refpaqqmcs.top/
172.67.219.202303 See Other 0 B IP 172.67.219.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: refpaqqmcs.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 303 See Other
Date: Sun, 29 Jan 2023 08:28:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Referrer-Policy: no-referrer
Location: https://1wswqf.top/?open=register&sub2=13253#79i6
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rskdZe3P73x1gyG5QCO3YAbLH%2BBapjgXC5TMlSpP9C%2FR%2B95uYVaVr5e8PmSF7E72e52%2FrKhgzAlGTbXRQi1t6AE3dxex%2FzRah5RQmSbc93CHnQQEbGTBMMpJT03G8E0ANg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 791098b88c15b4f3-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2192
Expires: Sun, 29 Jan 2023 09:05:21 GMT
Date: Sun, 29 Jan 2023 08:28:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4275
Expires: Sun, 29 Jan 2023 09:40:04 GMT
Date: Sun, 29 Jan 2023 08:28:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7888
Expires: Sun, 29 Jan 2023 10:40:17 GMT
Date: Sun, 29 Jan 2023 08:28:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 07:43:08 GMT
content-type: application/json
age: 2741
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eiIeQYeJ60RaZGTyHlR6wHHBaKrqEdgc36HF7W7H5gNU0i9P4dXzflHhHNYaf2CmfviXkHjIGJU=
x-amz-request-id: FKB9ETKSGTBC0SW1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 08:21:19 GMT
age: 450
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 08:28:49 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 07:49:04 GMT
age: 2386
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0b2aac5c313746dd0a375976f97de878
8d2c8bb96f19ffec0ab547a485b1e9f4c7ec8a53
c41d560248b0c489b59c1971324e42b717029f307844f38320d885bad29b27a6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41D560248B0C489B59C1971324E42B717029F307844F38320D885BAD29B27A6"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15714
Expires: Sun, 29 Jan 2023 12:50:44 GMT
Date: Sun, 29 Jan 2023 08:28:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3102
Expires: Sun, 29 Jan 2023 09:20:32 GMT
Date: Sun, 29 Jan 2023 08:28:50 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/Qcxua71jizE
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Qcxua71jizE
IP 216.58.211.3:0
Hash 6abfeef4330ef70ea7065763aa4625f0
5889ecb423b0a519c19744ee3ddbd6effc0a5087
2016211b41ae68d6016770ea6086149c1cb110a7186a49601174e52af86e4479
POST /s/gts1p5/Qcxua71jizE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:28:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Qcxua71jizE
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Qcxua71jizE
IP 216.58.211.3:0
Hash 6abfeef4330ef70ea7065763aa4625f0
5889ecb423b0a519c19744ee3ddbd6effc0a5087
2016211b41ae68d6016770ea6086149c1cb110a7186a49601174e52af86e4479
POST /s/gts1p5/Qcxua71jizE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:28:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Qcxua71jizE
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Qcxua71jizE
IP 216.58.211.3:0
Hash 6abfeef4330ef70ea7065763aa4625f0
5889ecb423b0a519c19744ee3ddbd6effc0a5087
2016211b41ae68d6016770ea6086149c1cb110a7186a49601174e52af86e4479
POST /s/gts1p5/Qcxua71jizE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:28:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Qcxua71jizE
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Qcxua71jizE
IP 216.58.211.3:0
Hash 6abfeef4330ef70ea7065763aa4625f0
5889ecb423b0a519c19744ee3ddbd6effc0a5087
2016211b41ae68d6016770ea6086149c1cb110a7186a49601174e52af86e4479
POST /s/gts1p5/Qcxua71jizE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:28:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Qcxua71jizE
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Qcxua71jizE
IP 216.58.211.3:0
Hash 6abfeef4330ef70ea7065763aa4625f0
5889ecb423b0a519c19744ee3ddbd6effc0a5087
2016211b41ae68d6016770ea6086149c1cb110a7186a49601174e52af86e4479
POST /s/gts1p5/Qcxua71jizE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:28:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1win-cdn.com/css/6610.4f034e44.css
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/css/6610.4f034e44.css
IP 188.114.99.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/6610.4f034e44.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:50 GMT
content-type: text/css
content-length: 0
cache-control: max-age=315360000
cf-bgj: minify
access-control-allow-origin: *
etag: "63c7c775-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
cf-cache-status: HIT
age: 876191
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctetyEFx0BMOQ%2F0sqp69ED25Is%2BLNX2reFRiTGR6%2F4pAqXYf0h5flWjo5JBD62R1QrALowSJ2AYymFKS32UE30akUHc%2BVf1A6brTtEdbc9b5QrZTOFeL6YoIVxdarw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098bfca75b4e8-OSL
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.238.238.191101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.238.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hfGbzFdeOiWnzQeMbwwauA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FSRifBMc+1XO04hTeAp2S5GczRM=
1wswqf.top/affiliate:link_visit?partner_key=79i6&sub_ids=sub2%3D13253
190.115.19.101200 OK 15 B URL HTTP/2 1wswqf.top/affiliate:link_visit?partner_key=79i6&sub_ids=sub2%3D13253
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
File type JSON data\012- , ASCII text, with no line terminators
Hash 0f0479874bf6f4a7281099b15df27c27
55a490e280d48996e564d00492437eb17faadd28
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
GET /affiliate:link_visit?partner_key=79i6&sub_ids=sub2%3D13253 HTTP/1.1
Host: 1wswqf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/?open=register&
Cookie: sub_ids=sub2=13253; visit_domain=1wswqf.top; partner_key=79i6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Sun, 29 Jan 2023 08:28:50 GMT
content-type: application/json; charset=utf-8
content-length: 15
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: undefined
access-control-expose-headers: Authorization
etag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
set-cookie: core-sticky=http://10.233.108.166:80; Path=/; HttpOnly
x-powered-by: Express
x-frame-options: DENY
X-Firefox-Spdy: h2
1win-cdn.com/css/2950.0a35ca33.css
188.114.99.234200 OK 384 kB URL HTTP/2 1win-cdn.com/css/2950.0a35ca33.css
IP 188.114.99.234:0
File type ASCII text, with very long lines (19529), with no line terminators
Size 384 kB (383735 bytes)
Hash b314baa2876db2ba04d087625b2931ff
d73adf9369e70b211ab305159573a7a3928df1b3
e786d80221de22c7d4ce227da7b977a1a82225ddef34965c56a3a0b2127d43b8
GET /css/2950.0a35ca33.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:50 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=19535
access-control-allow-origin: *
etag: W/"63ce67e3-4c4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 23 Jan 2023 10:56:35 GMT
cf-cache-status: HIT
age: 509479
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvzyaADK1q1nRL0YrhKeRrXMytX6VX5i9Wgc7WH254ObTZCfYKPyVlj7qjnOQW0WkpeIJ%2BHUo1Qt9ydZz0kJzAocgFKV%2FyarOCtpGPeGSOu0Nj%2FxCq%2B5uiE5BodYoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098c0eb97b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1wswqf.top/img/icons/apple-touch-icon-152x152.png
190.115.19.101200 OK 29 kB URL HTTP/2 1wswqf.top/img/icons/apple-touch-icon-152x152.png
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 152 x 152, 8-bit/color RGBA, non-interlaced\012- data
Hash 0182e90098bff38de2e9e6e5d85edc95
d64a156fb3c8c98d09c8e178ec659124258534af
d047c554c99242545a47aee401fbf84bc037057653cb7a967e089ea0aa796a85
GET /img/icons/apple-touch-icon-152x152.png HTTP/1.1
Host: 1wswqf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/?open=register&sub2=13253
Cookie: sub_ids=sub2=13253; visit_domain=1wswqf.top; partner_key=79i6; core-sticky=http://10.233.108.166:80
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Sun, 29 Jan 2023 08:28:50 GMT
content-type: image/png
content-length: 28672
last-modified: Fri, 27 Jan 2023 09:15:27 GMT
etag: "63d3962f-7000"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
accept-ranges: bytes
X-Firefox-Spdy: h2
1wswqf.top/img/icons/favicon-16x16-darkmode.png
190.115.19.101200 OK 410 B URL HTTP/2 1wswqf.top/img/icons/favicon-16x16-darkmode.png
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash c7a60b79929bf150e44e5ac28fcd0d4e
f1ecf72f71d7b4153b151e7a27d40bf0c926b09e
f2b53ffbd8af9378b2e1d160500d2a2f3fae9b963cf4d6a3e88108a765a548cf
GET /img/icons/favicon-16x16-darkmode.png HTTP/1.1
Host: 1wswqf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/?open=register&sub2=13253
Cookie: sub_ids=sub2=13253; visit_domain=1wswqf.top; partner_key=79i6; core-sticky=http://10.233.108.166:80
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Sun, 29 Jan 2023 08:28:50 GMT
content-type: image/png
content-length: 410
last-modified: Fri, 27 Jan 2023 09:15:27 GMT
etag: "63d3962f-19a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
172.217.21.168200 OK 57 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
IP 172.217.21.168:0
File type ASCII text, with very long lines (13682)
Hash a59adaebb7f5a55bb778daca8433c54d
b9018b5fb380d167dc63334ef50a82c78bd3e913
6f206169d634be065600382d3c1657d5ef453c3d835bcca1170a9d13d4cad61e
GET /gtm.js?id=GTM-KGKQDC7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 08:28:51 GMT
expires: Sun, 29 Jan 2023 08:28:51 GMT
cache-control: private, max-age=900
last-modified: Sun, 29 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 57279
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1win-cdn.com/js/1705.d306728f.js
188.114.99.234200 OK 22 kB URL HTTP/2 1win-cdn.com/js/1705.d306728f.js
IP 188.114.99.234:0
File type ASCII text, with very long lines (29271), with no line terminators
Hash 4dd5cb135d97eb8db6582da7810883c5
42630557d1c1194f4adfae3293fdf5ebc672f982
6913c0ab540a0c3172c1902b3edca163147941fd65a373bc47b67d808cccbcf7
GET /js/1705.d306728f.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=29313
access-control-allow-origin: *
etag: W/"63a42a53-7281"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3276787
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqUvCo0pcpRDJOhIf7hrUMT6XecrLT8%2Br6%2Fdl4J8HgcbzjF6F1pb0YvCB3zEcakQrZ9yBXs%2BsxaWG6Cm6lkK%2FsGnKilH%2Fj7VS0aAKkvZElTM5nEbvdPlIDp02NOFFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098c0db8bb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f69c5f43bf99edb53b690cb0bba51efb
e303559ff0956b6bf963b572b17da2a713ce5206
bc95b0a6b8b9a1df9c53272c4324ca1d008699b3da74110efa37ed0118c66181
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f69c5f43bf99edb53b690cb0bba51efb
e303559ff0956b6bf963b572b17da2a713ce5206
bc95b0a6b8b9a1df9c53272c4324ca1d008699b3da74110efa37ed0118c66181
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=1794301496693;gtm=2wg1p0;auiddc=1117600819.1674980938;~oref=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26?
142.250.74.70200 OK 253 B URL HTTP/2 12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=1794301496693;gtm=2wg1p0;auiddc=1117600819.1674980938;~oref=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (469), with no line terminators
Hash 0c48248d9fec1b4dd57a5e7c49c41be8
8178414005d163fdf05fe1f34478f68468960d86
78e04482fd537473a0bb0d2ebf0a07b7a48f6abea2ab53bdac1c5211c7d23c29
GET /activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=1794301496693;gtm=2wg1p0;auiddc=1117600819.1674980938;~oref=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26? HTTP/1.1
Host: 12688802.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 08:28:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 253
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Jan-2023 08:43:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1851039866495.7551?
142.250.74.70200 OK 275 B URL HTTP/2 12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1851039866495.7551?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (521), with no line terminators
Hash f713cca2cc178d318446bbdaab989bf9
e3c86cb382bb43d9932e26a0515cf1930b927c9a
8dd4ca7b833c3098e56ac3ba862052aaf14099ac77cb795002ec22e8166f6ae3
GET /activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1851039866495.7551? HTTP/1.1
Host: 12572451.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 08:28:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 275
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Jan-2023 08:43:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f69c5f43bf99edb53b690cb0bba51efb
e303559ff0956b6bf963b572b17da2a713ce5206
bc95b0a6b8b9a1df9c53272c4324ca1d008699b3da74110efa37ed0118c66181
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=1794301496693;gtm=2wg1p0;auiddc=1117600819.1674980938;~oref=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26
142.250.74.130200 OK 253 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=1794301496693;gtm=2wg1p0;auiddc=1117600819.1674980938;~oref=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (468), with no line terminators
Hash fc196838800173ef18b7660e2abd6d84
76acae484812a2b56a075011ed2e9f4e486e1684
056e1ccdc9e0e2b1543a6404aed0adb9fcc76967be877236b8da523fcc5df81f
GET /ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=1794301496693;gtm=2wg1p0;auiddc=1117600819.1674980938;~oref=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://12688802.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 08:28:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1851039866495.7551;~oref=https://1wswqf.top/
142.250.74.130200 OK 277 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1851039866495.7551;~oref=https://1wswqf.top/
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (520), with no line terminators
Hash 74c93a1daf4a4a0092d83a3adb75de01
59effdd79ca203e290842df0eb3e7128731fd596
59994cae3367fdd592b1811b867d8ec85e37456863a8e79bee7c4cdaa8cf67bb
GET /ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1851039866495.7551;~oref=https://1wswqf.top/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 08:28:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 277
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.amplitude.com/libs/amplitude-8.17.0-min.gz.js
54.230.245.120200 OK 27 kB URL HTTP/2 cdn.amplitude.com/libs/amplitude-8.17.0-min.gz.js
IP 54.230.245.120:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e5211b7cbee53b6912f07a1cd72a4582
097096657cc1484ad9509b2c990a81a48990efdc
008014793f2666c663f98c7a3405db81b2db301c6a3caf2c05e6e9556085aa78
GET /libs/amplitude-8.17.0-min.gz.js HTTP/1.1
Host: cdn.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wswqf.top
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
HTTP/2 200 OK
content-type: application/javascript
content-length: 27400
date: Sat, 14 Jan 2023 17:39:11 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Fri, 25 Mar 2022 19:53:18 GMT
etag: "e5211b7cbee53b6912f07a1cd72a4582"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: wr63ICD3duh0Opi8j2KDhI34Ow38BHG0
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7aZhjswW00EnojY6xjXZlIfR6nTlLTcUrefPbDkyrkXg7Cm-e5q9KQ==
age: 1262981
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash b7da7d1d3e5880d5d4e313ac7fcf2a83
60a1e887ccb7c7cdae0035c65ef7df9908547fef
af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 0c6c29d17e17831986067b06c8b4a7b4
3d3c11da36c756205370d03ba6d6a643215b8416
86e8f2a613d75aac7f8228629267a185ee32e88c1d32bd3bf0d0007608287cd8
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 08:28:51 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Thu, 02 Feb 2023 04:12:34 GMT
ETag: "3d3c11da36c756205370d03ba6d6a643215b8416"
Last-Modified: Sun, 29 Jan 2023 04:12:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1690
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791098c57b13b4f4-OSL
adservice.google.no/ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=1794301496693;gtm=2wg1p0;auiddc=1117600819.1674980938;~oref=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26
142.250.74.2200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=1794301496693;gtm=2wg1p0;auiddc=1117600819.1674980938;~oref=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=12688802;type=actio0;cat=allpa0;ord=1;num=1794301496693;gtm=2wg1p0;auiddc=1117600819.1674980938;~oref=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 08:28:51 GMT
expires: Sun, 29 Jan 2023 08:28:51 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1851039866495.7551;~oref=https://1wswqf.top/
142.250.74.2200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1851039866495.7551;~oref=https://1wswqf.top/
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=1851039866495.7551;~oref=https://1wswqf.top/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 08:28:51 GMT
expires: Sun, 29 Jan 2023 08:28:51 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2606090.js?sv=6
54.230.111.8200 OK 4.5 kB URL HTTP/2 static.hotjar.com/c/hotjar-2606090.js?sv=6
IP 54.230.111.8:0
File type ASCII text, with very long lines (7535)
Hash d259b657f96b0530b5e27ebdf0c15ba0
ec5d2d610c55a161b1cb827287b880132cdc6761
95728bde2f183ce1019de14e768c6f087cd62cc78f73fefbc4b337ecbae72108
GET /c/hotjar-2606090.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Sun, 29 Jan 2023 08:28:34 GMT
cache-control: max-age=60
etag: W/bce09bf34466a57d758a911927ea2b05
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BXm69K30E1g1I75Gd9vFYlrwwVarT_E_r4oFddmRlSKrJn8esKS3VQ==
age: 23
X-Firefox-Spdy: h2
1wswqf.top/get-authorization?random=1674980937455-0.10500568174952207
190.115.19.101200 OK 19 B URL HTTP/2 1wswqf.top/get-authorization?random=1674980937455-0.10500568174952207
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
File type JSON data\012- , ASCII text, with no line terminators
Hash 97816351479ac35375c10e73546c9459
b388abc5b856b3cb65032cf68d12cdee27073fc7
759315d5ae8c31136d2a7bc803e591554894987559325cdf7e0b5965bec0eaca
GET /get-authorization?random=1674980937455-0.10500568174952207 HTTP/1.1
Host: 1wswqf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/?open=register&
Cookie: sub_ids=sub2=13253; visit_domain=1wswqf.top; partner_key=79i6; core-sticky=http://10.233.108.166:80; 1w_lang=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Sun, 29 Jan 2023 08:28:51 GMT
content-type: application/json; charset=utf-8
content-length: 19
access-control-allow-origin: https://1wswqf.top
access-control-allow-credentials: true
x-frame-options: DENY
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash b7da7d1d3e5880d5d4e313ac7fcf2a83
60a1e887ccb7c7cdae0035c65ef7df9908547fef
af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:28:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.hotjar.com/modules.dcdf252a9a6cf097c357.js
54.230.111.73200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.dcdf252a9a6cf097c357.js
IP 54.230.111.73:0
File type Unicode text, UTF-8 text, with very long lines (48602)
Hash 4ab050de5a6437b8d1f5955ab1dbfb07
498e55a41dc3df84cf825bd946a1300a04b38677
87cbfe168c8537c46132cab67a16afe706796b7f301ac8dc5bd8f9ea847e4a72
GET /modules.dcdf252a9a6cf097c357.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
HTTP/2 200 OK
content-type: application/javascript
content-length: 68336
date: Fri, 27 Jan 2023 09:04:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "4ab050de5a6437b8d1f5955ab1dbfb07"
last-modified: Fri, 27 Jan 2023 09:03:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 48-N7ldZx_dbK3VtTfmttBBwa5_4ZrOLqSbIR1thFsw9dboTUzSL1w==
age: 170686
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14892
Expires: Sun, 29 Jan 2023 12:37:03 GMT
Date: Sun, 29 Jan 2023 08:28:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14892
Expires: Sun, 29 Jan 2023 12:37:03 GMT
Date: Sun, 29 Jan 2023 08:28:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14892
Expires: Sun, 29 Jan 2023 12:37:03 GMT
Date: Sun, 29 Jan 2023 08:28:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14892
Expires: Sun, 29 Jan 2023 12:37:03 GMT
Date: Sun, 29 Jan 2023 08:28:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14892
Expires: Sun, 29 Jan 2023 12:37:03 GMT
Date: Sun, 29 Jan 2023 08:28:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7f65e9-ca75-4ecb-ba7c-ae70877eaf01.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7f65e9-ca75-4ecb-ba7c-ae70877eaf01.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f73f114f8dc452fc0b16825570ad50c
6bb1b3db6c36e2c9d23b6cb7d1c8616eeec19575
23fd69e6ccdd2ce2b5d3d8b3f075a07cdb36efd663a4119b5dca22165e7b2090
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7f65e9-ca75-4ecb-ba7c-ae70877eaf01.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10030
x-amzn-requestid: 0c6c82b5-f91b-4468-bb25-d87d4d7dedd5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVAbgERRIAMFdcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1e116-7f17c79047447dff2de3ab67;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 02:10:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pHTs5LN29bSjD8GAXY_vstXiEQ7iy9qXsq23Pxl-GdXX16_5H5QKCQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 16:13:35 GMT
age: 58516
etag: "6bb1b3db6c36e2c9d23b6cb7d1c8616eeec19575"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:56:46 GMT
age: 37925
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
1wswqf.top/1.txt?1674980938370
190.115.19.101200 OK 8 B URL HTTP/2 1wswqf.top/1.txt?1674980938370
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
Hash 48cfef8b3001a8c220dc815870f9916e
b77e871e72a3083c4bb31d6bcb5a257557181269
3d2c759213949af96fbdcd756a5146f64a9acadf9625bd7a9feb04bb4517b4f9
GET /1.txt?1674980938370 HTTP/1.1
Host: 1wswqf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1wswqf.top/sw.db344b25.js
Connection: keep-alive
Cookie: sub_ids=sub2=13253; visit_domain=1wswqf.top; partner_key=79i6; core-sticky=http://10.233.108.166:80; 1w_lang=en; _gcl_au=1.1.1117600819.1674980938; _ga_548949LWLW=GS1.1.1674980937.1.0.1674980937.0.0.0; _ga=GA1.1.107009190.1674980938; amp_494ccc=kKvNLO5aBJeG-S7ki1Ck7B...1gnua9k5l.1gnua9k5l.0.0.0; _ym_uid=1674980938866523187; _ym_d=1674980938; _hjSessionUser_2606090=eyJpZCI6ImZiY2QwZDBmLTBkYTQtNTk1Mi04YzRjLTBiYmE2ODIwYmE4MyIsImNyZWF0ZWQiOjE2NzQ5ODA5MzgwOTgsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2606090=eyJpZCI6ImVkNDlhOWZhLTdiMzQtNGI0YS04Nzg0LWQ0NWEyNGJlMmViOSIsImNyZWF0ZWQiOjE2NzQ5ODA5MzgyOTgsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Sun, 29 Jan 2023 08:28:51 GMT
content-type: text/plain
content-length: 8
last-modified: Fri, 27 Jan 2023 09:15:27 GMT
etag: "63d3962f-8"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLyeEGOloAMFpzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uPJu2SzvWcfqukF9t0PKG5iK7LrTnk1Cn5nioD4MklQgDAZnbiH8Gw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 14:55:48 GMT
age: 63183
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 20:46:16 GMT
age: 42155
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43c4a8e963936a8064dbd2bd3c67b905
8508727c97127c98b886833af28b3470306216c2
070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8652
x-amzn-requestid: 21c734f0-cd73-4691-812e-7cd3908f8f89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRbH4HtPIAMFUGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d07232-291e20fb41c53db7664d04b2;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 00:05:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: j2zDtHz3pZLHJKG3-PaITyUzHOQBEELzuDIt7sbB8X_B10OxG394tg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 06:49:29 GMT
age: 5962
etag: "8508727c97127c98b886833af28b3470306216c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167a00fc-5c65-46d1-816e-da9e473736e3.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167a00fc-5c65-46d1-816e-da9e473736e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e7433eb3123a1f9b14507c78e38e7b9
fef8b905b580999963758a56be9c3226697929a2
895298ddf6822e9f95e10fe17c1ade0b0782c3753e96eab8a3798df5ba969dbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167a00fc-5c65-46d1-816e-da9e473736e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6518
x-amzn-requestid: 6e9c624a-2036-4161-ad9e-1c66068e3eb1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPHz0HmsoAMFljA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf867e-011e1c43072a8dfa22af6e88;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:19:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AxIaCwORa7FhDY5pxcNlrPMoam0z7DxSgKBytx5AG_qcKrxM8NnoOw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:46:36 GMT
age: 38535
etag: "fef8b905b580999963758a56be9c3226697929a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 29 Jan 2023 08:28:51 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Sun, 29 Jan 2023 09:28:51 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f6d787261fba419d9ad7746171cb6f4f
caa967022afb8595f65ce534bf1c7e4d9cba9a8b
6fbf3bc61da4dee564b7dfc67e60415ddec9d470943dc801721bfcd0b49dc338
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6FBF3BC61DA4DEE564B7DFC67E60415DDEC9D470943DC801721BFCD0B49DC338"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3394
Expires: Sun, 29 Jan 2023 09:25:26 GMT
Date: Sun, 29 Jan 2023 08:28:52 GMT
Connection: keep-alive
region1.google-analytics.com/g/collect?v=2&tid=G-548949LWLW>m=2oe1p0&_p=1593350494&cid=107009190.1674980938&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674980937&sct=1&seg=0&dl=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26&dt=1win%20-%20Loading&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-548949LWLW>m=2oe1p0&_p=1593350494&cid=107009190.1674980938&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674980937&sct=1&seg=0&dl=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26&dt=1win%20-%20Loading&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-548949LWLW>m=2oe1p0&_p=1593350494&cid=107009190.1674980938&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674980937&sct=1&seg=0&dl=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26&dt=1win%20-%20Loading&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://1wswqf.top
date: Sun, 29 Jan 2023 08:28:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
vc.hotjar.io/sessions/2606090?s=0.25&r=0.12348170917951817
54.230.111.8204 No Content 0 B URL HTTP/2 vc.hotjar.io/sessions/2606090?s=0.25&r=0.12348170917951817
IP 54.230.111.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sessions/2606090?s=0.25&r=0.12348170917951817 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Sun, 29 Jan 2023 08:28:52 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EBDq1BglcWCP-Y8JpdYH_c-MdNWYlzYPPf7k8JK0RNmDtsSReXN09w==
X-Firefox-Spdy: h2
1wswqf.top/common/title?path=bets&lang=en
190.115.19.101200 OK 16 B URL HTTP/2 1wswqf.top/common/title?path=bets&lang=en
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /common/title?path=bets&lang=en HTTP/1.1
Host: 1wswqf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1wswqf.top/?open=register&
Connection: keep-alive
Cookie: sub_ids=sub2=13253; visit_domain=1wswqf.top; partner_key=79i6; core-sticky=http://10.233.108.166:80; 1w_lang=en; _gcl_au=1.1.1117600819.1674980938; _ga_548949LWLW=GS1.1.1674980937.1.0.1674980937.0.0.0; _ga=GA1.1.107009190.1674980938; amp_494ccc=kKvNLO5aBJeG-S7ki1Ck7B...1gnua9k5l.1gnua9k5l.0.0.0; _ym_uid=1674980938866523187; _ym_d=1674980938; _hjSessionUser_2606090=eyJpZCI6ImZiY2QwZDBmLTBkYTQtNTk1Mi04YzRjLTBiYmE2ODIwYmE4MyIsImNyZWF0ZWQiOjE2NzQ5ODA5MzgwOTgsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2606090=eyJpZCI6ImVkNDlhOWZhLTdiMzQtNGI0YS04Nzg0LWQ0NWEyNGJlMmViOSIsImNyZWF0ZWQiOjE2NzQ5ODA5MzgyOTgsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Sun, 29 Jan 2023 08:28:52 GMT
content-type: application/json; charset=utf-8
content-length: 16
vary: Origin
x-frame-options: DENY
X-Firefox-Spdy: h2
mc.yandex.ru/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1119%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A27250722183%3Ahid%3A696815725%3Az%3A0%3Ai%3A20230129082858%3Aet%3A1674980938%3Ac%3A1%3Arn%3A209546093%3Arqn%3A1%3Au%3A1674980938866523187%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A479%2C125%2C103%2C0%2C247%2C0%2C%2C135%2C2%2C%2C%2C%2C1373%3Aco%3A0%3Ans%3A1674980935808%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674980938%3At%3A1win%20-%20Loading&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.251.119200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1119%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A27250722183%3Ahid%3A696815725%3Az%3A0%3Ai%3A20230129082858%3Aet%3A1674980938%3Ac%3A1%3Arn%3A209546093%3Arqn%3A1%3Au%3A1674980938866523187%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A479%2C125%2C103%2C0%2C247%2C0%2C%2C135%2C2%2C%2C%2C%2C1373%3Aco%3A0%3Ans%3A1674980935808%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674980938%3At%3A1win%20-%20Loading&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash 0d542185c6c3c43500574506321e7359
5c9595e83277b0d7fbd8e9920fe5baf51c41275b
56005fbb39760de3f08a70a2ba40f62c443f344dbd0592adf5195cbc12b9a7ae
GET /watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1119%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A27250722183%3Ahid%3A696815725%3Az%3A0%3Ai%3A20230129082858%3Aet%3A1674980938%3Ac%3A1%3Arn%3A209546093%3Arqn%3A1%3Au%3A1674980938866523187%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A479%2C125%2C103%2C0%2C247%2C0%2C%2C135%2C2%2C%2C%2C%2C1373%3Aco%3A0%3Ans%3A1674980935808%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674980938%3At%3A1win%20-%20Loading&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wswqf.top
Referer: https://1wswqf.top/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Sun, 29 Jan 2023 08:28:52 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://1wswqf.top
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29-Jan-2023 08:28:52 GMT
last-modified: Sun, 29-Jan-2023 08:28:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
1win.direct/socket.io/?Language=en&EIO=3&transport=websocket
134.122.54.186101 Switching Protocols 0 B URL HTTP/1.1 1win.direct/socket.io/?Language=en&EIO=3&transport=websocket
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?Language=en&EIO=3&transport=websocket HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://1wswqf.top
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8quaf31fYIDV9itIzW8hNA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Sec-Websocket-Accept: +NYS8m+S/P9AJHfVuCza8/AHy5Q=
Sec-Websocket-Extensions: permessage-deflate
Set-Cookie: core-sticky=f00e2df9a6729095; Path=/; HttpOnly
Upgrade: websocket
1wswqf.top/sw.db344b25.js
190.115.19.101304 Not Modified 0 B URL HTTP/2 1wswqf.top/sw.db344b25.js
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sw.db344b25.js HTTP/1.1
Host: 1wswqf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: sub_ids=sub2=13253; visit_domain=1wswqf.top; partner_key=79i6; core-sticky=http://10.233.108.166:80; 1w_lang=en; _gcl_au=1.1.1117600819.1674980938; _ga_548949LWLW=GS1.1.1674980937.1.0.1674980937.0.0.0; _ga=GA1.1.107009190.1674980938; amp_494ccc=kKvNLO5aBJeG-S7ki1Ck7B...1gnua9k5l.1gnua9k5l.0.0.0; _ym_uid=1674980938866523187; _ym_d=1674980938; _hjSessionUser_2606090=eyJpZCI6ImZiY2QwZDBmLTBkYTQtNTk1Mi04YzRjLTBiYmE2ODIwYmE4MyIsImNyZWF0ZWQiOjE2NzQ5ODA5MzgwOTgsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2606090=eyJpZCI6ImVkNDlhOWZhLTdiMzQtNGI0YS04Nzg0LWQ0NWEyNGJlMmViOSIsImNyZWF0ZWQiOjE2NzQ5ODA5MzgyOTgsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-Modified-Since: Fri, 27 Jan 2023 09:15:27 GMT
If-None-Match: W/"63d3962f-18bf"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
server: openresty/1.19.9.1
date: Sun, 29 Jan 2023 08:28:52 GMT
last-modified: Fri, 27 Jan 2023 09:15:27 GMT
etag: "63d3962f-18bf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
X-Firefox-Spdy: h2
1win-cdn.com/css/3590.4152629f.css
188.114.99.234200 OK 12 kB URL HTTP/2 1win-cdn.com/css/3590.4152629f.css
IP 188.114.99.234:0
File type ASCII text, with very long lines (30877), with no line terminators
Hash 194461beb1d9266938c99b0c39fdd1f2
20bf17994f9158404915ac34a8dc18a2422d2407
12bc8a0ba58680bb63637429ea499b003c3ccc664415d352062753fbfabaf06f
GET /css/3590.4152629f.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:52 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=30879
access-control-allow-origin: *
etag: W/"63cfa92d-789f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 24 Jan 2023 09:47:25 GMT
cf-cache-status: HIT
age: 425488
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pI37QoeEOAJ4sTredbxG6O7KhGiv8%2FpIbvT8o%2FTWjbC545ssAgXKWNyxDQvJ6D1tyPJzE7RBP%2BuKCsIm5DC9jC1k2gBP7dZBI2T%2FJ%2B5pdOv5nmZ53Ht32KVLnEfQdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098ccb8b1b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/best-bitcoin-casino.9c1716b1-50.png
188.114.99.234200 OK 1.0 kB URL HTTP/2 1win-cdn.com/img/best-bitcoin-casino.9c1716b1-50.png
IP 188.114.99.234:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash d17d9ae707b485a356eec325e36aa505
650fc9b7790343d87eacfa5f5466ecf659f3b9a7
5bca66d0040f92e3f15089ebc1f46687cf7bde68d46db0fb286113aaba9ac57f
GET /img/best-bitcoin-casino.9c1716b1-50.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:52 GMT
content-type: image/png
content-length: 1035
last-modified: Wed, 21 Dec 2022 11:04:29 GMT
etag: "63a2e83d-40b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3345661
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klW%2BeL4JbykSHrURYdstLhUpe1ECS7RuatN6Fy83FwGNDq9mSJO9d2z9hbWigj7YdIr0q62Kl7fBSyOGU4J81L0ms2ODATkrQAkEywEvabq%2FebVSeyTge4K2y1oXzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098cd08fbb4e8-OSL
X-Firefox-Spdy: h2
1win-cdn.com/js/7057.ec2ef73a.js
188.114.99.234200 OK 28 kB URL HTTP/2 1win-cdn.com/js/7057.ec2ef73a.js
IP 188.114.99.234:0
File type Unicode text, UTF-8 text, with very long lines (65531), with no line terminators
Hash cd20a1d0189aba0a89f05c4ed17ba67c
f6984bc5086ad7fcf87ff417f6d0127d050eaad1
2db5df79d00c4652b78b3490e96463ae24e7dfcdb25ebe481ce7f62c5dcb11d3
GET /js/7057.ec2ef73a.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:51 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=99219
access-control-allow-origin: *
etag: W/"63d39632-18393"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 27 Jan 2023 09:15:30 GMT
cf-cache-status: HIT
age: 166248
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xI9rOs6z2QctYoNkRc5Yrf7wZHVpLAtm2ZO%2BygHxL3YlBGSoRgzJHSGibb%2F7o0AHHAGUdMgdB33V70Rg4ha6FKP8eF%2FQwHHN85oREB2swWznIKmQ8g5jJkhJFM65yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098c88c2cb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/casinos-analyzer.896bc525-182.png
188.114.99.234200 OK 2.0 kB URL HTTP/2 1win-cdn.com/img/casinos-analyzer.896bc525-182.png
IP 188.114.99.234:0
File type PNG image data, 182 x 50, 8-bit colormap, non-interlaced\012- data
Hash 75b2e733b195a4dc9229efa156e5a67a
f1755917d01bb31e56ab6e68c16656f6ffa9c38a
58a6718ce885d0923e0c0cdf64b8017396068f6c4c7ebda40fe951221dfb7475
GET /img/casinos-analyzer.896bc525-182.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:52 GMT
content-type: image/png
content-length: 2047
last-modified: Wed, 21 Dec 2022 11:04:29 GMT
etag: "63a2e83d-7ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3345661
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfzHv%2BAfdxMvnu4o2H%2F7iTuXZDBIZyxh5Tsz1a1KP%2FwhDZgp4FZQPXR8DFJ6AbOTrxq9uah2JDUiT801Ex0aV9AybQXPzcrF%2FHY01WTgqShdEjn3KjoNJC4uBqvdkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098cd08fdb4e8-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/cricket-betting-guru.cfe7d426-500.png
188.114.99.234200 OK 9.2 kB URL HTTP/2 1win-cdn.com/img/cricket-betting-guru.cfe7d426-500.png
IP 188.114.99.234:0
File type PNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data
Hash 3c6da1041cc0873ff73533fd0e03f5a0
0666e13970c0698cf09ffafc9467ea705258c552
dfeed2cdb884b7769b5ee0fde60457b4b5380b7608c296b67e26c48dc1ca3f08
GET /img/cricket-betting-guru.cfe7d426-500.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:52 GMT
content-type: image/png
content-length: 9249
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-2421"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3277621
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YrUirYsM0q%2FGLIaFclowKqnwoEAhiKzn2KnxX%2FgcLWRyW3Lzcc5zMcrhoTLTbtK3%2ByDbhWYgjRw6nmy5C%2FNaqR832Rb0TnIFbHO4dz20Tb1nS%2BMhcsmVHz26CQCdzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098cd0902b4e8-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/cricket-betting-wali.1863d1d9-43.png
188.114.99.234200 OK 2.5 kB URL HTTP/2 1win-cdn.com/img/cricket-betting-wali.1863d1d9-43.png
IP 188.114.99.234:0
File type PNG image data, 43 x 50, 8-bit colormap, non-interlaced\012- data
Hash f4d8e1bf9ee6fb80b23760cae020a174
008045648a3c542d9ffb296b9ab7f57dce550274
207d2b3d3be139912aef09fc9c5f794a8853c2c3526ab30a3603b8767d7cd07e
GET /img/cricket-betting-wali.1863d1d9-43.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:52 GMT
content-type: image/png
content-length: 2508
last-modified: Wed, 21 Dec 2022 11:04:29 GMT
etag: "63a2e83d-9cc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3345661
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I57%2FQ1P6VlTw52PrpOgM9yTqgQ%2FfXTmTi3gKN7WbY7RHsEXVpG9SxiAsx3hkNEQJfakas8TW3nqvg%2FW98ULYtLTI4sfYVglRjwD7fVNSK5h8tVPdsR2rBM4VCmZCXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098cd0901b4e8-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/free-money-link-image.4433e497-120.png
188.114.99.234200 OK 6.3 kB URL HTTP/2 1win-cdn.com/img/free-money-link-image.4433e497-120.png
IP 188.114.99.234:0
File type PNG image data, 120 x 97, 8-bit colormap, non-interlaced\012- data
Hash 8c77c77c33189721a876fefeadf5ca83
0b197aa9e55fe824b28e55b9e0591f8631b6c3c8
b2a4295182c1f7c9619a4d2f842be12f4cbc6c4bb8d2ea607f06ff3bc4099486
GET /img/free-money-link-image.4433e497-120.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:52 GMT
content-type: image/png
content-length: 6292
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-1894"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275723
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDUSKg9gmcBZO%2Bdn%2F5vNRdF8Fbpamg%2BOkMGcYLs8NWVdRwr7552yh274d9j1jAye2DW0jxyDhQWMc9tQwGrX%2FZ2h0sF1hI7nHY7kntuIlH2TnIUgplKLV0eNcftlNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098cd0908b4e8-OSL
X-Firefox-Spdy: h2
1win-cdn.com/js/desktop.4480ee7e.js
188.114.99.234200 OK 326 kB URL HTTP/2 1win-cdn.com/js/desktop.4480ee7e.js
IP 188.114.99.234:0
File type Unicode text, UTF-8 text, with very long lines (65495), with no line terminators
Size 326 kB (325691 bytes)
Hash f374605f60e7bd4298963619890bc949
4aacac63c8aed5de4458c0731cea5da344a2c504
f9976882b95b3d3e6b754bac696c8d7b57ec26d735b488977e9d18c7ea8c5ddf
GET /js/desktop.4480ee7e.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=119486
access-control-allow-origin: *
etag: W/"63d39635-1d2be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 27 Jan 2023 09:15:33 GMT
cf-cache-status: HIT
age: 169819
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xMcV2j0DfwY2JsK378540JHf8OLCydm%2FYGJ5RjRhtoOk3T5SvLU75aCAe5hYK6SMVoUw1pRm3tkA%2BFVx2zneGyqxXvoTXqGp6X9SDi4puwcIou8Brux4JpW34L4MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098bfca74b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-tvbet-frame@2.52cde99d-256.png
188.114.99.234200 OK 4.5 kB URL HTTP/2 1win-cdn.com/img/sprite-tvbet-frame@2.52cde99d-256.png
IP 188.114.99.234:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 40212134fb58f842529fa66647f1b7d2
e6d355ea609129942cde7b9d47e587ae5cc8596c
c04666bc555dfa0fbd2b5da4984cb813b58eab772e1fa1efa2fd2e62c6d11f7b
GET /img/sprite-tvbet-frame@2.52cde99d-256.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:52 GMT
content-type: image/png
content-length: 4458
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-116a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275723
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gymYK7KABGnshaMkI9haMZFRutsc56zRlHauwFStC9vr8lU2olZvL138luv0lujt2G%2FZUgF%2Flhb4J1gR0S226y8g%2Fl61IdXGgrM3UXc88iCN3mTJROHgPlxwuvz92A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098cd493fb4e8-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-roulette-frame@2.76ea5a24-256.png
188.114.99.234200 OK 30 kB URL HTTP/2 1win-cdn.com/img/sprite-roulette-frame@2.76ea5a24-256.png
IP 188.114.99.234:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash fa83f73358ed73cbd8a0faf0d8e6c019
586b95f1e5e1945abd0248e995f79274463c1cd8
ede3848497b96e7defd4c5d53133cf2e374487411186a66a6146191ae5692f77
GET /img/sprite-roulette-frame@2.76ea5a24-256.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:52 GMT
content-type: image/png
content-length: 29770
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-744a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275722
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXEPf1s85lm%2FobM%2FEafBI9vebjlW7%2BVl42SwRaHEhoKmitGxNtwxKFgwx6lxnFIKW8y5qwKeTfP80ABHaBqlxuYoOQDziKdZRAe0tLnvV8YcfVSLVPGqznPY3druEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098cd4963b4e8-OSL
X-Firefox-Spdy: h2
1win-cdn.com/js/4801.2c1c51b1.js
188.114.99.234200 OK 362 kB URL HTTP/2 1win-cdn.com/js/4801.2c1c51b1.js
IP 188.114.99.234:0
File type ASCII text, with very long lines (25513), with no line terminators
Size 362 kB (362480 bytes)
Hash b5875b540cb6f3fa70c0ebe7b9b33c7d
0b4bb6f14ca32feffb1415777628891c842c13b9
d7991490a1a9f89d84dd133b7c47febbbd1c698973f522688453270d310376de
GET /js/4801.2c1c51b1.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:52 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=25555
access-control-allow-origin: *
etag: W/"63a42a53-63d3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3277621
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FIEKeErl4xc6fTAAkNZ8eJKOicctIjolIQ%2Bj7UxTExwG5mMJ7GkuXiJfSI9cU77XDUVUl1VgBmlKJ4wp%2BknQ5BWtWPmPfobFGe0VYJmm97pX5JK8DqzypETIQfz%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098cc9897b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/css/7057.6c4e5731.css
188.114.99.234200 OK 21 kB URL HTTP/2 1win-cdn.com/css/7057.6c4e5731.css
IP 188.114.99.234:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3f3b6953c28f3e72c5db63a18c170d9d
0ca5c07be7b6072e71b51296ab4a41026054f8c7
076db42d05db91785fceef6150f540de12100972fb52813431dff051ec5d75e5
GET /css/7057.6c4e5731.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:51 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=68681
access-control-allow-origin: *
etag: W/"63cfcc7b-10c49"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 24 Jan 2023 12:18:03 GMT
cf-cache-status: HIT
age: 416299
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Knh%2FUkRUzJEu8zKFxxE2RdRsEb02FisRq5dgjospGgWKG4SJZieg4TNS1rNyqzBej9nnJkuizt5uIZF8dPYj%2FYBIccNewExzUMUXaHsNUOeIbngoIC%2Bz0e3l1trAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098c88c2bb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-dice-frame@2.8e0d7067-256.png
188.114.99.234200 OK 17 kB URL HTTP/2 1win-cdn.com/img/sprite-dice-frame@2.8e0d7067-256.png
IP 188.114.99.234:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash b5469917695caf597285ce3e08c0e314
8d6b57a1590baf7531d688d5dde729ede7d02108
3353862bc343fe2f92faf7e59595d9aa80d2fbdc90c6677437daf3a9acd84b32
GET /img/sprite-dice-frame@2.8e0d7067-256.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:52 GMT
content-type: image/png
content-length: 17269
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: "63a42a53-4375"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275723
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gg0LkkY76Tcw6kWQLvWGVtdAmCLl0JKTRWCDGXgJBs5%2BI0uItuXyzey260WhUihx5En1foHZsbJtRJDQ8hN%2FlUuABkM8lh4zI0Yc8ZtR0%2B4bd1aXKZ7bVx%2FaBHH53A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098cd79a6b4e8-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/aviator-game-logo.2fb50dc0.svg
188.114.99.234200 OK 13 kB URL HTTP/2 1win-cdn.com/img/aviator-game-logo.2fb50dc0.svg
IP 188.114.99.234:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2997)
Hash 3921049df389db817376b54f275eb786
561dca85760812c7a08bbb989abbc6a1011a3aa3
3a0920dc3bcdc7f330205f6679392a69cbb9237b587e08c6126bdc99afa395ee
GET /img/aviator-game-logo.2fb50dc0.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:52 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-bfa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3277620
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBq262PHf0MrplvaB1G6CIGMxKKWC0FLKdTeRA1ys0oPt1o1jp739ux869DaG92sU2TEdMVRZV8Hq2uJtR0L4Gj%2F4WH7obpquIgzLS4%2FFBZgfjgWwpK%2FCYY%2F5S%2Fmyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098ccf8ebb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/1883.ce7803cd.js
188.114.99.234200 OK 67 kB URL HTTP/2 1win-cdn.com/js/1883.ce7803cd.js
IP 188.114.99.234:0
File type ASCII text, with very long lines (13690), with no line terminators
Hash 52272d2c393dad2ba464afb1e5c32075
92442e88fa3b9d499f05f194093edb28051eb278
c4980e6473fa13136fa37783b5e2aba50e166cdd721620fa766afc1e2ec4bd72
GET /js/1883.ce7803cd.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:51 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=13732
access-control-allow-origin: *
etag: W/"63a42a53-35a4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3277593
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apJfxGwAQ39HCDb01deXDlNgclr8GKqIclxmAeVag66CUKayDnKse44vEnAuJRFizbVdIXzMYiPKqcEvlL6NAFRJ8d8JZDw4HYrvWbZ1gLlEwfAambv%2F6e7YLfKn%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098c87c1eb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/flags/en.svg
188.114.99.234200 OK 38 kB URL HTTP/2 1win-cdn.com/img/flags/en.svg
IP 188.114.99.234:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 4f9a518fa2665576b92c9289f9ef382e
44a7667524fa1be1205c78036c8e49397810077f
d91b83b353d42e1914d714a47d430e2900cdb9c2a1570e58e4ac4c40f10dbe73
GET /img/flags/en.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:52 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 10:56:34 GMT
etag: W/"63ce67e2-8ae"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 508522
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcSW2O1X3KAqKfjClceSXQb5wgozYkUPNZsc%2BHKIzh%2Fs89NQ9fl0Jjsi0FthGRQmWpX%2B2rkuPWmw1rpcjVfpSpEnssinoqQ%2F6QMQanCBwGJRE%2F2l1EPOssnQdwVUiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098ccf8e8b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-roulette@2.25507485-256.webp
188.114.99.234200 OK 720 kB URL HTTP/2 1win-cdn.com/img/sprite-roulette@2.25507485-256.webp
IP 188.114.99.234:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 720 kB (719644 bytes)
Hash 344d71695bd0f387fedd84fba6ace2c1
1d37e2d66ab1098072febc0a0dc3769d44090048
7775854f4b641fa2c9f954c79de9d4bd51ffea8b9bc74d8e01768718cc438003
GET /img/sprite-roulette@2.25507485-256.webp HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:52 GMT
content-type: image/webp
content-length: 719644
last-modified: Fri, 27 Jan 2023 09:15:36 GMT
etag: "63d39638-afb1c"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 2415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DqdtmFw6GF9EX1c57tgfOLbK7rybJtIp9vwaMsmogNi%2F5QkzjvDRn18FX5n4Nu8i2E5vqBFYiMQo%2F%2FtqU5yNGPIxyFvsj%2F4J0j3jihxKhcZj7L9K0%2FDmNenaVfvyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098cd79a1b4e8-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/sprite-dice@2.6e1ac0ed-256.webp
188.114.99.234200 OK 430 kB URL HTTP/2 1win-cdn.com/img/sprite-dice@2.6e1ac0ed-256.webp
IP 188.114.99.234:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 430 kB (429680 bytes)
Hash abaa6833958bdc5427e6fa573cbfa70a
d43989916cc382e4e3d983933d9cd52a7d1dbeb2
51ba8ea694483e38020360731af53be7cd411671786008119b70b2a320e3bd92
GET /img/sprite-dice@2.6e1ac0ed-256.webp HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:52 GMT
content-type: image/webp
content-length: 429680
last-modified: Fri, 27 Jan 2023 09:15:36 GMT
etag: "63d39638-68e70"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 2415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XkYqli4%2FNXSkaOF78GKwuw16t3kIOMCniWrp8j9LAXiAHs6OMzqa6hYJgDN5X85zdQfAfQMLRTHugLK4AGRLgGZXMKBjnoe6%2FgJUBE0QNqPvfLie%2BmMxe2b%2BnxKUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098cd79a7b4e8-OSL
X-Firefox-Spdy: h2
1win-cdn.com/js/10.fff54e18.js
188.114.99.234200 OK 388 kB URL HTTP/2 1win-cdn.com/js/10.fff54e18.js
IP 188.114.99.234:0
File type ASCII text, with very long lines (11261), with no line terminators
Size 388 kB (387661 bytes)
Hash b998c30a2b11237ba7366ffff9f62ad0
cd28341a78ec82e8767b29c44ef0f54046aba554
7074660d5a767d8416334c739abc5bbbc17775e172e1f38bba2660aa82b89b0c
GET /js/10.fff54e18.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:51 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=11301
access-control-allow-origin: *
etag: W/"63cfcc79-2c25"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 24 Jan 2023 12:18:01 GMT
cf-cache-status: HIT
age: 416299
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhLWNb4mmZsh%2BK41Q3oucphD2OX%2B%2FWplqHqs1gq7tJRSWfsd0lnU0l4ud5Glnq0prM%2FXiAfKRn6i0d7TMkWRVlUgenQRLu0oN1dsWZ%2FclPPkbEbx6g4caiB9GPZ9hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098c87c26b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/541.d536ea95.js
188.114.99.234200 OK 3.9 kB URL HTTP/2 1win-cdn.com/js/541.d536ea95.js
IP 188.114.99.234:0
File type Unicode text, UTF-8 text, with very long lines (11173), with no line terminators
Hash 1703718d5bae51d3adadaf08822e3cb9
ffebbb8456185d9e8f4b8b142f25ad7c0db13910
243a8a774f8ff0e60c83541e6083def5a51950aeeaa74e1f4a1d0beb556c5e24
GET /js/541.d536ea95.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:51 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=11217
access-control-allow-origin: *
etag: W/"63a43d6a-2bd1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 11:20:10 GMT
cf-cache-status: HIT
age: 3272887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlMdQRtQ0w8fL2DkX7AujBM62eOdB7TIKNX%2Fm1MOqSjqjmzORg0MrELB7fbi6lXzGnaUukV5ntjfI7DE8EetQbQ9w3%2FAOPhq0zKmp5rFwo5BadVNv%2Bhk8CwxxrLTWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098c87c25b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wswqf.top/
Origin: https://1wswqf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Sun, 29 Jan 2023 08:28:52 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=16a89d5d17de93d9; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wswqf.top/
Origin: https://1wswqf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Sun, 29 Jan 2023 08:28:52 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=b89dcdbbbcfcec31; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wswqf.top/
Origin: https://1wswqf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Sun, 29 Jan 2023 08:28:52 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=3bff0df57a815b91; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 667f2c02cead780538e445d0571bbeff
a68b9ac6c84f66d76b49ca6ea1e19604e55fc0f7
b53fd18961e7dd2a72bdd54c8bdce035ac698af6ec7964d7d4dd389a2c3c4ac2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B53FD18961E7DD2A72BDD54C8BDCE035AC698AF6EC7964D7D4DD389A2C3C4AC2"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1139
Expires: Sun, 29 Jan 2023 08:47:51 GMT
Date: Sun, 29 Jan 2023 08:28:52 GMT
Connection: keep-alive
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wswqf.top/
Origin: https://1wswqf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Sun, 29 Jan 2023 08:28:52 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=ea0755b956748598; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wswqf.top/
Origin: https://1wswqf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Sun, 29 Jan 2023 08:28:52 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=ca809554607091dc; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wswqf.top/
Origin: https://1wswqf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Sun, 29 Jan 2023 08:28:52 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=e43f6d3f3ec2cddb; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wswqf.top/
Origin: https://1wswqf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Sun, 29 Jan 2023 08:28:52 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=890391af8fc888d1; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2 B URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1wswqf.top/
Origin: https://1wswqf.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-type: text/plain; charset=utf-8
date: Sun, 29 Jan 2023 08:28:52 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
set-cookie: core-sticky=51bb0d365f2cc9d6; Path=/; HttpOnly
x-powered-by: Express
content-length: 2
X-Firefox-Spdy: h2
1win-cdn.com/js/icons-pack-sports-promotion.9bb32256.js
188.114.99.234200 OK 16 kB URL HTTP/2 1win-cdn.com/js/icons-pack-sports-promotion.9bb32256.js
IP 188.114.99.234:0
File type ASCII text, with very long lines (19195), with no line terminators
Hash e1ae96659d4eac4b8f4fe9672f3d85cd
cc13c623acb67075deb33aa559bbe9b5c2f3abc0
ab8f5f324421a6c22a7c16ba3d0eaad42433a4f31a176062d3c0d3bdaa0b8b1a
GET /js/icons-pack-sports-promotion.9bb32256.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:52 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=19260
access-control-allow-origin: *
etag: W/"63a42a53-4b3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3277621
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ohd%2B4Dljz2Qsd9eYEV3gsE2YUvjcePtUwp8CEThrjeCVVKgeUgqFW8korU8rEWVe45aWyMdBK41Kl6Oz%2FyJy%2BDEfMmX8VgPVjJ7rsnZcuXNtEDWxhok2GHr4%2BpH0bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098cd08f6b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 3.4 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (17749), with no line terminators
Hash b1da0f55def6bae6eca720e54c5b8a1d
206692db7f4b3e76399da513e790f6fa7b18633b
2fbed773e4d7a4e04c956ed38b8f2f667b452cb4b6add9df05e91463314c5af5
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 88
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 29 Jan 2023 08:28:52 GMT
etag: W/"d22-IGaS239LPnY5naUT55D2+nsYYzs"
set-cookie: core-sticky=16f815f09e880af8; Path=/; HttpOnly
x-powered-by: Express
content-length: 3362
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 18 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash c15250b2fe556bc04df177dd27fd7824
362f2e2ad68520cf76dee5f38066dffcbd5091a0
339c40f267f2fb70221c9a9aa24032f2e01a391d0777f122d2260a54aa3cfd93
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 80
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 29 Jan 2023 08:28:52 GMT
etag: W/"479e-Ni8uKtaFIM923uXzgGbf/L1QkaA"
set-cookie: core-sticky=f00e2df9a6729095; Path=/; HttpOnly
x-powered-by: Express
content-length: 18334
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 667f2c02cead780538e445d0571bbeff
a68b9ac6c84f66d76b49ca6ea1e19604e55fc0f7
b53fd18961e7dd2a72bdd54c8bdce035ac698af6ec7964d7d4dd389a2c3c4ac2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B53FD18961E7DD2A72BDD54C8BDCE035AC698AF6EC7964D7D4DD389A2C3C4AC2"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8299
Expires: Sun, 29 Jan 2023 10:47:11 GMT
Date: Sun, 29 Jan 2023 08:28:52 GMT
Connection: keep-alive
1win.direct/microservice/ask
134.122.54.186200 OK 46 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 199fa6281d4d1f050103595283b13e18
e3f654d191ec8697a416dfd330e3fab43ec1b445
abe046c549ee761529c4e621874deef4bb82f8316ba168b0e14c6cb2779ad0f2
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 98
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 29 Jan 2023 08:28:52 GMT
etag: W/"b1ff-4/ZU0ZHshpekFt/TMOP6tD7BtEU"
set-cookie: core-sticky=d7c6494501d2f0b6; Path=/; HttpOnly
x-powered-by: Express
content-length: 45567
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 3.4 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (17749), with no line terminators
Hash b1da0f55def6bae6eca720e54c5b8a1d
206692db7f4b3e76399da513e790f6fa7b18633b
2fbed773e4d7a4e04c956ed38b8f2f667b452cb4b6add9df05e91463314c5af5
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 101
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 29 Jan 2023 08:28:52 GMT
etag: W/"d22-IGaS239LPnY5naUT55D2+nsYYzs"
set-cookie: core-sticky=3b2809a6d6e818d4; Path=/; HttpOnly
x-powered-by: Express
content-length: 3362
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2.7 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (44409), with no line terminators
Hash 7be14b8a0b056b592a9fc8609eccba2f
5859d8a0e197392c235d966b55dc3567d8f40b4b
8361320771b60ab6963dee173dc1ef498ba42fabf121345156f61388f743521e
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 71
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 29 Jan 2023 08:28:52 GMT
etag: W/"ab5-WFnYoOGXOSwjXZZrVdw1Z9j0C0s"
set-cookie: core-sticky=dcce4171f55dd38d; Path=/; HttpOnly
x-powered-by: Express
content-length: 2741
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-deposit.png@avif
190.115.24.75200 OK 4.3 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-deposit.png@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 22a160f55908549771f823852d5eaeea
267d86356fc72824681f08d9fd1207b77530c08d
bb19dc50ecc9dd60ce8760b73843ce465df86b78a76de6a924c813fc770a2f23
GET /unsafe/banner_desktop_main_1x/plain/https://1win-cdn.com/banner-files/bonus-banner-deposit.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
HTTP/2 200 OK
server: nginx/1.22.0
date: Sun, 29 Jan 2023 08:28:53 GMT
content-type: image/avif
content-length: 4323
cache-control: max-age=604800, public
content-disposition: inline; filename="bonus-banner-deposit.avif"
etag: "afr-jhlkuoDx_XrwjiuFbkzj6HdVsjvDmAeQvV8BbYs/RIjYxYTRlY2UwLTU0YWIyIg"
expires: Thu, 02 Feb 2023 09:59:19 GMT
x-request-id: k_UiPjjC7eUn-KF9U943Q
x-cache-status: HIT
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 46 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash d16bc84899ccb06569e1ff2a75515d3f
4cb36ac9b3acc9e9886a116150d78f3c57a9dc8c
c81728e5ffb739dcad68257ad3980efd5bb0460915f7cd91d1e4f4581fe6b2b6
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 85
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 29 Jan 2023 08:28:53 GMT
etag: W/"b1a8-TLNqybOsyemIahFhUNePPFep3Iw"
set-cookie: core-sticky=4c19cd8fc84bc7; Path=/; HttpOnly
x-powered-by: Express
content-length: 45480
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 18 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash c15250b2fe556bc04df177dd27fd7824
362f2e2ad68520cf76dee5f38066dffcbd5091a0
339c40f267f2fb70221c9a9aa24032f2e01a391d0777f122d2260a54aa3cfd93
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 67
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 29 Jan 2023 08:28:53 GMT
etag: W/"479e-Ni8uKtaFIM923uXzgGbf/L1QkaA"
set-cookie: core-sticky=158ca94b6d68c5bb; Path=/; HttpOnly
x-powered-by: Express
content-length: 18334
X-Firefox-Spdy: h2
1win.direct/microservice/ask
134.122.54.186200 OK 2.7 kB URL HTTP/2 1win.direct/microservice/ask
IP 134.122.54.186:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (44409), with no line terminators
Hash 7be14b8a0b056b592a9fc8609eccba2f
5859d8a0e197392c235d966b55dc3567d8f40b4b
8361320771b60ab6963dee173dc1ef498ba42fabf121345156f61388f743521e
POST /microservice/ask HTTP/1.1
Host: 1win.direct
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 71
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://1wswqf.top
access-control-expose-headers: Authorization
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 29 Jan 2023 08:28:53 GMT
etag: W/"ab5-WFnYoOGXOSwjXZZrVdw1Z9j0C0s"
set-cookie: core-sticky=4483dd81051eb823; Path=/; HttpOnly
x-powered-by: Express
content-length: 2741
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/bD9xEdP9SoU
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/bD9xEdP9SoU
IP 216.58.211.3:0
Hash eaa8f4f2a21910479dd9912213ca2080
437026af88caf372d22cf206ee0f10c83872b4c3
82f549c3f5922a27bae31dc6846320893907e7a37d9559506712c674722cd98e
POST /s/gts1p5/bD9xEdP9SoU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:28:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ps250.1win-service.com/push-server-v2/?Language=en&snapshot_time=1674980937452&shouldCompress=true&EIO=3&transport=websocket
172.67.209.1101 Switching Protocols 0 B URL HTTP/1.1 ps250.1win-service.com/push-server-v2/?Language=en&snapshot_time=1674980937452&shouldCompress=true&EIO=3&transport=websocket
IP 172.67.209.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /push-server-v2/?Language=en&snapshot_time=1674980937452&shouldCompress=true&EIO=3&transport=websocket HTTP/1.1
Host: ps250.1win-service.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://1wswqf.top
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JLyB8oH0h7cCg8kCyWKfJQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sun, 29 Jan 2023 08:28:55 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: h/qOy36a1kX4Dj6tHMzQ34EDv94=
sec-websocket-extensions: permessage-deflate
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAOqzO2wZ0MVQTGaKP5tBRL%2Fzf651vZlLn2V9fbbktKKzS2vC60OVo3a38YpHggAOaYDotbvbXGAyxao3CFgDm8mleFwzaPnxiZYE5cs7EASIcC%2BHp4xNlr17FE4Xz0kUzFHmN2p%2B4iy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 791098ddca3c0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/s/gts1p5/bD9xEdP9SoU
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/bD9xEdP9SoU
IP 216.58.211.3:0
Hash eaa8f4f2a21910479dd9912213ca2080
437026af88caf372d22cf206ee0f10c83872b4c3
82f549c3f5922a27bae31dc6846320893907e7a37d9559506712c674722cd98e
POST /s/gts1p5/bD9xEdP9SoU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 08:28:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1win-cdn.com/img/emoji-soccer.1a6d4eca-160.png
188.114.99.234200 OK 7.9 kB URL HTTP/2 1win-cdn.com/img/emoji-soccer.1a6d4eca-160.png
IP 188.114.99.234:0
File type PNG image data, 160 x 160, 8-bit colormap, non-interlaced\012- data
Hash 531c59f255f2998443131a8503a6244e
5288df4ace6d3e89a393af2b58c1e6c38a0042a8
575412b54e344b5f40a21bb5b799f0430919cfb4ba807f9832c040e13711dc8e
GET /img/emoji-soccer.1a6d4eca-160.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/png
content-length: 7896
last-modified: Wed, 21 Dec 2022 11:04:29 GMT
etag: "63a2e83d-1ed8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3345655
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEhGxl6dM2tNVCtVnzvmYNT9Epb2wqfhHFHgOTbdHg8T%2FRIbzCTTettL3vqfh4baJGxm6mH3WKUWnBMX9MHaYBvLEsAJSc5UIcY6P07WZNIrVbCmJjensiRdr7y5BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e6df6cb4e8-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/5b4ab347-f37c-44e4-93e6-2c1c0efa069e.jpg@avif
190.115.24.75200 OK 5.3 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/5b4ab347-f37c-44e4-93e6-2c1c0efa069e.jpg@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 76a502c1036d076e2317739f0cc878d8
480303b6e1e68b1d04e998d9bcd26224429db376
e377abb67003f9b87b6c67e87b9814b99bb3c1de68f286546d9af4e6d6377351
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/5b4ab347-f37c-44e4-93e6-2c1c0efa069e.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/avif
content-length: 5302
cache-control: max-age=604800, public
content-disposition: inline; filename="5b4ab347-f37c-44e4-93e6-2c1c0efa069e.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzOTM2OTc5LTJiMmQxIg"
expires: Thu, 02 Feb 2023 09:59:10 GMT
x-request-id: hS5nFRN0pTfRoKGm08TCF
x-cache-status: HIT
X-Firefox-Spdy: h2
1win-cdn.com/js/3590.a08c1cd7.js
188.114.99.234200 OK 17 kB URL HTTP/2 1win-cdn.com/js/3590.a08c1cd7.js
IP 188.114.99.234:0
File type Unicode text, UTF-8 text, with very long lines (44887), with no line terminators
Hash 14b40751dab4e0ea7c14c2c4428548ab
cc2b42ed86102c442e71d93628f624d343215324
baa6fb04b5bba300ae93c50e19e2f5aa92129605ea616e99c81950f1dda7aab4
GET /js/3590.a08c1cd7.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:52 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=44931
access-control-allow-origin: *
etag: W/"63cfb99e-af83"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 24 Jan 2023 10:57:34 GMT
cf-cache-status: HIT
age: 422711
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oH5RL04VVgFPCfu7j0ZWdo9fbtcVe%2FsPHNzWSMsTAm4UYWjBS3suzoh%2BkOlh7OQjEWnicrdKnuSVilAYVJSzsEDqISPpxfCf4lASpu44PAFHDoSLd3LHk1CLzIsQtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098ccb8b5b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/emoji-slots.1c6e965b-160.png
188.114.99.234200 OK 9.0 kB URL HTTP/2 1win-cdn.com/img/emoji-slots.1c6e965b-160.png
IP 188.114.99.234:0
File type PNG image data, 160 x 160, 8-bit colormap, non-interlaced\012- data
Hash 1dc08d167f60360991bc58d8b3573355
55d11fb2d5a5b46b6ad68e8cfc40d59d4a434700
f2fc8f2712717b32157f7741b1c723d6fe1d430c41652cfafd39c68980db20bd
GET /img/emoji-slots.1c6e965b-160.png HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/png
content-length: 8977
last-modified: Wed, 21 Dec 2022 11:04:29 GMT
etag: "63a2e83d-2311"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3345655
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCrcSQ%2BBbsu2vusDhdy6f7SkEdtYnhJEAJJOT%2BRUYKg64hIX2M2PfB946Rwh7XgRD%2BTnod4%2Bmbn9vwq%2FGT86eNgdvqdprvcBX5k4HuQvSeRDOB8EnvpI3FG991sjjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e71fa9b4e8-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/81c5273a-ebb1-47f6-8535-6376c353ea74.png@avif
190.115.24.75200 OK 3.6 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/81c5273a-ebb1-47f6-8535-6376c353ea74.png@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 38274844df1004bd9a0e2ebaa78fc880
ef316b9b62257b1e930eb064f30c1baecd86f2b9
5d128fbc4ca805ffd77a5d0c93ed6c15e548157d1b6a68b16c2849a98799a6a6
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/81c5273a-ebb1-47f6-8535-6376c353ea74.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/avif
content-length: 3601
cache-control: max-age=604800, public
content-disposition: inline; filename="81c5273a-ebb1-47f6-8535-6376c353ea74.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzOTM2OTc1LTY1Njk0Ig"
expires: Thu, 02 Feb 2023 09:59:15 GMT
x-request-id: 3_3K_XaC4gvPsdkGmWl7c
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/f736e1ff-fdf7-40e5-93b5-2daa1b472e4d.png@avif
190.115.24.75200 OK 3.3 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/f736e1ff-fdf7-40e5-93b5-2daa1b472e4d.png@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash bbb2a9093140015e4ebcb4b1ade5b171
dc35c677bb7d9b9e222f93e844793afc4fc06b2a
769a8489bc32f748e268b35024e9726719ef2a65d32665b0a5a54ca6d28789d9
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/f736e1ff-fdf7-40e5-93b5-2daa1b472e4d.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/avif
content-length: 3255
cache-control: max-age=604800, public
content-disposition: inline; filename="f736e1ff-fdf7-40e5-93b5-2daa1b472e4d.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzOTM2OThiLTFiYzYyIg"
expires: Thu, 02 Feb 2023 09:59:15 GMT
x-request-id: yhDgjau2hqJoacHHecauB
x-cache-status: HIT
X-Firefox-Spdy: h2
1win-cdn.com/img/500_i18_img.cad2d5cb-1320.webp
188.114.99.234200 OK 25 kB URL HTTP/2 1win-cdn.com/img/500_i18_img.cad2d5cb-1320.webp
IP 188.114.99.234:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1312c2c31e69ae16717161d0b63e862e
1ea1ac50dccf074db7972fd01030d27764c647be
17e3ddf96f54278719c3951bdf7fd750f03eef6fa8f7e257b47bf04a7915fb81
GET /img/500_i18_img.cad2d5cb-1320.webp HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/webp
content-length: 25094
last-modified: Fri, 27 Jan 2023 09:15:36 GMT
etag: "63d39638-6206"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 2414
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mh%2BtPCCzVgQDlKZ03bDFIIiqRFRaM973qkYKes2xz7fh9zQdapfl5BKCIppZBbMO%2FyXNge8sMPztLN06a%2BD2gG3erhNCRBlul0EYn37Rxn9mYPmUvEx7f9WEys1jTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e8391eb4e8-OSL
X-Firefox-Spdy: h2
1win-cdn.com/img/500_i18_bg.0e037ee1-1320.webp
188.114.99.234200 OK 40 kB URL HTTP/2 1win-cdn.com/img/500_i18_bg.0e037ee1-1320.webp
IP 188.114.99.234:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1320x427, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 14de8fd7c8de24bb9f6f89ddd3c2d480
9635193c712dafa2c58339dee09588880a96a980
633593c73a175eabb2a5716a04aa84b1b49fc8e4ac4687b07509db36350076b7
GET /img/500_i18_bg.0e037ee1-1320.webp HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/webp
content-length: 39614
last-modified: Fri, 27 Jan 2023 09:15:36 GMT
etag: "63d39638-9abe"
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 2414
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zezZrfB9ErWTFkaaP66BN%2B8lQ86Cr%2FsfG5h3mfRK8pNN5hcW1IluF1cSI2zXQ6pnXpuhhlz6RPbmBG1LbRxKRpdzd0oOM59ZS63xF77Uw%2FVuv%2Bz9GIsAao1oYXaEBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e8391cb4e8-OSL
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/9dd18146-c273-48b4-ab55-70c3042a3f64.png@avif
190.115.24.75200 OK 5.8 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/9dd18146-c273-48b4-ab55-70c3042a3f64.png@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 8b9dae655791a2c093c33da8a8f41277
c564561f1f54aa7ce97a26a5c0d869fd05ba59da
179311580e45d0faa648f3673f12b5cb2235d2a367c4864febdc818f3a5d27fe
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/1play/9dd18146-c273-48b4-ab55-70c3042a3f64.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/avif
content-length: 5759
cache-control: max-age=604800, public
content-disposition: inline; filename="9dd18146-c273-48b4-ab55-70c3042a3f64.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzOTM2OTU5LTJhM2VmIg"
expires: Thu, 02 Feb 2023 09:59:12 GMT
x-request-id: 1b79iucWvgm-kD0B9wRn0
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/1983b5c6-aeba-424f-b790-01d500023607.jpg@avif
190.115.24.75200 OK 7.6 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/1983b5c6-aeba-424f-b790-01d500023607.jpg@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash d437b0757b3d3be3c19c87919a3aa1d2
32a477ee6439bab8e93e3f47c949000a2c6270dd
0cf00b44bd1b346f12c6b46e7316669113d0c2cd43e752c5a06ae4990d78d9a8
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/1983b5c6-aeba-424f-b790-01d500023607.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/avif
content-length: 7591
cache-control: max-age=604800, public
content-disposition: inline; filename="1983b5c6-aeba-424f-b790-01d500023607.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzOTczNDEyLTIxMzk1Ig"
expires: Thu, 02 Feb 2023 10:09:25 GMT
x-request-id: 7FZkIHauUdzQArQbJb8jG
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/relax/c_102de4b840e0b3d43ec219886af06871.png@avif
190.115.24.75200 OK 7.4 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/relax/c_102de4b840e0b3d43ec219886af06871.png@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 44d6d73bffea52fdb89dbce90b12ed68
3e2feb53775a9b247958092366956ec10ac06b3f
3249942415e96d6fb3c5099b69b378f556f3bbc1cd3e674e6c87311177a4fa10
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/relax/c_102de4b840e0b3d43ec219886af06871.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/avif
content-length: 7415
cache-control: max-age=604800, public
content-disposition: inline; filename="c_102de4b840e0b3d43ec219886af06871.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYyOWEwODM4LTY4MzFjIg"
expires: Thu, 02 Feb 2023 10:05:28 GMT
x-request-id: BzPlnfcoMMob-lFMDxjbf
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/bgaming/194f01dc-eaa3-4379-831d-5a792c1eca57.png@avif
190.115.24.75200 OK 8.9 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/bgaming/194f01dc-eaa3-4379-831d-5a792c1eca57.png@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 17026de42f18fb450b84240abe77801b
aac5ef93d090c0f7711e949da60170ceeb09e291
954db7309a3f64c0f1784e7a72542a54a4216f182ea865080ad6efbaa71414e0
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/bgaming/194f01dc-eaa3-4379-831d-5a792c1eca57.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/avif
content-length: 8870
cache-control: max-age=604800, public
content-disposition: inline; filename="194f01dc-eaa3-4379-831d-5a792c1eca57.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzYzkwNDMzLTY0MWJhIg"
expires: Thu, 02 Feb 2023 08:50:36 GMT
x-request-id: XaEAK-kY2gZKSLFgjEWKA
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/evoplay/c_629b5b7ecad77eca213957740c0ac78c.jpg@avif
190.115.24.75200 OK 5.0 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/evoplay/c_629b5b7ecad77eca213957740c0ac78c.jpg@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 3076cecb5519fe3ab82562ba350f69b5
cc77dcda234ae49c57fd0534ebddaf1b1fb9fe82
5ee40b48c9b99199aa92cb5c9832626d77f5ba97a362ff617fcc12f94017f9a1
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/evoplay/c_629b5b7ecad77eca213957740c0ac78c.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/avif
content-length: 5026
cache-control: max-age=604800, public
content-disposition: inline; filename="c_629b5b7ecad77eca213957740c0ac78c.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjVmODQ0YWFmLTRmNjQi"
expires: Thu, 02 Feb 2023 10:04:25 GMT
x-request-id: oMLdXJ5uFDVAqqILg_OdH
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/spinomenal/e8c6ec93-32f6-423b-b5e0-574778b0383e.jpg@avif
190.115.24.75200 OK 17 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/spinomenal/e8c6ec93-32f6-423b-b5e0-574778b0383e.jpg@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 10efcdb8a9e6e4d6e26335cb5f6f22e5
6dea345a0cbd5d7a467315dd9ebb48949e761b60
6ac02eb9d12d1a9b448180af552bed3ed48b749345c0979ad991650f81c063ce
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/spinomenal/e8c6ec93-32f6-423b-b5e0-574778b0383e.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/avif
content-length: 17157
cache-control: max-age=604800, public
content-disposition: inline; filename="e8c6ec93-32f6-423b-b5e0-574778b0383e.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzNjNiNWM4LTE0ODkzIg"
expires: Thu, 02 Feb 2023 10:05:16 GMT
x-request-id: KL7T5SHGdCoCVOyCw9Vca
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/5cc068cf-9d52-4102-9f28-66395a65c931.png@avif
190.115.24.75200 OK 8.5 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/5cc068cf-9d52-4102-9f28-66395a65c931.png@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 67a53ed7251c92f5ea42d77beae82de5
9110e976e79310157443eac3ae7329b4ebc6d716
527ab81f140771168d3e0d7401d3a75dcd3aa9a9341529b2cd066f105ef01879
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/5cc068cf-9d52-4102-9f28-66395a65c931.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Sun, 29 Jan 2023 08:28:57 GMT
content-type: image/avif
content-length: 8467
cache-control: max-age=604800, public
content-disposition: inline; filename="5cc068cf-9d52-4102-9f28-66395a65c931.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzYTk5ODk5LTE3NzA3Ig"
expires: Mon, 30 Jan 2023 12:53:00 GMT
x-request-id: M55yKr0DaOUP7c5_YVuHS
x-cache-status: HIT
X-Firefox-Spdy: h2
1win-cdn.com/img/betsolutions.9f618e22.svg
188.114.99.234200 OK 5.8 kB URL HTTP/2 1win-cdn.com/img/betsolutions.9f618e22.svg
IP 188.114.99.234:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2085)
Hash bbf6c0b60158f24446b5c5c503c36d11
9ec35169efdd46a99348cca6757b68caf14afbf2
4a6b10e1357bad7da0fb93164c547a24a9c551200bb9b89e49a3986223b15c1c
GET /img/betsolutions.9f618e22.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-911"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275726
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJSeAzi9HIbgGB7iIi3gYMsVvH87Isn3evwcFphaN%2BNABDZIfeBkgv9NcYnA7ckIQ0kFFNIoHGHRCw3BCN7W1hglaoGyoBpZwqL8tLRWPGlqmqxAYxHBSvErElE45g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e75ff0b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/26b06924-2e59-423a-b6ef-9bd9c97f41ae.jpg@avif
190.115.24.75200 OK 5.7 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/26b06924-2e59-423a-b6ef-9bd9c97f41ae.jpg@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash d43bad364c5a03c96a9609f5817e6150
15772d42d72303f27a057a208ffa73a5e2cd79c5
fc301e54c3cfd5b3a1ae24e06ce4df85391d488199b163e44fe653027fc014e4
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/26b06924-2e59-423a-b6ef-9bd9c97f41ae.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Sun, 29 Jan 2023 08:28:57 GMT
content-type: image/avif
content-length: 5690
cache-control: max-age=604800, public
content-disposition: inline; filename="26b06924-2e59-423a-b6ef-9bd9c97f41ae.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzMDc2Zjg5LTEyZjkwIg"
expires: Thu, 02 Feb 2023 09:59:43 GMT
x-request-id: TX1K5cWHXpyP0FUMhzS8Y
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/pragmatic/0e2d11b9-786d-4e45-8265-542c38fc3575.jpg@avif
190.115.24.75200 OK 17 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/pragmatic/0e2d11b9-786d-4e45-8265-542c38fc3575.jpg@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 151bc0973a888c1c3abed902f5e7d9af
5e3e6c76c81b2891ce6d8001a6cd73b267e6bd66
e7ca152be70af106f7ab79894d653efb6cfe72050652b42883d3878f2783fccd
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/pragmatic/0e2d11b9-786d-4e45-8265-542c38fc3575.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Sun, 29 Jan 2023 08:28:57 GMT
content-type: image/avif
content-length: 16569
cache-control: max-age=604800, public
content-disposition: inline; filename="0e2d11b9-786d-4e45-8265-542c38fc3575.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzNjNiNTQ5LTE5MzM1Ig"
expires: Thu, 02 Feb 2023 09:59:43 GMT
x-request-id: 3MmKYbEFmWODH2mc1Ry8Q
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/c_8792a3c772d93d7dc92e4edc1d5a31e5.png@avif
190.115.24.75200 OK 8.7 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/c_8792a3c772d93d7dc92e4edc1d5a31e5.png@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 7921b4a91ddd9ab56997c39c3d48a3ba
c078d305db8a5d1c1ed7c09e1b1c450df04e954b
83182603aa52b27c1d70640c348906f9ce3a5e5e94c05d1bed32780b14dfbb5b
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/c_8792a3c772d93d7dc92e4edc1d5a31e5.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Sun, 29 Jan 2023 08:28:57 GMT
content-type: image/avif
content-length: 8735
cache-control: max-age=604800, public
content-disposition: inline; filename="c_8792a3c772d93d7dc92e4edc1d5a31e5.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYyYmFjNjBjLTYxNzM1Ig"
expires: Thu, 02 Feb 2023 09:59:43 GMT
x-request-id: F0Vhdy3fdN4X7pVkGsJgx
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/eb768ea8-8c0f-4c1d-a465-b8273ca51b7b.png@avif
190.115.24.75200 OK 7.2 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/eb768ea8-8c0f-4c1d-a465-b8273ca51b7b.png@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 346cd8e0efd877ab4b3be5e25dcccf98
e9b425456024f04cd54718964de4460a030ece5b
24c523648df2f1021c092a6a6e217f892a6192c3828d71af9ff2177ae77a8cff
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/infingames/eb768ea8-8c0f-4c1d-a465-b8273ca51b7b.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Sun, 29 Jan 2023 08:28:57 GMT
content-type: image/avif
content-length: 7168
cache-control: max-age=604800, public
content-disposition: inline; filename="eb768ea8-8c0f-4c1d-a465-b8273ca51b7b.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjYzNWZlNTkzLTU2ZTRhIg"
expires: Thu, 02 Feb 2023 09:59:55 GMT
x-request-id: H1Z6wD1jtNxW1mPqoxQDi
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/cat_wilde_doom_of_dead.jpg@avif
190.115.24.75200 OK 9.4 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/cat_wilde_doom_of_dead.jpg@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 76dbfbe5cdd074e629e319a5d6b3dddb
6ffd4956326fc530e89fdfc5c5708d25cb9617ec
38bbf2f26820df3af512990110e926a7fd0c95dbbd203edad95562aafd75e9c6
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/fundist/cat_wilde_doom_of_dead.jpg@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Sun, 29 Jan 2023 08:28:57 GMT
content-type: image/avif
content-length: 9367
cache-control: max-age=604800, public
content-disposition: inline; filename="cat_wilde_doom_of_dead.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjVmZDg5ZjBjLTI3Mzc5Ig"
expires: Sat, 04 Feb 2023 01:30:02 GMT
x-request-id: LGSuP5PoWS0qM3nJ8dU3I
x-cache-status: HIT
X-Firefox-Spdy: h2
imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/endorphina/c_a7a3a6c91c477defb558aaaa3474f556.png@avif
190.115.24.75200 OK 6.1 kB URL HTTP/2 imgproxy.1win-cdn.com/unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/endorphina/c_a7a3a6c91c477defb558aaaa3474f556.png@avif
IP 190.115.24.75:0
ASN #262254 DDOS-GUARD CORP.
File type ISO Media, AVIF Image\012- data
Hash 04d165298871006dd1c85a662edc6e9b
1d0fad43e67f4214254105720a43d5af5ab61f83
b292c081556ad9a860ee6c5295992c7e792a08e4f35fcb05e7dedbc7c13b9d39
GET /unsafe/casino_list_big_1x/plain/https://1win-cdn.com/casino-images/endorphina/c_a7a3a6c91c477defb558aaaa3474f556.png@avif HTTP/1.1
Host: imgproxy.1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
server: nginx/1.22.0
date: Sun, 29 Jan 2023 08:28:57 GMT
content-type: image/avif
content-length: 6126
cache-control: max-age=604800, public
content-disposition: inline; filename="c_a7a3a6c91c477defb558aaaa3474f556.avif"
etag: "qZN6EBzPegPBpsimkrNBhehT4d3pwCv1LGwwuLjYmzM/RIjVmODQ0MGU1LTNiYzEi"
expires: Thu, 02 Feb 2023 10:02:20 GMT
x-request-id: wFNKaLuuw6sLc2f7cwoYq
x-cache-status: HIT
X-Firefox-Spdy: h2
1win-cdn.com/img/1x2gaming.9c41eb85.svg
188.114.99.234200 OK 8.8 kB URL HTTP/2 1win-cdn.com/img/1x2gaming.9c41eb85.svg
IP 188.114.99.234:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2625)
Hash 54c24d248be7ea85386a1a78c717a368
e9fea13b557f659c176a3729d21ba0ace900b5e2
6858ee53be2f3618d04e5ece243ad46ea7064b7e9fbde6d9a03679caa4cd1565
GET /img/1x2gaming.9c41eb85.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-f4c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275726
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bKmjEWxNMW5xakv8N4Fz5jKxhL%2B38YQWjA8F4yQWjRGJi22kVvl5p1Uy2YZwJPbzw3bxc57PecTlsEHy6IGfh5tFcdC2suyKfQu3uaW%2FQosxCG5W9eZnKUNv2R2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e71faeb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/boomerang.ce3752d9.svg
188.114.99.234200 OK 28 kB URL HTTP/2 1win-cdn.com/img/boomerang.ce3752d9.svg
IP 188.114.99.234:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (5946)
Hash 5dd7a77dac6665afeb8e8f3c9313b6b7
5aec6e7393bbde56b546d141ceb583cbab75d303
b1087c16fe3fcdba1c92c356aba4c0f8c3e4d5bf854c8bca681b678d1ce89b97
GET /img/boomerang.ce3752d9.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-81cd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275735
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmMn8Z0p4VV6saNAckPLo2SZWrkMnoa4KWvATrG31AWdNz5mgvdbe%2BveOPnv1e2LRhWTWihs6g880nynsr8OaTVgXc%2FpZz23LwmNWmf1KARD7II2d%2FhiqQI5FWEESQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e76806b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/booming.a167e59f.svg
188.114.99.234200 OK 5.4 kB URL HTTP/2 1win-cdn.com/img/booming.a167e59f.svg
IP 188.114.99.234:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2116)
Hash 718961d6cad23fe7b8a56e39db07218c
8c58ed7a2e0fb503bd5169cbd1c374958e70b6b1
a80a4742371f3f9b25044ea90114c64f172434c9d2fad477b30a04863896bbd6
GET /img/booming.a167e59f.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-8b3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275735
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=il3mP870UNJ9Z2%2B3%2BENE5GGWy0E2SrtxgyIp3SPBGaRsJNHmof5edT%2BKX0TuuIoysH7dow5Duuo4z94W5qgUlFeXCnVt%2BFTUEc2ZkbmwMlCY%2Blv3juUO2ZASidPk1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7680ab4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/big%20time%20gaming.848cd084.svg
188.114.99.234200 OK 11 kB URL HTTP/2 1win-cdn.com/img/big%20time%20gaming.848cd084.svg
IP 188.114.99.234:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b6ed0e8b6c001c035844c664642511cc
0805eddb6f6aeddce4f19ee6ceea9cb7c76ec056
66737d26b467eff75dcb4ffa128ccd8643ee1b9590dbf97c31c3b0918672d632
GET /img/big%20time%20gaming.848cd084.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-209a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275726
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulQ64N5P4q1KftKhh%2FXm6gaJOqtmFJwZSnOQ%2FYwsKD1t7XMTnzIAbAI4EPwe6QfLGD95F4BfKPQoSEZ3C1fIzNkd%2B5V%2F1WrTK%2BGUra0KbFjGvA4N83arGLA4%2FqzObg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e75ff8b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/cool%20games.5793050c.svg
188.114.99.234200 OK 11 kB URL HTTP/2 1win-cdn.com/img/cool%20games.5793050c.svg
IP 188.114.99.234:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (531)
Hash 85ca7f8f443994a56e22eb0584253dc3
803cc1654dcb6f399d150424ce2930f9de0aed7b
73f14fa22c01da35bc5db293ad611688d714ad5253a9ee0fd764a57ac0370624
GET /img/cool%20games.5793050c.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-d49"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275734
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AgYpwMOjNJmOrdEAxlgcFNuBADaZE2jfxhmzOFOJW16UdnDSq%2F2mtd5cP8OxO5%2FyJAXbdh8qEPG97dg0%2BVqLw0s4tYDC4U7D%2Bzd4jyk%2BCqUA%2F%2Fpx6Gysdpx3SshpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7680db4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/cq9.bd2145b0.svg
188.114.99.234200 OK 8.2 kB URL HTTP/2 1win-cdn.com/img/cq9.bd2145b0.svg
IP 188.114.99.234:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2264)
Hash eb6f99e2ebfdfdb844902349f79b18ee
f237ab1b351cd6de32c4f3dfcdc84579b12796b9
462a1d2bb5218ab24ac79557d6b51dae7e548c9fb0ba05fe4d6bcd8cd1072c21
GET /img/cq9.bd2145b0.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1169"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275734
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdC79Rro%2BbIEkW7VgRfUiUmePyGJtD8yQyHdWeuDOb70KMqKFGf%2Fid2jR2uKAHwrQLGoV60ow9GYYWzrFuGJQna3Hjs%2FWFn%2FdKItsNVZOx3QJGH7tbKwbCDIWdvMaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e77811b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/dicelab.f8f3d560.svg
188.114.99.234200 OK 11 kB URL HTTP/2 1win-cdn.com/img/dicelab.f8f3d560.svg
IP 188.114.99.234:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bb05192049d0246ee1069c5ed5f87c33
dfbbcdc3cce0f9412796fce52a796c8ad3ce9fbd
9b8367d0d03033e4d3d1b1aa8b40f2839ace856078713b03fc035697bb2cf9a0
GET /img/dicelab.f8f3d560.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-f89"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275733
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fubcFWNlxOhuYsjzDvejRyApCv%2Ba%2Bu88L4ODaYT%2BSyoOi7xb%2BdR75EMQIPTm68Ebg7FH%2BF%2F0VsVoBGxlLsKHMLknqZ3GsU%2BcQsKvyG3%2BesJ0qbjeWm1GQhFIy%2Bjinw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e77813b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/authenticgaming.08e94926.svg
188.114.99.234200 OK 9.9 kB URL HTTP/2 1win-cdn.com/img/authenticgaming.08e94926.svg
IP 188.114.99.234:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1559)
Hash 62211693f8beec6934c9dad4e14d21b8
2c613df927fb6274a839abb1d57692a367620094
ade65dd54e57a353d89fadb82e06cc8e6989485d858f9454a7c8d55457f43c83
GET /img/authenticgaming.08e94926.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2813"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275726
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyctXLUfOdToSgblqgJ7F6NgkB2JrBQ6XnHiKDeTs8EDA0Of0%2FlWS9AbqLS%2FGkFKgfvvmxM47f8gkB4H8ar9gObyzWyRKMsEiEUIPVgTdnRmHZsm1%2BXm4VRxXYmF%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e74fe4b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/givme%20games.9c29bc7b.svg
188.114.99.234200 OK 1.2 kB URL HTTP/2 1win-cdn.com/img/givme%20games.9c29bc7b.svg
IP 188.114.99.234:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 442675c2dee794b4c52693d1b0161a7f
6eb3a2e970878a68bc4cddafe355aef02f30faf5
cb72597efcd8d9e3336934b35e614512d35eeb2083e3285bcfba583f3bfd0e47
GET /img/givme%20games.9c29bc7b.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-961"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UZMy98pKSJzeQzHsq%2Bb%2B6NbSI%2FIWXIz32u%2BMyU7EA57dHT3EoSriJsoNlh9rQJuiTJ4zYD34TYtOY2XwQxmz97FZvgkmPUXm%2Btu%2BisVIcaIw9QWhWQOIieq0Fk81g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e78833b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/sagaming.4e1b794f.svg
188.114.99.234200 OK 1.7 kB URL HTTP/2 1win-cdn.com/img/sagaming.4e1b794f.svg
IP 188.114.99.234:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cc3aa9698757dec6e3cd794bf5a8911f
4a36b96b0c38ce35dc866a2df5e6cf944cc2ed77
59be145c299fdd56848715d55abf329ab763c71d026388b55b9e26e4450ec4bb
GET /img/sagaming.4e1b794f.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1060"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkit7R9KME7jcI7Vv8N2MdL%2FhEsT%2B8%2BkB31dzDUhyc2%2F4GH9Un%2BtWQNFCXUb38oL1XuOJniu6MR788qe15aOQxiAvb%2FimvcLMS4il6qZfNpWZRAb6BMBpat1EwJOkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7c895b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/hacksaw.ba9f22a5.svg
188.114.99.234200 OK 1.9 kB URL HTTP/2 1win-cdn.com/img/hacksaw.ba9f22a5.svg
IP 188.114.99.234:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b1be4c12c8bd4e0c72f50e1fd72ac2e8
1c5dbe05524bb1c2d6cb2d85d4acad7aadf0fbdc
05f18f4419928bdb639d9d2b4d221f113f0c3c935ce94c7c11690ca057db506f
GET /img/hacksaw.ba9f22a5.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-110b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQk9mt68Jg1jje%2F%2FI%2BJJH8h7ZO61Q4%2BVgN2sdFdv15jzTM%2BAg8qcST0X%2BivlyAf3RbrVjmdVJpwib4OYpIN4KidwAQLDXcS7xvDd7cwT3S8G9GX8qW3UJC6HckPQCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7983fb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/superlotto.164bda58.svg
188.114.99.234200 OK 2.6 kB URL HTTP/2 1win-cdn.com/img/superlotto.164bda58.svg
IP 188.114.99.234:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3769)
Hash d01999fa400850cb0141aade5c45f026
fc7e697dec48c26a293cc7793b27c57312918ac9
7dc5417e648e3581765c9eb2d50e4334ed06ddf17c22dbcb8dc800be39171c71
GET /img/superlotto.164bda58.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1a77"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ThEqzwls5wtpd4r5xJ7ppuScAneK6d3IDCczRBp6I8EudvEjG%2FxqkA35g05XUpx%2Bf5fDKh%2B%2F47VTHqMZ3dgH9DKTm%2FJBQ6a36HiyP4wppF3gByccHznoV6Tz53QYPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7f8bfb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/smartsoft.55c81c76.svg
188.114.99.234200 OK 2.6 kB URL HTTP/2 1win-cdn.com/img/smartsoft.55c81c76.svg
IP 188.114.99.234:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f9e2b639c69da53f11227cc075d727d7
7a174de174d4aeb3ddb7a6328803daa064651a9b
c31b31d1fcd431d0c3d93f451445be27f491d29028804c86f23ed8c0b6d3018e
GET /img/smartsoft.55c81c76.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-149b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GL873q8WytSqXYTnT0ouwM9ZKY8L63IILlS%2FtS%2BvDBIhKJ5mb1nIf%2F98oRAQ64dyUPf6YUUY94%2F00A2AdJG7Z%2FqNpF%2FVvxvKGZm8t9AgzshyPxqI4jqE1szRvsuCTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7e8b1b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/spribe.e535371c.svg
188.114.99.234200 OK 2.4 kB URL HTTP/2 1win-cdn.com/img/spribe.e535371c.svg
IP 188.114.99.234:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2011)
Hash 2ac0872ba2766203b25bc8213072a2be
6aa9dcd3d68a6f625fb03e2f1ad00238016ae635
224affd4eef164891ef9345f092edd586f375df00dc3561a776b0e8da3daed28
GET /img/spribe.e535371c.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-843"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2WdePb8AZDAa9SHmkf1r6NdCvZpct2t5vlJONQ656sQvTDlmWvTx8Qh1eWv3pwzdR4h9tIaWE6AM8DvRHtOdh%2FBOcl%2FqPFdLMHqGCayXPSAW1bKm8%2FKo5BA6H8cBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7e8bbb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/sthlm%20gaming.a42e0c70.svg
188.114.99.234200 OK 8.1 kB URL HTTP/2 1win-cdn.com/img/sthlm%20gaming.a42e0c70.svg
IP 188.114.99.234:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e3a7707a7fc3a635a41375d74a2f87d3
4f628f6dc48c996f58976b2db0d468e37247235f
34d8dd1e83ed37b68a1c6bd5af439a177bb538409129a8362b091dce15c019b8
GET /img/sthlm%20gaming.a42e0c70.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-3199"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUWmvhlMpUl7cU4SlUlgiDCd%2BXTNhy4PsfQoI%2B%2FpKyZHb2ceYrh02kXZLN10bgb6ka93E4hjhuO4Dafv6fB%2FRae5dTVMYki605l5%2FGtukI3NzFgfa5qK63jrS%2Boixw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7e8beb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/spinomenal.30d1dc2d.svg
188.114.99.234200 OK 1.9 kB URL HTTP/2 1win-cdn.com/img/spinomenal.30d1dc2d.svg
IP 188.114.99.234:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1325)
Hash c7aeea6f29aa486142a51dbaa5dff0c8
0d88cef56ea2b53b4db3b1b3b6188433d17badbc
9b466f67f48e8951c9912425d9da1eda1757f46923938686eaedda0cef136f10
GET /img/spinomenal.30d1dc2d.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-6e7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3276375
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMC%2BSJXvQSWVM1%2BXxgD4qVsKo7aCAFQ8O9ubJWHJ6L%2F1wGtJweOzWZgFE%2Fxn%2Fc0SdD4Ce%2Bf9hlM1QbSF%2FOUWLPCNGX6Au%2F402JVoNQbTZPfixw451IEaHN81mda9%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7e8b8b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.amplitude.com/
44.240.98.229200 OK 7 B IP 44.240.98.229:0
File type ASCII text, with no line terminators
Hash 260ca9dd8a4577fc00b7bd5810298076
53a5687cb26dc41f2ab4033e97e13adefd3740d6
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
POST / HTTP/1.1
Host: api.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 1109
Cross-Origin-Resource-Policy: cross-origin
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:58 GMT
content-type: text/html;charset=utf-8
content-length: 7
access-control-allow-origin: *
access-control-allow-methods: GET, POST
trace-id: Root=1-63d62e4a-7336647f24860aca3e76085e
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
1win-cdn.com/img/7mojos%20live.0bbc237e.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/7mojos%20live.0bbc237e.svg
IP 188.114.99.234:0
GET /img/7mojos%20live.0bbc237e.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-144e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275726
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cuQ6lhC%2BbY%2FmL4xPeeN2fviGezxkQ9UzKnIopUqs6IrghHi%2FUtF8MoDcaACpBXVEGwoE8gB4ZiumaqxTic6aK40MsoreBfA7BNgZ%2BtJqaboEdgLuWYvx3TPVg3TEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e71fb7b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/northernlights.efa65c9f.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/northernlights.efa65c9f.svg
IP 188.114.99.234:0
GET /img/northernlights.efa65c9f.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2699"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEZOooY7k%2Fm5SXhcA%2FlZOfBJ43ZHiNKn%2FV013oV%2B94UiK6NGVOqD5lawQ4gYPMgRcAWqcjFQpGmFZr%2BUhAp7k%2BWQjF3sCXQdinE4llTgwGWm9ft%2BCkYzg6Aj1pCOgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7a866b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/yggdrasil.6666231e.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/yggdrasil.6666231e.svg
IP 188.114.99.234:0
GET /img/yggdrasil.6666231e.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-12ef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0oFCZ2sV5YKV0qE2OA8cUtDURoAhZ58I31cBtXTgOXCO4ZmAIBIpdZF0n76ZY1j%2FBzEXKf2d6bzGlhurDMikUpZWeFzsZ9F6HSYXR8uz8yIJqnYCF9MTZSiWoa8rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e808ecb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/betsoft.c6b04922.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/betsoft.c6b04922.svg
IP 188.114.99.234:0
GET /img/betsoft.c6b04922.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-14a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3276504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCFJEj5ATR34gMYnjy3RER%2B8%2BSppigBU1vnde6ifXn%2BpPY7i195TyNefbbgH6HpF3dmXoLrJUpXvltOjxpMvrpK1Zbnh57pblK0%2FolUbv5UfL6A1YWJ96qzhiSwfhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e74fe9b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/high5.4aa8a605.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/high5.4aa8a605.svg
IP 188.114.99.234:0
GET /img/high5.4aa8a605.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-1314"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 874158
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhYDU3DM9zvNazCB7uUB5mL131txk9o7%2F1WmI8puhzs4QJcQ%2B2koqj2b3m1r1DUPzb0y2%2BuOl9p5TwGwNubpGO1AX7awo8KBmJLouSqFPffu%2B7OXAXxxJTosYqu6PA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e79841b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/css/546.f10717d0.css
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/css/546.f10717d0.css
IP 188.114.99.234:0
GET /css/546.f10717d0.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:51 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
access-control-allow-origin: *
etag: W/"63c7c775-2bb4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
cf-cache-status: HIT
age: 883417
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bb%2FYokqDmBJanWLCSn%2BGczuHbZ6LdVxojO4tN1u%2Fj0HyWIr1WuWet0SFgB1MqNfY8AyWzxev16wfQ%2BYuvTQHCAwhDTNlNVrmauFSgmu04hWJpyajY%2BUHzxLOGvymEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098c88c32b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/icons-pack-casino.243be753.js
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/js/icons-pack-casino.243be753.js
IP 188.114.99.234:0
GET /js/icons-pack-casino.243be753.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=93639
access-control-allow-origin: *
etag: W/"63a42a53-16dc7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3277694
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BTQpxIfR2A0iv9B%2FtF48cr%2BS8eE4TsIf1Bc7SAp8rxXGbDHFUBR9u7n%2BwshUxCjUNnDEWmCf74xlddx3Js6o4ftydQAMVWGa9TuTHU0SpbRuyfDFA7gNTUPJbgvdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e71fabb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/7mojos%20slots.d3a1137d.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/7mojos%20slots.d3a1137d.svg
IP 188.114.99.234:0
GET /img/7mojos%20slots.d3a1137d.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-22be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 874158
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0y4ONvsCEe3megK0RyEF0%2B4r79SiGGXP5mTeNofiuYGnkxYSU8guaMQphJtPFqhyN2A4Q1YSo7%2BWli3g2QvzdXA8cwX67iwdY71BQn8X1gXrZGhXODMlfSM0apPhaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e73fcfb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/4theplayer.1c19371a.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/4theplayer.1c19371a.svg
IP 188.114.99.234:0
GET /img/4theplayer.1c19371a.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-25e5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275726
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5vQaj2B9jASHs4o2UkT216sg5nYo3e9M6R%2FuCQahEU7Sk9mEeZPqgyjnEjl2QhwwEETIXfcUlc1o9%2B9Q6pfkUsdYcewM9aKqIsIDS%2FU5NLrRLM%2F%2Biu%2F8ijaf3FMAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e71fafb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/mrslotty.366e094c.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/mrslotty.366e094c.svg
IP 188.114.99.234:0
GET /img/mrslotty.366e094c.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-8d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3276504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkwzetS8Jw0EVn7YABZh4ER3OEqBVG8yeighAOeAyXy%2BL3Mj9zTMgI1dYiI%2B%2BwOnRr20OIWtY5AewZ2QD5DknqRxPKkG1IwOqaEZc3P3a9SJ6xcV5HDeFG9jXEQhwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7a85eb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/elk.f78317e9.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/elk.f78317e9.svg
IP 188.114.99.234:0
GET /img/elk.f78317e9.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-d7f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275733
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3KEtjx9nPAyKYePElIXZJx6Z9M88azbFoHglykXjxv8iSmZarKMcIU1Jgez3hXUbo5hRXFOa6B0xJnTfiWAof2VWQB3%2FjGzTaK3cprs2R4zVrE9CUTGnXAemjB7lw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7781fb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/felt.10413409.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/felt.10413409.svg
IP 188.114.99.234:0
GET /img/felt.10413409.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-17fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezN%2F6rV1JMx2W%2BocL6jEBoc1QG65Yuyg%2B72M2wmF9wgOSfCo4rl0BxN%2BdXBeOrW3moQFK9TlR0td09Hvx9N8MqU2kCihVwk1NDgt%2FIc0Qar12qN1ZhCm2n1wcK1sow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e78826b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/playsondirect.60f5d958.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/playsondirect.60f5d958.svg
IP 188.114.99.234:0
GET /img/playsondirect.60f5d958.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1b2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFmQUfDa93fS92J5c2p5Dytgy8HgKzZaENtbQnV6QNH%2F7wgZZ1wJQ%2FRlf9cbEI%2BF5ucPZ2%2F%2BoOHvZkeUUt7LpkhKT4WVKXKqqqjsP9wKtQFVXmStR9tRq3LiWJt%2Bow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7b879b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/gamomat%20standard.7d28ae64.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/gamomat%20standard.7d28ae64.svg
IP 188.114.99.234:0
GET /img/gamomat%20standard.7d28ae64.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-31a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCAJzXpcFy3I0KJAS8cdYuT2xhj5jsQmMuZzpK6WefY0ejV41LW%2B3DFzPdZ9qozB6kNxlb7O981nPCm0oltqZtpgWWiPAWvobidnzcTuZ5UkqIoK2wSlQhjyD9reTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7882db4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/igrosoft.81ca5abc.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/igrosoft.81ca5abc.svg
IP 188.114.99.234:0
GET /img/igrosoft.81ca5abc.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2243"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kCKpJC8qxgS6tWNY0qne6rrSPsqBxgniYBazG6cdXehX2yb6S9F7qlHDOuJoTOSAod6FlntgeEhjp7oxjNeXotTlR3LWZe22zqxUidPNCJvd05PkyFbkmslC9Dpa%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7984db4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/skywind.61796511.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/skywind.61796511.svg
IP 188.114.99.234:0
GET /img/skywind.61796511.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-15e3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 874158
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wC7NJz2euEpCuk4zjK2BBoBmOUHLzFhyjkILCgdw1ygypbVIh%2Bam22fOPbxoST3K2L3BfLBn2goXo9jNqhIPqpHdcsRr1ZxUVz7RsCIOepmoSlbzBrhmR%2Bjj9jtYMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7e8afb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/5862.39aa5820.js
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/js/5862.39aa5820.js
IP 188.114.99.234:0
GET /js/5862.39aa5820.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:51 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=95351
access-control-allow-origin: *
etag: W/"63c68016-17477"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 17 Jan 2023 11:01:42 GMT
cf-cache-status: HIT
age: 1027129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJTCLdFqcOR%2Bb1UMf1kw5htLd4X0cF8CKSG%2BvUoOGR5sW3DF%2FL2DWjl3bFZqZLGSun1BQFEeTpitv8vCmv5M%2Fxga2FyTh6P%2Fdy5lVcJPpMY4Vw2E9EIwLgMtYgTa9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098c87c1fb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/gamomat%20premium.5db51aa0.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/gamomat%20premium.5db51aa0.svg
IP 188.114.99.234:0
GET /img/gamomat%20premium.5db51aa0.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-7f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 199730
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icyioV1E7bxdVYdJW2Wkpj%2BVsjepSRk9kbDg7uiLHWzdF4R4BDe5YBixYz45L6Q054dPrAWGMIoRd2ARAp8tDZLvIos8x5yxM%2F87xDk%2Fi7PwxC7DCnUElhlShHqC1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7882cb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/agt.a6dc1f1b.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/agt.a6dc1f1b.svg
IP 188.114.99.234:0
GET /img/agt.a6dc1f1b.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-13fc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275726
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmY07ZCdvmarMZch8HsC8fLT8jsj4rxEe%2FLNYRfgkmeFzbMLXvgSTcIyfNYbXtYaQq8SRzKIVZGJyTTog0dnfUoKIrZlt63V9%2FSt3Tlj86gOMdu6YKUsJp7BRbnnaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e73fd1b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/icons/04bc3e1fe360fd2371cfc3d84b97e1cf5d83e4ca.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/icons/04bc3e1fe360fd2371cfc3d84b97e1cf5d83e4ca.svg
IP 188.114.99.234:0
GET /icons/04bc3e1fe360fd2371cfc3d84b97e1cf5d83e4ca.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Referer: https://1win-cdn.com/css/5616.80aa74eb.css
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:57 GMT
content-type: image/svg+xml
content-security-policy: block-all-mixed-content
etag: W/"8038879829770ab0f9bd81e0758cfdab"
last-modified: Thu, 15 Apr 2021 11:51:56 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 173E04A4BA040CE5
x-xss-protection: 1; mode=block
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 1792
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FEgi4uqm0bGfZwbSVctPdweGBUvDrPiunsdYkbzvPeEWgcBVXDViByZA4%2FDuPIZhvur3J%2F5VzaIUW%2B%2Bg8CbWmYzWFMUCdzwEn4%2FqH9k1zLIPaS9m4BzgXwQ8rea3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791098e9598cb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/spinmatic.6decf00d.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/spinmatic.6decf00d.svg
IP 188.114.99.234:0
GET /img/spinmatic.6decf00d.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-24b3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCntzrrkaVPW%2FIaQznE6DYxTPxrDwz6Aq00C3Xhdfclkv%2FBANweBpmjXVWV8%2Bo31uSQgjmwcanrce8%2BHCKbodGK%2FW3WuOAgBKtLnOZLpYObA8ZD3Qg2c%2BqgW4JBikg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7e8b7b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/apollo.72eae79f.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/apollo.72eae79f.svg
IP 188.114.99.234:0
GET /img/apollo.72eae79f.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-312f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3276504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EzTEGnzrkVbrcdxaSbEpb%2FOuK40w9Sh1PFBuq0P%2BOp7NCRAJX%2BDHUoeholTFEHph93GgpKSwzYDC85b04y0qSfGkoS%2BgBaW2NiJRSkvLqt%2B4YlKEuqVzqxxsIkTNrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e73fd3b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/bgaming.8e34f448.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/bgaming.8e34f448.svg
IP 188.114.99.234:0
GET /img/bgaming.8e34f448.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-41d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275726
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAt4YUtTlJz%2FRaxdiL6oJQFbZzBlHtI9hbECLTS2OFCuJuApIIV9xTaYkYkVfIh%2BOTwBohLavVh9nKl6VtA%2BgUmf3qTLOzT3JyvZwC1vnPqOD14JfTdh0twGK3iNkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e75ff3b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/kalamba.f208b29d.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/kalamba.f208b29d.svg
IP 188.114.99.234:0
GET /img/kalamba.f208b29d.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-5343"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymY%2Fez2lMQnIiZm83K33CERLcphev5TSmbNJ4Xq8U1veYIlAc1T%2FYUoXlDIHUMWA5zdY4IDnTEMC6gWS81NIqCx8r0qVgXpI%2BadxphsNYEN4Q4SBaRiA%2BFP8PrPNrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7a855b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/fazi.0731b5cf.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/fazi.0731b5cf.svg
IP 188.114.99.234:0
GET /img/fazi.0731b5cf.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-27b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=toteSRAXltrm47EevTnfe8CSe8l784znvRGt45CNDEVJKa%2BAi%2FKnJB7J6wD0%2BGYDwqaHYXSX35XY76a0gY2ylAUBiVtOmeZn7lDp2SskhNQofQ1ynsG8Mk1SDecXYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e78824b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/netgaming.aac206c0.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/netgaming.aac206c0.svg
IP 188.114.99.234:0
GET /img/netgaming.aac206c0.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-127cf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwebuSEqTWisGyXo9I80e39CNZbmn9xpovaX%2F5h6nJoAvOzrvah5c6Kae1NrbsdetQ0kB%2BIAwpchK%2BMHV%2BIssbLEHU1fvrNuw3%2FYSwR5l%2FPcr48Hrjy8oY5V%2BLP2bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7a862b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/sapphire%20gaming.474064f5.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/sapphire%20gaming.474064f5.svg
IP 188.114.99.234:0
GET /img/sapphire%20gaming.474064f5.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-3bfe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWA66Ehmb9C96d%2FeiD1jykewlR3A1R2MWS07FG6LF7Ryp4caiWwiIG4Awts8I5r8X2wywx4mKXjmFSYm5ztIhIw%2B21uVpFEFxWg5pl3aHk8d5ePdJpTZBXZl4wORQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7d8a1b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/silverback.e3f805e2.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/silverback.e3f805e2.svg
IP 188.114.99.234:0
GET /img/silverback.e3f805e2.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1c185"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zzs6n6unCnOUQL%2FCTCTzaCnDHxfMZ7MzoyuDKQLSGhD2uAO8Uw56CfKzUTt5zUiK8jQB0PytAYRBHtOe4ubPhx%2F2TqzzVIk%2Fd7iV3XhXjwrz3VhMsIkzdjDuYWmVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7e8abb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1wswqf.top/pwaNotFound.html
190.115.19.101200 OK 0 B URL HTTP/2 1wswqf.top/pwaNotFound.html
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
GET /pwaNotFound.html HTTP/1.1
Host: 1wswqf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1wswqf.top/sw.db344b25.js
Connection: keep-alive
Cookie: sub_ids=sub2=13253; visit_domain=1wswqf.top; partner_key=79i6; core-sticky=http://10.233.108.166:80; 1w_lang=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Sun, 29 Jan 2023 08:28:51 GMT
content-type: text/html
last-modified: Fri, 27 Jan 2023 09:15:27 GMT
etag: W/"63d3962f-136c"
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
1win-cdn.com/img/gamzix.f7270646.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/gamzix.f7270646.svg
IP 188.114.99.234:0
GET /img/gamzix.f7270646.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-f15b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1orLvxRjp9GwFbKzuRNknIy6OEos%2BnQYiKbn2gbx0pQnb%2B2KbMDyKoKp3%2BD6uDPfa0lDXJqXFd6OzyxGBNv1MeDJjPeBdia5Jj7UEy0%2FdsqBsetbx6%2FcxdhE%2F7aKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7882fb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/hollegames.04d23aa8.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/hollegames.04d23aa8.svg
IP 188.114.99.234:0
GET /img/hollegames.04d23aa8.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2121"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kiKnxYrMYmEtfQnLfIniXGy4HZsGhqxfatSQn1X67pKNFviGxZ9HG7Nvt%2BaW0%2FKfmXBouZ12XpFKiyDKoVPlXQ5TBOnoifX5HOt2xlfsu8lb8iPWrjY36vZ5weypSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7984cb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/caleta.4b134d78.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/caleta.4b134d78.svg
IP 188.114.99.234:0
GET /img/caleta.4b134d78.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-502"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275735
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2QSGDAbkB5Ij5ZIvKcCtd%2FSKtvlu5ZwaUwEzFKGdKC3JVOyLHPJPgoQWqHp%2FK6FuuN3li6l%2BvHxcs3IfduCDE252blRQvKrX5eA0%2FNOtC6u3DQqYWobqOmUytCoEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7680bb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/golden%20hero%20games.815c7431.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/golden%20hero%20games.815c7431.svg
IP 188.114.99.234:0
GET /img/golden%20hero%20games.815c7431.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-ba94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESsH%2F8H4TH4KUe%2F4RVMr5fg3E7YC%2BXpX4fsIlqIdtWrdLilWdztxPRuamdZfYHfxFLwDmrfC%2FjSOwkCpaTgV0Hj1ClLBn7raayuxFp4hvwptSv3Uols00qr1CTnKtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e79837b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/iron%20dog%20studios.8a9aca7b.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/iron%20dog%20studios.8a9aca7b.svg
IP 188.114.99.234:0
GET /img/iron%20dog%20studios.8a9aca7b.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-23e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSvbdzkhRJGlJl9mTs1KppEHbRQV7t3wdIFcHRxyZR9umX7OLR4cPi8eI2DKqw0mnZnUM%2FPc8ylvHOuFlweJ7dkF%2BccSy7zANbt5YDCM3bpwaWfnYVVPatQv%2BwYOiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7984eb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/turbo%20games.bfc7405e.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/turbo%20games.bfc7405e.svg
IP 188.114.99.234:0
GET /img/turbo%20games.bfc7405e.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-18b5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 906170
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwlMfI2IgNYRIwSgjmBkc8Wu6pqkptLP3Ffycqi%2FVI0%2FougEBXP8YvGsLZz9msKzBHe7v8uo8QhUuE%2BccBm5MS%2BAC5DAKcr2VZtIJc%2F8rlhI8s1TS%2BjQn3CoEeEP%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e808d8b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/vivogaming.41d892b8.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/vivogaming.41d892b8.svg
IP 188.114.99.234:0
GET /img/vivogaming.41d892b8.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-f228"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 211631
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SYO1eKqMCcBSzlL%2BqIn%2F4OBYyREmqI2T%2BHuJ6nSDOrE%2FHpW0j%2BSdvQxhwawWPLvgA53uc863clKJ4atvFe%2BYXMvRPn6cDvtSCAW%2B1uoxAFLPveVf%2BJtZgfw43QwCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e808e0b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/habanero.5aca5f39.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/habanero.5aca5f39.svg
IP 188.114.99.234:0
GET /img/habanero.5aca5f39.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-1077"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 286541
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbGTOKGJNqaw1DdIH0029S7Qh6QAhTWQoZkT%2BTT0aT7UlDmeXgdiMwHE8FZbsTQn8YyCWq0%2BiZxIlPcHddIgJ3vJyr1x8H%2BdQvDYDM%2FJ%2FOevkTU2wJzXTU1HQ29blw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7983bb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/mancala%20gaming.792c2e8b.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/mancala%20gaming.792c2e8b.svg
IP 188.114.99.234:0
GET /img/mancala%20gaming.792c2e8b.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-305d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6zHSbqKmULN5MF65pvWqcN%2BVkCxD5La1tamSYP%2BHLu8oAi%2BJ7CRr0UUaVo0W2cdVKHy%2FQ6nVq9lSjzKTY%2FwKYcSAqerx9Ola6SrpiEuFPUKKHPq20Lf4jdaRnJDnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7a85ab4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/liw.06ac3b16.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/liw.06ac3b16.svg
IP 188.114.99.234:0
GET /img/liw.06ac3b16.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1df5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hqPHygrBxpFLMs1X9JGNzEhAAVI5Jln8AhPG7SXGg0b2hRUaLdHV%2FfAHAKm0x940vdWQo4I8vsjIDCnxYNf5gQnuLpeQlq1Gbs1HBb8knPCBiKs4AR5luJPHH7qCWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7a859b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/blackpudding.ab318dcd.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/blackpudding.ab318dcd.svg
IP 188.114.99.234:0
GET /img/blackpudding.ab318dcd.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-141e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275726
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGackFmQ8eCiakHv7f0K2bTKDBXn%2Ft3x2izS1K0nxQEfx0ES%2FD%2FrBpneG%2Fd6oAj%2BF03Zvob3S7C2ZYnhx9TlBUgRgVjo8TFXS875HoDxGo5eXE39Kqioo%2B7IToAxJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e75ffbb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/icons/45ee3a8c099d64d07437f1c0dc6d31ea94db58c7.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/icons/45ee3a8c099d64d07437f1c0dc6d31ea94db58c7.svg
IP 188.114.99.234:0
GET /icons/45ee3a8c099d64d07437f1c0dc6d31ea94db58c7.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Referer: https://1win-cdn.com/css/5616.80aa74eb.css
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:57 GMT
content-type: image/svg+xml
content-security-policy: block-all-mixed-content
etag: W/"b6b9b65b6a648eb5ea498a3d29ce302e"
last-modified: Mon, 02 May 2022 13:50:45 GMT
vary: Origin, Accept-Encoding
x-amz-request-id: 173DCF36723BD7F7
x-xss-protection: 1; mode=block
x-frame-options: DENY
cache-control: max-age=14400
cf-cache-status: HIT
age: 1792
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02%2FbSgo%2B0qGB1fZbUrqIwgcTNx98pi8bbHutD2lhlq4b%2B82E0RjFPLc7D8MncRhfoJKqS28q%2BW37TBifPrqXmioYzH8l8a4lAYAN0YHlIuHKLyuVnLJYiuP1%2FMNZ3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791098e95987b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/kiron.4a0c7f94.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/kiron.4a0c7f94.svg
IP 188.114.99.234:0
GET /img/kiron.4a0c7f94.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-264"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTL%2BEhlHyhRYCNaqS4D%2FXIxVEVgZlsCbgMdsLdiBHm38pSS%2FPEEuqmKVjbaDXhOYayihhqHBuER49%2BzvPplfCRmTRQlV5egbJann17HzcyZiO1E8xa9CyJzofW3atQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7a856b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/nsoft.694e7d47.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/nsoft.694e7d47.svg
IP 188.114.99.234:0
GET /img/nsoft.694e7d47.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-532"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0PFVwNI0MXwHXf0trYd7YnM6IsL6hibWCcvUqDNgeoWhPMjyjR3Qu9QoMg6PSYxCdrBvUMUg%2BtDCla0ByJ%2BO%2FVgx66hZ0KZqHC7ykhWfhI4H%2F0T3vt4OyFuDY%2BApIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7a867b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/onlyplay.820ab1cc.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/onlyplay.820ab1cc.svg
IP 188.114.99.234:0
GET /img/onlyplay.820ab1cc.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-648"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 199730
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hs7HOExG1yUQRy%2BdPRtsQSlWznCmx3xupuJiy175eNnexLJobZEvX3riu%2F6J529Y85FaI36sdUZVj9NOuM4yckKCgZWosUil%2FlVv3yZkNFvjzkqUWfbCeLLUUTFaDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7a869b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/zeus%20play.8ccc9002.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/zeus%20play.8ccc9002.svg
IP 188.114.99.234:0
GET /img/zeus%20play.8ccc9002.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-3d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fra7A0NIBi3JIx74Mro1pseCR3oku8HGjMdAdFIailrg0I81Jx%2Ba%2BaNCebu7VW%2BaDV1J3mhD5XycGvfjEbw4j8vmS6qcg9efcCdcColAe3kE4ZGBrqewYlhxksfAmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e808edb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/icons-common.c0259c25.js
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/js/icons-common.c0259c25.js
IP 188.114.99.234:0
GET /js/icons-common.c0259c25.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=231782
access-control-allow-origin: *
etag: W/"63c6800f-38966"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 17 Jan 2023 11:01:35 GMT
cf-cache-status: HIT
age: 1027580
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0E%2Fe199JwkITdR1QzoLj42%2BHQLhLR3AMufSxiOtN0zbO1kwgT3DeoW1fjKB8NehX0hKOB%2FdOx%2BHyyDIQ1b%2BRlNCCAn0rXe%2BIOKSE7E8duJXXcxjl1%2FRIHw2Gkx94HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098c0db8ab4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/common/banners/all-v2?lang=en&type=desktop&bannersType=main&localeId=1
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/common/banners/all-v2?lang=en&type=desktop&bannersType=main&localeId=1
IP 188.114.99.234:0
GET /common/banners/all-v2?lang=en&type=desktop&bannersType=main&localeId=1 HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:52 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wswqf.top
vary: Origin
x-frame-options: DENY
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkewJRdDydn2CAZeuCVvlrCzLiUO%2BqurCv5oIIOsyfzbey6FqbZFM4wPgGCkVjb4dU1IouXMose250SVRXMoutNSUxP%2FQutU1UXmzC%2B9WhFkUHMlUpBE0wlxGLtdoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791098cdf953b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/flags/NO.svg
188.114.99.234404 Not Found 0 B URL HTTP/2 1win-cdn.com/img/flags/NO.svg
IP 188.114.99.234:0
GET /img/flags/NO.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 404 Not Found
date: Sun, 29 Jan 2023 08:28:57 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FLudlB7e7C1BB4750%2BFtwVPY3%2Bt9g%2FJL9VmBbmeEZP2r6DUjlFy4772KyF4bMVQy8r75l6dDwN0uCNDbqUOjmiboy9Pt%2FAO4wmW1mWIFLcUdfEtKbI1sWoLuy%2Bq2yA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e97a77b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/chunk-common.cb71208d.js
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/js/chunk-common.cb71208d.js
IP 188.114.99.234:0
GET /js/chunk-common.cb71208d.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wswqf.top
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=16758
access-control-allow-origin: *
etag: W/"63caa6b8-4176"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 20 Jan 2023 14:35:36 GMT
cf-cache-status: HIT
age: 558986
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQsGKkVZB1kuw%2BvhRlWzBvi7nt042lo%2F35pDIVKSGxycTC0K0eZ5xiJNEbxF2KMAEmXjkcXx4w%2BOB5f6j3lpSzFJH0xImilLZ5OgFJ7rPDqxxcDjdRtTvEgs3FEwAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098bf88acb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/genii.5614cd78.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/genii.5614cd78.svg
IP 188.114.99.234:0
GET /img/genii.5614cd78.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-e7f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NLRnA%2B0Nc8c5abVPNoeZdbOXaiscCAvtDx220JqlSD5CuSHZAFiwFj6GN5jLhh6waKezYkPMHy4z2IbOyhi38EVVTWVupz9cenZrG5OgNXibwQBUc8xk5MuHx0%2B2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e78830b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/playtech.f068e8ab.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/playtech.f068e8ab.svg
IP 188.114.99.234:0
GET /img/playtech.f068e8ab.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-50e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5uWH28VJc4H0N3ToybAQBQnKWxRCb8B5eyI70m1NM%2F9WamMtvocYbdl7JZiEsM2A44Y%2BwFRkVF2ZrhKUZMsrl1efE%2BayLt%2BYegRVivOBJ%2BNL2kipOUjKNknFg7mnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7b880b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/css/desktop.31e6deb9.css
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/css/desktop.31e6deb9.css
IP 188.114.99.234:0
GET /css/desktop.31e6deb9.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:50 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=95906
access-control-allow-origin: *
etag: W/"63d124be-176a2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
cf-cache-status: HIT
age: 206302
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isG%2F2KemY0JJXhMM1jn0T2%2BvNCQAxcV1ue5A%2BTrlmzTzhpiMvnUye%2Bc0gIiZTVf0LHyaCHRs8pOvB%2Fcesr88ZP15or67jLjE9JD7Po%2FViVzbCoCoqB4JkwDERwdrCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098bfba65b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/max%20win%20gaming.d504cecb.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/max%20win%20gaming.d504cecb.svg
IP 188.114.99.234:0
GET /img/max%20win%20gaming.d504cecb.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-a04"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTJx94tlS9D2pLkswVOiplSRWJQmkp1zjHR%2FhG5edCLhMv2EC%2BVjaTD6CGt7FtRfEp0APj0ZkIZanG%2F%2F0bgq7FD6goXQN94pm%2FYsI3N9sbLmoJdQkiggoNRS77JT3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7a85cb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/wazdan.63223c78.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/wazdan.63223c78.svg
IP 188.114.99.234:0
GET /img/wazdan.63223c78.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-cac"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpixCQn2yQJBb58a%2Fp1W4gRNs%2BpkBPOmvgjuQGVM%2BMKfO9uNPfUZ9lAFYsXLhdPOD5p6%2Fi4sQbpcaGTpIKZH20aRw9TLVpsXCwKvWIcRhKCr6nW7kdjcL421rXfaSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e808e1b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/worldmatch.767ba51a.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/worldmatch.767ba51a.svg
IP 188.114.99.234:0
GET /img/worldmatch.767ba51a.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-1f6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 874158
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YircoIzw4cqViHPK0d7FWU5rAPYv2sfrtyC7gMrHKYugExC2LU%2BxFhtekzv%2FQC%2Fb2nMrit9kit7TPsciPjJG6ct%2BlVLkzWcIcC95K6Fp1FD78pm3h7oI%2FQJ8LCzmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e808e5b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/evoplay.f05734bb.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/evoplay.f05734bb.svg
IP 188.114.99.234:0
GET /img/evoplay.f05734bb.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-a08"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275733
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7OVqOTtXLRY8juH632Pnp4DsBuzV18wch2iDKku0rfbFEkMJPDBexRNEmvtB%2FTQrmUPehbM%2BoC11KYGVSllI5nEEmRQdcYSrhGpu8s7evYn8Wmv%2FYh5NC1St6rRmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e78821b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1wswqf.top/firebase/8.1.1/firebase-app.js
190.115.19.101200 OK 0 B URL HTTP/2 1wswqf.top/firebase/8.1.1/firebase-app.js
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
GET /firebase/8.1.1/firebase-app.js HTTP/1.1
Host: 1wswqf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/sw.db344b25.js
Cookie: sub_ids=sub2=13253; visit_domain=1wswqf.top; partner_key=79i6; core-sticky=http://10.233.108.166:80
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Sun, 29 Jan 2023 08:28:50 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 09:15:27 GMT
etag: W/"63d3962f-4ded"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: DENY
content-encoding: gzip
X-Firefox-Spdy: h2
1win-cdn.com/css/5616.80aa74eb.css
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/css/5616.80aa74eb.css
IP 188.114.99.234:0
GET /css/5616.80aa74eb.css HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:51 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
access-control-allow-origin: *
etag: W/"63a42a53-5088"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3277638
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHQDnmLUHf6WsjvlQE55AsquWgE0womENd7Kw8wZlfxDjLhOfI1hMSmIqWSRc7PIsLKchf7Pq2wnsaLniUdBaMjrp1ZGktgi7Qx6Cquxig5t%2BixrOmU4V4ukpu7cDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098c87c17b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/elbet.90c78268.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/elbet.90c78268.svg
IP 188.114.99.234:0
GET /img/elbet.90c78268.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-70f7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275733
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gkOk6ULU1J73kQbWIR0aDRDnjfKM%2BVhFGbHu4jTAqw%2B8PjEitMyHgVFCErwhSXnmREjmTUbqI0YYvE7wA5aVOzUYhuIQ3sbrzTkzp7k%2FUROQS68d7qw9oRmDvd3mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e77819b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/blueprint.92d09945.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/blueprint.92d09945.svg
IP 188.114.99.234:0
GET /img/blueprint.92d09945.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2a4f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275735
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QoZ8t05da%2BLuE0LQ5vmT9dqR7iYvz1Th1q9EDmSOZ9vzBAArtWsZMbtt0vRjwXXl75gPLUpMTL2qYHNjemsRlqMXBUGQC1FqzY515CsXaCB0eWFERJOaf1TL2fsBoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e75ffcb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/pushgaming.bc19137b.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/pushgaming.bc19137b.svg
IP 188.114.99.234:0
GET /img/pushgaming.bc19137b.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-e19"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TwhX60PWig99zbs6meMqW7VVMbWcvKE3CxLlwPHEzsiTlmgR8IDd3DXqDPLQEYR55QFHMt1cWw%2BZCwtc0ozhZcYthSRtYUx5DPIDv0pX5xkUyDXXJrw3FV%2BtB3alw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7b887b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/virtual%20generation.76588830.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/virtual%20generation.76588830.svg
IP 188.114.99.234:0
GET /img/virtual%20generation.76588830.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2e89"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pv626TyYq4TBfEnUrM46Zkjx614NaihM3EK6kOgS%2B9JYrwsViVse6yuXR%2Fwb%2FFdAFmqEnpZZe06XmdJhk95d8OVQzE4hBF%2But6ZErzMOeGEk1DQ23jaT%2BnxEiIXE8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e808deb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/tpg.b2c2a9df.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/tpg.b2c2a9df.svg
IP 188.114.99.234:0
GET /img/tpg.b2c2a9df.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-a6f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 874158
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RAFHdUk1lsx6OwE7AIIwT3XIE7mqwXS%2FWNpCS7%2FXMCzlIAtXERd5iaojug%2FySSJPoVT2%2BOt%2Fkmh3PCMUbZMIEVJrjNSKyrNqzMUtso0dbY6sTPH6EuRiSlekMxmK0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7f8d1b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/chunk-vendors.24294a2f.js
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/js/chunk-vendors.24294a2f.js
IP 188.114.99.234:0
GET /js/chunk-vendors.24294a2f.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wswqf.top
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=427140
access-control-allow-origin: *
etag: W/"63d3962e-68484"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 27 Jan 2023 09:15:26 GMT
cf-cache-status: HIT
age: 168200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9tMkUxXKQXIyDTwzdwo8PMhY82xM3X7%2B0uQ546SqyaBDrzExT4Ngr23eNXzsW0HfMuNSV0LHvuLtGBgSGUfSE1BAJKBwzCC8MXmhQELRSuZRdq32v9xbIbB8enFYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098bfb8e4b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/onetouch.8550a163.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/onetouch.8550a163.svg
IP 188.114.99.234:0
GET /img/onetouch.8550a163.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-3ad4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UyVoKsDzJ3q8klrvqASfA1%2B%2FaWY0BBIWMti%2F%2FoVCXusNA0K5qKvhxnUz3B%2FvcQT01u7AGYQeaImAfSIPRqz2UjBdUqb2vw0YWHOXzOnxlnI9XEbPy2OAp7EJIzzNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7a868b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/electric%20elephant%20.0f5be6ef.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/electric%20elephant%20.0f5be6ef.svg
IP 188.114.99.234:0
GET /img/electric%20elephant%20.0f5be6ef.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1cdd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275733
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymrB0KLyZRGzrI4%2FKXZ7Z6%2F4dmtHHoLtFXJN9IxlJouPrh3LaIayugJUGbysy7CV7j76XOxGbx%2F9vERUIzZjkUlNUDoa98K8O2ov%2FQnVxvKv7zxdYqA5gvvLoosN4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7781ab4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/gameart.bec40c08.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/gameart.bec40c08.svg
IP 188.114.99.234:0
GET /img/gameart.bec40c08.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-a20"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FTtOov53iEhCKWJXGY7IhArmpA%2FU9iDlSgbvJRvLeODIRJPsBUt9dLlYM1f9dKsvIPqMPSWz7TSRbdqNAgqSO8oL8zGFYf1HXvSJ1%2B1CPLhPCCn6NyzUmfEGxtaoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7882bb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/green%20jade.c62a1806.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/green%20jade.c62a1806.svg
IP 188.114.99.234:0
GET /img/green%20jade.c62a1806.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2aee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0IfXlr%2BSz0kksetpGs9gbSsFmnrMNPUZ4PncKIa%2FnrxD8EDgpSIzHxT%2BJIn25fkz35PWLKPgCXGmvQ%2BbGXTGbvxnZwuS%2BSjSm7qmOztB%2Ba2FJo2lzYviD1Y5dpaEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e79839b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/edict.209e128e.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/edict.209e128e.svg
IP 188.114.99.234:0
GET /img/edict.209e128e.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2f34"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275733
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Diwtmleya0SPiJgRbUXh79FnLQd6AF0wmXKwX%2FyvacLMg2ey2H9QahWg0C6cJi83M694PAmToFTy02Zc2jccd6V9uHtE0tpcQIa%2BefIhcj62WtmtIEyfz48g7eyPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e77818b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
mc.yandex.ru/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1119%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A27250722183%3Ahid%3A696815725%3Az%3A0%3Ai%3A20230129082858%3Aet%3A1674980938%3Ac%3A1%3Arn%3A209546093%3Arqn%3A1%3Au%3A1674980938866523187%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A479%2C125%2C103%2C0%2C247%2C0%2C%2C135%2C2%2C%2C%2C%2C1373%3Aco%3A0%3Ans%3A1674980935808%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674980938%3At%3A1win%20-%20Loading&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.251.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1119%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A27250722183%3Ahid%3A696815725%3Az%3A0%3Ai%3A20230129082858%3Aet%3A1674980938%3Ac%3A1%3Arn%3A209546093%3Arqn%3A1%3Au%3A1674980938866523187%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A479%2C125%2C103%2C0%2C247%2C0%2C%2C135%2C2%2C%2C%2C%2C1373%3Aco%3A0%3Ans%3A1674980935808%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674980938%3At%3A1win%20-%20Loading&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
GET /watch/92006234?wmode=7&page-url=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1119%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A27250722183%3Ahid%3A696815725%3Az%3A0%3Ai%3A20230129082858%3Aet%3A1674980938%3Ac%3A1%3Arn%3A209546093%3Arqn%3A1%3Au%3A1674980938866523187%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A479%2C125%2C103%2C0%2C247%2C0%2C%2C135%2C2%2C%2C%2C%2C1373%3Aco%3A0%3Ans%3A1674980935808%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674980938%3At%3A1win%20-%20Loading&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1wswqf.top
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 302 Found
location: /watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wswqf.top%2F%3Fopen%3Dregister%26&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1119%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A27250722183%3Ahid%3A696815725%3Az%3A0%3Ai%3A20230129082858%3Aet%3A1674980938%3Ac%3A1%3Arn%3A209546093%3Arqn%3A1%3Au%3A1674980938866523187%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A479%2C125%2C103%2C0%2C247%2C0%2C%2C135%2C2%2C%2C%2C%2C1373%3Aco%3A0%3Ans%3A1674980935808%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674980938%3At%3A1win%20-%20Loading&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sun, 29 Jan 2023 08:28:51 GMT
access-control-allow-origin: https://1wswqf.top
set-cookie: yabs-sid=1474077261674980931; Path=/; SameSite=None; Secure
i=xNpnqdLtMh8lvJeoYvZMBbZjIsRWdRox13uI94GW+sE9mxcVx0D6y9RnD0He8iX/ddayolyOGrriMNNMybv6RLKpYe0=; Expires=Wed, 26-Jan-2033 08:28:47 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=8821732571674980931; Expires=Mon, 29-Jan-2024 08:28:51 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=8821732571674980931; Expires=Mon, 29-Jan-2024 08:28:51 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706516931.yc.1674980931#1706516931.yrts.1674980931#1706516931.yrtsi.1674980931; Expires=Mon, 29-Jan-2024 08:28:51 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29-Jan-2023 08:28:51 GMT
last-modified: Sun, 29-Jan-2023 08:28:51 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
1win-cdn.com/img/apparat.982be0d4.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/apparat.982be0d4.svg
IP 188.114.99.234:0
GET /img/apparat.982be0d4.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-177"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275726
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgCKcfMmYjG97Xp%2BC6GRBiHUHFPdvQEafnvHyxgSa7c%2BmorySwl50BG%2Bl8ES1Hkv1gFbZCQjb5AYR%2Fz9B2HK31rhPUMv%2Fyaj%2B21MBW%2FP7Y1KVrT8CSkcGYrP0vE%2BYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e73fd9b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/atmosfera.2954041c.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/atmosfera.2954041c.svg
IP 188.114.99.234:0
GET /img/atmosfera.2954041c.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-156d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275726
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BU7%2BQ8NnbJyQbFFSpFPD7edHPdIa9aK7pbcvZemf1nhYC9vFXi53YaCvreIJxD9%2B7pSQISg3TSWq4qcSRVR5I24u7ne3VHUv2MXjGZYi8UKpf2Exmv3CTMJ5vphPmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e73fdcb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/salsa.aa6535b1.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/salsa.aa6535b1.svg
IP 188.114.99.234:0
GET /img/salsa.aa6535b1.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-246f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3IUFtD9EZyPevtvOOHKyxCb48hye1X4Onb2z8c6mjO7ARh0yA7OVRWFGvp7m3LyFPBjQY04uw8owpHBuiE2ypNPIbGucRY9MkjTQpqslNl1CmXd8WfOfpeniU8OsIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7d89fb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/allwayspin.ef1458a7.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/allwayspin.ef1458a7.svg
IP 188.114.99.234:0
GET /img/allwayspin.ef1458a7.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-db6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275726
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHCR7aNj26DycQYwlOkBKO0fQhgSt6kS9LwICxDB4Tm0MDI5XUWm109N9y54H2S4IsC6cxb4MSM7rUqrl9XMz5lYuFy4Z6uhLj6jxxysfBiXIP1iiS9X0kORMHzwTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e73fd2b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/bet2tech.bb2f3549.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/bet2tech.bb2f3549.svg
IP 188.114.99.234:0
GET /img/bet2tech.bb2f3549.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-5e6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275726
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3smeTqJZgl34z2EWNllk2KbuVvYisSrSh%2BicwtPNxLuSEuss%2FNgtwAaFQsQR35e1l6w25QCjcOU6vmaNmfnnv3LDiOtM2h17zQSEK9%2BKcyOrRjKIqc5CcIWrkCXxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e74fe7b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/hogaming.f8502380.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/hogaming.f8502380.svg
IP 188.114.99.234:0
GET /img/hogaming.f8502380.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2cde"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTsdVFKLQQP59hm0NGwZ39Lbr%2B89zhNP8oVVuCmwVJ3FtdHhNWDgFwdLbhHBCGY97L921W16lKpYtJ8Kc%2BMDwZSQ9s3thSw%2Fg8xVTFXgX7VDoBc%2BUEBnyJ0Kw9nUVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7984bb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/oryx.ef29a7af.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/oryx.ef29a7af.svg
IP 188.114.99.234:0
GET /img/oryx.ef29a7af.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-507"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ykqH4EqhOwQF%2B7xFE5mzxEGirqIi0MmUyIhbOlEZFmLdfg17uUsuw%2FX3pS11osawG4mZhbP%2B2HFjF7MRC3o4WENFPnBi%2B39TBpMFa%2BizasXg26emDa2Tp5X8QX7wtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7a86bb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/playbro.29e123ea.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/playbro.29e123ea.svg
IP 188.114.99.234:0
GET /img/playbro.29e123ea.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1b2f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnGFLXIWmadTE18HzytmfYeqMHeDtCe6SIBlliCpSn9wOKal5mu3o%2FsesW0GUYy2XiG1bqM9vFcm%2BjL5hgvih%2FdG9ZVBe3S4y2shPxsEa1PgckmHYBQ0%2B6mcp1TtBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7b874b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/playngo.ee16ad11.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/playngo.ee16ad11.svg
IP 188.114.99.234:0
GET /img/playngo.ee16ad11.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-dea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1cUWNY4bwEREATHh5qRewRV7iQFHMQUwuYLvtdFJDd%2F1m9Bt0oZ6N2Zb3QCs2GZGTnmZfgd3ELLf41ZiQutX8MEXk26HEhTTxE9pKcBG7QiSZ%2Bt5cOVeeJqXZB2LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7b878b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/vibragaming.4b28676d.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/vibragaming.4b28676d.svg
IP 188.114.99.234:0
GET /img/vibragaming.4b28676d.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-22a4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxUK4LJHIxeOs%2FKTbIo7gWP2LUJy1Q3JUzgRvDbGyomzQRmmGujhBCaqbzc6pG0oCRVEeDYjqCgma6PKEK6v1xVHyj9fwSb1hkfQTZrGvXP9mR0XtiXkA3BSZ8D5AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e808dcb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/9208.35d28ae2.js
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/js/9208.35d28ae2.js
IP 188.114.99.234:0
GET /js/9208.35d28ae2.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:51 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=1368
access-control-allow-origin: *
etag: W/"63d3962e-558"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 27 Jan 2023 09:15:26 GMT
cf-cache-status: HIT
age: 163856
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cHZvwbY487fzhyKZ2%2FrpVENQmNuwo7zzcDxd0DYntISZwn%2FbbIMqvmQy8bJ1mum%2BGiDaDSZ95Eb5lLahyolPzQuZTKlTy9PwcMYlFPjEpvND6sZECMibQ6npsgCDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098c88c3db4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/fugaso.a193ab53.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/fugaso.a193ab53.svg
IP 188.114.99.234:0
GET /img/fugaso.a193ab53.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-4c1e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3276504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6Fowzxtl%2FlSvUd%2F48dZONfr%2BSAVhuTd88cUwUB5vlhRnGKm0CVBBc6qKPKTH9bqs7Wt2JdgcpMx1ibeuwJtUV9ohA8NWv%2BoDsLL4r7GE19VrHiTHXvx9YytNPCyNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e78827b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/boldplay.018c7f09.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/boldplay.018c7f09.svg
IP 188.114.99.234:0
GET /img/boldplay.018c7f09.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Jan 2023 10:18:29 GMT
etag: W/"63c7c775-1603"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 874158
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18qs5plp3KxW1CcYX8BiwERyf4f5ZkI3ZosPl0GQjwm6cmQhZE3opnG%2F3pZUPtHkRPFxcxhMtNoskW%2Bj%2BQppFGzdWiOg4pX6cvWBY1jAOoLJxV70v3AxygzKaq7G6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e76ffeb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/pragmatic.fd2b7bb4.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/pragmatic.fd2b7bb4.svg
IP 188.114.99.234:0
GET /img/pragmatic.fd2b7bb4.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-52f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjZ4MnepY5oso8%2FTc06OV%2BVLFCjPveSB51BVW5D8AZlUM%2FhqoZIoh1R1QtBfvg7O%2F1Z%2F4aGiCQ1GJVHNvAl4DmxTfvnTZj7NTVBGZiW7qPP05m1QqamgrMIRxV6omg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7b886b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/tomhorn.8e656e09.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/tomhorn.8e656e09.svg
IP 188.114.99.234:0
GET /img/tomhorn.8e656e09.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1811"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfCoqLwgsS2hnbBp78T7oFETSIPxqJqLnWq0FyIZmEf59ICN1sgiApTheAj7HgsuCcdvLRQPpNon7VyKW1wiDL7hgX62NLzSTT5LAnyvOZeJx549GORT9dp6ujxE4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7f8d0b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/5%20men%20gaming.81b340c2.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/5%20men%20gaming.81b340c2.svg
IP 188.114.99.234:0
GET /img/5%20men%20gaming.81b340c2.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1ac8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275726
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PF65TBxSmvhDlnTiI0zhkHvwU7Glultt5zvZmaJBHP8xlBst4H85dsPtoWRW7Bb47AxPXyNOWk6dR8M7vLJSO%2Bd29pfm83g%2FAlBnfLYEWRYKf425Zm3OuA9DmnKBvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e71fb1b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/icons_box.68228b09.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/icons_box.68228b09.svg
IP 188.114.99.234:0
GET /img/icons_box.68228b09.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Referer: https://1win-cdn.com/css/5616.80aa74eb.css
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:57 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 13:54:57 GMT
etag: W/"63ce91b1-3fb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 486361
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAl%2Bcgxtkkrp9yMVF4P6LjwrlCVU3TZnoUyfmYgZs7%2BU4UWGuEaZD24Lv4t6dfbGyJCrBs7vkjwS%2BSC6rCCsp0JE9BAIRbeJ3H3vR0EcIXNsNeklcMKlnkCkUC6lUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e9598ab4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/2950.429a0b76.js
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/js/2950.429a0b76.js
IP 188.114.99.234:0
GET /js/2950.429a0b76.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1wswqf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=540152
access-control-allow-origin: *
etag: W/"63d39637-83df8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 27 Jan 2023 09:15:35 GMT
cf-cache-status: HIT
age: 169819
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RfZHFgC4JaW9pE7jlZ2abJnX97MbMeCoIEgBhmQkeOUOa7B9iwBdQHrcwx1ooD36uM0CyG6S%2BLPSDDleKAfQghawN6o4MTCI0UccHBU6ao7Z59uAtqtk5IoSmwNNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098c0eb9ab4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/thunderkick.93d20b41.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/thunderkick.93d20b41.svg
IP 188.114.99.234:0
GET /img/thunderkick.93d20b41.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-1f2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 199730
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HFvCJ4Nv3ufjKp%2FIsmIkxMkFm%2BqkEB9SxGhQc9vjgMMBjX9MnvVd66X3IlRxie1xvnhxicKuSGpw6oa7rpCmXGgMSzjH9OSH16MFwqF1eHhclg2ilJOMKoi5c8NVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7f8c5b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/tvbet.c92ea7dc.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/tvbet.c92ea7dc.svg
IP 188.114.99.234:0
GET /img/tvbet.c92ea7dc.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-3edf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgSozPkp6%2FlEgQ%2F48C8plmw%2BBlF5KfDdX4FJH9dvcFoNObN4tKrTJbXIqD5rpQkwz3HmGtFinEdUvh8F32o5TExMBJpRFI6d4Mo0j%2BDTK8UtskkfRbC7%2FMjJK4rJ%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e808dab4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/bf%20games.a530d147.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/bf%20games.a530d147.svg
IP 188.114.99.234:0
GET /img/bf%20games.a530d147.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1374"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275726
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHzKSV0ojBbWMRvuRN3yYQ0tZdCeZxU3bcSE3P0HT2YdMCsuLdcMAdEGgK%2F4%2FKzkzBc8SbGNBoqJAspGY9JSJTklq8575BOLf4CmoLpSlyZOLYm0UAZeS2bQCsE6vg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e75ff1b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/goldenrace.423ead5c.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/goldenrace.423ead5c.svg
IP 188.114.99.234:0
GET /img/goldenrace.423ead5c.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-7198"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9qnmEExGGnxId7MhqDozt44QvzYoLeJ6o6yKQLTjTmCRp7LwuC2pFfTe4%2BiJ%2FJRt6OCm91zfnF%2BsRL9z3wRQ7ke307wQJariVJoKWQa28huvMW0uKBKdIbsR%2BcjVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e79838b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/synot.becc85e0.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/synot.becc85e0.svg
IP 188.114.99.234:0
GET /img/synot.becc85e0.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-b94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kdm4h8MS4a2%2BZsLSxNNjeHns5k4kQ8sBTZ9nxNqe2a9rde%2FAyZnc1PiemfW4iy5t%2FFhWDu5B3Oown0vB4FLhxwPKoQqQkRxX9Pd2gKV01vnIs2ATbSczrMJTu6FeJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7f8c3b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/triplecherry.ca9e4ee4.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/triplecherry.ca9e4ee4.svg
IP 188.114.99.234:0
GET /img/triplecherry.ca9e4ee4.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-d37"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1H5Yr921TAl5Lv7UfEEmSoTGw8PxQxAhmDaYhVaJChsn8XFxM61eaD3zfQFVIog0NJK4J7oDnL1aVpf0nQuJt40OdYZ1EDd2ztLpyYiGRkAq0xoaNNSBz42mUFoK2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7f8d2b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/endorphina.bf6a0cf2.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/endorphina.bf6a0cf2.svg
IP 188.114.99.234:0
GET /img/endorphina.bf6a0cf2.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-3a771"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275733
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BauwZcBeefiAL7gsrLJUzTyzTaAjb5o2aJ27pU9Q0tIrt%2F4XwxKjoSLcWiFcseB%2FEvLjCGgzKMxfebEOj7PGc3rvLxQZ4SgQ%2BZ7tWnoSzQfgZcd8Vm2jWqq%2BjkZI%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e77820b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/mascotgaming.fbac2f51.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/mascotgaming.fbac2f51.svg
IP 188.114.99.234:0
GET /img/mascotgaming.fbac2f51.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-b64"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAb94aH7fyWkFwzqWlLhJLTVMD4%2BPrF1WfKycjl%2BoMZZ233IoiICcX%2F0UAwvvcVlIZr9b3rB3CCAKryJAi04VPZ%2Frp%2F52fQm0EQVULKivtMwVmnRGC%2FSe9Siriy4gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7a85bb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/spadegaming.eebb41d8.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/spadegaming.eebb41d8.svg
IP 188.114.99.234:0
GET /img/spadegaming.eebb41d8.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-2d62"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cwR6zq0JbU2kSYuflX7U01QDKo0I19DAfmyMqZ9Jk8iK5aO9DJnj1lBfDcz%2FdmkJkEG1wQevEpNwunspo2pyhnK%2Fy1EJT6Tu8xPMBRUQ0cbznIQF8Wy%2FsF44skXVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7e8b3b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/simpleplay.21ac090f.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/simpleplay.21ac090f.svg
IP 188.114.99.234:0
GET /img/simpleplay.21ac090f.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Wed, 25 Jan 2023 12:46:54 GMT
etag: W/"63d124be-a01"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 211631
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y61iSjbihmPdHs7NTD%2B4VrCh4YLJ8IRtfjPnq4xY2XgPcs7cbHvir2MUKg%2FRu8ByFta2VwHQsuDun6aVg7CM47wkoVpwilrRLJNmIj7xnEjY6mfH660BGPTWJxOj1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7e8adb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1wswqf.top/?open=register&sub2=13253
190.115.19.101200 OK 0 B URL HTTP/2 1wswqf.top/?open=register&sub2=13253
IP 190.115.19.101:0
ASN #262254 DDOS-GUARD CORP.
GET /?open=register&sub2=13253 HTTP/1.1
Host: 1wswqf.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Sun, 29 Jan 2023 08:28:50 GMT
content-type: text/html; charset=utf-8
set-cookie: sub_ids=sub2=13253; path=/; expires=Wed, 01 Mar 2023 08:28:50 GMT; secure
x-frame-options: DENY
content-encoding: gzip
X-Firefox-Spdy: h2
1win-cdn.com/img/pgsoft.5ab7874f.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/pgsoft.5ab7874f.svg
IP 188.114.99.234:0
GET /img/pgsoft.5ab7874f.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-d6f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZG9phw%2Fk%2Fffs3sc%2Ffs%2BvnYKyljAJZV5Rrc8yx8o8OlsRJrqs07mybvCXdtuQuTL%2FX%2BysjEN78Dc%2Bf8CRWnUIp8aHcbEhhYEzjJqYY%2BB8w9lcp0P9chXjo4jpbNZ9gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7a86db4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/play%20pearls.e674562a.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/play%20pearls.e674562a.svg
IP 188.114.99.234:0
GET /img/play%20pearls.e674562a.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-a4a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dkj5D%2BrAyEUZV6FnftPGYC3daenGaoPHL860xkh4%2Bp1yKggdtiANMnQ3SDF2rTvr%2Fj8uYrNnd%2BOHD68oUovkXGjLINUQlFZ1zoCWw5v25tf4cJv5qqxWdkmGFWtHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7b873b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/js/icons-pack-social.11d06b0b.js
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/js/icons-pack-social.11d06b0b.js
IP 188.114.99.234:0
GET /js/icons-pack-social.11d06b0b.js HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:52 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=20146
access-control-allow-origin: *
etag: W/"63a42a53-4eb2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
cf-cache-status: HIT
age: 3277621
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fFIPJ8Ae9Z9Pfzq6c4YlVLyjldJypmVdUiX4eXdqFVVL3K4Edu3lWizNkZIQrF5TwZDMVw3COkkoEdP4%2Bi7yY70qOK7ZK7F2oy4meUl6L4CRrTSso1JBBIUC0hcXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098cdfa45b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/platipus.62dd70ad.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/platipus.62dd70ad.svg
IP 188.114.99.234:0
GET /img/platipus.62dd70ad.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1368"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZudc8VQ0PfJJ6h5X5SbyM72CDHJhPu%2BbAuB1x53rzdtuAOcz4y1xD3%2Fo1Y%2BwxbKio7XdfR3aAEgqtJ9JUIthV0hugkvNczkKqv8O3HyC0sijHXGWb9HmFXtDkksrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7b86fb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/belatra.259628ea.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/belatra.259628ea.svg
IP 188.114.99.234:0
GET /img/belatra.259628ea.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-1818"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275726
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTIJiwBLlvzsffWuLVuBse9NvldMq0sGuIoAcztSyYpBtOEaMZfDK5OYGPsqY29adKsnM1cOD6xf5VinMqbwYnIkLjSASCVa4LbaJ0ff%2Fr0AjFtJopbl7vdTuNcvQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e74fe5b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
1win-cdn.com/img/nolimit%20city.73ea77ec.svg
188.114.99.234200 OK 0 B URL HTTP/2 1win-cdn.com/img/nolimit%20city.73ea77ec.svg
IP 188.114.99.234:0
GET /img/nolimit%20city.73ea77ec.svg HTTP/1.1
Host: 1win-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://1wswqf.top/
Connection: keep-alive
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 08:28:56 GMT
content-type: image/svg+xml
last-modified: Thu, 22 Dec 2022 09:58:43 GMT
etag: W/"63a42a53-21a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 3275732
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgJg19y2r071Xbm9V9bUpXZAGhF3OD0VBRUfC2JZFuawttWo35INqOMY63DLOcv5uS0YPykNqCHL7ZF%2B2kyrgVGpfL5YvhGfhXxdcDBuS2UUeTaeTWraJ4k0EUHfPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791098e7a864b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2