1wdyff.top Open in urlscan Pro
154.197.121.1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://1wdyff.top/casino/provider/Evoplay
Submission: On August 06 via api (August 6th 2024, 3:25:46 pm UTC) from US — Scanned from CA

Summary HTTP 62 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 10 domains to perform 62 HTTP transactions. The main IP is 154.197.121.1, located in Seychelles and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is 1wdyff.top.
TLS certificate: Issued by WE1 on July 2nd 2024. Valid for: 3 months.

This is the only time 1wdyff.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	154.197.121.1 154.197.121.1	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
28	154.197.121.128 154.197.121.128	328608 (Africa-on...) (Africa-on-Cloud-AS)
2	35.84.91.66 35.84.91.66	16509 (AMAZON-02) (AMAZON-02)
2	151.101.130.132 151.101.130.132	() ()
5	172.253.115.97 172.253.115.97	() ()
62	6

7 154.197.121.1 (Seychelles) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

1wdyff.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 154.197.121.128 (Seychelles)

ASN328608 (Africa-on-Cloud-AS, ZA)

v1.bundlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.84.91.66 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-84-91-66.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.132 (None, )

ASN- ()

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.253.115.97 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	bundlecdn.com v1.bundlecdn.com	626 KB
7	1wdyff.top 1 redirects 1wdyff.top	201 KB
5	googletagmanager.com www.googletagmanager.com	460 KB
4	amplitude.com api.lab.amplitude.com Failed api2.amplitude.com — Cisco Umbrella Rank: 1505	852 B
0	google.ca Failed www.google.ca Failed
0	owdp.tech Failed datc.owdp.tech Failed
0	google.com Failed www.google.com Failed analytics.google.com Failed
0	yandex.ru Failed mc.yandex.ru Failed
0	hotjar.com Failed static.hotjar.com Failed
0	doubleclick.net Failed 12572451.fls.doubleclick.net Failed 12688802.fls.doubleclick.net Failed ad.doubleclick.net Failed stats.g.doubleclick.net Failed
62	10

	Domain	Requested by
28	v1.bundlecdn.com	1wdyff.top v1.bundlecdn.com
7	1wdyff.top	1 redirects 1wdyff.top v1.bundlecdn.com
5	www.googletagmanager.com	1wdyff.top www.googletagmanager.com
2	api2.amplitude.com	v1.bundlecdn.com
2	api.lab.amplitude.com	v1.bundlecdn.com
0	www.google.ca Failed
0	stats.g.doubleclick.net Failed	www.googletagmanager.com
0	analytics.google.com Failed	www.googletagmanager.com
0	ad.doubleclick.net Failed
0	12688802.fls.doubleclick.net Failed	www.googletagmanager.com
0	datc.owdp.tech Failed	1wdyff.top
0	www.google.com Failed	v1.bundlecdn.com
0	mc.yandex.ru Failed	1wdyff.top
0	static.hotjar.com Failed	1wdyff.top
0	12572451.fls.doubleclick.net Failed	www.googletagmanager.com
62	15

This site contains no links.

Subject Issuer	Validity	Valid
1wdyff.top WE1	`2024-07-02` - `2024-09-30`	3 months	crt.sh
v1.bundlecdn.com WE1	`2024-07-24` - `2024-10-22`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2024-01-31` - `2025-03-02`	a year	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-29` - `2024-12-30`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://1wdyff.top/casino/provider/Evoplay
Frame ID: 3CD3AB472AD30DD08A4309565D9069D1
Requests: 54 HTTP requests in this frame

Frame: https://1wdyff.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js
Frame ID: CD4101A4425FA9BC01CA8322C5B08F44
Requests: 2 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7041410041974.987
Frame ID: B03C8E81F5AFEFA5D2ACB5F11D71B4F1
Requests: 1 HTTP requests in this frame

Frame: https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6183128258452.131
Frame ID: 9B6FDB5ADA81396999F63213C91FD304
Requests: 1 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=8102811955855;npa=0;auiddc=594433525.1722957946;ps=1;pcor=863934567;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1;dma=0;tag_exp=95250753;epver=2;~oref=https%3A%2F%2F1wdyff.top%2Fcasino%2Fprovider%2FEvoplay
Frame ID: 3E4F80C878F54C8E8747B526E0B2FF65
Requests: 1 HTTP requests in this frame

Frame: https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=3123555612538;npa=0;auiddc=594433525.1722957946;ps=1;pcor=1202254503;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1;dma=0;tag_exp=95250753;epver=2;~oref=https%3A%2F%2F1wdyff.top%2Fcasino%2Fprovider%2FEvoplay
Frame ID: 683278FE2C5D14830354C8D80E41C3D5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1win - Loading

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

62
Requests

68 %
HTTPS

0 %
IPv6

10
Domains

15
Subdomains

6
IPs

2
Countries

1288 kB
Transfer

3915 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://1wdyff.top/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://1wdyff.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js

62 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Evoplay Show response
1wdyff.top/casino/provider/ 406 KB
108 KB 360ms
205ms Document
text/html 154.197.121.1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://1wdyff.top/casino/provider/Evoplay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c142d4b8877a7efb82b2fb4a534571d290dc8e0a0ec9a9968e55bbad5b53f36

Security Headers

Name

Value

X-Frame-Options

ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8af00a2e48feac1b-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 06 Aug 2024 15:25:28 GMT
server: cloudflare
vary: Origin
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
x-match-domain: 1wdyff.top
x-request-id: M9QbL8jNvwnBt7ic

GET
H2 200 SFNSDisplay-latin.50a4eaff3.woff2
v1.bundlecdn.com/font/ 32 KB
33 KB 3160ms
44ms Font
application/octet-stream 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/font/SFNSDisplay-latin.50a4eaff3.woff2
Requested by: Host: 1wdyff.top
URL: https://1wdyff.top/casino/provider/Evoplay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68

Request headers

Referer: https://1wdyff.top/
Origin: https://1wdyff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:32 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Aug 2024 14:14:04 GMT
server: cloudflare
age: 89793
etag: "66b0de2c-8128"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8af00a447c21abf7-YYZ
content-length: 33064
expires: Fri, 04 Aug 2034 15:25:32 GMT

GET
H2 200 SFNSText-latin.f09aa5229.woff2
v1.bundlecdn.com/font/ 42 KB
43 KB 3164ms
50ms Font
application/octet-stream 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/font/SFNSText-latin.f09aa5229.woff2
Requested by: Host: 1wdyff.top
URL: https://1wdyff.top/casino/provider/Evoplay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6

Request headers

Referer: https://1wdyff.top/
Origin: https://1wdyff.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:32 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Aug 2024 14:14:04 GMT
server: cloudflare
age: 89793
etag: "66b0de2c-a9f8"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8af00a447c22abf7-YYZ
content-length: 43512
expires: Fri, 04 Aug 2034 15:25:32 GMT

GET
H2 200 minified.js Show response
1wdyff.top/core-js/3.33.3/ 238 KB
86 KB 69ms
56ms Script
application/javascript 154.197.121.1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://1wdyff.top/core-js/3.33.3/minified.js

Requested by

Host: 1wdyff.top
URL: https://1wdyff.top/casino/provider/Evoplay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce68e1614ab493deaecfa6eb9711736de0348248e1d559b5f6dfb5dc4c29b459

Security Headers

Name

Value

X-Frame-Options

ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Referer: https://1wdyff.top/casino/provider/Evoplay
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 05 Aug 2024 14:14:04 GMT
server: cloudflare
age: 89791
etag: W/"66b0de2c-3b989"
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 8af00a30fbddac1b-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 04 Aug 2034 15:25:29 GMT

GET
H2 200 chunk-vendors.414201da7.js Show response
v1.bundlecdn.com/js/ 244 KB
83 KB 781ms
32ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/chunk-vendors.414201da7.js
Requested by: Host: 1wdyff.top
URL: https://1wdyff.top/casino/provider/Evoplay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: d315359eee3595102dbb49617b1cf7ad0aedf6558f45f1dc67db6c7716bf652b

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 30 Jul 2024 11:07:47 GMT
server: cloudflare
age: 618575
etag: W/"66a8c983-3d096"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a37abb1aba0-YYZ
expires: Fri, 04 Aug 2034 15:25:30 GMT

GET
H2 200 chunk-common.d09ae67d9.js Show response
v1.bundlecdn.com/js/ 374 KB
112 KB 48ms
45ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/chunk-common.d09ae67d9.js
Requested by: Host: 1wdyff.top
URL: https://1wdyff.top/casino/provider/Evoplay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 0258643e4b0088d028c9bbf8de4f1f8412f9a18f380a2c8d3bc2dcf6f911b376

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 05 Aug 2024 13:00:41 GMT
server: cloudflare
age: 93915
etag: W/"66b0ccf9-5d7b6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a37ebf0aba0-YYZ
expires: Fri, 04 Aug 2034 15:25:30 GMT

GET
H2 200 index.c947d514a.js Show response
v1.bundlecdn.com/js/ 262 KB
95 KB 59ms
56ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/index.c947d514a.js
Requested by: Host: 1wdyff.top
URL: https://1wdyff.top/casino/provider/Evoplay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f2ffc053b400c8e67e0dc4c6f3ca27d755a27c192a6b2546ea98600f44ee8bd

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 06 Aug 2024 12:50:32 GMT
server: cloudflare
age: 8885
etag: W/"66b21c18-41758"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a37ebf1aba0-YYZ
expires: Fri, 04 Aug 2034 15:25:30 GMT

GET
H2 200 index.aedf85995.css
v1.bundlecdn.com/css/ 6 KB
1 KB 1104ms
28ms Stylesheet
text/css 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/css/index.aedf85995.css
Requested by: Host: 1wdyff.top
URL: https://1wdyff.top/casino/provider/Evoplay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 9be12e59a210d45411e025096615d4308c44a0cffeb791dd452e443c675e8481

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 26 Jul 2024 13:35:13 GMT
server: cloudflare
age: 956735
etag: W/"66a3a611-185b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a37abababa0-YYZ
expires: Fri, 04 Aug 2034 15:25:30 GMT

GET
H2 200 1win-normal.svg
1wdyff.top/img/logo/main/ 5 KB
2 KB 66ms
57ms Image
image/svg+xml 154.197.121.1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1wdyff.top/img/logo/main/1win-normal.svg
Requested by: Host: 1wdyff.top
URL: https://1wdyff.top/casino/provider/Evoplay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5cb3d03f299b837679eaa793491a03acc5fc1afdbc7f207b7566646f3bd2ecb

Request headers

Referer: https://1wdyff.top/casino/provider/Evoplay
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 02 Aug 2024 10:35:11 GMT
server: cloudflare
age: 89790
etag: W/"66acb65f-1221"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a30fbdfac1b-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 04 Aug 2034 15:25:29 GMT

GET
H2 200 desktop.640ac60a2.js Show response
v1.bundlecdn.com/js/ 114 KB
32 KB 790ms
35ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/desktop.640ac60a2.js
Requested by: Host: 1wdyff.top
URL: https://1wdyff.top/casino/provider/Evoplay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ddad0c8f894eb2bbcf3a444a600419a5ea33dbd61f47c5a21d7e025eb879fd2

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 05 Aug 2024 13:00:41 GMT
server: cloudflare
age: 93907
etag: W/"66b0ccf9-1c7e1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a37abafaba0-YYZ
expires: Fri, 04 Aug 2034 15:25:30 GMT

GET
H2 200 desktop.2ab5d3806.css
v1.bundlecdn.com/css/ 65 KB
12 KB 788ms
36ms Stylesheet
text/css 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/css/desktop.2ab5d3806.css
Requested by: Host: 1wdyff.top
URL: https://1wdyff.top/casino/provider/Evoplay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: dc244098735d3dc0e280deda78e646da9a5f43d05b18d1e5a83e642836f1dd6c

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 01 Aug 2024 10:31:42 GMT
server: cloudflare
age: 448645
etag: W/"66ab640e-103a0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a37abacaba0-YYZ
expires: Fri, 04 Aug 2034 15:25:30 GMT

POST
H3 200 affiliate:link_visit
1wdyff.top/ 37 B
1008 B 200ms
191ms Ping
application/json 154.197.121.1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://1wdyff.top/affiliate:link_visit

Requested by

Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.d09ae67d9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9c3b25f260defd6991608963a30a67cad0981ecce13e5975b1a6304887514d7f

Security Headers

Name

Value

X-Frame-Options

ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Referer: https://1wdyff.top/casino/provider/Evoplay
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Aug 2024 15:25:30 GMT
cf-cache-status: DYNAMIC
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 37
server: cloudflare
etag: W/"25-Zj67mG54TfZ031q1ea2QwFUXWX4"
access-control-max-age: 7200
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1wdyff.top
access-control-expose-headers: Authorization
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
access-control-allow-credentials: true
cf-ray: 8af00a39e9e0ab28-YYZ
access-control-allow-headers: Content-Type, Authorization, X-Origin

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 18860.b33c158cc.js Show response
v1.bundlecdn.com/js/ 28 KB
10 KB 43ms
42ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/18860.b33c158cc.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.c947d514a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f6e3e5c53c730a88de6f874ab17cb1283f0ed8580bb22b57578f4f0d601f700

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 30 Jul 2024 11:07:47 GMT
server: cloudflare
age: 618571
etag: W/"66a8c983-6ea0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a3a3e4eaba0-YYZ
expires: Fri, 04 Aug 2034 15:25:30 GMT

GET
H2 200 50126.129400652.js Show response
v1.bundlecdn.com/js/ 73 KB
18 KB 76ms
37ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/50126.129400652.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.c947d514a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: d33d024eae1e04b0bee1c9239651607e24d1764cefb8db03f6617b880c8e6a07

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 05 Aug 2024 13:00:41 GMT
server: cloudflare
age: 93913
etag: W/"66b0ccf9-12387"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a3a6e8daba0-YYZ
expires: Fri, 04 Aug 2034 15:25:30 GMT

GET
H2 200 17806.927695b61.css
v1.bundlecdn.com/css/ 48 KB
9 KB 70ms
38ms Stylesheet
text/css 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/css/17806.927695b61.css
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.c947d514a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: ecddd912352a59ca78492155fd12ef88eb604fdb543b5851f7cca4f4becceb91

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 05 Aug 2024 12:27:51 GMT
server: cloudflare
age: 96342
etag: W/"66b0c547-beab"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a3a6e8baba0-YYZ
expires: Fri, 04 Aug 2034 15:25:30 GMT

GET
H2 200 17806.35e002b39.js Show response
v1.bundlecdn.com/js/ 349 KB
103 KB 70ms
37ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/17806.35e002b39.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.c947d514a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d3d49055aff7c0ca1c0aad8aff76f011521461c863a5768c8813749527c318a

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 06 Aug 2024 12:50:32 GMT
server: cloudflare
age: 8884
etag: W/"66b21c18-57440"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a3a6e91aba0-YYZ
expires: Fri, 04 Aug 2034 15:25:30 GMT

GET
H2 200 10920.a176bbb0e.js Show response
v1.bundlecdn.com/js/ 8 KB
3 KB 69ms
38ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/10920.a176bbb0e.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.c947d514a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 09a7ed558da38ef88d34bc0c60344e72a0aa7b72b670dbf79b66bc3a4b047ccc

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 30 Jul 2024 11:07:47 GMT
server: cloudflare
age: 618560
etag: W/"66a8c983-1e1f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a3a6e92aba0-YYZ
expires: Fri, 04 Aug 2034 15:25:30 GMT

GET
H3

200

main.js Show response
1wdyff.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/ Frame CD41
Redirect Chain

https://1wdyff.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://1wdyff.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?

8 KB
4 KB

36ms
30ms

Script
application/javascript

154.197.121.1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://1wdyff.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?

Requested by

Host: 1wdyff.top
URL: https://1wdyff.top/casino/provider/Evoplay

Protocol

Server

154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9343b8401ccf9aaa5add88daa85743ab7a6cd59d5aac2d6a66685f2584f7b645

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8af00a3aba94ab28-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 06 Aug 2024 15:25:30 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8af00a3a6a57ab28-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 8af00a2e48feac1b Show response
1wdyff.top/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame CD41 0
600 B 71ms
46ms XHR
text/plain 154.197.121.1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://1wdyff.top/cdn-cgi/challenge-platform/h/g/jsd/r/8af00a2e48feac1b
Requested by: Host: 1wdyff.top
URL: https://1wdyff.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Aug 2024 15:25:31 GMT
server: cloudflare
cf-ray: 8af00a3dfd3bab28-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 allv4 Show response
v1.bundlecdn.com/common/banners/ 24 KB
6 KB 1659ms
957ms XHR
application/json 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://v1.bundlecdn.com/common/banners/allv4?localeId=61&lang=en&tzOffset=-420

Requested by

Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.d09ae67d9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

cloudflare /

Resource Hash

7ad491b9cba497cd2efb75cc0dd9b42e1fadde30175b535e5db71ae5f17d3860

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"7b2f-Vg35OdfkqYzXzc9bBUg/berMgPQ"
vary: Origin
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=300
cf-ray: 8af00a447c24abf7-YYZ

GET vardata
api.lab.amplitude.com/sdk/v2/ 0
0

OPTIONS vardata
api.lab.amplitude.com/sdk/v2/ Frame 0
0

GET
H3 200 favicon-32x32.png
1wdyff.top/img/icons/ 386 B
0 250ms
250ms Other
image/webp

General

Check archive.org

Show headers Download Go to

Full URL

https://1wdyff.top/img/icons/favicon-32x32.png

Protocol

Server

-, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

4976aa119d10308e999d9cc618a49ebc8eb6c19cc7c9672e5f2ac3a1f2c6a4a3

Security Headers

Name

Value

X-Frame-Options

ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Referer: https://1wdyff.top/casino/provider/Evoplay
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:32 GMT
cf-cache-status: HIT
age: 40698
cf-polished: origFmt=png, origSize=536
content-disposition: inline; filename="favicon-32x32.webp"
alt-svc: h3=":443"; ma=86400
content-length: 386
cf-bgj: imgq:85,h2pri
last-modified: Mon, 05 Aug 2024 14:14:04 GMT
server: cloudflare
etag: "66b0de2c-218"
vary: Accept
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8af00a461cc5ab28-YYZ
expires: Fri, 04 Aug 2034 15:25:32 GMT

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 93 B
308 B 101ms
99ms Fetch
application/json 35.84.91.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.d09ae67d9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.84.91.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-84-91-66.us-west-2.compute.amazonaws.com

Software

Resource Hash

c278a313b88e7eb78c53b893cc1e3c9f4dd1c6c4da0ff8312507b9e4e2dfaba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Aug 2024 15:25:36 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
trace-id: Root=1-66b24070-6db7529621d71a0068078f39
content-length: 93

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 3651ms
180ms Preflight 35.84.91.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.84.91.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-84-91-66.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://1wdyff.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Tue, 06 Aug 2024 15:25:36 GMT
strict-transport-security: max-age=15768000

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/v2/ 1 KB
544 B 100ms
95ms Fetch
application/json 151.101.130.132

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/v2/vardata?v=0

Requested by

Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.d09ae67d9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 -, , ASN (),

Reverse DNS

Software

Resource Hash

2b393b10aa21567f8f697b88188e98229dc5723d1f0925ff4bfa568eeb5c7605

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1wdyff.top/
Authorization: Api-Key client-Ss5BFx7UDrTj948TJHfc5ZUoTW67EjvZ
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS4xMC4wIiwibGFuZ3VhZ2UiOiJlbi1VUyIsInBsYXRmb3JtIjoiV2ViIiwib3MiOiJDaHJvbWUgMTI3IiwiZGV2aWNlX21vZGVsIjoiTGludXgiLCJkZXZpY2VfaWQiOiIwMTA0MzQzOC05NDI0LTQ1OWMtOWI4My0wNTVkMWEzYjhjZjUiLCJ1c2VyX3Byb3BlcnRpZXMiOnsiZGV2aWNlX3R5cGUiOiJkZXNrdG9wIiwicGxhdGZvcm0iOiJ3ZWIiLCJvcyI6Im90aGVyIiwicGxhdGZvcm1fbGFuZ3VhZ2UiOiJlbiIsImRvbWFpbiI6IjF3ZHlmZi50b3AiLCJ0aW1lX3pvbmUiOiJBbWVyaWNhL1ZhbmNvdXZlciIsInJlZmVycmluZ19kb21haW4iOiIifX0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
cache-tag: client-Ss5BFx7UDrTj948TJHfc5ZUoTW67EjvZ
content-length: 355
x-served-by: cache-yyz4539-YYZ
x-timer: S1722957939.795897,VS0,VE76
x-amzn-trace-id: Root=1-66b24072-20d3d7222fc9f9931df69a0f
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://1wdyff.top
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/v2/ Frame 0
0 1103ms
39ms Preflight 151.101.130.132

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/v2/vardata?v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://1wdyff.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://1wdyff.top
access-control-max-age: 1800
age: 2933
cache-control: no-store
content-length: 0
date: Tue, 06 Aug 2024 15:25:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-66b234fd-386b7c8773d031490ee2ed49
x-cache: HIT
x-cache-hits: 891
x-content-type-options: nosniff
x-served-by: cache-yyz4539-YYZ
x-timer: S1722957939.748849,VS0,VE0

GET
H3 200 firebase-app.js Show response
1wdyff.top/firebase/8.1.1/ 19 KB
0 85ms
85ms Script
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://1wdyff.top/firebase/8.1.1/firebase-app.js

Requested by

Host: 1wdyff.top
URL: https://1wdyff.top/casino/provider/Evoplay

Protocol

Server

-, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce

Security Headers

Name

Value

X-Frame-Options

ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Referer: https://1wdyff.top/casino/provider/Evoplay
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 05 Aug 2024 14:14:04 GMT
server: cloudflare
age: 89790
etag: W/"66b0de2c-4ded"
vary: Accept-Encoding
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 8af00a3bbb5bab28-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 04 Aug 2034 15:25:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 367 KB
110 KB 160ms
70ms Script
application/javascript 172.253.115.97

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Requested by

Host: 1wdyff.top
URL: https://1wdyff.top/casino/provider/Evoplay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.97 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b81dfc67c753ebb53122bac8991124a7aff92873d283674ee2915a925ff42ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112016
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 15:07:32 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Aug 2024 15:25:45 GMT

GET
H3 200 firebase-messaging.js Show response
1wdyff.top/firebase/8.1.1/ 40 KB
0 3ms
3ms Script
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://1wdyff.top/firebase/8.1.1/firebase-messaging.js

Requested by

Host: 1wdyff.top
URL: https://1wdyff.top/casino/provider/Evoplay

Protocol

Server

-, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f

Security Headers

Name

Value

X-Frame-Options

ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Referer: https://1wdyff.top/casino/provider/Evoplay
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 05 Aug 2024 14:14:04 GMT
server: cloudflare
age: 89789
etag: W/"66b0de2c-9f25"
vary: Accept-Encoding
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 8af00a3c9c17ab28-YYZ
alt-svc: h3=":443"; ma=86400
expires: Fri, 04 Aug 2034 15:25:30 GMT

GET
H3 200 title Show response
1wdyff.top/common/ 29 B
0 163ms
163ms XHR
application/json

General

Check archive.org

Show headers Download Go to

Full URL

https://1wdyff.top/common/title?path=casino&lang=en

Requested by

Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/chunk-common.d09ae67d9.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a

Security Headers

Name

Value

X-Frame-Options

ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

Accept: application/json, text/plain, */*
Referer: https://1wdyff.top/casino/provider/Evoplay
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:45 GMT
cf-cache-status: DYNAMIC
server: cloudflare
etag: "25-bM/5z02X/xOkKbh8eZCiJpcKcd0"
vary: Origin
x-frame-options: ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=300
cf-ray: 8af00a976acdab28-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H2 200 24179.d28ee1fa2.js Show response
v1.bundlecdn.com/js/ 27 KB
7 KB 34ms
32ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/24179.d28ee1fa2.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.c947d514a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 04b63a0fee6970a51549f5268cf1e6056d9430ea1e24c11b65b3b1b92b04555b

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 01 Aug 2024 12:49:07 GMT
server: cloudflare
age: 440865
etag: W/"66ab8443-6dac"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a976d34aba0-YYZ
expires: Fri, 04 Aug 2034 15:25:45 GMT

GET
H2 200 60385.0b2bc834b.js Show response
v1.bundlecdn.com/js/ 9 KB
3 KB 48ms
46ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/60385.0b2bc834b.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.c947d514a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: a7cc97d5681d6d3e5921465551231c25df6ea5dec92aeb116e7dd146daef4565

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 05 Aug 2024 13:00:41 GMT
server: cloudflare
age: 93929
etag: W/"66b0ccf9-241d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a976d37aba0-YYZ
expires: Fri, 04 Aug 2034 15:25:45 GMT

GET
H2 200 59296.73e120b71.css
v1.bundlecdn.com/css/ 24 KB
4 KB 33ms
32ms Stylesheet
text/css 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/css/59296.73e120b71.css
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.c947d514a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f1f8695ea4f1e413cd85b8a31527865a481dd1906397489b77e6a06a2e2958e

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 01 Aug 2024 14:42:40 GMT
server: cloudflare
age: 433910
etag: W/"66ab9ee0-6058"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a976d30aba0-YYZ
expires: Fri, 04 Aug 2034 15:25:45 GMT

GET
H2 200 59296.2def1cdf7.js Show response
v1.bundlecdn.com/js/ 11 KB
4 KB 33ms
33ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/59296.2def1cdf7.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.c947d514a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: a8c150b6e114168444e912e820ca01d2394760317f75decd2ec83f0ba675e2e3

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 05 Aug 2024 13:00:41 GMT
server: cloudflare
age: 92463
etag: W/"66b0ccf9-2b71"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a976d39aba0-YYZ
expires: Fri, 04 Aug 2034 15:25:45 GMT

GET
H2 200 55032.8915090c7.js Show response
v1.bundlecdn.com/js/ 7 KB
3 KB 38ms
37ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/55032.8915090c7.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.c947d514a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 3df4b3bf9f6db36c6b9f30b956f88320e05d824152e4c0c5f8cab550e930d5f9

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 05 Aug 2024 13:00:41 GMT
server: cloudflare
age: 93920
etag: W/"66b0ccf9-1bd6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a976d3daba0-YYZ
expires: Fri, 04 Aug 2034 15:25:45 GMT

GET
H2 200 47193.869c85cc0.css
v1.bundlecdn.com/css/ 7 KB
2 KB 33ms
32ms Stylesheet
text/css 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/css/47193.869c85cc0.css
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.c947d514a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d8d1d1338ee122c4b879a11f00864133632714647ccf717c9782f6a31732af3

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 05 Aug 2024 14:14:04 GMT
server: cloudflare
age: 36326
etag: W/"66b0de2c-1d27"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a976d3caba0-YYZ
expires: Fri, 04 Aug 2034 15:25:45 GMT

GET
H2 200 47193.26b98e561.js Show response
v1.bundlecdn.com/js/ 10 KB
4 KB 32ms
31ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/47193.26b98e561.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.c947d514a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b77b405c662f64904ded46dc3e3450417f7503ef7db342e29c518677f638176

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 05 Aug 2024 14:14:04 GMT
server: cloudflare
age: 36326
etag: W/"66b0de2c-27f0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a976d3eaba0-YYZ
expires: Fri, 04 Aug 2034 15:25:45 GMT

GET
H2 200 18925.e5f550a42.js Show response
v1.bundlecdn.com/js/ 10 KB
4 KB 37ms
36ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/18925.e5f550a42.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.c947d514a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d66f0e7d8d3f7246a163508faf972c375e78f511357a296d912f3b632706332

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 01 Aug 2024 14:42:40 GMT
server: cloudflare
age: 434281
etag: W/"66ab9ee0-2650"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a976d3faba0-YYZ
expires: Fri, 04 Aug 2034 15:25:45 GMT

GET
H2 200 28917.a7de5a03a.css
v1.bundlecdn.com/css/ 9 KB
3 KB 41ms
39ms Stylesheet
text/css 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/css/28917.a7de5a03a.css
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.c947d514a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: 74663075dde07472df11c75515c67a99d1e63b6add7a576cdecebf3647378dc5

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 01 Aug 2024 14:42:40 GMT
server: cloudflare
age: 433910
etag: W/"66ab9ee0-2393"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a977d42aba0-YYZ
expires: Fri, 04 Aug 2034 15:25:45 GMT

GET
H2 200 28917.1269effb4.js Show response
v1.bundlecdn.com/js/ 10 KB
4 KB 59ms
58ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/28917.1269effb4.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.c947d514a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash: b0892a321dbbfce912b85cb9049255d68d7c7d8c7caef235164c61048c0cbeef

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 05 Aug 2024 13:00:41 GMT
server: cloudflare
age: 92463
etag: W/"66b0ccf9-29dc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a978d5eaba0-YYZ
expires: Fri, 04 Aug 2034 15:25:45 GMT

GET
H2 200 destination
www.googletagmanager.com/gtag/ 264 KB
92 KB 67ms
52ms Script
application/javascript 172.253.115.97

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-548949LWLW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.97 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93873
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Aug 2024 15:25:45 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 264 KB
92 KB 93ms
91ms Script
application/javascript 172.253.115.97

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.97 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93916
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Aug 2024 15:25:45 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 264 KB
91 KB 71ms
69ms Script
application/javascript 172.253.115.97

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-16482547739&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.97 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92966
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 15:07:32 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Aug 2024 15:25:45 GMT

GET
H2 200 destination
www.googletagmanager.com/gtag/ 211 KB
76 KB 59ms
59ms Script
application/javascript 172.253.115.97

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-12688802&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.97 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77740
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Aug 2024 15:25:45 GMT

GET activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7041410041974.987
12572451.fls.doubleclick.net/ Frame B03C 0
0

GET hotjar-2606090.js
static.hotjar.com/c/ 0
0

GET tag.js
mc.yandex.ru/metrika/ 0
0

GET activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6183128258452.131
12572451.fls.doubleclick.net/ Frame 9B6F 0
0

GET
H2 200 1279.ad6301de4.js
v1.bundlecdn.com/js/ 911 B
0 31ms
30ms Script
application/javascript 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.bundlecdn.com/js/1279.ad6301de4.js
Requested by: Host: v1.bundlecdn.com
URL: https://v1.bundlecdn.com/js/index.c947d514a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 30 Jul 2024 11:07:47 GMT
server: cloudflare
age: 618551
etag: W/"66a8c983-38f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 8af00a983e33aba0-YYZ
expires: Fri, 04 Aug 2034 15:25:45 GMT

GET
H2 200 1win-normal.34748aac6.svg
v1.bundlecdn.com/img/ 5 KB
2 KB 28ms
27ms Image
image/svg+xml 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v1.bundlecdn.com/img/1win-normal.34748aac6.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 06 Aug 2024 12:50:32 GMT
server: cloudflare
age: 6594
etag: W/"66b21c18-1221"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8af00a984e47aba0-YYZ
expires: Tue, 06 Aug 2024 19:25:45 GMT

GET
H2 200 ca.svg
v1.bundlecdn.com/img/flags/ 458 B
346 B 55ms
55ms Image
image/svg+xml 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v1.bundlecdn.com/img/flags/ca.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 06 Aug 2024 12:50:32 GMT
server: cloudflare
age: 2654
etag: W/"66b21c18-1ca"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8af00a984e48aba0-YYZ
expires: Tue, 06 Aug 2024 19:25:45 GMT

GET
H2 200 bear.c08bbaeea-290.webp
v1.bundlecdn.com/img/ 28 KB
28 KB 29ms
28ms Image
image/webp 154.197.121.128
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v1.bundlecdn.com/img/bear.c08bbaeea-290.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.197.121.128 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://1wdyff.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:25:45 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Aug 2024 12:50:32 GMT
server: cloudflare
age: 6316
etag: "66b21c18-6ee8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8af00a987e81aba0-YYZ
content-length: 28392
expires: Tue, 06 Aug 2024 19:25:45 GMT

GET api.js
www.google.com/recaptcha/ 0
0

POST pv
datc.owdp.tech/ 0
0

GET activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=8102811955855;npa=0;auiddc=594433525.1722957946;ps=1;pcor=863934567;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4...
12688802.fls.doubleclick.net/ Frame 3E4F 0
0

GET activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=3123555612538;npa=0;auiddc=594433525.1722957946;ps=1;pcor=1202254503;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe...
12688802.fls.doubleclick.net/ Frame 6832 0
0

GET activity;register_conversion=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=8102811955855;npa=0;auiddc=594433525.1722957946;ps=1;pcor=863934567;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=...
ad.doubleclick.net/ 0
0

GET activity;register_conversion=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=3123555612538;npa=0;auiddc=594433525.1722957946;ps=1;pcor=1202254503;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl...
ad.doubleclick.net/ 0
0

POST collect
analytics.google.com/g/ 0
0

POST collect
stats.g.doubleclick.net/g/ 0
0

GET ga-audiences
www.google.ca/ads/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.lab.amplitude.com
URL: https://api.lab.amplitude.com/sdk/v2/vardata?v=0

Domain: api.lab.amplitude.com
URL: https://api.lab.amplitude.com/sdk/v2/vardata?v=0

Domain: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7041410041974.987?

Domain: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2606090.js?sv=6

Domain: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Domain: 12572451.fls.doubleclick.net
URL: https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=6183128258452.131?

Domain: www.google.com
URL: https://www.google.com/recaptcha/api.js

Domain: datc.owdp.tech
URL: https://datc.owdp.tech/pv

Domain: 12688802.fls.doubleclick.net
URL: https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=8102811955855;npa=0;auiddc=594433525.1722957946;ps=1;pcor=863934567;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1;dma=0;tag_exp=95250753;epver=2;~oref=https%3A%2F%2F1wdyff.top%2Fcasino%2Fprovider%2FEvoplay?

Domain: 12688802.fls.doubleclick.net
URL: https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=3123555612538;npa=0;auiddc=594433525.1722957946;ps=1;pcor=1202254503;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1;dma=0;tag_exp=95250753;epver=2;~oref=https%3A%2F%2F1wdyff.top%2Fcasino%2Fprovider%2FEvoplay?

Domain: ad.doubleclick.net
URL: https://ad.doubleclick.net/activity;register_conversion=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=8102811955855;npa=0;auiddc=594433525.1722957946;ps=1;pcor=863934567;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1;dma=0;tag_exp=95250753;epver=2;~oref=https%3A%2F%2F1wdyff.top%2Fcasino%2Fprovider%2FEvoplay?

Domain: ad.doubleclick.net
URL: https://ad.doubleclick.net/activity;register_conversion=1;src=12688802;type=actio0;cat=allpa0;ord=1;num=3123555612538;npa=0;auiddc=594433525.1722957946;ps=1;pcor=1202254503;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47v0v9188705310z8894400803za201zb894400803;gcd=13l3l3l3l1;dma=0;tag_exp=95250753;epver=2;~oref=https%3A%2F%2F1wdyff.top%2Fcasino%2Fprovider%2FEvoplay?

Domain: analytics.google.com
URL: https://analytics.google.com/g/collect?v=2&tid=G-548949LWLW&gtm=45je47v0v894728184z8894400803za200zb894400803&_p=1722957945223&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=189596046.1722957946&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722957945&sct=1&seg=0&dl=https%3A%2F%2F1wdyff.top%2Fcasino%2Fprovider%2FEvoplay&dt=1win&en=socket_connection_attempt&_fv=1&_nsi=1&_ss=1&tfd=17323

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-548949LWLW&cid=189596046.1722957946&gtm=45je47v0v894728184z8894400803za200zb894400803&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250753

Domain: www.google.ca
URL: https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-548949LWLW&cid=189596046.1722957946&gtm=45je47v0v894728184z8894400803za200zb894400803&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250753&tag_exp=95250753&z=689909490

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1wdyff.top/	1970-01-20 23:20:36	Name: visit_domain Value: 1wdyff.top
.1wdyff.top/	1969-12-31 23:59:59	Name: _cfuvid Value: dJHOhBYq.lrXtNLrC0HRmh6ymnkWRXrq.Z.tkh2aU3o-1722957930653-0.0.1.1-604800000
1wdyff.top/	1969-12-31 23:59:59	Name: core-sticky Value: http://10.233.81.92:80
.1wdyff.top/	1970-01-21 07:21:33	Name: cf_clearance Value: 4sj081eflWLWvMounvpaNZ7ieRz5cRGQTPYaD08nTNw-1722957931-1.0.1.1-O1YFi.xExmvKClhhiY67cOLhaquNuxX0TNjHBu8Hvt6aw6LFB39OV93fXJKsyJxlWHfHvmDp3I9fI5jvcD3S2w
1wdyff.top/	1970-01-21 07:21:33	Name: 1w_lang Value: en
1wdyff.top/	1969-12-31 23:59:59	Name: 1w_locale Value: 61
.1wdyff.top/	1970-01-21 07:21:33	Name: AMP_494cccfe21 Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjIwMTA0MzQzOC05NDI0LTQ1OWMtOWI4My0wNTVkMWEzYjhjZjUlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzIyOTU3OTMxNTI0JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTcyMjk1NzkzMTU1NSUyQyUyMmxhc3RFdmVudElkJTIyJTNBMCUyQyUyMnBhZ2VDb3VudGVyJTIyJTNBMCU3RA==
.1wdyff.top/	1970-01-20 22:35:59	Name: __cf_bm Value: IPrICpS5D22.__sMCXd8wvv_bSqc9UWVstaH0158heQ-1722957931-1.0.1.1-o004frJweZiXojubg4oSO3MDyrVtFar5rDk3CubxllMGkHh6aurURZ89L4Ty3_a6VuUiFO7Oo6L88AhiUkhMYw

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	warning	URL: https://v1.bundlecdn.com/js/chunk-vendors.414201da7.js(Line 27) Message: WebSocket connection to 'wss://1win.direct/v4/socket.io/?Language=en&xorigin=1wdyff.top&EIO=4&transport=websocket' failed: WebSocket is closed before the connection is established.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Header

Value

X-Frame-Options

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
1wdyff.top
ad.doubleclick.net
analytics.google.com
api.lab.amplitude.com
api2.amplitude.com
datc.owdp.tech
mc.yandex.ru
static.hotjar.com
stats.g.doubleclick.net
v1.bundlecdn.com
www.google.ca
www.google.com
www.googletagmanager.com
12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
ad.doubleclick.net
analytics.google.com
api.lab.amplitude.com
datc.owdp.tech
mc.yandex.ru
static.hotjar.com
stats.g.doubleclick.net
www.google.ca
www.google.com
151.101.130.132
154.197.121.1
154.197.121.128
172.253.115.97
35.84.91.66
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
0258643e4b0088d028c9bbf8de4f1f8412f9a18f380a2c8d3bc2dcf6f911b376
04b63a0fee6970a51549f5268cf1e6056d9430ea1e24c11b65b3b1b92b04555b
06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6
09a7ed558da38ef88d34bc0c60344e72a0aa7b72b670dbf79b66bc3a4b047ccc
0f6e3e5c53c730a88de6f874ab17cb1283f0ed8580bb22b57578f4f0d601f700
1c142d4b8877a7efb82b2fb4a534571d290dc8e0a0ec9a9968e55bbad5b53f36
1ddad0c8f894eb2bbcf3a444a600419a5ea33dbd61f47c5a21d7e025eb879fd2
2b393b10aa21567f8f697b88188e98229dc5723d1f0925ff4bfa568eeb5c7605
2f2ffc053b400c8e67e0dc4c6f3ca27d755a27c192a6b2546ea98600f44ee8bd
3df4b3bf9f6db36c6b9f30b956f88320e05d824152e4c0c5f8cab550e930d5f9
4976aa119d10308e999d9cc618a49ebc8eb6c19cc7c9672e5f2ac3a1f2c6a4a3
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
6d3d49055aff7c0ca1c0aad8aff76f011521461c863a5768c8813749527c318a
6d66f0e7d8d3f7246a163508faf972c375e78f511357a296d912f3b632706332
74663075dde07472df11c75515c67a99d1e63b6add7a576cdecebf3647378dc5
7ad491b9cba497cd2efb75cc0dd9b42e1fadde30175b535e5db71ae5f17d3860
7d8d1d1338ee122c4b879a11f00864133632714647ccf717c9782f6a31732af3
8f1f8695ea4f1e413cd85b8a31527865a481dd1906397489b77e6a06a2e2958e
9343b8401ccf9aaa5add88daa85743ab7a6cd59d5aac2d6a66685f2584f7b645
9b77b405c662f64904ded46dc3e3450417f7503ef7db342e29c518677f638176
9be12e59a210d45411e025096615d4308c44a0cffeb791dd452e443c675e8481
9c3b25f260defd6991608963a30a67cad0981ecce13e5975b1a6304887514d7f
a5cb3d03f299b837679eaa793491a03acc5fc1afdbc7f207b7566646f3bd2ecb
a7cc97d5681d6d3e5921465551231c25df6ea5dec92aeb116e7dd146daef4565
a8c150b6e114168444e912e820ca01d2394760317f75decd2ec83f0ba675e2e3
b0892a321dbbfce912b85cb9049255d68d7c7d8c7caef235164c61048c0cbeef
b81dfc67c753ebb53122bac8991124a7aff92873d283674ee2915a925ff42ce8
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a
c278a313b88e7eb78c53b893cc1e3c9f4dd1c6c4da0ff8312507b9e4e2dfaba2
ce68e1614ab493deaecfa6eb9711736de0348248e1d559b5f6dfb5dc4c29b459
d315359eee3595102dbb49617b1cf7ad0aedf6558f45f1dc67db6c7716bf652b
d33d024eae1e04b0bee1c9239651607e24d1764cefb8db03f6617b880c8e6a07
dc244098735d3dc0e280deda78e646da9a5f43d05b18d1e5a83e642836f1dd6c
df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecddd912352a59ca78492155fd12ef88eb604fdb543b5851f7cca4f4becceb91

1wdyff.top Open in urlscan Pro 154.197.121.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

68 %HTTPS

0 %IPv6

10 Domains

15 Subdomains

6 IPs

2 Countries

1288 kBTransfer

3915 kBSize

8 Cookies

0 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

1wdyff.top Open in urlscan Pro
154.197.121.1 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

68 %
HTTPS

0 %
IPv6

10
Domains

15
Subdomains

6
IPs

2
Countries

1288 kB
Transfer

3915 kB
Size

8
Cookies

62 HTTP transactions
1 data transactions