg
IP 104.26.5.11:0
GET /img/blackpudding.ab318dcd.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-141e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=faZX6esQNb9b%2FYF2pLU7B7YBt7%2F2%2B%2BDAwJ2eJgH02dmNEQRpXqtB3we5qoYD4AAZYSSaxN385o%2Fxv09cdX1wwjl%2Ftlm3aLn1JEuoOu%2FxSmhfKFBTdSIIMpawgS4Rdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893541993b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/boomerang.ce3752d9.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/boomerang.ce3752d9.svg
IP 104.26.5.11:0
GET /img/boomerang.ce3752d9.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-81cd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694937
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68iSrahRdIpegktD8p2rrZHoOdbl9R7S9sGIAGAAxWiBTbzSm%2F%2BUBCVb2JmwQk2Oog2dVOz7AQ2n8HSOXWYsPQxZsIszy2KmqguXZktdtF2Do9%2FZCeHiZlhpHuJc7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389354299fb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/electric%20elephant%20.0f5be6ef.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/electric%20elephant%20.0f5be6ef.svg
IP 104.26.5.11:0
GET /img/electric%20elephant%20.0f5be6ef.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1cdd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHgFCaTBs%2FD2u2dseGTjMSr9kVmHLlvPWenUn5aAhPvhdgxIkCAOOZeDjgltJ83QkPHjCj0FtJmMHwLF11suRUdsKWKB9P1ilbcTDWW4M196eFMkK5Q2WURs0NJWgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7938935439aab529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/pgsoft.5ab7874f.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/pgsoft.5ab7874f.svg
IP 104.26.5.11:0
GET /img/pgsoft.5ab7874f.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-d6f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYVOOhPwqXrVq718S8ulwIF20%2FQuQkq6l%2FOiiwVcbPvCAEvtyj3H%2F28zUQfioVmrr%2F2hZFCO1m4gzfhtLd3z1BWdUAYRTeuFcFGhKp6fiVYbl8Gfjn46BVbjl3BOAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389354fa1fb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/common/banners/all-v2?lang=en&type=desktop&bannersType=main
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/common/banners/all-v2?lang=en&type=desktop&bannersType=main
IP 104.26.5.11:0
GET /common/banners/all-v2?lang=en&type=desktop&bannersType=main HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:34 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wswqf.top
vary: Origin
x-frame-options: DENY
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXMNYXcF7fQQ0aDuHEvtlX%2FQoGXaIKUnpjXf6DNWZUb1g0qWmkuYIJdQZ1YF80OxmCvbFPH4pMWApqjTNfNhTODBms0RI6UGCOIDvKbwIvIPlkoth%2FZoTqkmnYk4lw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79389339bdc9b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/1win.e3630873.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/1win.e3630873.svg
IP 104.26.5.11:0
GET /img/1win.e3630873.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:38 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-60f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viChZD71atrygtHwxxVCCfe9L7ksZfroVKY6zSU8CPMSJbyZ9yXql%2F5%2BECl7htPqYpMKZOaxdkBJFpMF9s%2BFqcInQjkJE5Jir%2FobRZqjdTGB02INbNk4BhgpRBCEqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389353c958b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/vibragaming.4b28676d.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/vibragaming.4b28676d.svg
IP 104.26.5.11:0
GET /img/vibragaming.4b28676d.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-22a4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3694935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WD0EQk7Sih25rsQcRGyhTigQgT8PZpmngTFELTM6t5xnsbmPs6JgI6Fe9Af6UnDpilEyNrUgQq31HtEBcJR%2FWEJhY0qDAPKUPQFzCq%2FvUWKGv2qBG0K7A3afx08tPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793893555a68b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/icons_football.2e809939.svg
104.26.5.11200 OK 0 B URL HTTP/2 1win-cdn.com/img/icons_football.2e809939.svg
IP 104.26.5.11:0
GET /img/icons_football.2e809939.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Referer: https://1win-cdn.com/css/5616.80aa74eb.css
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 04:55:39 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-32f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 630834
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qf9v1KohuuPvi1plk9adxjlF99lJgAtxTmvzUX2wPrLx2NKvVVfE%2FAsYG%2F6n96Q3rvKevgJYVVx8lwlDuBxRyBLQ%2FzHiPuPDbjRf9zAH7kSakhWZxabsUggT0sVW4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79389355dad8b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2