urlscan.io logo urlscan.io
SecurityTrails logo

1weeya.top Open in urlscan Pro
154.197.121.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1weeya.top/casino/play/1play_1play_speed-n-cash
Effective URL: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Submission: On October 22 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 8 domains to perform 66 HTTP transactions. The main IP is 154.197.121.1, located in Seychelles and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is 1weeya.top.
TLS certificate: Issued by WE1 on August 30th 2024. Valid for: 3 months.
This is the only time 1weeya.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 154.197.121.1 209242 (CLOUDFLAR...)
25 154.197.121.128 209242 (CLOUDFLAR...)
2 151.101.2.132 54113 (FASTLY)
6 209.85.232.97 15169 (GOOGLE)
2 4 173.194.207.148 15169 (GOOGLE)
1 108.138.106.126 16509 (AMAZON-02)
1 18.164.96.77 16509 (AMAZON-02)
1 216.239.34.181 15169 (GOOGLE)
1 209.85.144.155 15169 (GOOGLE)
3 173.194.207.154 15169 (GOOGLE)
2 172.217.222.94 15169 (GOOGLE)
1 142.250.31.148 15169 (GOOGLE)
1 209.85.144.157 15169 (GOOGLE)
1 173.194.175.106 15169 (GOOGLE)
2 54.184.93.222 16509 (AMAZON-02)
66 16
8    154.197.121.1 (Seychelles)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
1weeya.top
25    154.197.121.128 (Seychelles)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
v1.bundlecdn.com
2    151.101.2.132 (San Francisco, United States)

ASN54113 (FASTLY, US)
api.lab.amplitude.com
6    209.85.232.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f97.1e100.net
www.googletagmanager.com
4    173.194.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f148.1e100.net
12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
1    108.138.106.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-126.jfk50.r.cloudfront.net
static.hotjar.com
1    18.164.96.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-77.jfk50.r.cloudfront.net
script.hotjar.com
1    216.239.34.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    209.85.144.155 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f155.1e100.net
stats.g.doubleclick.net
3    173.194.207.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qk-in-f154.1e100.net
td.doubleclick.net
2    172.217.222.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f94.1e100.net
www.google.ca
1    142.250.31.148 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f148.1e100.net
ad.doubleclick.net
1    209.85.144.157 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f157.1e100.net
googleads.g.doubleclick.net
1    173.194.175.106 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f106.1e100.net
www.google.com
2    54.184.93.222 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-184-93-222.us-west-2.compute.amazonaws.com
api2.amplitude.com
Apex Domain
Subdomains		 Transfer
25 bundlecdn.com
v1.bundlecdn.com — Cisco Umbrella Rank: 247936
645 KB
10 doubleclick.net
12572451.fls.doubleclick.net — Cisco Umbrella Rank: 330391
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
td.doubleclick.net — Cisco Umbrella Rank: 192
12688802.fls.doubleclick.net — Cisco Umbrella Rank: 332055
ad.doubleclick.net — Cisco Umbrella Rank: 150
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
4 KB
8 1weeya.top
1weeya.top
235 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
481 KB
4 amplitude.com
api.lab.amplitude.com — Cisco Umbrella Rank: 4207
api2.amplitude.com — Cisco Umbrella Rank: 1159
1022 B
2 google.ca
www.google.ca — Cisco Umbrella Rank: 12143
127 B
2 google.com
analytics.google.com — Cisco Umbrella Rank: 147
www.google.com — Cisco Umbrella Rank: 3
64 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 877
script.hotjar.com — Cisco Umbrella Rank: 1177
61 KB
66 8
Domain Requested by
25 v1.bundlecdn.com 1weeya.top
v1.bundlecdn.com
8 1weeya.top 1 redirects 1weeya.top
v1.bundlecdn.com
6 www.googletagmanager.com 1weeya.top
www.googletagmanager.com
3 td.doubleclick.net www.googletagmanager.com
2 api2.amplitude.com v1.bundlecdn.com
2 12688802.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.google.ca
2 12572451.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 api.lab.amplitude.com v1.bundlecdn.com
1 www.google.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 ad.doubleclick.net
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com 1weeya.top
66 16

This site contains no links.

Subject Issuer Validity Valid
1weeya.top
WE1		 2024-08-30 -
2024-11-28		 3 months crt.sh
v1.bundlecdn.com
WE1		 2024-09-22 -
2024-12-21		 3 months crt.sh
*.lab.amplitude.com
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-10-01 -
2025-11-02		 a year crt.sh
*.google-analytics.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.doubleclick.net
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.google.ca
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2024-01-31 -
2025-03-02		 a year crt.sh

This page contains 8 frames:

Primary Page: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Frame ID: E105481CFA67AFE6DC26287FA3745B93
Requests: 56 HTTP requests in this frame

Frame: https://1weeya.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js
Frame ID: 6E1968E02504D1E2C8DBB6537AA2DA87
Requests: 2 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;dc_pre=CL3vn7_xookDFWWsgwgdDq483A;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6005706825789.445
Frame ID: DC20CB5A4E0812FBFFA91725039D0E48
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2F1weeya.top
Frame ID: 515265186191DB5F69A820A6AEC5C17C
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-548949LWLW&gacid=625877177.1729630976&gtm=45je4ah0v894728184z8894400803za200zb894400803&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685~101823847~101836706&z=1534328221
Frame ID: CDBB613D22619A11ADCC6383DD0494A1
Requests: 1 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;dc_pre=CJGjqr_xookDFVyzgwgdOigUQg;src=12688802;type=actio0;cat=allpa0;ord=1;num=7317131561159;npa=0;auiddc=1508349530.1729630976;ps=1;pcor=1120677669;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101823847~101836706;epver=2;~oref=https%3A%2F%2F1weeya.top%2Fcasino%2Fplay%2F1play_1play_speed-n-cash
Frame ID: D76793B7CE95E2B63C5760319232A14B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=7317131561159;npa=0;auiddc=1508349530.1729630976;ps=1;pcor=1120677669;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101823847~101836706;epver=2;~oref=https%3A%2F%2F1weeya.top%2Fcasino%2Fplay%2F1play_1play_speed-n-cash
Frame ID: 12FD0045BC7126186F1C096CB8A706E4
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16482547739?random=1729630975978&cv=11&fst=1729630975978&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2F1weeya.top%2Fcasino%2Fplay%2F1play_1play_speed-n-cash&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=1508349530.1729630976&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 3B168FA72E4E08DBDA0FB26EB8B2B7B1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1win

Page URL History Show full URLs

  1. http://1weeya.top/casino/play/1play_1play_speed-n-cash HTTP 307
    https://1weeya.top/casino/play/1play_1play_speed-n-cash Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

66
Requests

83 %
HTTPS

0 %
IPv6

8
Domains

16
Subdomains

16
IPs

2
Countries

1427 kB
Transfer

4364 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1weeya.top/casino/play/1play_1play_speed-n-cash HTTP 307
    https://1weeya.top/casino/play/1play_1play_speed-n-cash Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://1weeya.top/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://1weeya.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js
Request Chain 44
  • https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6005706825789.445 HTTP 302
  • https://12572451.fls.doubleclick.net/activityi;dc_pre=CL3vn7_xookDFWWsgwgdDq483A;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6005706825789.445
Request Chain 54
  • https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=7317131561159;npa=0;auiddc=1508349530.1729630976;ps=1;pcor=1120677669;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101823847~101836706;epver=2;~oref=https%3A%2F%2F1weeya.top%2Fcasino%2Fplay%2F1play_1play_speed-n-cash HTTP 302
  • https://12688802.fls.doubleclick.net/activityi;dc_pre=CJGjqr_xookDFVyzgwgdOigUQg;src=12688802;type=actio0;cat=allpa0;ord=1;num=7317131561159;npa=0;auiddc=1508349530.1729630976;ps=1;pcor=1120677669;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101823847~101836706;epver=2;~oref=https%3A%2F%2F1weeya.top%2Fcasino%2Fplay%2F1play_1play_speed-n-cash

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1play_1play_speed-n-cash
1weeya.top/casino/play/
Redirect Chain
  • http://1weeya.top/casino/play/1play_1play_speed-n-cash
  • https://1weeya.top/casino/play/1play_1play_speed-n-cash
62 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1weeya.top/casino/play/1play_1play_speed-n-cash
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1685ca05d76e4d71b161d5e6757088e496797eedfc1535bc4b081203beffd86d
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d6c6e46cbe9a226-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 22 Oct 2024 21:02:54 GMT
server
cloudflare
vary
Origin
x-app-version
v2.125.0
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
x-match-domain
1weeya.top
x-request-id
u5Ui1K6tdN0LNC09

Redirect headers

Location
https://1weeya.top/casino/play/1play_1play_speed-n-cash
Non-Authoritative-Reason
HttpsUpgrades
SFNSDisplay-latin.50a4eaff3.woff2
v1.bundlecdn.com/font/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/font/SFNSDisplay-latin.50a4eaff3.woff2
Requested by
Host: 1weeya.top
URL: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://1weeya.top
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
etag
"67173714-8128"
age
264
cf-ray
8d6c6e54ce87a247-YYZ
expires
Fri, 20 Oct 2034 21:02:54 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
33064
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
application/octet-stream
last-modified
Tue, 22 Oct 2024 05:24:36 GMT
vary
Accept-Encoding
server
cloudflare
SFNSText-latin.f09aa5229.woff2
v1.bundlecdn.com/font/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/font/SFNSText-latin.f09aa5229.woff2
Requested by
Host: 1weeya.top
URL: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://1weeya.top
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
etag
"67173714-a9f8"
age
264
cf-ray
8d6c6e54ce89a247-YYZ
expires
Fri, 20 Oct 2034 21:02:54 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43512
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
application/octet-stream
last-modified
Tue, 22 Oct 2024 05:24:36 GMT
vary
Accept-Encoding
server
cloudflare
minified.js
1weeya.top/core-js/3.33.3/ 		238 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1weeya.top/core-js/3.33.3/minified.js
Requested by
Host: 1weeya.top
URL: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce68e1614ab493deaecfa6eb9711736de0348248e1d559b5f6dfb5dc4c29b459
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/casino/play/1play_1play_speed-n-cash

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67173714-3b989"
age
264
cf-ray
8d6c6e547d2fa226-YYZ
expires
Fri, 20 Oct 2034 21:02:54 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 05:24:36 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
chunk-vendors.b5eb4d992.js
v1.bundlecdn.com/js/ 		247 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/chunk-vendors.b5eb4d992.js
Requested by
Host: 1weeya.top
URL: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f007c721f3891c6fbc6555f58faf308a9187968bfca7439dd601ae93b621649b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66d85f0c-3dbdd"
age
4174221
cf-ray
8d6c6e554f153a0b-YYZ
expires
Fri, 20 Oct 2034 21:02:54 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 04 Sep 2024 13:22:20 GMT
vary
Accept-Encoding
server
cloudflare
chunk-common.1fbe0bd28.js
v1.bundlecdn.com/js/ 		404 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/chunk-common.1fbe0bd28.js
Requested by
Host: 1weeya.top
URL: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
19a89ffb93f75d7a50e22e0d0904e8d6916caa49d2470cb82c83b2c71e0745d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"671781e7-64ec9"
age
36529
cf-ray
8d6c6e555f233a0b-YYZ
expires
Fri, 20 Oct 2034 21:02:54 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 22 Oct 2024 10:43:51 GMT
vary
Accept-Encoding
server
cloudflare
index.56332e4b0.js
v1.bundlecdn.com/js/ 		383 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/index.56332e4b0.js
Requested by
Host: 1weeya.top
URL: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f63a6b9e6b5a598842075008bea8324bd4fbbb102608b2a60e2b7b844b8be478

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67179b04-5fac3"
age
30247
cf-ray
8d6c6e555f263a0b-YYZ
expires
Fri, 20 Oct 2034 21:02:54 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 22 Oct 2024 12:31:00 GMT
vary
Accept-Encoding
server
cloudflare
index.aedf85995.css
v1.bundlecdn.com/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/css/index.aedf85995.css
Requested by
Host: 1weeya.top
URL: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9be12e59a210d45411e025096615d4308c44a0cffeb791dd452e443c675e8481

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66a3a611-185b"
age
7629779
cf-ray
8d6c6e54ce493a0b-YYZ
expires
Fri, 20 Oct 2034 21:02:54 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
text/css
last-modified
Fri, 26 Jul 2024 13:35:13 GMT
vary
Accept-Encoding
server
cloudflare
1win-normal.svg
1weeya.top/img/logo/main/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1weeya.top/img/logo/main/1win-normal.svg
Requested by
Host: 1weeya.top
URL: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5704fb70783a0f90824b41cda3803f7fc987d02f9c4450d7f3839db249bd72c3
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/casino/play/1play_1play_speed-n-cash

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67173714-9b0"
age
264
cf-ray
8d6c6e547d30a226-YYZ
expires
Fri, 20 Oct 2034 21:02:54 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
last-modified
Tue, 22 Oct 2024 05:24:36 GMT
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
desktop.eea70e10b.js
v1.bundlecdn.com/js/ 		117 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/desktop.eea70e10b.js
Requested by
Host: 1weeya.top
URL: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
58291d174b097938b050bdd46fa7fe9386241f7c4da006ff150493f1b1f4f3e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67179b04-1d21b"
age
30247
cf-ray
8d6c6e555f223a0b-YYZ
expires
Fri, 20 Oct 2034 21:02:54 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 22 Oct 2024 12:31:00 GMT
vary
Accept-Encoding
server
cloudflare
desktop.bba417011.css
v1.bundlecdn.com/css/ 		64 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/css/desktop.bba417011.css
Requested by
Host: 1weeya.top
URL: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bc4e0ff1b52a213da84c2bd68a388644ee35f4bcfae744d66b8cc6bdbc92215

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6707b595-1007d"
age
1070614
cf-ray
8d6c6e555f213a0b-YYZ
expires
Fri, 20 Oct 2034 21:02:54 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
text/css
last-modified
Thu, 10 Oct 2024 11:08:05 GMT
vary
Accept-Encoding
server
cloudflare
affiliate:link_visit
1weeya.top/ 		37 B
977 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://1weeya.top/affiliate:link_visit
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.1fbe0bd28.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9c3b25f260defd6991608963a30a67cad0981ecce13e5975b1a6304887514d7f
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://1weeya.top/casino/play/1play_1play_speed-n-cash

Response headers

access-control-max-age
7200
access-control-expose-headers
Authorization
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"25-Zj67mG54TfZ031q1ea2QwFUXWX4"
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
application/json; charset=utf-8
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
access-control-allow-headers
Content-Type, Authorization, X-Origin
access-control-allow-credentials
true
cf-ray
8d6c6e563f4139f5-YYZ
access-control-allow-origin
https://1weeya.top
x-powered-by
Express
server
cloudflare
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
18860.1f1e193d8.js
v1.bundlecdn.com/js/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/18860.1f1e193d8.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.56332e4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f6e3e5c53c730a88de6f874ab17cb1283f0ed8580bb22b57578f4f0d601f700

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66c735be-6ea0"
age
5299181
cf-ray
8d6c6e5688af3a0b-YYZ
expires
Fri, 20 Oct 2034 21:02:54 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 22 Aug 2024 12:57:34 GMT
vary
Accept-Encoding
server
cloudflare
60215.50ddff497.js
v1.bundlecdn.com/js/ 		79 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/60215.50ddff497.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.56332e4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
605d617cececfcdd7647f3b19fb20b30fc38d1f88704f59e911ba17bf24ce105

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67177443-13c84"
age
39532
cf-ray
8d6c6e5698b23a0b-YYZ
expires
Fri, 20 Oct 2034 21:02:54 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 22 Oct 2024 09:45:39 GMT
vary
Accept-Encoding
server
cloudflare
67125.c76b24a97.css
v1.bundlecdn.com/css/ 		53 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/css/67125.c76b24a97.css
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.56332e4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b39c6fd041f1bc9fadedd5cb382f159c6bcfc3a7a79ca5bf5654869556b8299

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67164613-d4d6"
age
117466
cf-ray
8d6c6e5698b43a0b-YYZ
expires
Fri, 20 Oct 2034 21:02:54 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
text/css
last-modified
Mon, 21 Oct 2024 12:16:19 GMT
vary
Accept-Encoding
server
cloudflare
67125.8c08cf8e5.js
v1.bundlecdn.com/js/ 		372 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/67125.8c08cf8e5.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.56332e4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a526c2a6388c3951f1729ba805eb612b457f49b6909a48d1bc3fc6c9f3aa7de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67179b04-5cf68"
age
30246
cf-ray
8d6c6e5698b73a0b-YYZ
expires
Fri, 20 Oct 2034 21:02:54 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 22 Oct 2024 12:31:00 GMT
vary
Accept-Encoding
server
cloudflare
84167.f2eedb19c.js
v1.bundlecdn.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/84167.f2eedb19c.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.56332e4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f19e67532ab80ae500b8fa0a66d28152eca9517eaf7968f85967cbcf66c070df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6710f76d-1e3a"
age
465397
cf-ray
8d6c6e5698be3a0b-YYZ
expires
Fri, 20 Oct 2034 21:02:54 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 17 Oct 2024 11:39:25 GMT
vary
Accept-Encoding
server
cloudflare
main.js
1weeya.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/ Frame 6E19
Redirect Chain
  • https://1weeya.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://1weeya.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1weeya.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js?
Requested by
Host: 1weeya.top
URL: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Protocol
H3
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a616940be79496045b9eccbe6d202ebf6efadafeca6ff0e24bc9e49bb764e799
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
8d6c6e56d80739f5-YYZ
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js?
cf-ray
8d6c6e569f9739f5-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 22 Oct 2024 21:02:54 GMT
vary
Accept-Encoding
server
cloudflare
8d6c6e46cbe9a226
1weeya.top/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6E19 		0
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1weeya.top/cdn-cgi/challenge-platform/h/g/jsd/r/8d6c6e46cbe9a226
Requested by
Host: 1weeya.top
URL: https://1weeya.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8d6c6e57a93339f5-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
en
1weeya.top/fss/translations/ 		381 KB
115 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://1weeya.top/fss/translations/en?domain=1weeya.top&appName=web
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.1fbe0bd28.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e703dd4ddb6a31896739db4fbb3be56fa7ba27b3f3a6c10aae4228fc8b7cd9
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

X-Origin
1weeya.top
Referer
https://1weeya.top/casino/play/1play_1play_speed-n-cash
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

x-request-id
o5CA7YF6w6ONQlQb
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"a8ae8-cdy6+2VBj4/z/UxG/I8HGE7ZgyQ"
x-match-domain
1weeya.top
cf-ray
8d6c6e5849e439f5-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-app-version
v2.125.0
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
server
cloudflare
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
allv4
1weeya.top/common/banners/ 		0
0
favicon-32x32.png
1weeya.top/img/icons/ 		386 B
0 		Other
General
Check archive.org
Download Go to
Full URL
https://1weeya.top/img/icons/favicon-32x32.png
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4976aa119d10308e999d9cc618a49ebc8eb6c19cc7c9672e5f2ac3a1f2c6a4a3
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/casino/play/1play_1play_speed-n-cash

Response headers

cf-bgj
imgq:85,h2pri
cf-cache-status
HIT
age
263
etag
"670fa92f-218"
expires
Fri, 20 Oct 2034 21:02:54 GMT
alt-svc
h3=":443"; ma=86400
cf-polished
origFmt=png, origSize=536
date
Tue, 22 Oct 2024 21:02:54 GMT
content-disposition
inline; filename="favicon-32x32.webp"
content-type
image/webp
vary
Accept
last-modified
Wed, 16 Oct 2024 11:53:19 GMT
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
cache-control
public, max-age=315360000
cf-ray
8d6c6e594b2739f5-YYZ
accept-ranges
bytes
content-length
386
server
cloudflare
vardata
api.lab.amplitude.com/sdk/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.lab.amplitude.com/sdk/v2/vardata?v=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amp-exp-user
Access-Control-Request-Method
GET
Origin
https://1weeya.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization,x-amp-exp-user
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
https://1weeya.top
access-control-max-age
1800
age
274
cache-control
no-store
content-length
0
date
Tue, 22 Oct 2024 21:02:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id
Root=1-671811ee-137b17d410dfb8b43fb6b689
x-cache
HIT
x-cache-hits
162
x-content-type-options
nosniff
x-served-by
cache-yyz4528-YYZ
x-timer
S1729630975.387980,VS0,VE0
firebase-app.js
1weeya.top/firebase/8.1.1/ 		19 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://1weeya.top/firebase/8.1.1/firebase-app.js
Requested by
Host: 1weeya.top
URL: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/casino/play/1play_1play_speed-n-cash

Response headers

x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67173714-4ded"
age
263
cf-ray
8d6c6e56d80b39f5-YYZ
expires
Fri, 20 Oct 2034 21:02:54 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 05:24:36 GMT
server
cloudflare
vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		382 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Requested by
Host: 1weeya.top
URL: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.232.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
4868ff1e5eb4154b7529b4117fbb4d98e8ccb370655d32445f392e5a210e0a74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 22 Oct 2024 21:02:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
116441
x-xss-protection
0
server
Google Tag Manager
vardata
api.lab.amplitude.com/sdk/v2/ 		2 KB
804 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.lab.amplitude.com/sdk/v2/vardata?v=0
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.1fbe0bd28.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e7a7735ee234e23e660aec8681c82a9d1a5fefb76d9d1972cc3047cc30845d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Authorization
Api-Key client-Ss5BFx7UDrTj948TJHfc5ZUoTW67EjvZ
Referer
https://1weeya.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
X-Amp-Exp-User
eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS4xMC4wIiwibGFuZ3VhZ2UiOiJlbi1VUyIsInBsYXRmb3JtIjoiV2ViIiwib3MiOiJDaHJvbWUgMTI5IiwiZGV2aWNlX21vZGVsIjoiTGludXgiLCJkZXZpY2VfaWQiOiIwNDQ1OGYzMy1mOGIxLTRkYTktYTg3MC0wYTk5NjQzOWFhNWIiLCJ1c2VyX3Byb3BlcnRpZXMiOnsiZGV2aWNlX3R5cGUiOiJkZXNrdG9wIiwicGxhdGZvcm0iOiJ3ZWIiLCJvcyI6Im90aGVyIiwicGxhdGZvcm1fbGFuZ3VhZ2UiOiJlbiIsImRvbWFpbiI6IjF3ZWV5YS50b3AiLCJ0aW1lX3pvbmUiOiJBbWVyaWNhL1ZhbmNvdXZlciIsInJlZmVycmluZ19kb21haW4iOiIifX0

Response headers

content-encoding
gzip
age
0
cache-tag
client-Ss5BFx7UDrTj948TJHfc5ZUoTW67EjvZ
x-content-type-options
nosniff
x-cache
MISS
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
application/json;charset=utf-8
x-served-by
cache-yyz4528-YYZ
x-cache-hits
0
vary
Origin, Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-store
x-timer
S1729630975.413381,VS0,VE90
x-amzn-trace-id
Root=1-671812ff-1734a30f7413a9ba1c60c3d0
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-origin
https://1weeya.top
content-length
616
title
1weeya.top/common/ 		29 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://1weeya.top/common/title?path=casino&lang=en
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.1fbe0bd28.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

X-Origin
1weeya.top
Referer
https://1weeya.top/casino/play/1play_1play_speed-n-cash
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

cache-control
public, max-age=3600, stale-while-revalidate=300
cf-cache-status
DYNAMIC
etag
"25-bM/5z02X/xOkKbh8eZCiJpcKcd0"
cf-ray
8d6c6e5bee3739f5-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
29
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
cloudflare
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
6079.4b46336fa.css
v1.bundlecdn.com/css/ 		517 B
433 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/css/6079.4b46336fa.css
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.56332e4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec7bb3946e6d89245afb742b61df3f40e7ca648382cf075e1cf0b73d63d55de7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670f8bd7-205"
age
556225
cf-ray
8d6c6e5be80f3a0b-YYZ
expires
Fri, 20 Oct 2034 21:02:55 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
text/css
last-modified
Wed, 16 Oct 2024 09:48:07 GMT
vary
Accept-Encoding
server
cloudflare
6079.d3be0a1f5.js
v1.bundlecdn.com/js/ 		1 KB
715 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/6079.d3be0a1f5.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.56332e4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4bf8464edcf35fd4582a75b7087389d0075b0670b27f8582156ce64288b130b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6710f76d-487"
age
465278
cf-ray
8d6c6e5be8133a0b-YYZ
expires
Fri, 20 Oct 2034 21:02:55 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 17 Oct 2024 11:39:25 GMT
vary
Accept-Encoding
server
cloudflare
7329.77a768f52.css
v1.bundlecdn.com/css/ 		2 KB
799 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/css/7329.77a768f52.css
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.56332e4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c23a431c3cfa498f28ab1b6a824e0319ce355e329b9b4f60963b4fcaf82004a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66f1a52c-68e"
age
483324
cf-ray
8d6c6e5be8163a0b-YYZ
expires
Fri, 20 Oct 2034 21:02:55 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
text/css
last-modified
Mon, 23 Sep 2024 17:28:12 GMT
vary
Accept-Encoding
server
cloudflare
7329.0f43983ba.js
v1.bundlecdn.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/7329.0f43983ba.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.56332e4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc868dab1b16d48b882beef6a12284aed5de69610f1b20060a24fc44a9294907

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670f8bd7-1064"
age
483324
cf-ray
8d6c6e5be8173a0b-YYZ
expires
Fri, 20 Oct 2034 21:02:55 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 16 Oct 2024 09:48:07 GMT
vary
Accept-Encoding
server
cloudflare
7001.542f3ca69.js
v1.bundlecdn.com/js/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/7001.542f3ca69.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.56332e4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
695bac315dad3a6ec39af30d8dcc5d01242f4e2c417fd0bc80a0e3985fbe4960

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670e5368-7672"
age
637994
cf-ray
8d6c6e5be8193a0b-YYZ
expires
Fri, 20 Oct 2034 21:02:55 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 15 Oct 2024 11:35:04 GMT
vary
Accept-Encoding
server
cloudflare
60385.2c6c716c1.js
v1.bundlecdn.com/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/60385.2c6c716c1.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.56332e4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
333f4c6fce9a3b294a0b5e438b403e3a98a573d06ce135facb084ced18a61c8f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6710f76d-241d"
age
465396
cf-ray
8d6c6e5be81d3a0b-YYZ
expires
Fri, 20 Oct 2034 21:02:55 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 17 Oct 2024 11:39:25 GMT
vary
Accept-Encoding
server
cloudflare
81760.54a82743e.css
v1.bundlecdn.com/css/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/css/81760.54a82743e.css
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.56332e4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a24197824bf746be594453dc05d1a154831e0f97b830388ef1b5698b001d8de3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6707b595-5e54"
age
1068930
cf-ray
8d6c6e5be81c3a0b-YYZ
expires
Fri, 20 Oct 2034 21:02:55 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
text/css
last-modified
Thu, 10 Oct 2024 11:08:05 GMT
vary
Accept-Encoding
server
cloudflare
81760.c2e1f176f.js
v1.bundlecdn.com/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/81760.c2e1f176f.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.56332e4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f61e4142e849fd70ce29a6ebc163aa515cb87952c29a73a550e46232e40f5dc6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670fa92f-27a1"
age
545448
cf-ray
8d6c6e5be81e3a0b-YYZ
expires
Fri, 20 Oct 2034 21:02:55 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 16 Oct 2024 11:53:19 GMT
vary
Accept-Encoding
server
cloudflare
firebase-messaging.js
1weeya.top/firebase/8.1.1/ 		40 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://1weeya.top/firebase/8.1.1/firebase-messaging.js
Requested by
Host: 1weeya.top
URL: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/casino/play/1play_1play_speed-n-cash

Response headers

x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67173714-9f25"
age
263
cf-ray
8d6c6e57388b39f5-YYZ
expires
Fri, 20 Oct 2034 21:02:54 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 21:02:54 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 05:24:36 GMT
server
cloudflare
vary
Accept-Encoding
1279.2ddf52e8a.js
v1.bundlecdn.com/js/ 		911 B
755 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.bundlecdn.com/js/1279.2ddf52e8a.js
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.56332e4b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b563de728f7ad9022ef94968360931749d32898f02f524b66a73c2630126f4a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=315360000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66c735bd-38f"
age
5299130
cf-ray
8d6c6e5c48b73a0b-YYZ
expires
Fri, 20 Oct 2034 21:02:55 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 22 Aug 2024 12:57:33 GMT
vary
Accept-Encoding
server
cloudflare
1win-normal.d39105a87.svg
v1.bundlecdn.com/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v1.bundlecdn.com/img/1win-normal.d39105a87.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
49ffaa4181723a9ed79c1b401b1dee41d0c0d6f3671a69cb0ca6b494335bbbba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67179b04-9b0"
age
6179
access-control-allow-methods
GET, POST, OPTIONS
cf-ray
8d6c6e5c58bb3a0b-YYZ
expires
Wed, 23 Oct 2024 01:02:55 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
image/svg+xml
last-modified
Tue, 22 Oct 2024 12:31:00 GMT
vary
Accept-Encoding
server
cloudflare
ca.svg
v1.bundlecdn.com/img/flags/ 		458 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v1.bundlecdn.com/img/flags/ca.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cf8f34e4b607c3ce8575639c308203e4fad00e9fab2ea37c99b04b680523b43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67179b04-1ca"
age
3172
access-control-allow-methods
GET, POST, OPTIONS
cf-ray
8d6c6e5c58bd3a0b-YYZ
expires
Wed, 23 Oct 2024 01:02:55 GMT
access-control-allow-origin
*
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
image/svg+xml
last-modified
Tue, 22 Oct 2024 12:31:00 GMT
vary
Accept-Encoding
server
cloudflare
bear.7b736fe37-290.webp
v1.bundlecdn.com/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v1.bundlecdn.com/img/bear.7b736fe37-290.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.128 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
66c4135905d8889570877f8bf74d092dbcda1ec84d16791a9eab736415fd396c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
public, max-age=14400
cf-cache-status
HIT
etag
"67179b03-3adc"
age
5558
access-control-allow-methods
GET, POST, OPTIONS
cf-ray
8d6c6e5c58cf3a0b-YYZ
expires
Wed, 23 Oct 2024 01:02:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
15068
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
image/webp
last-modified
Tue, 22 Oct 2024 12:30:59 GMT
vary
Accept-Encoding
server
cloudflare
destination
www.googletagmanager.com/gtag/ 		277 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-548949LWLW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.232.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
50a69535cf465c93e4dd8a9a1e2b7ba8d0d35ade42d8696b636951224abfdc8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 22 Oct 2024 21:02:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98059
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		277 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.232.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
97737bbe04ac7f84b2370204977fd11cabd70d2494c98c472b877ee145c8fc2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 22 Oct 2024 21:02:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97995
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		275 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16482547739&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.232.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
93c99f951189844c26e0c18907827beff6fd4276132b98b8e839598b8976ea53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 22 Oct 2024 21:02:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96985
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		223 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.232.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
7fdc45c17b75a52d61d42dabc41c0798395e6047afbe87c032bfffc5766253b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 22 Oct 2024 21:02:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
81827
x-xss-protection
0
server
Google Tag Manager
activityi;dc_pre=CL3vn7_xookDFWWsgwgdDq483A;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
12572451.fls.doubleclick.net/ Frame DC20
Redirect Chain
  • https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7...
  • https://12572451.fls.doubleclick.net/activityi;dc_pre=CL3vn7_xookDFWWsgwgdDq483A;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;g...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://12572451.fls.doubleclick.net/activityi;dc_pre=CL3vn7_xookDFWWsgwgdDq483A;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6005706825789.445?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1weeya.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1001
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 21:02:55 GMT
expires
Tue, 22 Oct 2024 21:02:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 21:02:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12572451.fls.doubleclick.net/activityi;dc_pre=CL3vn7_xookDFWWsgwgdDq483A;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6005706825789.445?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
hotjar-2606090.js
static.hotjar.com/c/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2606090.js?sv=6
Requested by
Host: 1weeya.top
URL: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-126.jfk50.r.cloudfront.net
Software
/
Resource Hash
2ea1eb980748f6a90c9a6327817e40e6966df15c321818b246b2dc7b36cb4fd3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

content-encoding
br
etag
W/64030887ed1a42a0acff92f0b38c3488
age
7
x-content-type-options
nosniff
x-cache-hit
1
x-cache
Hit from cloudfront
x-amz-cf-id
HIS1S7SoTyMjpXa6rme4ee2aMYI5oc3z1GYP0p2WgBNOaN-8rtOhJw==
date
Tue, 22 Oct 2024 21:02:48 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
via
1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P3
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 5152 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2F1weeya.top
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.232.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f97.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
14
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 21:02:41 GMT
expires
Wed, 22 Oct 2025 21:02:41 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pv
1weeya.top/analytics/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://1weeya.top/analytics/pv?pgi=GTM-KGKQDC7
Requested by
Host: 1weeya.top
URL: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://1weeya.top/casino/play/1play_1play_speed-n-cash

Response headers

cf-ray
8d6c6e5eca4539f5-YYZ
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
date
Tue, 22 Oct 2024 21:02:56 GMT
server
cloudflare
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
events
1weeya.top/analytics/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://1weeya.top/analytics/events?event_name=page_view&pgi=GTM-KGKQDC7
Requested by
Host: 1weeya.top
URL: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://1weeya.top/casino/play/1play_1play_speed-n-cash

Response headers

cf-ray
8d6c6e5eca4839f5-YYZ
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
date
Tue, 22 Oct 2024 21:02:55 GMT
server
cloudflare
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
modules.02161fb4f8ebb73fb3f8.js
script.hotjar.com/ 		225 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.02161fb4f8ebb73fb3f8.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-77.jfk50.r.cloudfront.net
Software
/
Resource Hash
3c6fd07134c7c19a53b6119d41d6c250efae68f3e7384ae34971e63b21d01337
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

x-robots-tag
none
content-encoding
br
etag
"dec0c1b6789c165b6cb6404022b9d8ab"
age
737808
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
MEy9Nn1qaYilGhwCCkGw0BG1Bx8Jyz8CDxPhZqvwMt5-F2WhLQhiwA==
date
Mon, 14 Oct 2024 08:06:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 14 Oct 2024 08:05:53 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 cf549a03d4f209dc2ee52d1dd6cb3730.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56680
x-amz-cf-pop
JFK50-P5
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-548949LWLW&gtm=45je4ah0v894728184z8894400803za200zb894400803&_p=1729630975321&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685~101823847~101836706&cid=625877177.1729630976&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1729630975&sct=1&seg=0&dl=https%3A%2F%2F1weeya.top%2Fcasino%2Fplay%2F1play_1play_speed-n-cash&dt=1win&en=socket_connection_attempt&_fv=1&_nsi=1&_ss=1&tfd=3960
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-548949LWLW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://1weeya.top
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
541 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-548949LWLW&cid=625877177.1729630976&gtm=45je4ah0v894728184z8894400803za200zb894400803&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101686685~101823847~101836706
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-548949LWLW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.144.155 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://1weeya.top
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 21:02:55 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame CDBB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-548949LWLW&gacid=625877177.1729630976&gtm=45je4ah0v894728184z8894400803za200zb894400803&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685~101823847~101836706&z=1534328221
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-548949LWLW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.207.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1weeya.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 21:02:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-548949LWLW&cid=625877177.1729630976&gtm=45je4ah0v894728184z8894400803za200zb894400803&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101686685~101823847~101836706&tag_exp=101686685~101823847~101836706&z=817495496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 22 Oct 2024 21:02:56 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
activityi;dc_pre=CJGjqr_xookDFVyzgwgdOigUQg;src=12688802;type=actio0;cat=allpa0;ord=1;num=7317131561159;npa=0;auiddc=1508349530.1729630976;ps=1;pcor=1120677669;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uap...
12688802.fls.doubleclick.net/ Frame D767
Redirect Chain
  • https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=7317131561159;npa=0;auiddc=1508349530.1729630976;ps=1;pcor=1120677669;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;...
  • https://12688802.fls.doubleclick.net/activityi;dc_pre=CJGjqr_xookDFVyzgwgdOigUQg;src=12688802;type=actio0;cat=allpa0;ord=1;num=7317131561159;npa=0;auiddc=1508349530.1729630976;ps=1;pcor=1120677669;...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://12688802.fls.doubleclick.net/activityi;dc_pre=CJGjqr_xookDFVyzgwgdOigUQg;src=12688802;type=actio0;cat=allpa0;ord=1;num=7317131561159;npa=0;auiddc=1508349530.1729630976;ps=1;pcor=1120677669;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101823847~101836706;epver=2;~oref=https%3A%2F%2F1weeya.top%2Fcasino%2Fplay%2F1play_1play_speed-n-cash?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1weeya.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
378
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 21:02:56 GMT
expires
Tue, 22 Oct 2024 21:02:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 21:02:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12688802.fls.doubleclick.net/activityi;dc_pre=CJGjqr_xookDFVyzgwgdOigUQg;src=12688802;type=actio0;cat=allpa0;ord=1;num=7317131561159;npa=0;auiddc=1508349530.1729630976;ps=1;pcor=1120677669;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101823847~101836706;epver=2;~oref=https%3A%2F%2F1weeya.top%2Fcasino%2Fplay%2F1play_1play_speed-n-cash?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=7317131561159;npa=0;auiddc=1508349530.1729630976;ps=1;pcor=1120677669;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=...
td.doubleclick.net/td/fls/rul/ Frame 12FD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=7317131561159;npa=0;auiddc=1508349530.1729630976;ps=1;pcor=1120677669;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101823847~101836706;epver=2;~oref=https%3A%2F%2F1weeya.top%2Fcasino%2Fplay%2F1play_1play_speed-n-cash?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.207.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1weeya.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 21:02:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=7317131561159;npa=0;auiddc=1508349530.1729630976;ps=1;pcor=1120677669;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscd...
ad.doubleclick.net/ 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=7317131561159;npa=0;auiddc=1508349530.1729630976;ps=1;pcor=1120677669;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1l1;dma=0;tag_exp=101686685~101823847~101836706;epver=2;~oref=https%3A%2F%2F1weeya.top%2Fcasino%2Fplay%2F1play_1play_speed-n-cash?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f148.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 22 Oct 2024 21:02:56 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"7397061774794981067"}],"aggregatable_trigger_data":[{"filters":[{"14":["13647302"]}],"key_piece":"0xa70c2628d13f572c","source_keys":["12","13","14","15","16","17","18","19","20","21","20557008","20557009","20557010","20557011","24835884","24835885","24835886","24835887"]},{"key_piece":"0x2e40f5ce9e71fb96","not_filters":{"14":["13647302"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","20557008","20557009","20557010","20557011","24835884","24835885","24835886","24835887"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"20557008":36,"20557009":36,"20557010":36,"20557011":3530,"21":6356,"24835884":32,"24835885":32,"24835886":32,"24835887":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"3345873287436480640","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"7397061774794981067","filters":[{"14":["13647302"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"7397061774794981067","filters":[{"14":["13647302"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"7397061774794981067","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"7397061774794981067","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12688802"]}}
content-type
image/png
x-xss-protection
0
server
cafe
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16482547739/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16482547739/?random=1729630975978&cv=11&fst=1729630975978&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2F1weeya.top%2Fcasino%2Fplay%2F1play_1play_speed-n-cash&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=1508349530.1729630976&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16482547739&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.157 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f157.1e100.net
Software
cafe /
Resource Hash
45e4fbb52f2c4a734521ed4d16cc89ccd27d4cf5111739209fadd1a4b8c0b83f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2360
date
Tue, 22 Oct 2024 21:02:56 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16482547739
td.doubleclick.net/td/rul/ Frame 3B16 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/16482547739?random=1729630975978&cv=11&fst=1729630975978&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2F1weeya.top%2Fcasino%2Fplay%2F1play_1play_speed-n-cash&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=1508349530.1729630976&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16482547739&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.207.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qk-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1weeya.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Oct 2024 21:02:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/16482547739/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/16482547739/?random=1729630975978&cv=11&fst=1729630800000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2F1weeya.top%2Fcasino%2Fplay%2F1play_1play_speed-n-cash&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=1508349530.1729630976&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfI86F21US67Tie6AmFdMcq1iANlzzXcGiXGuCzxZ6DAbbKGxi&random=258391317&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.175.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 22 Oct 2024 21:02:56 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/16482547739/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/16482547739/?random=1729630975978&cv=11&fst=1729630800000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0v9181323879z8894400803za200zb894400803&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823848~101836706&u_w=1600&u_h=1200&url=https%3A%2F%2F1weeya.top%2Fcasino%2Fplay%2F1play_1play_speed-n-cash&hn=www.googleadservices.com&frm=0&tiba=1win&npa=0&pscdl=noapi&auid=1508349530.1729630976&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfI86F21US67Tie6AmFdMcq1iANlzzXcGiXGuCzxZ6DAbbKGxi&random=258391317&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://1weeya.top/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 22 Oct 2024 21:02:56 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
httpapi
api2.amplitude.com/2/ 		94 B
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.1fbe0bd28.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.184.93.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-93-222.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ccbe1487a157b4afcbea26efd4d265b1c2e323c89967ae0a654770e931b49970
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://1weeya.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/json

Response headers

strict-transport-security
max-age=15768000
access-control-allow-origin
*
content-length
94
date
Tue, 22 Oct 2024 21:02:56 GMT
content-type
application/json
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.184.93.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-93-222.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1weeya.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Tue, 22 Oct 2024 21:02:56 GMT
strict-transport-security
max-age=15768000
allv4
v1.bundlecdn.com/common/banners/ 		0
0
allv4
v1.bundlecdn.com/common/banners/ Frame 		0
0
events
1weeya.top/analytics/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://1weeya.top/analytics/events?event_name=api_client_data_fetching_failed&pgi=GTM-KGKQDC7
Requested by
Host: 1weeya.top
URL: https://1weeya.top/casino/play/1play_1play_speed-n-cash
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://1weeya.top/casino/play/1play_1play_speed-n-cash

Response headers

cf-ray
8d6c6e7a3aa139f5-YYZ
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
date
Tue, 22 Oct 2024 21:03:00 GMT
server
cloudflare
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
1weeya.top
URL
https://1weeya.top/common/banners/allv4?localeId=61&lang=en&tzOffset=-420
Domain
v1.bundlecdn.com
URL
https://v1.bundlecdn.com/common/banners/allv4?localeId=61&lang=en&tzOffset=-420
Domain
v1.bundlecdn.com
URL
https://v1.bundlecdn.com/common/banners/allv4?localeId=61&lang=en&tzOffset=-420

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| INITIAL_DATA object| _chunksDictionary function| clearImmediate function| setImmediate string| appTitle function| deepFreeze object| LangEnum object| lang function| initSmartico string| releaseTag string| buildName string| gtmKey object| supportChatConfig object| webim object| webimHandlers function| initOrGetInstanceOfSupportChat function| openTgSupportChannel function| loadScript object| webpackChunk_1win_frontend_main object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| dataLayer object| __vueuse_ssr_handlers__ function| IMask object| buildConfig boolean| __VUE__ object| amplitude object| analyticsConnectorInstances object| socket object| firebase object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| axel number| a string| userId function| hj object| _hjSettings object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| gaGlobal object| GooglebQhCsO

16 Cookies

Domain/Path Name / Value
1weeya.top/ Name: visit_domain
Value: 1weeya.top
.1weeya.top/ Name: cf_clearance
Value: QVsWBi.juu4.3MlO0XhxJ5mVIO3A90lmYqDxnfSdoPE-1729630974-1.2.1.1-4f63RZ485mNTVoYQQbF6bfNAVs.lP6mY3ShncFkc0XKV24LM7tcRm3unrVe6doAGzc2tZvXcUrRgTm7647OkuUYCNfZ_bsNyqhOhf41CUkvoOZLwDn8AJl.2c5r9bCnn7KNhWiUgLr5NSi8kdGQ3CNRnyodZiMhMWJ3iLAVel6Iqjx4Z_YU1.QLCaN9eIhR0zmoVkK8uJ45LQNwi_zgArMkx2FFvACq18Ivdve6UmZV6tyi6pg_7kW.Z5vsFMsTRYXOVDcREAonwI4bAlyrrTAGUMJTvjS6WaVBA_N.Q6nrDx_jhk5HVh3P4gQDOOoe_dfiiR4Zx5QBsU5ixWUU5gjoSB35e5bTupisy7o9xTZAocZHElkm9S0xAADZuImfX
1weeya.top/ Name: 1w_lang
Value: en
1weeya.top/ Name: 1w_locale
Value: 61
.1weeya.top/ Name: __cf_bm
Value: xp1D511oMGhy0dR9cocPAz2ICJi0beefBtlH_e3bVhg-1729630974-1.0.1.1-ZA.UJIWo9Juc7RQsRwbw3ktwR_jactv6jFpoPPPxjzdsg_lfL7K0NXaHwPQ3sim3B_6NmK8lKl1i6P7EdvOwlA
.1weeya.top/ Name: _cfuvid
Value: 8JHwRgkhxKP_YDRME0AMOtsumMnQk53V4KtRd7c3mO0-1729630975458-0.0.1.1-604800000
.1weeya.top/ Name: _gcl_au
Value: 1.1.1508349530.1729630976
.1weeya.top/ Name: AMP_494cccfe21
Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjIwNDQ1OGYzMy1mOGIxLTRkYTktYTg3MC0wYTk5NjQzOWFhNWIlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzI5NjMwOTc0NzYxJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcyOTYzMDk3NTcwMSUyQyUyMmxhc3RFdmVudElkJTIyJTNBNiUyQyUyMnBhZ2VDb3VudGVyJTIyJTNBMCU3RA==
.1weeya.top/ Name: _ga
Value: GA1.1.625877177.1729630976
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: ar_debug
Value: 1
.1weeya.top/ Name: _hjSessionUser_2606090
Value: eyJpZCI6ImY1NjNhNzI0LTM1OTAtNTgwNy1hZDJkLWM3YmRmZTk1YjVmNCIsImNyZWF0ZWQiOjE3Mjk2MzA5NzYwNzcsImV4aXN0aW5nIjpmYWxzZX0=
.1weeya.top/ Name: _hjSession_2606090
Value: eyJpZCI6Ijk3OGE5ZTNlLThhZWYtNDc0Yi1iYzM2LTQ5NWY1MTBiMjM3MyIsImMiOjE3Mjk2MzA5NzYwNzgsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
1weeya.top/ Name: _hjHasCachedUserAttributes
Value: true
.doubleclick.net/ Name: IDE
Value: AHWqTUkCrG6Tk_UAYfkmksOSAnXWDnOX-3ccvu_E-nYQvva9jsRKkiNi40E_rZak
.1weeya.top/ Name: _ga_548949LWLW
Value: deleted

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
1weeya.top
ad.doubleclick.net
analytics.google.com
api.lab.amplitude.com
api2.amplitude.com
googleads.g.doubleclick.net
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
td.doubleclick.net
v1.bundlecdn.com
www.google.ca
www.google.com
www.googletagmanager.com
1weeya.top
v1.bundlecdn.com
108.138.106.126
142.250.31.148
151.101.2.132
154.197.121.1
154.197.121.128
172.217.222.94
173.194.175.106
173.194.207.148
173.194.207.154
18.164.96.77
209.85.144.155
209.85.144.157
209.85.232.97
216.239.34.181
54.184.93.222
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6
0f6e3e5c53c730a88de6f874ab17cb1283f0ed8580bb22b57578f4f0d601f700
1685ca05d76e4d71b161d5e6757088e496797eedfc1535bc4b081203beffd86d
19a89ffb93f75d7a50e22e0d0904e8d6916caa49d2470cb82c83b2c71e0745d5
2ea1eb980748f6a90c9a6327817e40e6966df15c321818b246b2dc7b36cb4fd3
333f4c6fce9a3b294a0b5e438b403e3a98a573d06ce135facb084ced18a61c8f
3c6fd07134c7c19a53b6119d41d6c250efae68f3e7384ae34971e63b21d01337
45e4fbb52f2c4a734521ed4d16cc89ccd27d4cf5111739209fadd1a4b8c0b83f
4868ff1e5eb4154b7529b4117fbb4d98e8ccb370655d32445f392e5a210e0a74
4976aa119d10308e999d9cc618a49ebc8eb6c19cc7c9672e5f2ac3a1f2c6a4a3
49ffaa4181723a9ed79c1b401b1dee41d0c0d6f3671a69cb0ca6b494335bbbba
4bc4e0ff1b52a213da84c2bd68a388644ee35f4bcfae744d66b8cc6bdbc92215
50a69535cf465c93e4dd8a9a1e2b7ba8d0d35ade42d8696b636951224abfdc8b
5704fb70783a0f90824b41cda3803f7fc987d02f9c4450d7f3839db249bd72c3
58291d174b097938b050bdd46fa7fe9386241f7c4da006ff150493f1b1f4f3e9
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
605d617cececfcdd7647f3b19fb20b30fc38d1f88704f59e911ba17bf24ce105
66c4135905d8889570877f8bf74d092dbcda1ec84d16791a9eab736415fd396c
695bac315dad3a6ec39af30d8dcc5d01242f4e2c417fd0bc80a0e3985fbe4960
6a526c2a6388c3951f1729ba805eb612b457f49b6909a48d1bc3fc6c9f3aa7de
6cf8f34e4b607c3ce8575639c308203e4fad00e9fab2ea37c99b04b680523b43
7c23a431c3cfa498f28ab1b6a824e0319ce355e329b9b4f60963b4fcaf82004a
7fdc45c17b75a52d61d42dabc41c0798395e6047afbe87c032bfffc5766253b2
84e703dd4ddb6a31896739db4fbb3be56fa7ba27b3f3a6c10aae4228fc8b7cd9
93c99f951189844c26e0c18907827beff6fd4276132b98b8e839598b8976ea53
97737bbe04ac7f84b2370204977fd11cabd70d2494c98c472b877ee145c8fc2c
9b39c6fd041f1bc9fadedd5cb382f159c6bcfc3a7a79ca5bf5654869556b8299
9be12e59a210d45411e025096615d4308c44a0cffeb791dd452e443c675e8481
9c3b25f260defd6991608963a30a67cad0981ecce13e5975b1a6304887514d7f
a24197824bf746be594453dc05d1a154831e0f97b830388ef1b5698b001d8de3
a616940be79496045b9eccbe6d202ebf6efadafeca6ff0e24bc9e49bb764e799
b563de728f7ad9022ef94968360931749d32898f02f524b66a73c2630126f4a3
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a
cc868dab1b16d48b882beef6a12284aed5de69610f1b20060a24fc44a9294907
ccbe1487a157b4afcbea26efd4d265b1c2e323c89967ae0a654770e931b49970
ce68e1614ab493deaecfa6eb9711736de0348248e1d559b5f6dfb5dc4c29b459
df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a7735ee234e23e660aec8681c82a9d1a5fefb76d9d1972cc3047cc30845d96
ec7bb3946e6d89245afb742b61df3f40e7ca648382cf075e1cf0b73d63d55de7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f007c721f3891c6fbc6555f58faf308a9187968bfca7439dd601ae93b621649b
f19e67532ab80ae500b8fa0a66d28152eca9517eaf7968f85967cbcf66c070df
f4bf8464edcf35fd4582a75b7087389d0075b0670b27f8582156ce64288b130b
f61e4142e849fd70ce29a6ebc163aa515cb87952c29a73a550e46232e40f5dc6
f63a6b9e6b5a598842075008bea8324bd4fbbb102608b2a60e2b7b844b8be478