www.1win.global Open in urlscan Pro
2606:4700:3035::ac43:9c6b  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/	236 KB 47 KB	13434ms 13352ms	Document text/html	2606:4700:3035::ac43:9c6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:9c6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 47a198ca4a37192fe228a6b612a0eeec7b7ac10d746af72bd4961ec09398e6d3 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language de-DE,de;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-headers X-Requested-With, X-Requested-By access-control-allow-methods POST, GET access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 86e63c447cc39022-FRA content-encoding br content-type text/html; charset=utf-8 date Wed, 03 Apr 2024 04:15:15 GMT expires -1 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NE8f3qaQG6yoeqGFsRpHoV%2BqLDHjfOuCuOHjjbh74P5OeIoHgJUbf9C8AUmdWJAYP%2BLqSf1WiDopieHVHjNko26PZWPhf6PGku6hUURRxICmx%2Fx2k%2FhyPoRZ2xLEC%2FXlHZNfA9y7OcJSlSkcZ0k%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=2592000 vary Accept-Encoding x-frame-options SAMEORIGIN x-powered-by ASP.NET x-powered-by-plesk PleskWin
GET H3	200	Inter-Regular.woff2 www.1win.global/Casino/fonts/	96 KB 97 KB	5365ms 5365ms	Font font/woff2	172.67.156.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.1win.global/Casino/fonts/Inter-Regular.woff2 Requested by Host: www.1win.global URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash ed64c5d83f5fcc357eb8afd0a7b8d9912cae97d88dd57cccb64787bb643c7c76 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Origin https://www.1win.global accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:17 GMT strict-transport-security max-age=2592000 cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 content-length 98756 x-powered-by-plesk PleskWin last-modified Fri, 20 May 2022 04:39:01 GMT server cloudflare etag "1d86c0386d0e144" vary Accept-Encoding access-control-allow-methods POST, GET content-type font/woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oj3XxYoqhePScohruBeOqVPzHnfvwf%2Bw3uHceM5PLVw2C1VRPJvcNKEmcFuOZx70UeELogrfaEt3YZkaCgsoFnO7Zcsql3PdoAl7zGVpETaC2M2ms5x%2F%2BSeg99DTP2R63Zw%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=16070400 accept-ranges bytes cf-ray 86e63c981da39f18-FRA access-control-allow-headers X-Requested-With, X-Requested-By
GET H3	200	Inter-Bold.woff2 www.1win.global/Casino/fonts/	105 KB 105 KB	5241ms 5240ms	Font font/woff2	172.67.156.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.1win.global/Casino/fonts/Inter-Bold.woff2 Requested by Host: www.1win.global URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 04079eb5aa58d207bc036c8e55d464ea23947d1b1d48d220ebcd1b7c230f589f Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Origin https://www.1win.global accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:17 GMT strict-transport-security max-age=2592000 cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 content-length 107236 x-powered-by-plesk PleskWin last-modified Fri, 20 May 2022 04:39:02 GMT server cloudflare etag "1d86c03876855e4" vary Accept-Encoding access-control-allow-methods POST, GET content-type font/woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YUqeluTiHPRryh0E6pLo0XH%2FSU7T6xs2lfgWUSthqanNvD6lxwpcWok70eIszunpNiiNrekyHUhgekHHX2A4W0YHLrclzb5BbtOdLW1SzsQRg7%2FyADNloUxURNyKl2w7S6Y%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=16070400 accept-ranges bytes cf-ray 86e63c981da69f18-FRA access-control-allow-headers X-Requested-With, X-Requested-By
GET H3	200	Inter-SemiBold.woff2 www.1win.global/Casino/fonts/	104 KB 105 KB	5492ms 5492ms	Font font/woff2	172.67.156.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.1win.global/Casino/fonts/Inter-SemiBold.woff2 Requested by Host: www.1win.global URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash d6d0905419e1e821c57189396db46ffe335960bd68befedddaf9e73f3f2e7a3a Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Origin https://www.1win.global accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:17 GMT strict-transport-security max-age=2592000 cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 content-length 106788 x-powered-by-plesk PleskWin last-modified Fri, 20 May 2022 04:39:04 GMT server cloudflare etag "1d86c03889a8524" vary Accept-Encoding access-control-allow-methods POST, GET content-type font/woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jjZN%2BjrhUYxAkW3tqKjd0Y8NdIpqLFkEX1VYp9N%2FochDTx3APAZadobqunrgbomsHrbg1iN1aerC6cfZ5sCVzUFph%2FZ1ykmHopgzFgRhscIZPEN%2Bv45HZUIcVxxdSdBzH44%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=16070400 accept-ranges bytes cf-ray 86e63c981da89f18-FRA access-control-allow-headers X-Requested-With, X-Requested-By
GET H3	200	close.svg www.1win.global/casino/images/	563 B 1 KB	52ms 52ms	Image image/svg+xml	172.67.156.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.1win.global/casino/images/close.svg Requested by Host: www.1win.global URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash fbddfe23a82a16fa258c9a3561be6e979e736ae1950bb172aed5bc88b3da1185 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:17 GMT strict-transport-security max-age=2592000 content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4469 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 x-powered-by-plesk PleskWin last-modified Fri, 08 Oct 2021 09:24:08 GMT server cloudflare etag W/"1d7bc263eda6e33" vary Accept-Encoding access-control-allow-methods POST, GET content-type image/svg+xml access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nScDr74vBZs7q0XpwRUNah8NzjX5wVcn4F%2BPIT7n9khX65Fkb%2BdxCTfwHjc5ck%2B5Qy5jlfK1L5mpnqTbJFjgDMqs34FHf4og6VJCcB6loCNIAscYtJCnS3wBTJdK4U4depA%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=16070400 cf-ray 86e63c981da99f18-FRA access-control-allow-headers X-Requested-With, X-Requested-By
GET H3	200	menuIcon.svg www.1win.global/Casino/images/	564 B 1 KB	5240ms 5239ms	Image image/svg+xml	172.67.156.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.1win.global/Casino/images/menuIcon.svg Requested by Host: www.1win.global URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash fb8cdd1c27d9fc72bfe52f12fd4bc0cd664b1d8163632c0963eadf6f0aa70787 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:17 GMT strict-transport-security max-age=2592000 content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 x-powered-by-plesk PleskWin last-modified Fri, 08 Oct 2021 09:26:31 GMT server cloudflare etag W/"1d7bc2694167fb4" vary Accept-Encoding access-control-allow-methods POST, GET content-type image/svg+xml access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=roXjVk%2BaI8ywjNoTGavf4KYY66R705BEwDse%2BTjhpgKoOA1K1j%2FMwSQl1CZQBvBpWm0qBVP5kplkvwjHh0sx8keqdWlD9v9Dk2MPSUrRA6mH0jl9PbXZ79%2BxEY9GfCmHAgo%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=16070400 cf-ray 86e63c981daa9f18-FRA access-control-allow-headers X-Requested-With, X-Requested-By
GET H3	200	1win-logo.svg www.1win.global/Casino/images/	4 KB 2 KB	5589ms 5587ms	Image image/svg+xml	172.67.156.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.1win.global/Casino/images/1win-logo.svg Requested by Host: www.1win.global URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 21c2377880cbdd7c3d160e60d89c08fb35ebab89262af95bc41d8691177966d9 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:17 GMT strict-transport-security max-age=2592000 content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 x-powered-by-plesk PleskWin last-modified Tue, 07 Dec 2021 11:44:00 GMT server cloudflare etag W/"1d7eb5fb9a90fda" vary Accept-Encoding access-control-allow-methods POST, GET content-type image/svg+xml access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7tAaYakbthTdiiGSP%2Bm3HLZTO%2FWZWBLYHLUBPxQWMWqvd2RFdvNjVYAzEPyraljJmD7XjaUEaln60igObfcYStzE2zS8LjrFKag8lkQK08WMy0kRQGdwgBLlEoPn%2BvZyS1k%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=16070400 cf-ray 86e63c982db59f18-FRA access-control-allow-headers X-Requested-With, X-Requested-By
GET H3	200	close.svg www.1win.global/Casino/images/	563 B 1 KB	5528ms 5527ms	Image image/svg+xml	172.67.156.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.1win.global/Casino/images/close.svg Requested by Host: www.1win.global URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash fbddfe23a82a16fa258c9a3561be6e979e736ae1950bb172aed5bc88b3da1185 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:17 GMT strict-transport-security max-age=2592000 content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 x-powered-by-plesk PleskWin last-modified Fri, 08 Oct 2021 09:24:08 GMT server cloudflare etag W/"1d7bc263eda6e33" vary Accept-Encoding access-control-allow-methods POST, GET content-type image/svg+xml access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y0QGJoRIcrmFQakz6ADnvF24w23ju46sMHeI9OvbbmKlGSnvOMvqQSFpjyKW%2B24gICkKhxS0ZRWTfJFFv0CS5qhHwWpydq8swUQT4bYY%2B%2FKNVmbS%2FrMg5idppcQF2vdAwFE%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=16070400 cf-ray 86e63c982db29f18-FRA access-control-allow-headers X-Requested-With, X-Requested-By
GET H3	200	homeGreySvg.svg www.1win.global/Casino/images/	845 B 1 KB	5529ms 5527ms	Image image/svg+xml	172.67.156.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.1win.global/Casino/images/homeGreySvg.svg Requested by Host: www.1win.global URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 707fc759aa02b50c46754a4ae2c25ebe09f817ffba577dabf4ff8a0f6bd081c7 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:17 GMT strict-transport-security max-age=2592000 content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 x-powered-by-plesk PleskWin last-modified Thu, 10 Mar 2022 08:20:39 GMT server cloudflare etag W/"1d83457b9b6e6cd" vary Accept-Encoding access-control-allow-methods POST, GET content-type image/svg+xml access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0O5x62qeE7HPAPWJcifLoYYAiQByGFoPgA7V%2Fv7%2FT9g0mnhJ2c0aeVipNFkyBZNnkhJfqoAD2Agv8cGTW%2F3RqbbkbMMApFIKQhcg1y8%2FyYAkCdQ9m1EjPvynY8m1NLiV3Do%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=16070400 cf-ray 86e63c982db39f18-FRA access-control-allow-headers X-Requested-With, X-Requested-By
GET H2	200	CR_ORG_1win-2113227.jpg www.imageservera.com/uploadedimages/202311/Nov02/	22 KB 23 KB	5334ms 5251ms	Image image/webp	2606:4700::6812:178 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.imageservera.com/uploadedimages/202311/Nov02/CR_ORG_1win-2113227.jpg Requested by Host: www.1win.global URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:178 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 91f4ffe8a92c8de52e90ec30791cd97fa637a13d14893872e72fa08ad232d92f Security Headers Name Value X-Frame-Options AllowAll Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.1win.global/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:20 GMT cf-cache-status HIT age 108704 cf-polished qual=85, origFmt=jpeg, origSize=144538 x-powered-by ASP.NET content-disposition inline; filename="CR_ORG_1win-2113227.webp" content-length 22670 last-modified Thu, 02 Nov 2023 11:22:25 GMT cf-bgj imgq:85,h2pri server cloudflare etag "a19ce0da7edda1:0" vary Accept, Accept-Encoding x-frame-options AllowAll content-type image/webp access-control-allow-origin * cache-control public, max-age=16070400 accept-ranges bytes cf-ray 86e63ca68bff30f9-FRA expires Sun, 06 Oct 2024 04:15:20 GMT
GET H3	200	downarrow.svg www.1win.global/Casino/images/	349 B 1013 B	5589ms 5588ms	Image image/svg+xml	172.67.156.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.1win.global/Casino/images/downarrow.svg Requested by Host: www.1win.global URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash e173dd7bf5a9693109cbd0a3d57c5dbcf6583bee77af6a252e81dc70d01b783a Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:17 GMT strict-transport-security max-age=2592000 content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 x-powered-by-plesk PleskWin last-modified Fri, 02 Oct 2020 08:13:04 GMT server cloudflare etag W/"1d69893da0e695d" vary Accept-Encoding access-control-allow-methods POST, GET content-type image/svg+xml access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=44XT0m1r3%2FnY4IDgCdu8P7Zfs%2BzSrMc3uGdQx3IV%2FnY8FOxam1Hi14WI1NCDxVVyTwv2ui8B8AIKDUQNkf4nnqa8COaflq7m%2B0%2FC%2FoyZpod3MFGz4Fpm0TxFgVyN6Rpx9ok%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=16070400 cf-ray 86e63c982db69f18-FRA access-control-allow-headers X-Requested-With, X-Requested-By
GET H3	200	bundle.min.js Show response www.1win.global/Casino/js/	404 KB 109 KB	5589ms 5588ms	Script application/javascript	172.67.156.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.1win.global/Casino/js/bundle.min.js Requested by Host: www.1win.global URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash d255be59605a9d45b6aaaf447da819fab39ba05a1df13ddfc7f7c87b5efaf0fc Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:17 GMT strict-transport-security max-age=2592000 content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 x-powered-by-plesk PleskWin last-modified Wed, 07 Feb 2024 09:06:43 GMT server cloudflare etag W/"1da59a4f7e95cbe" vary Accept-Encoding access-control-allow-methods POST, GET content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sUDlsvxdnfW%2FoDgx%2F7E%2Ftpwdk4298LXjVoFeO0c%2Ft%2BQ5igsJzuAMfkGuI8ZdU03n6KW9aDaqgN0jaB93kM47RZ9TqeMNmDZtCHWDaYSnnvU5rrebeuqaJSgg2RpsomV4G5s%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=16070400 cf-ray 86e63c982db79f18-FRA access-control-allow-headers X-Requested-With, X-Requested-By
GET H3	200	style.min.css www.1win.global/Casino/css/	522 KB 93 KB	5531ms 5530ms	Stylesheet text/css	172.67.156.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.1win.global/Casino/css/style.min.css Requested by Host: www.1win.global URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 790bcbe617e88f8dc71bb6d0235f118884cb0c56099ac9b7ad0a0347de8f9926 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:17 GMT strict-transport-security max-age=2592000 content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 x-powered-by-plesk PleskWin last-modified Thu, 08 Feb 2024 10:35:30 GMT server cloudflare etag W/"1da5a7a8974a38d" vary Accept-Encoding access-control-allow-methods POST, GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NKemg6PO%2FnSTI%2BIe%2F0FhIG8MEbOfD%2FJ1%2BktIEPOZHiKfF4cUTiPug9w1eLRMZuoYbwQvC28urFF4aGEXVUhIo%2FuaN5XHsdMsBuasjt7P122iyYOJPAhjUxTEPvSoSKZUhck%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=16070400 cf-ray 86e63c982db49f18-FRA access-control-allow-headers X-Requested-With, X-Requested-By
GET H2	200	js Show response www.googletagmanager.com/gtag/	257 KB 90 KB	89ms 36ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-8CV2BLQPDY Requested by Host: www.1win.global URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 72d02fb4935f86bc149b1fde58003e42746d9cd08c1fc3485502ba2bcd7ec2c1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.1win.global/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:17 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 91851 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 03 Apr 2024 04:15:17 GMT
GET H2	200	TNORG_Alex-Waite1433_12906.png www.imageservera.com/uploadedimages/202310/Oct04/	14 KB 15 KB	5316ms 5250ms	Image image/webp	2606:4700::6812:178 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.imageservera.com/uploadedimages/202310/Oct04/TNORG_Alex-Waite1433_12906.png Requested by Host: www.1win.global URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:178 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash e2248d884f2df9e8c172171b407a46c7698f1b0dbf1b557217cf6a79e2536aec Security Headers Name Value X-Frame-Options AllowAll Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.1win.global/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:20 GMT cf-cache-status HIT age 1753799 cf-polished origFmt=png, origSize=28572 x-powered-by ASP.NET content-disposition inline; filename="TNORG_Alex-Waite1433_12906.webp" content-length 14330 last-modified Wed, 04 Oct 2023 15:41:30 GMT cf-bgj imgq:85,h2pri server cloudflare etag "edafbd3ed9f6d91:0" vary Accept, Accept-Encoding x-frame-options AllowAll content-type image/webp access-control-allow-origin * cache-control public, max-age=16070400 accept-ranges bytes cf-ray 86e63ca68bfd30f9-FRA expires Sun, 06 Oct 2024 04:15:20 GMT
GET H3	200	spacer.gif www.1win.global/Casino/images/	246 B 994 B	5629ms 5629ms	Image image/gif	172.67.156.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.1win.global/Casino/images/spacer.gif Requested by Host: www.1win.global URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 09337786ab4bf6a39ad8e32e8bac511bc02987c5f303c00a8218311ffe23a8d2 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:17 GMT strict-transport-security max-age=2592000 cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 content-length 246 x-powered-by-plesk PleskWin last-modified Fri, 09 Mar 2018 08:44:36 GMT server cloudflare etag "1d3b782da4d32f6" vary Accept-Encoding access-control-allow-methods POST, GET content-type image/gif access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XenNdt00babNZcAvxqGIB%2Fqzatwms3Uffj4B0NarAKz6jEbtFcXXwARlh9XcXS%2FEhDRPI3X9Y3aT%2BDuNQIuBiNtz8kUg2suYibmbfaWBng3OixiW2aJ17o%2BFD78ORmBzLCQ%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=16070400 accept-ranges bytes cf-ray 86e63c983dc69f18-FRA access-control-allow-headers X-Requested-With, X-Requested-By
GET H3	200	/ Show response www.1win.global/ru/Svgsprit/ Frame 377C	2 MB 864 KB	5627ms 5627ms	Document text/html	172.67.156.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.1win.global/ru/Svgsprit/ Requested by Host: www.1win.global URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 17534c2d74b2687cca9587133e04acc647b53c44b3fcd8687b4b3e347eca0629 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language de-DE,de;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-headers X-Requested-With, X-Requested-By access-control-allow-methods POST, GET access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public,max-age=300 cf-cache-status DYNAMIC cf-ray 86e63c983dc99f18-FRA content-encoding br content-type text/html; charset=utf-8 date Wed, 03 Apr 2024 04:15:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O87%2Fxk6VG25RJc0SR0gL6nkIeTxMiXek2olCZT8tys%2BJ6hIhcTLv69bOrmdg9b3TxxGtbI%2BkE%2BhOzYzjZLcOGg%2F3LeRtILQiKs%2FYcjjE0ggTAa8tIivzJ5Wt1pCscMwiu3U%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=2592000 vary Accept-Encoding x-powered-by ASP.NET x-powered-by-plesk PleskWin
POST H2	204	collect region1.google-analytics.com/g/	0 254 B	86ms 27ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-8CV2BLQPDY&gtm=45je4410v877826450za200&_p=1712117717792&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1053297650.1712117723&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712117723&sct=1&seg=0&dl=https%3A%2F%2Fwww.1win.global%2Fru%2Fapplication-1win%2F1win-push-notifications-bonus-20231102-0001%2F&dt=%D0%91%D0%BE%D0%BD%D1%83%D1%81%20Push%20-%D1%83%D0%B2%D0%B5%D0%B4%D0%BE%D0%BC%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%201WIn%3A%20%D0%B4%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D0%BE%20%D0%B2%D0%BE%D0%B7%D0%BD%D0%B0%D0%B3%D1%80%D0%B0%D0%B6%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D1%80%D0%B0%D0%B7%D0%BC%D0%B5%D1%80%D0%B5%2020%20%D0%B4%D0%BE%D0%BB%D0%BB%D0%B0%D1%80%D0%BE%D0%B2%20%D0%A1%D0%A8%D0%90&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=18870 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8CV2BLQPDY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.1win.global/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 03 Apr 2024 04:15:23 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.1win.global cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	sprite-flag.png www.1win.global/Casino/images/	236 KB 237 KB	475ms 475ms	Image image/png	172.67.156.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.1win.global/Casino/images/sprite-flag.png Requested by Host: www.1win.global URL: https://www.1win.global/Casino/css/style.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 6b2318fda4a91a83acaf131e38c6c640c4cd65c9314f19d5a2331d05ad5581da Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.1win.global/Casino/css/style.min.css accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:23 GMT strict-transport-security max-age=2592000 cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 content-length 241908 x-powered-by-plesk PleskWin last-modified Fri, 02 Oct 2020 08:13:05 GMT server cloudflare etag "1d69893daa54e74" vary Accept-Encoding access-control-allow-methods POST, GET content-type image/png access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s2BSn7mwu%2B87iYzQ0OZrgt84cvUUQuP8BeOiDrZpBnLqJ4W%2FpW6AypLvTVuMaN83tx5LwiUt%2Bc5%2B5G%2FR6qcGcKxZWO11fO5%2BqQlgwwATJ8rVltPUhzIksFj7RqxZ4%2BBnXYA%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=16070400 accept-ranges bytes cf-ray 86e63cbb2acb9f18-FRA access-control-allow-headers X-Requested-With, X-Requested-By
POST H3	200	/ Show response www.1win.global/ru/Base/SetNewsCount/	3 B 525 B	426ms 426ms	XHR application/json	172.67.156.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.1win.global/ru/Base/SetNewsCount/ Requested by Host: www.1win.global URL: https://www.1win.global/Casino/js/bundle.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash ad57366865126e55649ecb23ae1d48887544976efea46a48eb5d85a6eeb4d306 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept */* Referer https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:23 GMT strict-transport-security max-age=2592000 content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 x-powered-by-plesk PleskWin server cloudflare vary Accept-Encoding access-control-allow-methods POST, GET content-type application/json; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ajXXfESZNscjI2Mm%2FArGLGprp9Hm7EgZQ%2BTzkoFfeXOiI7NKMujFI5l1cOg%2FxX122AtsRQ9icdsygBVYIz8JGahknln72aU5TVsGdDpoxJBeQ7%2BCEw4ybJePaU8TBwIDoeo%3D"}],"group":"cf-nel","max_age":604800} cf-ray 86e63cbc0b4c9f18-FRA access-control-allow-headers X-Requested-With, X-Requested-By
GET H3	200	/ Show response www.1win.global/ru/GetCountry/	77 KB 5 KB	420ms 420ms	XHR application/json	172.67.156.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.1win.global/ru/GetCountry/ Requested by Host: www.1win.global URL: https://www.1win.global/Casino/js/bundle.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 7fca6c7b5e0ae83843f3a8b8e7b018dd3c9deb016c482c27032614ae0b7f6788 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Accept */* Referer https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:23 GMT strict-transport-security max-age=2592000 content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 x-powered-by-plesk PleskWin server cloudflare vary Accept-Encoding access-control-allow-methods POST, GET content-type application/json; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A2y7m8VwpmyU1gIMMqNDs0LBVIYQ77isKiPZo5OAbdxAS8RfjeY5sYcD%2B9%2FN1gsxuKvevEUQe88zcyk7NYAmUtgRzADMtAxRYzMaO4q9blV9bNyQ8hTTHXoGXAIqjXudnCU%3D"}],"group":"cf-nel","max_age":604800} cf-ray 86e63cbc1b519f18-FRA access-control-allow-headers X-Requested-With, X-Requested-By
GET H2	200	TNORG_1win%20app%20ios4114_37036.png www.imageservera.com/uploadedimages/202201/Jan28/	220 KB 221 KB	43ms 41ms	Image image/webp	2606:4700::6812:178 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.imageservera.com/uploadedimages/202201/Jan28/TNORG_1win%20app%20ios4114_37036.png Requested by Host: www.1win.global URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:178 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash f55b9b364d603605823949a856fc5bd5461a917c112737fba68b697b68d63d45 Security Headers Name Value X-Frame-Options AllowAll Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.1win.global/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:23 GMT cf-cache-status HIT age 822174 cf-polished origFmt=png, origSize=461865 x-powered-by ASP.NET content-disposition inline; filename="TNORG_1win%20app%20ios4114_37036.webp" content-length 225408 last-modified Fri, 28 Jan 2022 17:13:09 GMT cf-bgj imgq:85,h2pri server cloudflare etag "889a1526a14d81:0" vary Accept, Accept-Encoding x-frame-options AllowAll content-type image/webp access-control-allow-origin * cache-control public, max-age=16070400 accept-ranges bytes cf-ray 86e63cbc28cd30f9-FRA expires Sun, 06 Oct 2024 04:15:23 GMT
GET H2	200	TNCR_ORG_1win-App-Bonus-3997.jpg www.imageservera.com/uploadedimages/202203/Mar10/	9 KB 10 KB	41ms 39ms	Image image/jpeg	2606:4700::6812:178 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.imageservera.com/uploadedimages/202203/Mar10/TNCR_ORG_1win-App-Bonus-3997.jpg Requested by Host: www.1win.global URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:178 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 8b300803a1d8cc962d4477a8538fe1523079b3e370c899c634d2ac568817f60d Security Headers Name Value X-Frame-Options AllowAll Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.1win.global/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:23 GMT cf-cache-status HIT age 1772653 cf-polished origSize=10298, status=webp_bigger x-powered-by ASP.NET content-length 9582 last-modified Thu, 10 Mar 2022 12:08:13 GMT cf-bgj imgq:85,h2pri server cloudflare etag "a29fa6847734d81:0" vary Accept-Encoding x-frame-options AllowAll content-type image/jpeg access-control-allow-origin * cache-control public, max-age=16070400 accept-ranges bytes cf-ray 86e63cbc28d130f9-FRA expires Sun, 06 Oct 2024 04:15:23 GMT
POST H3	200	/ Show response www.1win.global/ru/casino/GetRHSbonus_withcountry/	2 B 701 B	151ms 151ms	XHR text/html	172.67.156.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.1win.global/ru/casino/GetRHSbonus_withcountry/ Requested by Host: www.1win.global URL: https://www.1win.global/Casino/js/bundle.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept */* Referer https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:24 GMT strict-transport-security max-age=2592000 content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 x-powered-by-plesk PleskWin server cloudflare vary Accept-Encoding access-control-allow-methods POST, GET content-type text/html; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6gceSBzPrIU4uJlPaCSsQsNzaNXYnXlv043Yyx%2BOs04X7t4bBdktdiTLWyKf%2B45Il%2FIAObd%2Fdy8iYyc0aXG1sLxTx4PvuIMUAhRsXkiGAOKo4xN5BEn6klcnLOgbCkE3Ego%3D"}],"group":"cf-nel","max_age":604800} cf-ray 86e63cbebcf09f18-FRA access-control-allow-headers X-Requested-With, X-Requested-By
GET H3	200	favicon.png www.1win.global/	1 KB 2 KB	144ms 144ms	Other image/png	172.67.156.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.1win.global/favicon.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 6d2ea7ba1af1175b47e5e7768771824ef6897f1715073b60e4e6990bad72bc99 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:24 GMT strict-transport-security max-age=2592000 cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 content-length 1141 x-powered-by-plesk PleskWin last-modified Tue, 07 Dec 2021 07:16:00 GMT server cloudflare etag "1d7eb3a493bbc75" vary Accept-Encoding access-control-allow-methods POST, GET content-type image/png access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2F%2FGQMGAvUJl8LB00OW8y%2BpYdpZ5jIrKBptfz4uyLs55MkBLHroKv9vQv8kK6e6h4ox3jLpcsKcaOwhynn%2FGppOhtJOcQ%2FN%2FT2xVsE7vDDrYaZkM%2BSc6jIKizEduBEDnL3E%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=16070400 accept-ranges bytes cf-ray 86e63cbebcf69f18-FRA access-control-allow-headers X-Requested-With, X-Requested-By
POST H3	200	/ Show response www.1win.global/ru/casino/Getcategory/	2 KB 889 B	234ms 233ms	XHR application/json	172.67.156.107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.1win.global/ru/casino/Getcategory/ Requested by Host: www.1win.global URL: https://www.1win.global/Casino/js/bundle.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash c4fd812dc4330630754eb8218a30f960004c1d723b13b2e89baafc71ea40d66d Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept application/json, text/javascript, */*; q=0.01 Referer https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 04:15:25 GMT strict-transport-security max-age=2592000 content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 x-powered-by-plesk PleskWin server cloudflare vary Accept-Encoding access-control-allow-methods POST, GET content-type application/json; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1tcroEQ8ou3w410z2YpRY%2BLrxtkjs93nGMn8tEHNdD12m1PC1tT9vuiNXDK0eYjrcP5V4OBxCY6MqT6sgGipQsiTlRb%2FtfYtxZpGA1SkgLtyc0sRoPodi6w0F7de5D0PvFo%3D"}],"group":"cf-nel","max_age":604800} cf-ray 86e63cc4f8dc9f18-FRA access-control-allow-headers X-Requested-With, X-Requested-By

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal string| serchmessage string| categorymore object| TRACK_INFO string| env string| api string| papi string| turl string| lhref object| sessionid string| trackid string| tcname object| campaign object| rType string| endpoint undefined| search undefined| params undefined| key undefined| val function| handleClick function| generateUUID function| cc function| rc function| addTrackEvents function| gtag object| dataLayer string| siteurl string| spacerImages string| reviewurl string| Imagepath string| hyperlink string| Valid_EmailRequired string| Already string| EmailRequired string| othermessage string| subscription string| headmsg string| termmsg string| eamailadd string| NexttoPlay string| DefaultCountry string| countrycode string| message string| Agetermerror string| hintstatus string| Siteid string| siteimgurl string| multlang string| Loadmorepg number| langid string| Sitechannel string| browsusid object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| u function| _classCallCheck function| e object| o object| spinner function| slider boolean| c object| p function| GetSearch undefined| A undefined| P undefined| O number| n function| validateEmail function| _lazy function| textapply function| isDate18orMoreYearsOld function| Nextstep function| checkvalidEmail function| checkvalidPassword function| createCookie function| readCookie function| eraseCookie string| j function| getContrastYIQ function| hexc undefined| B undefined| t undefined| a undefined| v function| setnum function| VerifyPhoneNumber function| validatePhone number| L boolean| s number| R function| submitURonlanguage string| r function| tweetbind boolean| N function| rgb2hexcode function| cutHex function| teamsConsitionHide string| d function| sortUnorderedList object| h object| f function| detachFilters function| Appendrnk function| GetStarStable function| ppcTableMobile boolean| m number| E number| _ number| q function| getTimeAbbr object| G object| F boolean| g function| getCatData function| getCatDatafooter function| catQuickLinks function| createLeftFooter boolean| b function| getcountryData function| catsublist boolean| x function| getreviewsbonusData function| GetAjaxload object| H string| U string| W function| GetAjaxloadFetures boolean| V object| Y number| z string| y function| handleTransale number| J function| autoplaySlider function| createFooterCat function| getAjaxSlotgrid function| getAjaxTopThreeFilterbrand undefined| C undefined| Q undefined| Z undefined| k undefined| X undefined| K boolean| ee function| maxLength function| getAjaxreviewcomment function| Gettopnewsbonusdata function| GettopnewsbonusdataRHS function| GettopReviebonusdataRHS function| datapositoon undefined| te object| ae object| se object| ne number| ie boolean| oe function| CheckAwardFunctionChecked function| sendEmail function| sendVoteEmail number| re undefined| le string| ce object| de number| ue string| pe function| handleTransalentc boolean| he object| $e number| fe function| addScript object| me object| ge function| leaguebyday function| addMinutes function| setFootyMatchToLocalTime function| setCookie undefined| S undefined| T undefined| I boolean| ve function| Gettopnewssliderbonusdata function| gettipsforsportevents number| M function| $ function| jQuery function| Slider function| LazyLoad function| loadCSS function| social function| getbonus function| GetFetures number| gridDivBottom boolean| newscalltopbonus

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.1win.global/	1970-01-21 04:20:53	Name: .AspNetCore.Culture Value: c%3Dru-RU%7Cuic%3Dru-RU
			www.1win.global/	1970-01-21 04:20:53	Name: custom-currentlang Value: ru
			www.1win.global/	1970-01-21 04:20:53	Name: custom-countrycode Value: GB
			www.1win.global/	1970-01-21 04:20:53	Name: custom-channelid Value: 0
			www.1win.global/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.e4k7iXNWLKw Value: CfDJ8BFe3-5ChStMqdcJCJWmA6OQGLLX7oKgJIiJ1bGYvDx2bQ6TtDfGAgeaWFxCWHTwRGgNa92vKeNYwJj_agt63GKMwVKX7UnE1rd3WKUGYZ4tEZ5116fx9i7jKkryQYOFe6MBSeAiZi7l8MawOE2qPLo
			www.1win.global/	1969-12-31 23:59:59	Name: .AspNetCore.Mvc.CookieTempDataProvider Value: CfDJ8BFe3-5ChStMqdcJCJWmA6MMbFk6oCNKM0q0J_cTOI2SFg9Z2jC6hBwNACoQResiujJ_494I9jJG_WAQ7glrNB2yHh55IJTS5MsZXn1jrZkGqhbpJACD3RR7AoSV7uLtoi1g4sHA1FbAeSD6LbhoRkQ
			www.1win.global/	1969-12-31 23:59:59	Name: .WebClient.Session Value: CfDJ8BFe3%2B5ChStMqdcJCJWmA6Nt4ZAWmDXGv0PvFHbFYdoRQ6EyKtb2TbbpRIRI79N9qhfvVG7ouY0foluCbsgOMifecHCr7pOmxFc9hAVs5TrfA4ondvz%2FrleHhsxBLzjGCWYQeqmA8Sq5wasj%2F6PPkt8IrL9BuFREQwi5hQho2N0Z
			.imageservera.com/	1970-01-20 19:35:19	Name: __cf_bm Value: pMxo.CPM5DcAwIjwK._tV.ulFG2yeFsYsoQCjFRmYIQ-1712117720-1.0.1.1-AedDlNlJ1t0vGgF2Fyb0Ky5IkyjFr0vrVt1GyNNd9Ck4F0bnsnuDbaWvujMCCLzZQqeBsA4i3jvHDSlSc9GqoQ
			.1win.global/	1970-01-21 05:11:17	Name: _ga_8CV2BLQPDY Value: GS1.1.1712117723.1.0.1712117723.0.0.0
			.1win.global/	1970-01-21 05:11:17	Name: _ga Value: GA1.1.1053297650.1712117723
			www.1win.global/	1970-01-21 04:20:53	Name: wcem_trackid Value: 1712117723-ef1a9021-wcem
			www.1win.global/	1970-01-20 22:28:05	Name: langsessionIDRU Value: Data-RU
			.1win.global/	1970-01-20 19:35:19	Name: __cf_bm Value: PEW9doPj8ltPNkHTswGirM4qlPVbCe.xi17DSgB6_ZU-1712117724-1.0.1.1-8RgRWAWLZvhk1XfeF6RygRhqpADSRjAXkwFaoFXFC0JO9BMHpnl3i__IS7Tngv1_1Q1e8Ykenqf8pXKNcXuraw

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.1win.global/ru/application-1win/1win-push-notifications-bonus-20231102-0001/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

region1.google-analytics.com
www.1win.global
www.googletagmanager.com
www.imageservera.com
172.67.156.107
2001:4860:4802:34::36
2606:4700:3035::ac43:9c6b
2606:4700::6812:178
2a00:1450:4001:813::2008
04079eb5aa58d207bc036c8e55d464ea23947d1b1d48d220ebcd1b7c230f589f
09337786ab4bf6a39ad8e32e8bac511bc02987c5f303c00a8218311ffe23a8d2
17534c2d74b2687cca9587133e04acc647b53c44b3fcd8687b4b3e347eca0629
21c2377880cbdd7c3d160e60d89c08fb35ebab89262af95bc41d8691177966d9
47a198ca4a37192fe228a6b612a0eeec7b7ac10d746af72bd4961ec09398e6d3
6b2318fda4a91a83acaf131e38c6c640c4cd65c9314f19d5a2331d05ad5581da
6d2ea7ba1af1175b47e5e7768771824ef6897f1715073b60e4e6990bad72bc99
707fc759aa02b50c46754a4ae2c25ebe09f817ffba577dabf4ff8a0f6bd081c7
72d02fb4935f86bc149b1fde58003e42746d9cd08c1fc3485502ba2bcd7ec2c1
790bcbe617e88f8dc71bb6d0235f118884cb0c56099ac9b7ad0a0347de8f9926
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
7fca6c7b5e0ae83843f3a8b8e7b018dd3c9deb016c482c27032614ae0b7f6788
8b300803a1d8cc962d4477a8538fe1523079b3e370c899c634d2ac568817f60d
91f4ffe8a92c8de52e90ec30791cd97fa637a13d14893872e72fa08ad232d92f
ad57366865126e55649ecb23ae1d48887544976efea46a48eb5d85a6eeb4d306
c4fd812dc4330630754eb8218a30f960004c1d723b13b2e89baafc71ea40d66d
d255be59605a9d45b6aaaf447da819fab39ba05a1df13ddfc7f7c87b5efaf0fc
d6d0905419e1e821c57189396db46ffe335960bd68befedddaf9e73f3f2e7a3a
e173dd7bf5a9693109cbd0a3d57c5dbcf6583bee77af6a252e81dc70d01b783a
e2248d884f2df9e8c172171b407a46c7698f1b0dbf1b557217cf6a79e2536aec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed64c5d83f5fcc357eb8afd0a7b8d9912cae97d88dd57cccb64787bb643c7c76
f55b9b364d603605823949a856fc5bd5461a917c112737fba68b697b68d63d45
fb8cdd1c27d9fc72bfe52f12fd4bc0cd664b1d8163632c0963eadf6f0aa70787
fbddfe23a82a16fa258c9a3561be6e979e736ae1950bb172aed5bc88b3da1185