URL: https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&
Submission: On December 19 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 4 countries across 4 domains to perform 33 HTTP transactions. The main IP is 154.197.121.1, located in Seychelles and belongs to CLOUDFLARESPECTRUM Cloudflare London, LLC, US. The main domain is 1wgafz.top.
TLS certificate: Issued by WE1 on December 1st 2024. Valid for: 3 months.
This is the only time 1wgafz.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 24 154.197.121.1 209242 (CLOUDFLAR...)
1 190.115.19.14 59692 (IQWEB IQW...)
1 18.245.86.69 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 151.101.2.132 54113 (FASTLY)
4 54.148.110.136 16509 (AMAZON-02)
33 7
Apex Domain
Subdomains
Transfer
24 1wgafz.top
1wgafz.top
1 MB
7 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 3096
api.lab.amplitude.com — Cisco Umbrella Rank: 3996
api2.amplitude.com — Cisco Umbrella Rank: 1129
25 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
205 KB
1 1win-cdn.com
partners.1win-cdn.com — Cisco Umbrella Rank: 737191
2 KB
33 4
Domain Requested by
24 1wgafz.top 1 redirects 1wgafz.top
4 api2.amplitude.com cdn.amplitude.com
1wgafz.top
2 api.lab.amplitude.com 1wgafz.top
2 www.googletagmanager.com 1wgafz.top
www.googletagmanager.com
1 cdn.amplitude.com 1wgafz.top
1 partners.1win-cdn.com 1wgafz.top
33 6

This site contains no links.

Subject Issuer Validity Valid
1wgafz.top
WE1
2024-12-01 -
2025-03-01
3 months crt.sh
partners.1win-cdn.com
R10
2024-12-03 -
2025-03-03
3 months crt.sh
cdn.amplitude.com
Amazon RSA 2048 M03
2024-11-14 -
2025-12-13
a year crt.sh
*.google-analytics.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.lab.amplitude.com
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-10-01 -
2025-11-02
a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA
2024-01-31 -
2025-03-02
a year crt.sh

This page contains 2 frames:

Primary Page: https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&
Frame ID: 6954C3760A859FFA284D342BD0F26772
Requests: 29 HTTP requests in this frame

Frame: https://1wgafz.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js
Frame ID: 06A518CDD9A8975C36B64ADE21B180D5
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

1win

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

33
Requests

97 %
HTTPS

17 %
IPv6

4
Domains

6
Subdomains

7
IPs

4
Countries

1626 kB
Transfer

2697 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://1wgafz.top/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://1wgafz.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js

33 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request landing-fortune-wheel
1wgafz.top/v3/
8 KB
3 KB
Document
General
Full URL
https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ba58d45fd1a719a0f898f868e22e82f15dcac498c89d22e050d99e1abdb0ea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f45d38c08dd9760-FRA
content-encoding
br
content-type
text/html
date
Thu, 19 Dec 2024 07:54:44 GMT
last-modified
Tue, 17 Dec 2024 14:34:35 GMT
server
cloudflare
vary
Accept-Encoding
index.umd.js
partners.1win-cdn.com/
4 KB
2 KB
Script
General
Full URL
https://partners.1win-cdn.com/index.umd.js
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.19.14 , Belize, ASN59692 (IQWEB IQWeb FZ-LLC, AE),
Reverse DNS
Software
ddos-guard /
Resource Hash
7f6668a7e9ef502207250ae107377a8dc32f43c20a8c38ab7a06d7acfffceef6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1wgafz.top/

Response headers

ddg-cache-status
HIT
content-encoding
br
etag
"6719f3fa-100d"
age
284775
accept-ranges
bytes
access-control-allow-origin
*
content-length
1977
date
Mon, 16 Dec 2024 00:48:29 GMT
content-type
application/javascript; charset=utf-8, application/javascript
last-modified
Thu, 24 Oct 2024 07:15:06 GMT
server
ddos-guard
vary
Accept-Encoding
index-a63304e2.js
1wgafz.top/v3/landing-fortune-wheel/assets/
642 KB
204 KB
Script
General
Full URL
https://1wgafz.top/v3/landing-fortune-wheel/assets/index-a63304e2.js
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e38e625741c4ea522b66c00401eeb80d3c4c184ea765d9cd6810eaf3598c33f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1wgafz.top
Referer
https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&

Response headers

cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
HIT
etag
"67618bfb-a07ba"
cf-ray
8f45d38ca9829760-FRA
expires
Thu, 19 Dec 2024 11:54:44 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
application/javascript
last-modified
Tue, 17 Dec 2024 14:34:35 GMT
vary
Accept-Encoding
server
cloudflare
index-3b33adf8.css
1wgafz.top/v3/landing-fortune-wheel/assets/
33 KB
7 KB
Stylesheet
General
Full URL
https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b33adf8a57954d6dcf710350e1448ae7cf620f92d07b34fc20d53faa9174b00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&

Response headers

cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
"67618bfb-8435"
cf-ray
8f45d38ca9819760-FRA
expires
Thu, 19 Dec 2024 11:54:44 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
text/css
last-modified
Tue, 17 Dec 2024 14:34:35 GMT
vary
Accept-Encoding
server
cloudflare
analytics-browser-1.9.1-min.js.gz
cdn.amplitude.com/libs/
78 KB
24 KB
Script
General
Full URL
https://cdn.amplitude.com/libs/analytics-browser-1.9.1-min.js.gz
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
003323cb8d24bc4767961492cc2e75ca440b5e1eedecf528248345ff9e99f61c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1wgafz.top
Referer
https://1wgafz.top/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"3f392996cd1c9b079141e6ab3151fc90"
x-amz-version-id
a2lgF8YXGboryhr.g8VsMWAXvZTQIa8E
age
147889
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
wBxVUZ_V1RXaB52gn6bgmNoCp20V4bqZXfn_wkodM5mkAPAbSmET3g==
date
Tue, 17 Dec 2024 14:49:56 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Fri, 03 Mar 2023 20:55:00 GMT
cache-control
max-age=31536000
via
1.1 a84e87b6b82308dbc0e331c3e28c23c6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
24161
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/
318 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12dbe2d2b792f527db71c4d00dad0eb46f82093a376a6dbb0ab4f24623cca94e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1wgafz.top/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 19 Dec 2024 07:54:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 19 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108953
x-xss-protection
0
server
Google Tag Manager
vardata
api.lab.amplitude.com/sdk/v2/ Frame
0
0
Preflight
General
Full URL
https://api.lab.amplitude.com/sdk/v2/vardata?v=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-amp-exp-user
Access-Control-Request-Method
GET
Origin
https://1wgafz.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization,x-amp-exp-user
access-control-allow-methods
GET,POST,HEAD
access-control-allow-origin
https://1wgafz.top
access-control-max-age
1800
age
2474
cache-control
no-store
content-length
0
date
Thu, 19 Dec 2024 07:54:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache
HIT, HIT
x-cache-hits
220, 285
x-content-type-options
nosniff
x-served-by
cache-bfi-krnt7300057-BFI, cache-fra-etou8220039-FRA
x-timer
S1734594885.771024,VS0,VE0
flags.svg
1wgafz.top/v3/landing-fortune-wheel/sprites/
190 KB
45 KB
Other
General
Full URL
https://1wgafz.top/v3/landing-fortune-wheel/sprites/flags.svg
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel/assets/index-a63304e2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
790336a09030817df4a1adcef4e9bcf7d300d847d96597963cfa81f2c9fca8f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&

Response headers

server
cloudflare
cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
HIT
etag
"67618bfa-2f93a"
cf-ray
8f45d38dab58910c-FRA
expires
Thu, 19 Dec 2024 11:54:44 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
image/svg+xml
last-modified
Tue, 17 Dec 2024 14:34:34 GMT
vary
Accept-Encoding
priority
u=3,i
reg-form.svg
1wgafz.top/v3/landing-fortune-wheel/sprites/
3 KB
1 KB
Other
General
Full URL
https://1wgafz.top/v3/landing-fortune-wheel/sprites/reg-form.svg
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel/assets/index-a63304e2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f769257f466c93c0dbc91b76c56ab876cc3ef91c4d0b3cd6a40f15b6bfb0c51f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"67618bfa-a73"
age
5809
expires
Thu, 19 Dec 2024 11:54:44 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
image/svg+xml
last-modified
Tue, 17 Dec 2024 14:34:34 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=14400
cf-ray
8f45d38dab59910c-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1216
server
cloudflare
logo-loader.svg
1wgafz.top/v3/landing-fortune-wheel/images/
6 KB
3 KB
Image
General
Full URL
https://1wgafz.top/v3/landing-fortune-wheel/images/logo-loader.svg
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705f162ccea371c7ca4af41a84964e2b6de1a47b5266b6cd9147ce8615cc6ccb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"67618bfa-1849"
age
3027
expires
Thu, 19 Dec 2024 11:54:44 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
image/svg+xml
last-modified
Tue, 17 Dec 2024 14:34:34 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=14400
cf-ray
8f45d38dab5b910c-FRA
access-control-allow-origin
*
server
cloudflare
logo.svg
1wgafz.top/v3/landing-fortune-wheel/images/logo/
4 KB
1 KB
Image
General
Full URL
https://1wgafz.top/v3/landing-fortune-wheel/images/logo/logo.svg
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3634b68c242ef07fd879838de719ccc22f67cbdbdbbd4bad7660678398f698de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"67618bfa-e58"
age
5809
expires
Thu, 19 Dec 2024 11:54:44 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
image/svg+xml
last-modified
Tue, 17 Dec 2024 14:34:34 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=14400
cf-ray
8f45d38dab5d910c-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1151
server
cloudflare
truncated
/
311 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/avif
vardata
api.lab.amplitude.com/sdk/v2/
2 B
192 B
Fetch
General
Full URL
https://api.lab.amplitude.com/sdk/v2/vardata?v=0
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel/assets/index-a63304e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Authorization
Api-Key a6fe45b3f5ce2b723d78632d3ddffc87
Referer
https://1wgafz.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-Amp-Exp-User
eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS4xMy4yIiwibGFuZ3VhZ2UiOiJlbi1VUyIsInBsYXRmb3JtIjoiV2ViIiwib3MiOiJDaHJvbWUgMTMxIiwiZGV2aWNlX21vZGVsIjoiTGludXgiLCJkZXZpY2VfY2F0ZWdvcnkiOiJkZXNrdG9wIiwicmVmZXJyaW5nX3VybCI6IiIsImJyb3dzZXIiOiJDaHJvbWUiLCJsYW5kaW5nX3VybCI6Imh0dHBzOi8vMXdnYWZ6LnRvcC92My9sYW5kaW5nLWZvcnR1bmUtd2hlZWw_c3ViMT01NjNjM2U1MC1iZDQ0LTExZWYtOTU5YS1jYmZhMGU4NTNjNWYmc3ViMj0xMDM5ODkmIiwiZmlyc3Rfc2VlbiI6IjE3MzQ1OTQ4ODQuNzQ2IiwidXJsX3BhcmFtIjp7InN1YjEiOiI1NjNjM2U1MC1iZDQ0LTExZWYtOTU5YS1jYmZhMGU4NTNjNWYiLCJzdWIyIjoiMTAzOTg5In0sInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMzEuMC4wLjAgU2FmYXJpLzUzNy4zNiIsImRldmljZV9pZCI6IjhmMjFmZGU1LTE2OWQtNDg4NC04MmEyLTI3ODMxMTBiYTA2YSIsInVzZXJfcHJvcGVydGllcyI6eyJkZXZpY2VfdHlwZSI6ImRlc2t0b3AiLCJkb21haW4iOiIxd2dhZnoudG9wIiwidGltZV96b25lIjoiRXVyb3BlL0JlcmxpbiIsIm9zIjoib3RoZXIifX0

Response headers

age
0
cache-tag
a6fe45b3f5ce2b723d78632d3ddffc87
x-content-type-options
nosniff
x-cache
MISS, MISS
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
application/json;charset=utf-8
x-served-by
cache-bfi-kbfi7400105-BFI, cache-fra-etou8220039-FRA
x-cache-hits
0, 0
vary
Origin, Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-store
x-timer
S1734594885.779854,VS0,VE185
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-origin
https://1wgafz.top
content-length
2
main.js
1wgafz.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/ Frame 06A5
Redirect Chain
  • https://1wgafz.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://1wgafz.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
9 KB
4 KB
Script
General
Full URL
https://1wgafz.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&
Protocol
H3
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8186f3491c6c128428e82c981b7aca4338f650150c4182df78faf7a2bc0c9cba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
8f45d38dfbd4910c-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
cf-ray
8f45d38dbb65910c-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:54:44 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
background-baa82c45.avif
1wgafz.top/v3/landing-fortune-wheel/assets/
242 KB
242 KB
Image
General
Full URL
https://1wgafz.top/v3/landing-fortune-wheel/assets/background-baa82c45.avif
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baa82c45de8747da4fa1f95c7059661d2421013236c2c3672028f7d09bfaf682

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"67618bfb-3c7a8"
age
5809
expires
Thu, 19 Dec 2024 11:54:44 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
image/avif
last-modified
Tue, 17 Dec 2024 14:34:35 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=14400
cf-ray
8f45d38dbb67910c-FRA
access-control-allow-origin
*
server
cloudflare
gift-9aed8d1c.avif
1wgafz.top/v3/landing-fortune-wheel/assets/
108 KB
108 KB
Image
General
Full URL
https://1wgafz.top/v3/landing-fortune-wheel/assets/gift-9aed8d1c.avif
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aed8d1ca62c65606c7cc70ec6a34ed44fda9b39ddfd800279e0727c2c7a0282

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"67618bfb-1afa8"
age
5809
expires
Thu, 19 Dec 2024 11:54:44 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
image/avif
last-modified
Tue, 17 Dec 2024 14:34:35 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=14400
cf-ray
8f45d38dbb68910c-FRA
access-control-allow-origin
*
server
cloudflare
wheel-circle-ab41779f.avif
1wgafz.top/v3/landing-fortune-wheel/assets/
260 KB
260 KB
Image
General
Full URL
https://1wgafz.top/v3/landing-fortune-wheel/assets/wheel-circle-ab41779f.avif
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab41779fc10cedb8b66c998e8d1724d6404b791c93d40e81ae7a075d774d52da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css

Response headers

server
cloudflare
cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
HIT
etag
"67618bfb-40eca"
cf-ray
8f45d38dbb69910c-FRA
expires
Thu, 19 Dec 2024 11:54:44 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
image/avif
last-modified
Tue, 17 Dec 2024 14:34:35 GMT
vary
Accept-Encoding
priority
u=3,i
wheel-bg-c9026479.avif
1wgafz.top/v3/landing-fortune-wheel/assets/
41 KB
41 KB
Image
General
Full URL
https://1wgafz.top/v3/landing-fortune-wheel/assets/wheel-bg-c9026479.avif
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9026479eb79c93bd9cfb6ea5d52bf42b8a2e5d5a8c9426ce0146cd32ff65c65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css

Response headers

server
cloudflare
cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
HIT
etag
"67618bfb-a327"
cf-ray
8f45d38dbb6a910c-FRA
expires
Thu, 19 Dec 2024 11:54:44 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
image/avif
last-modified
Tue, 17 Dec 2024 14:34:35 GMT
vary
Accept-Encoding
priority
u=3,i
gift-bg_768-6ef446d8.avif
1wgafz.top/v3/landing-fortune-wheel/assets/
53 KB
53 KB
Image
General
Full URL
https://1wgafz.top/v3/landing-fortune-wheel/assets/gift-bg_768-6ef446d8.avif
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ef446d80a2e57f7e37944db08182db97705bfb66d2c9e26bee2b3cefeec4089

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css

Response headers

server
cloudflare
cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
HIT
etag
"67618bfb-d217"
cf-ray
8f45d38dbb6d910c-FRA
expires
Thu, 19 Dec 2024 11:54:44 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
image/avif
last-modified
Tue, 17 Dec 2024 14:34:35 GMT
vary
Accept-Encoding
priority
u=3,i
gift-decor_768-7fb19b14.avif
1wgafz.top/v3/landing-fortune-wheel/assets/
10 KB
10 KB
Image
General
Full URL
https://1wgafz.top/v3/landing-fortune-wheel/assets/gift-decor_768-7fb19b14.avif
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fb19b1467b61d67de500a2d100235d56b74b85b29389570019c3f626401d624

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"67618bfb-28f9"
age
3027
expires
Thu, 19 Dec 2024 11:54:44 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
image/avif
last-modified
Tue, 17 Dec 2024 14:34:35 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=14400
cf-ray
8f45d38dbb6e910c-FRA
access-control-allow-origin
*
server
cloudflare
SFProDisplay-Regular-25702f41.woff2
1wgafz.top/v3/landing-fortune-wheel/assets/
87 KB
88 KB
Font
General
Full URL
https://1wgafz.top/v3/landing-fortune-wheel/assets/SFProDisplay-Regular-25702f41.woff2
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25702f412567ceea60b108a2445c493f6f9d72ac11d24736fb5c334384de1150

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1wgafz.top
Referer
https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"67618bfb-15da4"
age
5809
expires
Thu, 19 Dec 2024 11:54:44 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
font/woff2
last-modified
Tue, 17 Dec 2024 14:34:35 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=14400
cf-ray
8f45d38dbb6f910c-FRA
access-control-allow-origin
*
server
cloudflare
SFProDisplay-Medium-db50cb75.woff2
1wgafz.top/v3/landing-fortune-wheel/assets/
97 KB
98 KB
Font
General
Full URL
https://1wgafz.top/v3/landing-fortune-wheel/assets/SFProDisplay-Medium-db50cb75.woff2
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db50cb7512558b476b9bf46a1ff5be0cbc7dbcb5b4df3e1d571c2acd85dcff76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1wgafz.top
Referer
https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css

Response headers

server
cloudflare
cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
HIT
etag
"67618bfb-18578"
cf-ray
8f45d38dbb71910c-FRA
expires
Thu, 19 Dec 2024 11:54:44 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
font/woff2
last-modified
Tue, 17 Dec 2024 14:34:35 GMT
vary
Accept-Encoding
priority
u=0,i=?0
SFProDisplay-Heavy-d9bfe0de.woff2
1wgafz.top/v3/landing-fortune-wheel/assets/
98 KB
98 KB
Font
General
Full URL
https://1wgafz.top/v3/landing-fortune-wheel/assets/SFProDisplay-Heavy-d9bfe0de.woff2
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9bfe0de09ed0ff81a2f7c1d72e18e0177e4b347c5f6f9c5a052c1254068711f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1wgafz.top
Referer
https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"67618bfb-18790"
age
5809
expires
Thu, 19 Dec 2024 11:54:44 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
font/woff2
last-modified
Tue, 17 Dec 2024 14:34:35 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=14400
cf-ray
8f45d38dbb72910c-FRA
access-control-allow-origin
*
server
cloudflare
SFProDisplay-Bold-1952af3a.woff2
1wgafz.top/v3/landing-fortune-wheel/assets/
96 KB
96 KB
Font
General
Full URL
https://1wgafz.top/v3/landing-fortune-wheel/assets/SFProDisplay-Bold-1952af3a.woff2
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1952af3afb6be47c8b366c6e9b44cde5efb1ebd2fa9f832912ef41caddee279e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://1wgafz.top
Referer
https://1wgafz.top/v3/landing-fortune-wheel/assets/index-3b33adf8.css

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"67618bfb-17fb8"
age
5809
expires
Thu, 19 Dec 2024 11:54:44 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
font/woff2
last-modified
Tue, 17 Dec 2024 14:34:35 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=14400
cf-ray
8f45d38dbb73910c-FRA
access-control-allow-origin
*
server
cloudflare
js
www.googletagmanager.com/gtag/
283 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-548949LWLW&l=dataLayer&cx=c&gtm=45He4cc1v894400803za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGKQDC7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2d1b6a3291a60620061fca594e5f156f2426d1a0586b305a7ef2bda8a7d64f02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1wgafz.top/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 19 Dec 2024 07:54:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100258
x-xss-protection
0
server
Google Tag Manager
8f45d38c08dd9760
1wgafz.top/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 06A5
0
694 B
XHR
General
Full URL
https://1wgafz.top/cdn-cgi/challenge-platform/h/b/jsd/r/8f45d38c08dd9760
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8f45d38e6c29910c-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
0
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
restrict.webp
1wgafz.top/v3/landing-fortune-wheel/images/
28 KB
28 KB
Image
General
Full URL
https://1wgafz.top/v3/landing-fortune-wheel/images/restrict.webp
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
145648fbb0420a13a445a0a67ba0aa7b8e8737cd13e5ec9a439a4eb48bd86f35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&

Response headers

server
cloudflare
cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
HIT
etag
"67618bfa-6ee8"
cf-ray
8f45d38e7c3c910c-FRA
expires
Thu, 19 Dec 2024 11:54:44 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
image/webp
last-modified
Tue, 17 Dec 2024 14:34:34 GMT
vary
Accept-Encoding
priority
u=3,i
events
1wgafz.top/analytics/
0
763 B
Ping
General
Full URL
https://1wgafz.top/analytics/events?event_name=undefined_undefined&pgi=GTM-KGKQDC7
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f45d38eac55910c-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:54:45 GMT
server
cloudflare
priority
u=4,i
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
events
1wgafz.top/analytics/
0
763 B
Ping
General
Full URL
https://1wgafz.top/analytics/events?event_name=undefined_undefined&pgi=GTM-KGKQDC7
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f45d38eac56910c-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:54:45 GMT
server
cloudflare
priority
u=4,i
x-frame-options
ALLOW-FROM ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan, ALLOW-FROM 1win-partner.com ww.1win.run 1win.run www.1win.work 1win.work www.1w.run 1w.run www.1wip.best 1wip.best www.1wint.run 1wint.run www.1winr.run 1winr.run www.1wind.run 1wind.run www.1wins.run 1wins.run www.1w.fan 1w.fan www.1win.team 1win.team www.1win.partners 1win.partners 1wip.best www.1wip.best 1wint.run www.1wint.run 1winr.run www.1winr.run 1wind.run www.1wind.run 1wins.run www.1wins.run 1w.fan www.1w.fan
favicon.svg
1wgafz.top/v3/landing-fortune-wheel/favicons/
1 KB
788 B
Other
General
Full URL
https://1wgafz.top/v3/landing-fortune-wheel/favicons/favicon.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.197.121.1 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da27421d59a3829fd6292f822eed7c6b1b7a745870d6b736dc67220627d9d656

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://1wgafz.top/v3/landing-fortune-wheel?sub1=563c3e50-bd44-11ef-959a-cbfa0e853c5f&sub2=103989&

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"67618bfa-5b5"
age
3026
expires
Thu, 19 Dec 2024 11:54:44 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 19 Dec 2024 07:54:44 GMT
content-type
image/svg+xml
last-modified
Tue, 17 Dec 2024 14:34:34 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=14400
cf-ray
8f45d38eec79910c-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
528
server
cloudflare
httpapi
api2.amplitude.com/2/
94 B
218 B
Fetch
General
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/analytics-browser-1.9.1-min.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.148.110.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-110-136.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
4ed96b703595f1f30b1874e599fdd78e47820c1a0d83e1685ff8cd6ec7786cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://1wgafz.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/json

Response headers

strict-transport-security
max-age=15768000
access-control-allow-origin
*
content-length
94
date
Thu, 19 Dec 2024 07:54:46 GMT
content-type
application/json
httpapi
api2.amplitude.com/2/ Frame
0
0
Preflight
General
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.148.110.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-110-136.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1wgafz.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Thu, 19 Dec 2024 07:54:46 GMT
strict-transport-security
max-age=15768000
httpapi
api2.amplitude.com/2/
94 B
218 B
Fetch
General
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: 1wgafz.top
URL: https://1wgafz.top/v3/landing-fortune-wheel/assets/index-a63304e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.148.110.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-110-136.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
9b97c679167966512633f3fd8a1714c0b955e7c8a1a0bc22c7228ef86ebe618e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://1wgafz.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/json

Response headers

strict-transport-security
max-age=15768000
access-control-allow-origin
*
content-length
94
date
Thu, 19 Dec 2024 07:54:46 GMT
content-type
application/json
httpapi
api2.amplitude.com/2/ Frame
0
0
Preflight
General
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.148.110.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-110-136.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1wgafz.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Thu, 19 Dec 2024 07:54:46 GMT
strict-transport-security
max-age=15768000

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| affiliateHook object| amplitude object| dataLayer object| analyticsConnectorInstances object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ function| IMask boolean| __VUE__ object| google_tag_manager object| google_tag_data

5 Cookies

Domain/Path Name / Value
.1wgafz.top/ Name: __cf_bm
Value: geEyfuIeOMraajf0MWUIcPdV2eSW.SQV23evsTu3Yy0-1734594884-1.0.1.1-onOrM2tRy2F9zjkOOoSIsHqZ0yxPZy6bf9L6GumrxNPqbxBDldbHDwByrj8zhmWKkX8L2ie80nOENYwsSuNZ6g
.1wgafz.top/ Name: _cfuvid
Value: tgju7yg..EzX1183HSHOV9Ji2FkIHhixnEROccwsUdk-1734594884570-0.0.1.1-604800000
.1wgafz.top/ Name: AMP_MKTG_494cccfe21
Value: JTdCJTdE
.1wgafz.top/ Name: AMP_494cccfe21
Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjI4ZjIxZmRlNS0xNjlkLTQ4ODQtODJhMi0yNzgzMTEwYmEwNmElMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzM0NTk0ODg0Njg1JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTczNDU5NDg4NDc5NyUyQyUyMmxhc3RFdmVudElkJTIyJTNBMSU3RA==
.1wgafz.top/ Name: cf_clearance
Value: nyfXi_OzGEEhleZfe6aEBADowx2NRtzRwgnHfPY1..k-1734594884-1.2.1.1-4wzKWZIckcdBKDjFsnikIPQ5Bt7Qnn4RGKWVaWnwQ1_F3WUd7PBSHgMIBLJ0EyPI8b0lOWM99OgKjP0aawdJwk7WB4kPAD0uuC.G5W1EQMamjeNwR3mfjdufK2LR24Cy_mvx1vQJSJKksblgcIVHiNDKdfxHmB.OdiMCl9mppyPo2_j2SkkDWSbxwpoiyrEq9Y2VPVxe2GgkZvKMjoBoBMu1ANdzh3UWITtVOZdlccQrGty44FySZb510k.WlHQlD47oobnsgMSAlJIbt9J4wRB5aEgkFiqDoJb2g920.XJ5bzR15aXUjx_6diZsySVSpmyP4B1fp5b0mjQTyJRO3xaCjVTddc5.gFFOtFB2yKKZk1Qg5h4u67pls6cMQ_LN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1wgafz.top
api.lab.amplitude.com
api2.amplitude.com
cdn.amplitude.com
partners.1win-cdn.com
www.googletagmanager.com
151.101.2.132
154.197.121.1
18.245.86.69
190.115.19.14
2a00:1450:4001:828::2008
54.148.110.136
003323cb8d24bc4767961492cc2e75ca440b5e1eedecf528248345ff9e99f61c
04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7
12dbe2d2b792f527db71c4d00dad0eb46f82093a376a6dbb0ab4f24623cca94e
145648fbb0420a13a445a0a67ba0aa7b8e8737cd13e5ec9a439a4eb48bd86f35
1952af3afb6be47c8b366c6e9b44cde5efb1ebd2fa9f832912ef41caddee279e
25702f412567ceea60b108a2445c493f6f9d72ac11d24736fb5c334384de1150
2d1b6a3291a60620061fca594e5f156f2426d1a0586b305a7ef2bda8a7d64f02
3634b68c242ef07fd879838de719ccc22f67cbdbdbbd4bad7660678398f698de
3b33adf8a57954d6dcf710350e1448ae7cf620f92d07b34fc20d53faa9174b00
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4ed96b703595f1f30b1874e599fdd78e47820c1a0d83e1685ff8cd6ec7786cb7
6ef446d80a2e57f7e37944db08182db97705bfb66d2c9e26bee2b3cefeec4089
705f162ccea371c7ca4af41a84964e2b6de1a47b5266b6cd9147ce8615cc6ccb
790336a09030817df4a1adcef4e9bcf7d300d847d96597963cfa81f2c9fca8f5
79ba58d45fd1a719a0f898f868e22e82f15dcac498c89d22e050d99e1abdb0ea
7f6668a7e9ef502207250ae107377a8dc32f43c20a8c38ab7a06d7acfffceef6
7fb19b1467b61d67de500a2d100235d56b74b85b29389570019c3f626401d624
8186f3491c6c128428e82c981b7aca4338f650150c4182df78faf7a2bc0c9cba
9aed8d1ca62c65606c7cc70ec6a34ed44fda9b39ddfd800279e0727c2c7a0282
9b97c679167966512633f3fd8a1714c0b955e7c8a1a0bc22c7228ef86ebe618e
ab41779fc10cedb8b66c998e8d1724d6404b791c93d40e81ae7a075d774d52da
baa82c45de8747da4fa1f95c7059661d2421013236c2c3672028f7d09bfaf682
c9026479eb79c93bd9cfb6ea5d52bf42b8a2e5d5a8c9426ce0146cd32ff65c65
d9bfe0de09ed0ff81a2f7c1d72e18e0177e4b347c5f6f9c5a052c1254068711f
da27421d59a3829fd6292f822eed7c6b1b7a745870d6b736dc67220627d9d656
db50cb7512558b476b9bf46a1ff5be0cbc7dbcb5b4df3e1d571c2acd85dcff76
e38e625741c4ea522b66c00401eeb80d3c4c184ea765d9cd6810eaf3598c33f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f769257f466c93c0dbc91b76c56ab876cc3ef91c4d0b3cd6a40f15b6bfb0c51f