1wdois.top Open in urlscan Pro
212.8.250.200 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1win.by/
Effective URL:
https://1wdois.top/casino/?open=register
Submission: On July 18 via api (July 18th 2023, 9:38:15 pm UTC) from US — Scanned from US

Summary HTTP 63 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 11 domains to perform 63 HTTP transactions. The main IP is 212.8.250.200, located in Rotterdam, Netherlands and belongs to WORLDSTREAM, NL. The main domain is 1wdois.top.
TLS certificate: Issued by R3 on June 15th 2023. Valid for: 3 months.

This is the only time 1wdois.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	85.209.148.14 85.209.148.14	60591 (SUPPORTCH...) (SUPPORTCHAIN-AS)
5	212.8.250.200 212.8.250.200	49981 (WORLDSTREAM) (WORLDSTREAM)
35	190.115.24.75 190.115.24.75	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
2	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
4 8	142.250.80.70 142.250.80.70	15169 (GOOGLE) (GOOGLE)
1	108.138.106.101 108.138.106.101	16509 (AMAZON-02) (AMAZON-02)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
1	18.164.96.87 18.164.96.87	16509 (AMAZON-02) (AMAZON-02)
2	54.213.220.225 54.213.220.225	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
63	12

1 85.209.148.14 (Minsk, Belarus) 1 redirects

ASN60591 (SUPPORTCHAIN-AS, BY)
PTR: electra.hostflyby.net

1win.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 212.8.250.200 (Rotterdam, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 212-8-250-200.hosted-by-worldstream.net

1wdois.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 190.115.24.75 (Belize City, Belize)

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: ddos-guard.net

1win-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2008 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.80.70 (Staten Island, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f6.1e100.net

12688802.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
12572451.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-101.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::200e (Flushing, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.213.220.225 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-220-225.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81e::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	1win-cdn.com 1win-cdn.com — Cisco Umbrella Rank: 406520	2 MB
8	doubleclick.net 4 redirects 12688802.fls.doubleclick.net — Cisco Umbrella Rank: 601003 12572451.fls.doubleclick.net — Cisco Umbrella Rank: 588746	3 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9422	3 KB
5	1wdois.top 1wdois.top	108 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 113	890 B
4	amplitude.com api.lab.amplitude.com — Cisco Umbrella Rank: 6343 api2.amplitude.com — Cisco Umbrella Rank: 1597	414 B
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3245	74 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 753 script.hotjar.com — Cisco Umbrella Rank: 1081	72 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	159 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	250 B
1	1win.by 1 redirects 1win.by	413 B
63	11

	Domain	Requested by
35	1win-cdn.com	1wdois.top 1win-cdn.com
7	mc.yandex.com	3 redirects 1wdois.top
5	1wdois.top	1win-cdn.com 1wdois.top
4	adservice.google.com	12572451.fls.doubleclick.net 12688802.fls.doubleclick.net
4	12572451.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	12688802.fls.doubleclick.net	2 redirects www.googletagmanager.com
3	mc.yandex.ru	2 redirects 1wdois.top
2	api2.amplitude.com	1win-cdn.com
2	www.googletagmanager.com	1wdois.top www.googletagmanager.com
2	api.lab.amplitude.com	1win-cdn.com
1	script.hotjar.com	static.hotjar.com
1	www.google-analytics.com	www.googletagmanager.com
1	static.hotjar.com	1wdois.top
1	1win.by	1 redirects
63	14

This site contains no links.

Subject Issuer	Validity	Valid
1wdois.top R3	`2023-06-15` - `2023-09-13`	3 months	crt.sh
1win-cdn.com R3	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-25` - `2024-03-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://1wdois.top/casino/?open=register
Frame ID: 4529B4B20D480073A927AEC55FB22D7E
Requests: 54 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=CIjLh9qbmYADFT8OaAgdcWoOSw;src=12688802;type=actio0;cat=allpa0;ord=1;num=3626200427099;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister
Frame ID: 6EC5F21AC6EB3C861234F955F9487BCF
Requests: 1 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CNrwh9qbmYADFZEOaAgdR1YM_Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=869024322513.6052
Frame ID: 7B1761535048560C47CFF7ED256D8E13
Requests: 1 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=CIjNh9qbmYADFd0JaAgdaDgHDw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1145590407688;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister
Frame ID: D6658939F71F942947EF8769FA8FC013
Requests: 1 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CKzzh9qbmYADFe8NaAgdrKUPiQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7715802189594.074
Frame ID: 67E8113B3866546F66570ADF2D477B08
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKzzh9qbmYADFe8NaAgdrKUPiQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7715802189594.074;~oref=https://1wdois.top/
Frame ID: A4413504E119FEFFDF5A20D8A75F9D41
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNrwh9qbmYADFZEOaAgdR1YM_Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=869024322513.6052;~oref=https://1wdois.top/
Frame ID: 978063A9185649B06D4530F6B8E3E5B0
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIjLh9qbmYADFT8OaAgdcWoOSw;src=12688802;type=actio0;cat=allpa0;ord=1;num=3626200427099;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister
Frame ID: B6BBA511856125DF2E5E88A75703288F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIjNh9qbmYADFd0JaAgdaDgHDw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1145590407688;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister
Frame ID: A293841E35340D4B736B00A44AAE89FF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1win

Page URL History Show full URLs

http://1win.by/ HTTP 302
https://1wdois.top/casino/?open=register Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

63
Requests

94 %
HTTPS

33 %
IPv6

11
Domains

14
Subdomains

12
IPs

5
Countries

2546 kB
Transfer

3464 kB
Size

27
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1win.by/ HTTP 302
https://1wdois.top/casino/?open=register Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=3626200427099;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister HTTP 302
https://12688802.fls.doubleclick.net/activityi;dc_pre=CIjLh9qbmYADFT8OaAgdcWoOSw;src=12688802;type=actio0;cat=allpa0;ord=1;num=3626200427099;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister

Request Chain 39

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=869024322513.6052 HTTP 302
https://12572451.fls.doubleclick.net/activityi;dc_pre=CNrwh9qbmYADFZEOaAgdR1YM_Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=869024322513.6052

Request Chain 43

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=1145590407688;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister HTTP 302
https://12688802.fls.doubleclick.net/activityi;dc_pre=CIjNh9qbmYADFd0JaAgdaDgHDw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1145590407688;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister

Request Chain 44

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7715802189594.074 HTTP 302
https://12572451.fls.doubleclick.net/activityi;dc_pre=CKzzh9qbmYADFe8NaAgdrKUPiQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7715802189594.074

Request Chain 58

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10068.qYodkGRDjfX3_XTebW4wyvb865FsmxPgQzBA_U1121SPiQ2UojkGblvWci7s0hTj.HkkfmL_Yu0dfrS5aSf4N4xio7zI%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10068.MVL9cxyiJYlCXqCBgMNUOVJ_TjCIoWKN7ei69OX1Dpt0cQceqttEQ4dz-Mx3KDrh4k-73XH7dSd78vnwHF2td8ZmNwPTcFsWetyZQb9aUWw%2C.K97asXBVS_7ibb35eOKf7yH2gbQ%2C

Request Chain 60

https://mc.yandex.com/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c3ao218h5r%3Afp%3A1766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A739125622762%3Ahid%3A928696896%3Az%3A0%3Ai%3A20230718213810%3Aet%3A1689716291%3Ac%3A1%3Arn%3A1038288612%3Arqn%3A1%3Au%3A1689716291531805464%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C309%2C334%2C263%2C442%2C0%2C%2C293%2C0%2C%2C%2C%2C3203%3Aco%3A0%3Acpf%3A1%3Ans%3A1689716284298%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1689716292%3At%3A1win&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c3ao218h5r%3Afp%3A1766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A739125622762%3Ahid%3A928696896%3Az%3A0%3Ai%3A20230718213810%3Aet%3A1689716291%3Ac%3A1%3Arn%3A1038288612%3Arqn%3A1%3Au%3A1689716291531805464%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C309%2C334%2C263%2C442%2C0%2C%2C293%2C0%2C%2C%2C%2C3203%3Aco%3A0%3Acpf%3A1%3Ans%3A1689716284298%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1689716292%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Request Chain 61

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10068.NbYpXkVPAdYutW193Qb6KIXVLtKSnHR4RNCyyfSagwDR0myy-uQsHxnB-iUpZ0iw.M4BwPxZkz2tDxeCP80x55TyMTJU%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10068.aChHO67qwKy81e5rg8H4RxAqnMIxaBo-1eHoJi-prgy57adm027lRc8HGaVE6Y64EZR5jY7d5Lsgg8qMwFq8zoFXeZogNUHne05GV-wLfu4%2C.m0Jm1HNKrMPi_czHYC3CuDsHVSc%2C

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
1wdois.top/casino/
Redirect Chain

http://1win.by/
https://1wdois.top/casino/?open=register

279 KB
88 KB

724ms
333ms

Document
text/html

212.8.250.200
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL

https://1wdois.top/casino/?open=register

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.8.250.200 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),

Reverse DNS

212-8-250-200.hosted-by-worldstream.net

Software

openresty/1.19.9.1 /

Resource Hash

d0417989b0bf2fa9f63165bf435758311165efe8caa714a93334f5c896e64bb8

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 18 Jul 2023 21:38:05 GMT
server: openresty/1.19.9.1
x-frame-options: DENY
x-request-id: 1mPbobVFOCUPLZ3B

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
content-length: 409
content-type: text/html; charset=UTF-8
date: Tue, 18 Jul 2023 21:38:04 GMT
location: https://1wdois.top/casino/?open=register
referrer-policy: no-referrer
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.0.29

GET
H2 200 SFNSDisplay-latin.50a4eaff3.woff2
1win-cdn.com/font/ 32 KB
33 KB 667ms
141ms Font
application/octet-stream 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/font/SFNSDisplay-latin.50a4eaff3.woff2
Requested by: Host: 1wdois.top
URL: https://1wdois.top/casino/?open=register
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68

Request headers

Referer: https://1wdois.top/
Origin: https://1wdois.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:06 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-8128"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 33064
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SFNSText-latin.f09aa5229.woff2
1win-cdn.com/font/ 42 KB
43 KB 944ms
418ms Font
application/octet-stream 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/font/SFNSText-latin.f09aa5229.woff2
Requested by: Host: 1wdois.top
URL: https://1wdois.top/casino/?open=register
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: 06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6

Request headers

Referer: https://1wdois.top/
Origin: https://1wdois.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:06 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-a9f8"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 43512
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.fd513a354.js Show response
1win-cdn.com/js/ 114 KB
114 KB 961ms
445ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/desktop.fd513a354.js
Requested by: Host: 1wdois.top
URL: https://1wdois.top/casino/?open=register
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: b9debef46f3b718444e8f9797c95f617e650f84bc0dd882e0f36bec73ae30e32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:06 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-1c6e0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 116448
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 desktop.fd4c6a7d6.css
1win-cdn.com/css/ 87 KB
87 KB 659ms
144ms Stylesheet
text/css 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/desktop.fd4c6a7d6.css
Requested by: Host: 1wdois.top
URL: https://1wdois.top/casino/?open=register
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: 5527c5700e31178d5e36ca51dec5875026aaf93e17fa96c7db4daec94c9ce3a6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:06 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-15b75"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 88949
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chunk-vendors.72ac85c3e.js Show response
1win-cdn.com/js/ 425 KB
426 KB 959ms
446ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/chunk-vendors.72ac85c3e.js
Requested by: Host: 1wdois.top
URL: https://1wdois.top/casino/?open=register
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: 2a10c404a9dcb99423e353102e49d7ff893e70c0651175d33e0d4d9e0a04f272

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:06 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-6a5b4"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 435636
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chunk-common.030c54d92.js Show response
1win-cdn.com/js/ 21 KB
21 KB 959ms
446ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/chunk-common.030c54d92.js
Requested by: Host: 1wdois.top
URL: https://1wdois.top/casino/?open=register
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: 1d0c5b2f24257216ff03c864dd0d9c6717324de078b20e523d671d6a55226c84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:06 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-531a"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 21274
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.7c3ae555b.js Show response
1win-cdn.com/js/ 79 KB
79 KB 164ms
164ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/index.7c3ae555b.js
Requested by: Host: 1wdois.top
URL: https://1wdois.top/casino/?open=register
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: 855d498511cef8f17204f19ffef2603ecc64d06ea9f035e97c99aef0a8657f86

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:06 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-13c62"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 80994
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 affiliate:link_visit Show response
1wdois.top/ 15 B
425 B 164ms
164ms Fetch
application/json 212.8.250.200
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL

https://1wdois.top/affiliate:link_visit?visit_domain=1wdois.top&sub_ids=undefined

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/chunk-vendors.72ac85c3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.8.250.200 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),

Reverse DNS

212-8-250-200.hosted-by-worldstream.net

Software

openresty/1.19.9.1 / Express

Resource Hash

a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/casino/?open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:07 GMT
server: openresty/1.19.9.1
etag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
x-powered-by: Express
access-control-max-age: 7200
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: undefined
access-control-expose-headers: Authorization
x-frame-options: DENY
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 15

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 76658.5f3db1a27.js Show response
1win-cdn.com/js/ 6 KB
6 KB 237ms
237ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/76658.5f3db1a27.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: f9e0aa797bdc3207aa3a1cf1a3ad0e3dee911ff26adef8279d2211f2c9819ce2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:07 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-1788"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 6024
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 36330.86419961c.js Show response
1win-cdn.com/js/ 3 KB
4 KB 237ms
237ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/36330.86419961c.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: 1f679e8b2de904819f472dd497106d3687139c095cfe08cbcba326ba9384076c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:07 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-d33"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3379
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icons-common.9d6bd4bb8.js Show response
1win-cdn.com/js/ 209 KB
209 KB 146ms
146ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/icons-common.9d6bd4bb8.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: e9697507884e0e75889b9d395ef39f847000aaa40d48c36bb48abe768d5831a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:07 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-34296"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 213654
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 98937.6123ab935.js Show response
1win-cdn.com/js/ 28 KB
28 KB 151ms
150ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/98937.6123ab935.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: c5fba99a16ab796a90d9fc6cc210c1217f1a0b0b8de31976f9e13a8df362eb95

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:07 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-6e3f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 28223
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 76539.2a798d969.js Show response
1win-cdn.com/js/ 20 KB
21 KB 152ms
151ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/76539.2a798d969.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: c717619743567666a035cda560f802bcc6b1630615f8ac13e979853162eb4f36

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:07 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-5193"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 20883
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 98924.244aac846.js Show response
1win-cdn.com/js/ 607 KB
608 KB 152ms
152ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/98924.244aac846.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: f546b8a025a255a59f9d06800fb89aeb18aaf18e3d1bc7eea0aa636eaa7437dc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:07 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-97ceb"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 621803
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 225ms
117ms Preflight 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://1wdois.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://1wdois.top
access-control-max-age: 1800
date: Tue, 18 Jul 2023 21:38:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-amzn-trace-id: Root=1-64b70641-211fc600427952ae6527421d
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-mia-kmia1760060-MIA
x-timer: S1689716289.493260,VS0,VE85

GET
H2 200 firebase-app.js Show response
1wdois.top/firebase/8.1.1/ 19 KB
7 KB 261ms
260ms Script
application/javascript 212.8.250.200
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL

https://1wdois.top/firebase/8.1.1/firebase-app.js

Requested by

Host: 1wdois.top
URL: https://1wdois.top/casino/?open=register

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.8.250.200 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),

Reverse DNS

212-8-250-200.hosted-by-worldstream.net

Software

openresty/1.19.9.1 /

Resource Hash

01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/casino/?open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: openresty/1.19.9.1
etag: W/"64b6ed9c-4ded"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 281 KB
81 KB 258ms
118ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Requested by

Host: 1wdois.top
URL: https://1wdois.top/casino/?open=register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

49ee561afdbd5a30c963e3f6b9f2f7ba6f8bc759ed98d39645dba2781a3de55c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82720
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 21:10:48 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 18 Jul 2023 21:38:09 GMT

GET
H2 200 96772.c058a40d4.js Show response
1win-cdn.com/js/ 772 B
995 B 145ms
144ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/96772.c058a40d4.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: 146bd1f57955c2b44a7c13e986b3b2fc3df979aa6a2c19e9efcb9ec05c2b82ef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-304"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 772
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 2 B
128 B 147ms
146ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/98924.244aac846.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wdois.top/
accept-language: en-US,en;q=0.9
Authorization: Api-Key client-Ss5BFx7UDrTj948TJHfc5ZUoTW67EjvZ
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjEiLCJkZXZpY2VfaWQiOiI0ZmEzNzAzOC02MzU2LTQ5YzEtODhkYS02MGZjZWIyYmNhMjAiLCJ1c2VyX3Byb3BlcnRpZXMiOnt9fQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: cache-mia-kmia1760060-MIA
date: Tue, 18 Jul 2023 21:38:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 0
x-timer: S1689716290.611680,VS0,VE110
x-amzn-trace-id: Root=1-64b70641-3cc40d5a73eb10c320e02291
vary: Origin, Origin
x-cache: MISS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://1wdois.top
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2
x-cache-hits: 0

GET
H2 200 52530.8b2077c4e.js Show response
1win-cdn.com/js/ 11 KB
11 KB 155ms
155ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/52530.8b2077c4e.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: c3a02c05b3a78cc7208c765128cc8d3fa495f9a3369e38932dd9e1a4bf4796bd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-2a24"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 10788
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 57781.abe15e672.css
1win-cdn.com/css/ 23 KB
24 KB 155ms
155ms Stylesheet
text/css 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/57781.abe15e672.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: bcfcfebd76b6b0497682fdbc802e121c3eb882ca53f8233f1610e481a6f8f6f5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-5ddb"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 24027
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 57781.1a0eda150.js Show response
1win-cdn.com/js/ 23 KB
23 KB 251ms
251ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/57781.1a0eda150.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: 26de7a7388a14d2b672ba64da416bea02d9c99157453a5c9e79b3bf77d97c7f7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-5c97"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 23703
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 54801.e813453b9.js Show response
1win-cdn.com/js/ 25 KB
25 KB 296ms
296ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/54801.e813453b9.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: 186fb5041c00f8a966f98362c66ebc1d23d77a18d2dfd365eac89f999adb11a0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-63b2"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 25522
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 65772.5391b3618.js Show response
1win-cdn.com/js/ 10 KB
10 KB 301ms
301ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/65772.5391b3618.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: 48e2edd1301b6050c4fb881b944104b93232a0d5e2ad33edae2819d2aa6911f1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-2787"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 10119
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 80069.b31fe7d7a.js Show response
1win-cdn.com/js/ 7 KB
7 KB 301ms
301ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/80069.b31fe7d7a.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: 15bcdf7d2d92f9b57833c5c495bfd99c4a677d2c0178b961c8cb52062ac6b5a2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-1afc"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 6908
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 17741.04ae9f123.js Show response
1win-cdn.com/js/ 19 KB
19 KB 303ms
302ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/17741.04ae9f123.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: f36cb2c958671ef975a5a1d043ad3ab57c12d00d46e625c52f26071edf6ea249

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-4cc7"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 19655
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 37224.28f26d78d.css
1win-cdn.com/css/ 13 KB
14 KB 322ms
322ms Stylesheet
text/css 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/37224.28f26d78d.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: b7846cbb49f999944ea2363a3e49e4ce4907b29039032210b33b3dbbd774d7d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-3539"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 13625
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 37224.bc856e82f.js Show response
1win-cdn.com/js/ 20 KB
20 KB 435ms
434ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/37224.bc856e82f.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: bcd315cc73d30a72f5fd6815d7adb0b1a956872ceeb588b9b42b2c24ee3024fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-50e0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 20704
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3859.c55978c42.js Show response
1win-cdn.com/js/ 12 KB
12 KB 435ms
435ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/3859.c55978c42.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: 0f5f52314298854044306d18d2cff2b3cffd7f5ed342bc557ade97ebda1ee29e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-3001"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 12289
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 58682.8449151af.js Show response
1win-cdn.com/js/ 90 KB
91 KB 435ms
435ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/58682.8449151af.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: 986353748cea95eb9e9bfa6491df404953eccbcb4b0dffd5e6f2fd797bf4cb8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-169ed"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 92653
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 17744.8c1358681.css
1win-cdn.com/css/ 25 KB
25 KB 438ms
436ms Stylesheet
text/css 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/17744.8c1358681.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: 61e5b4beb32a42849e1daeaf2bb49e7ffbae4c83fcde265bfa3beecfda03a1eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-63ee"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 25582
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 17744.7984f3499.js Show response
1win-cdn.com/js/ 24 KB
24 KB 439ms
438ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/17744.7984f3499.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: ed66d30c1c130d43f4d17fa4de325b6dedfb84d04c91576bfac3b6798167c3d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-5f0f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 24335
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 title Show response
1wdois.top/common/ 29 B
247 B 192ms
192ms XHR
application/json 212.8.250.200
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL

https://1wdois.top/common/title?path=casino&lang=en

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/chunk-vendors.72ac85c3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.8.250.200 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),

Reverse DNS

212-8-250-200.hosted-by-worldstream.net

Software

openresty/1.19.9.1 /

Resource Hash

c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wdois.top/casino/?open=register
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
server: openresty/1.19.9.1
etag: "25-bM/5z02X/xOkKbh8eZCiJpcKcd0"
vary: Origin
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=300
content-length: 29

GET
H2 200 38006.2eacc1af3.js Show response
1win-cdn.com/js/ 36 KB
37 KB 338ms
338ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/38006.2eacc1af3.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: a1cabb3ae9bcbb220b52657e233b48a328e7297a687246ba3d68a5eaa81b30bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-9192"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 37266
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 84058.b111a1d72.css
1win-cdn.com/css/ 27 KB
28 KB 473ms
472ms Stylesheet
text/css 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/css/84058.b111a1d72.css
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: 28e6144130f75277c70095208483431e0579870239583c30fccdc7ebfb140d70

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-6d21"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 27937
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 84058.2e80e437c.js Show response
1win-cdn.com/js/ 38 KB
38 KB 472ms
472ms Script
application/javascript 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL: https://1win-cdn.com/js/84058.2e80e437c.js
Requested by: Host: 1win-cdn.com
URL: https://1win-cdn.com/js/index.7c3ae555b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: 943a5993ba9f76dc7ba5a9772d4e3162de151fce0fe58ffba5468f93b3961291

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-984b"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 38987
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 firebase-messaging.js Show response
1wdois.top/firebase/8.1.1/ 40 KB
12 KB 153ms
152ms Script
application/javascript 212.8.250.200
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL

https://1wdois.top/firebase/8.1.1/firebase-messaging.js

Requested by

Host: 1wdois.top
URL: https://1wdois.top/casino/?open=register

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.8.250.200 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),

Reverse DNS

212-8-250-200.hosted-by-worldstream.net

Software

openresty/1.19.9.1 /

Resource Hash

58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/casino/?open=register
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: openresty/1.19.9.1
etag: W/"64b6ed9c-9f25"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

activityi;dc_pre=CIjLh9qbmYADFT8OaAgdcWoOSw;src=12688802;type=actio0;cat=allpa0;ord=1;num=3626200427099;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=... Show response
12688802.fls.doubleclick.net/ Frame 6EC5
Redirect Chain

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=3626200427099;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epv...
https://12688802.fls.doubleclick.net/activityi;dc_pre=CIjLh9qbmYADFT8OaAgdcWoOSw;src=12688802;type=actio0;cat=allpa0;ord=1;num=3626200427099;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl...

564 B
486 B

94ms
85ms

Document
text/html

142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12688802.fls.doubleclick.net/activityi;dc_pre=CIjLh9qbmYADFT8OaAgdcWoOSw;src=12688802;type=actio0;cat=allpa0;ord=1;num=3626200427099;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.70 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

cafe /

Resource Hash

78936c120dea249c9a85f7298617a687ecadd8436dda3ca267bf646aaf21b2ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wdois.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 313
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 21:38:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 21:38:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12688802.fls.doubleclick.net/activityi;dc_pre=CIjLh9qbmYADFT8OaAgdcWoOSw;src=12688802;type=actio0;cat=allpa0;ord=1;num=3626200427099;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CNrwh9qbmYADFZEOaAgdR1YM_Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o... Show response
12572451.fls.doubleclick.net/ Frame 7B17
Redirect Chain

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://12572451.fls.doubleclick.net/activityi;dc_pre=CNrwh9qbmYADFZEOaAgdR1YM_Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

554 B
476 B

91ms
83ms

Document
text/html

142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12572451.fls.doubleclick.net/activityi;dc_pre=CNrwh9qbmYADFZEOaAgdR1YM_Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=869024322513.6052?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.70 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

cafe /

Resource Hash

9141f1106df28a65d97d2179873c14a5f0ccab94efbdac276878b45d4217c3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wdois.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 303
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 21:38:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 21:38:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12572451.fls.doubleclick.net/activityi;dc_pre=CNrwh9qbmYADFZEOaAgdR1YM_Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=869024322513.6052?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hotjar-2606090.js Show response
static.hotjar.com/c/ 9 KB
4 KB 546ms
62ms Script
application/javascript 108.138.106.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Requested by

Host: 1wdois.top
URL: https://1wdois.top/casino/?open=register

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-101.jfk50.r.cloudfront.net

Software

Resource Hash

fa60baec09ee2cec267c57d12ad6da7ad37a89a52b11c1ddeb75e161cf8d546e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 18 Jul 2023 21:37:23 GMT
via: 1.1 6741f9acf28bc52b25f06e9986a71e26.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 50
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/a24d4e55249cc21c22efcd16ee88e53d
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: NlNFIAloN-TqzrH4G3mADPkASbkQFVgk-ZWUA_Mgm3Sq2dsQR63KZQ==

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 215 KB
74 KB 860ms
368ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: 1wdois.top
URL: https://1wdois.top/casino/?open=register

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5409164b5daa69ef292b0c866658ebbafbfe1828bb13660f9e650e1ac1799da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Jul 2023 11:40:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64ae66e9-12458"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 74840
expires: Tue, 18 Jul 2023 22:38:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
78 KB 99ms
98ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

00516809df5dbccd894edd02924a0faed689f9be7911513f53cac72c5d2b57cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79406
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jul 2023 21:38:09 GMT

GET
H2

200

activityi;dc_pre=CIjNh9qbmYADFd0JaAgdaDgHDw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1145590407688;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=... Show response
12688802.fls.doubleclick.net/ Frame D665
Redirect Chain

https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=1145590407688;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epv...
https://12688802.fls.doubleclick.net/activityi;dc_pre=CIjNh9qbmYADFd0JaAgdaDgHDw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1145590407688;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl...

564 B
484 B

95ms
86ms

Document
text/html

142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12688802.fls.doubleclick.net/activityi;dc_pre=CIjNh9qbmYADFd0JaAgdaDgHDw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1145590407688;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.70 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

cafe /

Resource Hash

199453b6fe14c7e7c1cf73b4dac3004256c931ea2a07b28add544b864aa6c6ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wdois.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 312
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 21:38:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 21:38:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12688802.fls.doubleclick.net/activityi;dc_pre=CIjNh9qbmYADFd0JaAgdaDgHDw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1145590407688;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CKzzh9qbmYADFe8NaAgdrKUPiQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o... Show response
12572451.fls.doubleclick.net/ Frame 67E8
Redirect Chain

https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
https://12572451.fls.doubleclick.net/activityi;dc_pre=CKzzh9qbmYADFe8NaAgdrKUPiQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...

554 B
483 B

89ms
80ms

Document
text/html

142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12572451.fls.doubleclick.net/activityi;dc_pre=CKzzh9qbmYADFe8NaAgdrKUPiQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7715802189594.074?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.70 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

cafe /

Resource Hash

ca429ef9782f89f740c88b584c8968b77ac6d750430c70fb3fccdafe83f73455

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1wdois.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 307
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 21:38:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 21:38:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12572451.fls.doubleclick.net/activityi;dc_pre=CKzzh9qbmYADFe8NaAgdrKUPiQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7715802189594.074?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 us.svg
1win-cdn.com/img/flags/ 1 KB
2 KB 161ms
161ms Image
image/svg+xml 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-cdn.com/img/flags/us.svg
Requested by: Host: 1wdois.top
URL: https://1wdois.top/casino/?open=register
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: 6447823ef26e378c36555f7b20ab85bb2f5bcd0a845e8c60bef81eb5f36acd46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-5be"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1470
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bear.09894b84b-290.webp
1win-cdn.com/img/ 21 KB
21 KB 152ms
142ms Image
image/webp 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1win-cdn.com/img/bear.09894b84b-290.webp

Requested by

Host: 1wdois.top
URL: https://1wdois.top/casino/?open=register

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

ddos-guard.net

Software

nginx/1.22.0 /

Resource Hash

a4010cd904385baf40748bc00e7ae96604ab7dbb0aa6b3c359d79e8a09d9b8b9

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:09 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-530c"
x-frame-options: DENY
content-type: image/webp
accept-ranges: bytes
content-length: 21260

GET
H2 200 emoji-soccer.1a6d4ecac-160.png
1win-cdn.com/img/ 8 KB
8 KB 151ms
151ms Image
image/png 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-cdn.com/img/emoji-soccer.1a6d4ecac-160.png
Requested by: Host: 1wdois.top
URL: https://1wdois.top/casino/?open=register
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: 575412b54e344b5f40a21bb5b799f0430919cfb4ba807f9832c040e13711dc8e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:10 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-1ed8"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7896
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 emoji-slots.1c6e965b9-160.png
1win-cdn.com/img/ 9 KB
9 KB 152ms
151ms Image
image/png 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-cdn.com/img/emoji-slots.1c6e965b9-160.png
Requested by: Host: 1wdois.top
URL: https://1wdois.top/casino/?open=register
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: f2fc8f2712717b32157f7741b1c723d6fe1d430c41652cfafd39c68980db20bd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:10 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-2311"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8977
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cashback.12a565952.svg
1win-cdn.com/img/ 2 KB
2 KB 152ms
151ms Image
image/svg+xml 190.115.24.75
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1win-cdn.com/img/cashback.12a565952.svg
Requested by: Host: 1wdois.top
URL: https://1wdois.top/casino/?open=register
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 190.115.24.75 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: nginx/1.22.0 /
Resource Hash: 8492b63b2d1147503ddb11a27f119e5287c5ae6f02f37e51ad6ae769af970658

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:10 GMT
last-modified: Tue, 18 Jul 2023 19:53:00 GMT
server: nginx/1.22.0
etag: "64b6ed9c-851"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2129
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
250 B 271ms
80ms Ping
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-548949LWLW&gtm=45je37h0&_p=1475321267&cid=2007229581.1689716290&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&dp=%2Fcasino%2F&sid=1689716290&sct=1&seg=0&dl=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister&dt=1win&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_url=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister&up.platform_language=en&up.device_type=desktop&up.platform=web&up.os=windows
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 21:38:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1wdois.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.ffc9533062802c2a6a6a.js Show response
script.hotjar.com/ 275 KB
68 KB 252ms
72ms Script
application/javascript 18.164.96.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.ffc9533062802c2a6a6a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-87.jfk50.r.cloudfront.net

Software

Resource Hash

e75deac1ab79ff052b72e9e731c0350415ea0255943561b7ea8ab3f09144037e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 14:51:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 07f7cebee7fc49278f602ad96f5f6790.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 24423
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68674
last-modified: Tue, 18 Jul 2023 14:51:02 GMT
etag: "0b02527f9816ca198748917b2e3bf217"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: TLnoFBum_j56Y2fzIKGuWxtONBi32t31ACp8vecRYGzR7PAAYXGqCA==

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
286 B 117ms
116ms Fetch
application/json 54.213.220.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: 1win-cdn.com
URL: https://1win-cdn.com/js/98924.244aac846.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.213.220.225 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-213-220-225.us-west-2.compute.amazonaws.com

Software

Resource Hash

96da3e29ac0443c20a627ae317790a3ab648533392cb41ef616103704788ab0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://1wdois.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 18 Jul 2023 21:38:10 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-64b70642-6d126aae04c9d0d753b3a24c
content-length: 94
access-control-allow-methods: GET, POST
content-type: application/json

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 514ms
119ms Preflight 54.213.220.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.213.220.225 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-213-220-225.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://1wdois.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Tue, 18 Jul 2023 21:38:10 GMT
strict-transport-security: max-age=15768000

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CKzzh9qbmYADFe8NaAgdrKUPiQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame A441 194 B
440 B 342ms
84ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKzzh9qbmYADFe8NaAgdrKUPiQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7715802189594.074;~oref=https://1wdois.top/

Requested by

Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=CKzzh9qbmYADFe8NaAgdrKUPiQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7715802189594.074?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 21:38:10 GMT
expires: Tue, 18 Jul 2023 21:38:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CNrwh9qbmYADFZEOaAgdR1YM_Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame 9780 194 B
150 B 330ms
92ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNrwh9qbmYADFZEOaAgdR1YM_Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=869024322513.6052;~oref=https://1wdois.top/

Requested by

Host: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;dc_pre=CNrwh9qbmYADFZEOaAgdR1YM_Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=869024322513.6052?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12572451.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 21:38:10 GMT
expires: Tue, 18 Jul 2023 21:38:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CIjLh9qbmYADFT8OaAgdcWoOSw;src=12688802;type=actio0;cat=allpa0;ord=1;num=3626200427099;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=ht... Show response
adservice.google.com/ddm/fls/i/ Frame B6BB 194 B
150 B 323ms
93ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIjLh9qbmYADFT8OaAgdcWoOSw;src=12688802;type=actio0;cat=allpa0;ord=1;num=3626200427099;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister

Requested by

Host: 12688802.fls.doubleclick.net
URL: https://12688802.fls.doubleclick.net/activityi;dc_pre=CIjLh9qbmYADFT8OaAgdcWoOSw;src=12688802;type=actio0;cat=allpa0;ord=1;num=3626200427099;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12688802.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 21:38:10 GMT
expires: Tue, 18 Jul 2023 21:38:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CIjNh9qbmYADFd0JaAgdaDgHDw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1145590407688;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=ht... Show response
adservice.google.com/ddm/fls/i/ Frame A293 194 B
150 B 315ms
89ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIjNh9qbmYADFd0JaAgdaDgHDw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1145590407688;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister

Requested by

Host: 12688802.fls.doubleclick.net
URL: https://12688802.fls.doubleclick.net/activityi;dc_pre=CIjNh9qbmYADFd0JaAgdaDgHDw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1145590407688;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12688802.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 21:38:10 GMT
expires: Tue, 18 Jul 2023 21:38:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10068.qYodkGRDjfX3_XTebW4wyvb865FsmxPgQzBA_U1121SPiQ2UojkGblvWci7s0hTj.HkkfmL_Yu0dfrS5aSf4N4xio7zI%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10068.MVL9cxyiJYlCXqCBgMNUOVJ_TjCIoWKN7ei69OX1Dpt0cQceqttEQ4dz-Mx3KDrh4k-73XH7dSd78vnwHF2td8ZmNwPTcFsWetyZQb9aUWw%2C.K97asXBVS_7ibb35eOKf7yH2gbQ%2C

43 B
67 B

258ms
257ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10068.MVL9cxyiJYlCXqCBgMNUOVJ_TjCIoWKN7ei69OX1Dpt0cQceqttEQ4dz-Mx3KDrh4k-73XH7dSd78vnwHF2td8ZmNwPTcFsWetyZQb9aUWw%2C.K97asXBVS_7ibb35eOKf7yH2gbQ%2C

Requested by

Host: 1wdois.top
URL: https://1wdois.top/casino/?open=register

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:11 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10068.MVL9cxyiJYlCXqCBgMNUOVJ_TjCIoWKN7ei69OX1Dpt0cQceqttEQ4dz-Mx3KDrh4k-73XH7dSd78vnwHF2td8ZmNwPTcFsWetyZQb9aUWw%2C.K97asXBVS_7ibb35eOKf7yH2gbQ%2C
date: Tue, 18 Jul 2023 21:38:11 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
162 B 191ms
185ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: 1wdois.top
URL: https://1wdois.top/casino/?open=register

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:11 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Jul 2023 11:40:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64ae66e9-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 18 Jul 2023 22:38:11 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/92006234/
Redirect Chain

https://mc.yandex.com/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c3ao218h5r%3Afp%3A1...
https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c3ao218h5r%3Afp%3...

435 B
518 B

185ms
184ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c3ao218h5r%3Afp%3A1766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A739125622762%3Ahid%3A928696896%3Az%3A0%3Ai%3A20230718213810%3Aet%3A1689716291%3Ac%3A1%3Arn%3A1038288612%3Arqn%3A1%3Au%3A1689716291531805464%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C309%2C334%2C263%2C442%2C0%2C%2C293%2C0%2C%2C%2C%2C3203%3Aco%3A0%3Acpf%3A1%3Ans%3A1689716284298%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1689716292%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

df4752615d8aa952d7751c6ede25d9dc4060869c27ffb160f901960cf2717095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 21:38:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 18-Jul-2023 21:38:11 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wdois.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Tue, 18-Jul-2023 21:38:11 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Jul 2023 21:38:11 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 18-Jul-2023 21:38:11 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c3ao218h5r%3Afp%3A1766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A739125622762%3Ahid%3A928696896%3Az%3A0%3Ai%3A20230718213810%3Aet%3A1689716291%3Ac%3A1%3Arn%3A1038288612%3Arqn%3A1%3Au%3A1689716291531805464%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C309%2C334%2C263%2C442%2C0%2C%2C293%2C0%2C%2C%2C%2C3203%3Aco%3A0%3Acpf%3A1%3Ans%3A1689716284298%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1689716292%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin: https://1wdois.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 18-Jul-2023 21:38:11 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10068.NbYpXkVPAdYutW193Qb6KIXVLtKSnHR4RNCyyfSagwDR0myy-uQsHxnB-iUpZ0iw.M4BwPxZkz2tDxeCP80x55TyMTJU%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10068.aChHO67qwKy81e5rg8H4RxAqnMIxaBo-1eHoJi-prgy57adm027lRc8HGaVE6Y64EZR5jY7d5Lsgg8qMwFq8zoFXeZogNUHne05GV-wLfu4%2C.m0Jm1HNKrMPi_czHY...

43 B
79 B

189ms
188ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10068.aChHO67qwKy81e5rg8H4RxAqnMIxaBo-1eHoJi-prgy57adm027lRc8HGaVE6Y64EZR5jY7d5Lsgg8qMwFq8zoFXeZogNUHne05GV-wLfu4%2C.m0Jm1HNKrMPi_czHYC3CuDsHVSc%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://1wdois.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:38:12 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10068.aChHO67qwKy81e5rg8H4RxAqnMIxaBo-1eHoJi-prgy57adm027lRc8HGaVE6Y64EZR5jY7d5Lsgg8qMwFq8zoFXeZogNUHne05GV-wLfu4%2C.m0Jm1HNKrMPi_czHYC3CuDsHVSc%2C
date: Tue, 18 Jul 2023 21:38:12 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

POST collect
www.google-analytics.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-548949LWLW&gtm=45je37h0&_p=1475321267&cid=2007229581.1689716290&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&dp=%2Fcasino%2F&sid=1689716290&sct=1&seg=0&dl=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister&dt=1win&en=registration_form_view&ep.page_url=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister&ep.domain=1wdois.top&_et=9

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1wdois.top/	1970-01-20 14:06:34	Name: visit_domain Value: 1wdois.top
1wdois.top/	1969-12-31 23:59:59	Name: core-sticky Value: http://10.233.80.121:80
1wdois.top/	1970-01-20 22:07:32	Name: 1w_lang Value: en
.1wdois.top/	1970-01-20 22:07:32	Name: AMP_MKTG_494cccfe21 Value: JTdCJTdE
.1wdois.top/	1970-01-20 15:31:32	Name: _gcl_au Value: 1.1.846324271.1689716290
1wdois.top/	1969-12-31 23:59:59	Name: 1w_locale Value: 7
.1wdois.top/	1970-01-20 22:07:32	Name: AMP_494cccfe21 Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjI0ZmEzNzAzOC02MzU2LTQ5YzEtODhkYS02MGZjZWIyYmNhMjAlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNjg5NzE2Mjg5MzY2JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTY4OTcxNjI5MDI4MyUyQyUyMmxhc3RFdmVudElkJTIyJTNBNyU3RA==
.1wdois.top/	1970-01-20 22:57:56	Name: _ga Value: GA1.1.2007229581.1689716290
.1wdois.top/	1970-01-20 22:57:56	Name: _ga_548949LWLW Value: GS1.1.1689716290.1.0.1689716290.0.0.0
.doubleclick.net/	1970-01-20 13:21:57	Name: test_cookie Value: CheckForPermission
.1wdois.top/	1970-01-20 22:07:32	Name: _hjSessionUser_2606090 Value: eyJpZCI6ImNjMzhlN2QxLWMzZDUtNTIyNS1hNzVmLWJmYmUyYTRiYjQ3MiIsImNyZWF0ZWQiOjE2ODk3MTYyOTA3OTgsImV4aXN0aW5nIjpmYWxzZX0=
.1wdois.top/	1970-01-20 13:21:58	Name: _hjFirstSeen Value: 1
.1wdois.top/	1970-01-20 13:21:56	Name: _hjIncludedInSessionSample_2606090 Value: 0
.1wdois.top/	1970-01-20 13:21:58	Name: _hjSession_2606090 Value: eyJpZCI6IjMyYjdmMjVmLTMyZjEtNDkzMC1hN2EyLWIzYTM3NDk2NDQyZiIsImNyZWF0ZWQiOjE2ODk3MTYyOTA4MTMsImluU2FtcGxlIjpmYWxzZX0=
.1wdois.top/	1970-01-20 13:21:58	Name: _hjAbsoluteSessionInProgress Value: 0
1wdois.top/	1969-12-31 23:59:59	Name: _hjHasCachedUserAttributes Value: true
.1wdois.top/	1970-01-20 22:07:32	Name: _ym_uid Value: 1689716291531805464
.1wdois.top/	1970-01-20 22:07:32	Name: _ym_d Value: 1689716291
.1wdois.top/	1970-01-20 13:23:08	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 13:21:56	Name: sync_cookie_csrf Value: 2113212544fake
.mc.yandex.ru/	1970-01-20 13:21:56	Name: sync_cookie_csrf Value: 3416812966fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 588866811689716291
.yandex.com/	1970-01-20 22:57:56	Name: i Value: 6T5sdVQ6tppH49CKeHXDjnTbeH2MtCnyrrM6yQVHrW3BqnSi6ZGIpEcNpbky2bz78h6NW51kWgbByv3se/aaSxc04qQ=
.yandex.com/	1970-01-20 22:57:56	Name: yandexuid Value: 2198971431689716291
.yandex.com/	1970-01-20 22:07:32	Name: yuidss Value: 2198971431689716291
.yandex.com/	1970-01-20 22:07:32	Name: ymex Value: 1721252291.yc.1689716291#1721252291.yrts.1689716291#1721252291.yrtsi.1689716291
.yandex.com/	1970-01-20 22:07:32	Name: bh Value: KgI/MA==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
1wdois.top
1win-cdn.com
1win.by
adservice.google.com
api.lab.amplitude.com
api2.amplitude.com
mc.yandex.com
mc.yandex.ru
script.hotjar.com
static.hotjar.com
www.google-analytics.com
www.googletagmanager.com
www.google-analytics.com
108.138.106.101
142.250.80.70
151.101.130.132
18.164.96.87
190.115.24.75
212.8.250.200
2607:f8b0:4006:80f::200e
2607:f8b0:4006:81e::2002
2607:f8b0:4006:821::2008
2a02:6b8::1:119
54.213.220.225
85.209.148.14
00516809df5dbccd894edd02924a0faed689f9be7911513f53cac72c5d2b57cc
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6
0f5f52314298854044306d18d2cff2b3cffd7f5ed342bc557ade97ebda1ee29e
146bd1f57955c2b44a7c13e986b3b2fc3df979aa6a2c19e9efcb9ec05c2b82ef
15bcdf7d2d92f9b57833c5c495bfd99c4a677d2c0178b961c8cb52062ac6b5a2
186fb5041c00f8a966f98362c66ebc1d23d77a18d2dfd365eac89f999adb11a0
199453b6fe14c7e7c1cf73b4dac3004256c931ea2a07b28add544b864aa6c6ab
1d0c5b2f24257216ff03c864dd0d9c6717324de078b20e523d671d6a55226c84
1f679e8b2de904819f472dd497106d3687139c095cfe08cbcba326ba9384076c
26de7a7388a14d2b672ba64da416bea02d9c99157453a5c9e79b3bf77d97c7f7
28e6144130f75277c70095208483431e0579870239583c30fccdc7ebfb140d70
2a10c404a9dcb99423e353102e49d7ff893e70c0651175d33e0d4d9e0a04f272
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48e2edd1301b6050c4fb881b944104b93232a0d5e2ad33edae2819d2aa6911f1
49ee561afdbd5a30c963e3f6b9f2f7ba6f8bc759ed98d39645dba2781a3de55c
5409164b5daa69ef292b0c866658ebbafbfe1828bb13660f9e650e1ac1799da5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5527c5700e31178d5e36ca51dec5875026aaf93e17fa96c7db4daec94c9ce3a6
575412b54e344b5f40a21bb5b799f0430919cfb4ba807f9832c040e13711dc8e
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
61e5b4beb32a42849e1daeaf2bb49e7ffbae4c83fcde265bfa3beecfda03a1eb
6447823ef26e378c36555f7b20ab85bb2f5bcd0a845e8c60bef81eb5f36acd46
78936c120dea249c9a85f7298617a687ecadd8436dda3ca267bf646aaf21b2ff
8492b63b2d1147503ddb11a27f119e5287c5ae6f02f37e51ad6ae769af970658
855d498511cef8f17204f19ffef2603ecc64d06ea9f035e97c99aef0a8657f86
9141f1106df28a65d97d2179873c14a5f0ccab94efbdac276878b45d4217c3aa
943a5993ba9f76dc7ba5a9772d4e3162de151fce0fe58ffba5468f93b3961291
96da3e29ac0443c20a627ae317790a3ab648533392cb41ef616103704788ab0d
986353748cea95eb9e9bfa6491df404953eccbcb4b0dffd5e6f2fd797bf4cb8f
a1cabb3ae9bcbb220b52657e233b48a328e7297a687246ba3d68a5eaa81b30bf
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4010cd904385baf40748bc00e7ae96604ab7dbb0aa6b3c359d79e8a09d9b8b9
b7846cbb49f999944ea2363a3e49e4ce4907b29039032210b33b3dbbd774d7d1
b9debef46f3b718444e8f9797c95f617e650f84bc0dd882e0f36bec73ae30e32
bcd315cc73d30a72f5fd6815d7adb0b1a956872ceeb588b9b42b2c24ee3024fe
bcfcfebd76b6b0497682fdbc802e121c3eb882ca53f8233f1610e481a6f8f6f5
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a
c3a02c05b3a78cc7208c765128cc8d3fa495f9a3369e38932dd9e1a4bf4796bd
c5fba99a16ab796a90d9fc6cc210c1217f1a0b0b8de31976f9e13a8df362eb95
c717619743567666a035cda560f802bcc6b1630615f8ac13e979853162eb4f36
ca429ef9782f89f740c88b584c8968b77ac6d750430c70fb3fccdafe83f73455
d0417989b0bf2fa9f63165bf435758311165efe8caa714a93334f5c896e64bb8
df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68
df4752615d8aa952d7751c6ede25d9dc4060869c27ffb160f901960cf2717095
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75deac1ab79ff052b72e9e731c0350415ea0255943561b7ea8ab3f09144037e
e9697507884e0e75889b9d395ef39f847000aaa40d48c36bb48abe768d5831a4
ed66d30c1c130d43f4d17fa4de325b6dedfb84d04c91576bfac3b6798167c3d8
f2fc8f2712717b32157f7741b1c723d6fe1d430c41652cfafd39c68980db20bd
f36cb2c958671ef975a5a1d043ad3ab57c12d00d46e625c52f26071edf6ea249
f546b8a025a255a59f9d06800fb89aeb18aaf18e3d1bc7eea0aa636eaa7437dc
f9e0aa797bdc3207aa3a1cf1a3ad0e3dee911ff26adef8279d2211f2c9819ce2
fa60baec09ee2cec267c57d12ad6da7ad37a89a52b11c1ddeb75e161cf8d546e

1wdois.top Open in urlscan Pro 212.8.250.200 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

94 %HTTPS

33 %IPv6

11 Domains

14 Subdomains

12 IPs

5 Countries

2546 kBTransfer

3464 kBSize

27 Cookies

0 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

1wdois.top Open in urlscan Pro
212.8.250.200 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

94 %
HTTPS

33 %
IPv6

11
Domains

14
Subdomains

12
IPs

5
Countries

2546 kB
Transfer

3464 kB
Size

27
Cookies

63 HTTP transactions
1 data transactions