urlscan.io logo urlscan.io
SecurityTrails logo

1xbet-trkiye.icu Open in urlscan Pro
172.67.162.52  Public Scan

Go To Rescan Add Verdict Report
URL: https://1xbet-trkiye.icu/
Submission: On September 11 via manual from UA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 38 HTTP transactions. The main IP is 172.67.162.52, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1xbet-trkiye.icu.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 6th 2021. Valid for: a year.
This is the only time 1xbet-trkiye.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 172.67.162.52 13335 (CLOUDFLAR...)
4 74.125.140.106 15169 (GOOGLE)
3 7 87.250.251.119 208722 (YNDX)
7 142.251.32.99 15169 (GOOGLE)
38 5
Apex Domain
Subdomains		 Transfer
23 1xbet-trkiye.icu
1xbet-trkiye.icu
396 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
471 KB
5 yandex.com
mc.yandex.com
2 KB
4 google.com
www.google.com
23 KB
2 yandex.ru
mc.yandex.ru
72 KB
38 5
Domain Requested by
23 1xbet-trkiye.icu 1xbet-trkiye.icu
6 www.gstatic.com www.google.com
www.gstatic.com
5 mc.yandex.com 2 redirects 1xbet-trkiye.icu
4 www.google.com 1xbet-trkiye.icu
www.gstatic.com
www.google.com
2 mc.yandex.ru 1 redirects 1xbet-trkiye.icu
1 fonts.gstatic.com www.google.com
38 6

This site contains links to these domains. Also see Links.

Domain
bit.ly
wordpress.org
headthemes.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-06 -
2022-07-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://1xbet-trkiye.icu/
Frame ID: EDC4267B7F03E36F0B84DAA3BC316F35
Requests: 29 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrBeQUAAAAAILU-UZRN0mmRgUVneYp5ROoFF9x&co=aHR0cHM6Ly8xeGJldC10cmtpeWUuaWN1OjQ0Mw..&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&theme=light&size=normal&cb=jzhcihottyj1
Frame ID: 51C17DF10268A510A10B0BBBF5CA12AE
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&k=6LcrBeQUAAAAAILU-UZRN0mmRgUVneYp5ROoFF9x&cb=3w74mbx1en5x
Frame ID: 32C0F07AFCE43DE27074EA2278B5B4D8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1XBET TÜRKIYE - Bahis Sitesi - GIRIŞ - 1xbet Bonus 2021

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

38
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

962 kB
Transfer

2093 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9393.A8zhYZnb4CedTfhpWjzYmF4pQyD4w4msX_9sR5IbtORwpjJweD0xBaxev4Njn4bE.j_7v1TSCv5fm6dn9Ghh-6D8lnRQ%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9393.KDkzQhv98XlDNxrOc42drixL0LjDDvy9tAFGpuu8PSNchOHZecShGrGE_QaFUDJljzzuOYzSFHl9ams9gJ1QVw%2C%2C.E4I8wOZ59Ng0jqBO5JA5VjJqv_k%2C
Request Chain 27
  • https://mc.yandex.com/watch/54618220?wmode=7&page-url=https%3A%2F%2F1xbet-trkiye.icu%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A520%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A507031703045%3Ahid%3A186342762%3Az%3A0%3Ai%3A20210911125153%3Aet%3A1631364713%3Ac%3A1%3Arn%3A926570719%3Arqn%3A1%3Au%3A1631364713983270669%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631364712347%3Ads%3A35%2C42%2C70%2C2%2C0%2C0%2C%2C357%2C1%2C%2C%2C%2C509%3Adsn%3A35%2C42%2C70%2C2%2C0%2C0%2C%2C359%2C1%2C%2C%2C%2C509%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631364713%3At%3A1XBET%20T%C3%9CRKIYE%20-%20Bahis%20Sitesi%20-%20GIRI%C5%9E%20-%201xbet%20Bonus%202021 HTTP 302
  • https://mc.yandex.com/watch/54618220/1?wmode=7&page-url=https%3A%2F%2F1xbet-trkiye.icu%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A520%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A507031703045%3Ahid%3A186342762%3Az%3A0%3Ai%3A20210911125153%3Aet%3A1631364713%3Ac%3A1%3Arn%3A926570719%3Arqn%3A1%3Au%3A1631364713983270669%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631364712347%3Ads%3A35%2C42%2C70%2C2%2C0%2C0%2C%2C357%2C1%2C%2C%2C%2C509%3Adsn%3A35%2C42%2C70%2C2%2C0%2C0%2C%2C359%2C1%2C%2C%2C%2C509%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631364713%3At%3A1XBET%20T%C3%9CRKIYE%20-%20Bahis%20Sitesi%20-%20GIRI%C5%9E%20-%201xbet%20Bonus%202021

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1xbet-trkiye.icu/ 		49 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1xbet-trkiye.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8710fdc6b99717a5e5b2c9fbee32d46672f8a81120bb8582a225e34cfc63980

Request headers

:method
GET
:authority
1xbet-trkiye.icu
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
content-type
text/html; charset=UTF-8
vary
X-Forwarded-Proto,Accept-Encoding
last-modified
Sat, 11 Sep 2021 12:23:13 GMT
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izEgQDcAIAGKSj2cnvsOADfaNGfNgOqA8bIuqOovmRXYM9K7hKFe%2FLA0L4%2FxfNW7GcehTTBE%2FV93LYrQrubterWHI6hNbHXoEUi81JonmguvO%2Fbe9JEVo0YoqnsQfGnyBKHQ"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68d107acbc8e2794-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cp-block-promocode.css
1xbet-trkiye.icu/wp-content/plugins/custom-promocode/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1xbet-trkiye.icu/wp-content/plugins/custom-promocode/css/cp-block-promocode.css?ver=1.0.2
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a6be71d89f33a2e3e2e10e0771a2529800d7af86f64680c66d5fd8a89b2f98e

Request headers

:path
/wp-content/plugins/custom-promocode/css/cp-block-promocode.css?ver=1.0.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
MISS
last-modified
Wed, 19 Feb 2020 22:26:02 GMT
server
cloudflare
etag
W/"fab-59ef545fdf280-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAQpwJ%2BVBF8tmL5KxXxS2CkLvzcJftFAqygnnG0Fx8YJ6VfeIbyrGq6fb8dz7Vpg%2B%2Fhlp689iNA4OI9i8Oh3keq%2Ft4s0QAotw6TBYZgBuRa%2Fnb93VcwfWH%2Bajo256vXAcZ9J"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d107adfe532794-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.min.css
1xbet-trkiye.icu/wp-includes/css/dist/block-library/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1xbet-trkiye.icu/wp-includes/css/dist/block-library/style.min.css?ver=5.7.3
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.7.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
MISS
last-modified
Thu, 15 Apr 2021 03:49:24 GMT
server
cloudflare
etag
W/"e33b-5bffabfd8b934-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKAv8tHqbQZg1%2FKSBV20h1OGFQWr617JL1G4KLxM27G8bENS9oJcOnmd7rJBa12nBr8Ys1qV5knMEP3e153PjdtyhMq33Yd1rHfcNVjaBuLMY2UNuRGmfF9gSuF3gdARJT3o"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d107adfe572794-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pwaforwp-main.min.css
1xbet-trkiye.icu/wp-content/plugins/pwa-for-wp/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1xbet-trkiye.icu/wp-content/plugins/pwa-for-wp/assets/css/pwaforwp-main.min.css?ver=1.7.1.2
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbb5bc0f17c1c809d5a767e56f1fc15dfb8bfa5d91a938fef07dfe4e3648d0ae

Request headers

:path
/wp-content/plugins/pwa-for-wp/assets/css/pwaforwp-main.min.css?ver=1.7.1.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
MISS
last-modified
Mon, 28 Oct 2019 02:03:22 GMT
server
cloudflare
etag
W/"cea-595eee77c6e80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bo0H%2BIGo55ohPXrTdltjkCi3ZPj%2BYzTc6g7YRj2wuRL5IhvHo20lBpifhKcO%2FHKRWXQVh0sS1zf7bWFDhkABRU3oSW24rDGWlmAPkAsnmK6IuxmeKzgA%2FupAshQR3XzuWQE7"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d107adfe612794-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
bootstrap.css
1xbet-trkiye.icu/wp-content/themes/head-blog/css/ 		66 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1xbet-trkiye.icu/wp-content/themes/head-blog/css/bootstrap.css?ver=3.3.7
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b38bf480735ea9ba16486c96e38f0048c5a067de8bacadf74b154c496a1ca2b2

Request headers

:path
/wp-content/themes/head-blog/css/bootstrap.css?ver=3.3.7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
MISS
last-modified
Wed, 19 Feb 2020 22:50:22 GMT
server
cloudflare
etag
W/"10893-59ef59d03c780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDr5dnux757OEiYlp6lCIV9hN%2By7N9R%2FVtqFJieOVULvOz9YkBT8X%2B2RLAgv0Uadj%2FowrBB0OECVrQieS0Uu%2Bt53Kp5aI8yAiCkxBnitHfUDLzXmXoLnqj8zTwkfR5S9o2xi"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d107adfe642794-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.css
1xbet-trkiye.icu/wp-content/themes/head-blog/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1xbet-trkiye.icu/wp-content/themes/head-blog/style.css?ver=1.0.9
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eddb1e387ee2f62f0a5a3a175bbe36974598a1881c9c51054e2cdb87ac48b87

Request headers

:path
/wp-content/themes/head-blog/style.css?ver=1.0.9
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
MISS
last-modified
Wed, 19 Feb 2020 22:50:22 GMT
server
cloudflare
etag
W/"546e-59ef59d03c780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qY7GAAhuCa4aZ84LeYX1Zxwd1ujx%2F5ptVxh88KqZaIDDrlhDMTQ2WY4Dt7KehqAuvQCvfv%2FeiH4rvAR4nSV8e6K0PXv7PJyaE102REkP%2FNjrqSK%2BV4HddpURp%2FHFTG99KCiH"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d107adfe662794-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
font-awesome.min.css
1xbet-trkiye.icu/wp-content/themes/head-blog/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1xbet-trkiye.icu/wp-content/themes/head-blog/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

:path
/wp-content/themes/head-blog/css/font-awesome.min.css?ver=4.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
MISS
last-modified
Wed, 19 Feb 2020 22:50:22 GMT
server
cloudflare
etag
W/"7918-59ef59d03c780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyUzB1Aq2%2FTaNjXSBjgUbGmclsr8MS9udq3kHfR%2FJzHKkwIWhZ9rg4qlMN3o73BgtmXLEXgK%2BTqbrkoLZGQ%2F9xXaUH1LpHvPwVlfxqgLwA5QbpjjwMGnEpqNd2Jvs%2FPJRUp9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d107adfe672794-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cp-copy-promocode.js
1xbet-trkiye.icu/wp-content/plugins/custom-promocode/js/ 		390 B
496 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1xbet-trkiye.icu/wp-content/plugins/custom-promocode/js/cp-copy-promocode.js?ver=1.0.2
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8688247ebc108f3e8ff3fde15a2cf7200bde86f4d70889dccd7ab8bca46c808c

Request headers

:path
/wp-content/plugins/custom-promocode/js/cp-copy-promocode.js?ver=1.0.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
MISS
last-modified
Sat, 30 May 2020 13:48:22 GMT
server
cloudflare
etag
W/"186-5a6ddd0ac723e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0sBdbKSDZt7dae0CLEg2%2FYJ%2BCRKWuj7nyW7Fzee16NwDogtnGG437O5uKBcmiJ38xhAJY35z2oa%2FxxKtJug5P05yyEM%2Brr3l8AbVoBk%2FWoZFi6z2ilqibk6b29eks88ocph"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d107adfe682794-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
1xbet-trkiye.icu/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1xbet-trkiye.icu/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
MISS
last-modified
Sun, 17 Jan 2021 18:07:08 GMT
server
cloudflare
etag
W/"15d98-5b91c79439730-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qI34bmJ1bJN1xI%2BkXN%2FAthYhYN%2BZrCxPJEBAg1BcL8eVXCpEaaAU2Xx2rshk9ELH%2FsiCHFD%2FJV9jLEHFaUErOqJz4ke6hu9k6orpQUow0Pwn7%2FwIbaepin2d0JcXR8pszQs"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d107adfe6a2794-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery-migrate.min.js
1xbet-trkiye.icu/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1xbet-trkiye.icu/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
MISS
last-modified
Sun, 17 Jan 2021 18:07:08 GMT
server
cloudflare
etag
W/"2bd8-5b91c7943b670-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xla1W5pV2In4Y%2BLr%2BNELU4Wyu%2Fo1la1jUyIvRoYzUABvh8z15bwx%2FtZJnSkPknHG4BJt%2BpOajrsg6R1fSPaNmPOW6%2F1UbxPc1gluz8WBzu155qWpNLw8%2BDZc6FXeyWzkI1OX"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d107adfe6c2794-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
transposh.js
1xbet-trkiye.icu/wp-content/plugins/transposh-translation-filter-for-wordpress/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1xbet-trkiye.icu/wp-content/plugins/transposh-translation-filter-for-wordpress/js/transposh.js?ver=1.0.7.1
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67b64e67829f730c92545ba2887d3c7110fba5da911226ff2ce27515e4e4f564

Request headers

:path
/wp-content/plugins/transposh-translation-filter-for-wordpress/js/transposh.js?ver=1.0.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
MISS
last-modified
Wed, 17 Feb 2021 07:50:22 GMT
server
cloudflare
etag
W/"fda-5bb83789f91bc-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGkJ%2BmFYk3Ucj3Rs4C03RFJrah7Pz5uf5QvPhgV6JM6dQg5HS96pCJswnbKoV7%2FeqB%2BgdWZ0PUQzIehhSVuqTQQ%2FjqNFrA5cSyVMQqqOxDNkFl2SRhIQPHip%2FaPTQic33tni"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d107adfe6e2794-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
4-300x137.png
1xbet-trkiye.icu/wp-content/uploads/2020/02/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1xbet-trkiye.icu/wp-content/uploads/2020/02/4-300x137.png
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5588b14d17a4626bee6df86922df5f374453557ad11b2e55467936fe0890adeb

Request headers

:path
/wp-content/uploads/2020/02/4-300x137.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
106402
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Feb 2020 23:00:20 GMT
server
cloudflare
etag
"19fa2-59ef5c0a88900"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2B9Zgmdia9bhZbNwvjXdnw6DqVcKX7KcgyB1TJ91Wd6a3RI%2BwwkAowASsYwL7S8x9wlDW7XetgXiu9ToeiGWqReLlexv11F56ZlMSkuDy%2BvWQorug0zjHr2eY2Z%2FJIPxt4Lf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68d107aebfbd4120-PRG
gglcptch.css
1xbet-trkiye.icu/wp-content/plugins/google-captcha/css/ 		570 B
932 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1xbet-trkiye.icu/wp-content/plugins/google-captcha/css/gglcptch.css?ver=1.60
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
444a92d025e49c64cd81e5f04ea69d735b65fe0e70cb44c33006578ef0190c31

Request headers

:path
/wp-content/plugins/google-captcha/css/gglcptch.css?ver=1.60
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
MISS
last-modified
Wed, 17 Feb 2021 07:50:22 GMT
server
cloudflare
etag
W/"23a-5bb83789b0d87-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uE5BHIvFb4gjRB%2FiikyeZh2BLVVH3ZO8Q0ZeP1esIJA5VZltPwcTnTS%2BqKquNnm1qV1q9XStveYVzPRZ8WZC4h3uymN8zPghT27QRy8CxrZLLR7uQzMO0PFGSRUEja%2BeFSmp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d107ae8f784120-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
bootstrap.min.js
1xbet-trkiye.icu/wp-content/themes/head-blog/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1xbet-trkiye.icu/wp-content/themes/head-blog/js/bootstrap.min.js?ver=3.3.7
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acfb2f12f1ebabf1d264b26e9ca593c2e239913b729c66239755c98e36d07285

Request headers

:path
/wp-content/themes/head-blog/js/bootstrap.min.js?ver=3.3.7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
MISS
last-modified
Sat, 30 May 2020 13:48:22 GMT
server
cloudflare
etag
W/"1c20-5a6ddd0ab7840-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5r3tYSH4s%2FKqL6D5%2Btn8LDTwirFzQuHRHsnOUYgTiP7wPqRsMSTdUuXMvNtYmK3BuAMnsdYZkZOpYmq4m7HcfGCzZ4lJGrODFCe%2FwdCNDMrj6sMQ0E9NkUTxZJM4wrw3sugB"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d107ae9f964120-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
customscript.js
1xbet-trkiye.icu/wp-content/themes/head-blog/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1xbet-trkiye.icu/wp-content/themes/head-blog/js/customscript.js?ver=1.0.9
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f18b545c0c94c29089a136be883eebd8e5a598f5e9d23f532973903ec5f69de5

Request headers

:path
/wp-content/themes/head-blog/js/customscript.js?ver=1.0.9
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
MISS
last-modified
Sat, 30 May 2020 13:48:22 GMT
server
cloudflare
etag
W/"5e3-5a6ddd0ab7840-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAlHa4OanYlvSbgyJicDytZrJqQD7JX53XMiVS1nTiIYqkfwmglplH0h%2F6G8qAnlTt03MY8936fYMIKF0K0KGd%2BQ2IMUBRVP2IUMDxM8IA11IAWziMWImWp11eIFJ6mOGuD7"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d107aebfb74120-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wp-embed.min.js
1xbet-trkiye.icu/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1xbet-trkiye.icu/wp-includes/js/wp-embed.min.js?ver=5.7.3
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.7.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
MISS
last-modified
Thu, 04 Feb 2021 03:49:32 GMT
server
cloudflare
etag
W/"592-5ba7a976153e8-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rtw9ySUe5zzVBQPWcLw%2BX6y2Dp66DuPPMYXsF0aXZYGUn%2Fyrev9fQyxzZwp40c%2F%2BkcFdY8asB1%2FtWH%2BbDKUz8tiIqwZUTIFCy2Mpn68%2BhW2S1mPqTQPsyWWjPF2Lc%2FgK1vpl"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d107aebfbb4120-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
api.js
www.google.com/recaptcha/ 		852 B
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit&ver=1.60
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f106.1e100.net
Software
GSE /
Resource Hash
d213141dcfdeae23ae379124d70426e6de6da8ee08e26e25aef4feabcbdb211e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
557
x-xss-protection
1; mode=block
expires
Sat, 11 Sep 2021 12:51:52 GMT
script.js
1xbet-trkiye.icu/wp-content/plugins/google-captcha/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1xbet-trkiye.icu/wp-content/plugins/google-captcha/js/script.js?ver=1.60
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0199ad8ea9b2446429410cb808de39dff62aa7ca44de37bb3360ba3a60984048

Request headers

:path
/wp-content/plugins/google-captcha/js/script.js?ver=1.60
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
MISS
last-modified
Wed, 17 Feb 2021 07:50:22 GMT
server
cloudflare
etag
W/"22b5-5bb83789b6b46-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qz5yInL6isjLay%2Fx%2BFwwMsYMlQ5mcIpiFBChJPP61ciaAiRkSuVxBMo%2BtqjEDkUXcirlOnaNasTa%2FA8VowK9jtgDIHW3q0HQlQ691X6cRiz9akUMGC51LLc72RPZTcjBAKTg"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d107aebfbc4120-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wp-emoji-release.min.js
1xbet-trkiye.icu/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1xbet-trkiye.icu/wp-includes/js/wp-emoji-release.min.js?ver=5.7.3
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.7.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
MISS
last-modified
Thu, 04 Feb 2021 03:49:32 GMT
server
cloudflare
etag
W/"3795-5ba7a976105c8-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUXSENr08hWHG0jHOT8qO5hNOB4TC0KocBIsQ65yZIhi3wrrQiZXGiS2OI05%2Bhc1eLiRNmgeP2CfZI9UE8C4fi%2BqKzH45PgH9VXEgNm7Z8V9H%2B019mEUoOhwiwUYs3CadUBe"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d107aebfbe4120-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cropped-400968.jpg
1xbet-trkiye.icu/wp-content/uploads/2020/03/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1xbet-trkiye.icu/wp-content/uploads/2020/03/cropped-400968.jpg
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9394585320520ce02f1314bab3c366851fd5863ee6b3b4fb53e6c4596d415f40

Request headers

:path
/wp-content/uploads/2020/03/cropped-400968.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
63391
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 22 Mar 2020 17:20:24 GMT
server
cloudflare
etag
"f79f-5a174bbe24600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cnOFSsizMTHl%2F5e%2F24l57PoSL1%2Fd9f1vg3eCZ1e%2FhkUxSRbrDdpLAKrtBeZZ0yLwsHHZmkcreg92szZsM9KOTrE4A14V8erqw7NJX7jHnrMoKbTepE8dL%2BABygQxAjvGliA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68d107aebfbf4120-PRG
DeWesVtWAAA7nv4.jpg
1xbet-trkiye.icu/wp-content/uploads/2019/06/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1xbet-trkiye.icu/wp-content/uploads/2019/06/DeWesVtWAAA7nv4.jpg
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46ae88090be4bcf84700686e0d5ccb041f1f98ab0879e96a5f2f9415af035a0e

Request headers

:path
/wp-content/uploads/2019/06/DeWesVtWAAA7nv4.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50831
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 Jun 2019 01:26:23 GMT
server
cloudflare
etag
"c68f-58c582a956dc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3bxGAHJ%2Btl%2BzpbCIQUqhxzZNSJq0VaYOoVOs0y0w6dlOgmq8cuwDbrdaWBAAp1NoC5aZhENsQMpm7Z1HBsE4qchQsuhW%2F8oWLMzab5R%2BF1LPgOghMG%2FGfwySX3qkw90tViY"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68d107af28734120-PRG
1xbet-barcelona.jpg
1xbet-trkiye.icu/wp-content/uploads/2020/02/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1xbet-trkiye.icu/wp-content/uploads/2020/02/1xbet-barcelona.jpg
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d5ca039baeed03b60bfbced37ece2e2735e0404cd8544e1d623e24ea1c7da63

Request headers

:path
/wp-content/uploads/2020/02/1xbet-barcelona.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
44099
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Feb 2020 22:08:49 GMT
server
cloudflare
etag
"ac43-59dc748ccfe40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVpoqbhA72c0XJSvBmu290z1ZMtauek9DUFlOy7u7SBl0mOBm0OVidi0H%2BSVuJUqagBrsBgfdIq8lIoVUTKas99J6aVPYV32qTT27gqefRdte64f3UMs6rNq59%2BPPIQVrLes"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68d107af28764120-PRG
cropped-banner-spor-bahisleri-2.jpg
1xbet-trkiye.icu/wp-content/uploads/2020/02/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1xbet-trkiye.icu/wp-content/uploads/2020/02/cropped-banner-spor-bahisleri-2.jpg
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f784128d22d57b3842c6cd41b7d81e428736a1f91177333da2797e3e98c900b

Request headers

:path
/wp-content/uploads/2020/02/cropped-banner-spor-bahisleri-2.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24815
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Feb 2020 22:08:51 GMT
server
cloudflare
etag
"60ef-59dc748eb82c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwMVuV7%2BY4rHgBmcU3F5Qg2PioXL8kftdR2NHJk579FBEPZWtOOjO5e8ZsTEtora1M1%2FLm5slDpwTWr7b%2F1kSxjGXVnnulTxxG%2BlXCtNTBaeC7KHFqWdmcQRuHZeUvfq4NQh"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68d107af28784120-PRG
bonus-conditions-1xbet.jpg
1xbet-trkiye.icu/wp-content/uploads/2019/02/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1xbet-trkiye.icu/wp-content/uploads/2019/02/bonus-conditions-1xbet.jpg
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3970ec1e361f3fe4904e9445ff81e73ed1c35c7978886924e044e1c9c1696c9

Request headers

:path
/wp-content/uploads/2019/02/bonus-conditions-1xbet.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
1xbet-trkiye.icu
referer
https://1xbet-trkiye.icu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7964
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 20 Jan 2020 22:53:33 GMT
server
cloudflare
etag
"1f1c-59c9a2928f540"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-Forwarded-Proto,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItM4zoSJ92Oe%2Brtkpk%2B58hS4JB9FurpQPu7IkRcPZ3b09kT6fUR4OsMmVqCYhga%2BVkCAdkLUhEsQE24w2FBL2OxC0jSu54ItSh8p6N4dZCg7snwTnZ0V8QjMiPc0HlRN%2FBsV"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68d107af287a4120-PRG
tag.js
mc.yandex.ru/metrika/ 		224 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
96e61209b1c1fff1abe78fb763fbf093a04e6e992dc24b299ab1c4c5f4272f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:52 GMT
content-encoding
br
last-modified
Fri, 10 Sep 2021 15:33:58 GMT
etag
"61372b26-11d31"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73009
expires
Sat, 11 Sep 2021 13:51:52 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ 		343 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&ver=1.60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
3d37b170affddaaa2a6489a82bab8df4e72c56a65b069991ea9084643d477d58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1xbet-trkiye.icu/
Origin
https://1xbet-trkiye.icu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 09:12:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
445175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137529
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 17:56:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 09:12:18 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9393.A8zhYZnb4CedTfhpWjzYmF4pQyD4w4msX_9sR5IbtORwpjJweD0xBaxev4Njn4bE.j_7v1TSCv5fm6dn9Ghh-6D8lnRQ%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9393.KDkzQhv98XlDNxrOc42drixL0LjDDvy9tAFGpuu8PSNchOHZecShGrGE_QaFUDJljzzuOYzSFHl9ams9gJ1QVw%2C%2C.E4I8wOZ59Ng0jqBO5JA5VjJqv_k%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9393.KDkzQhv98XlDNxrOc42drixL0LjDDvy9tAFGpuu8PSNchOHZecShGrGE_QaFUDJljzzuOYzSFHl9ams9gJ1QVw%2C%2C.E4I8wOZ59Ng0jqBO5JA5VjJqv_k%2C
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:53 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9393.KDkzQhv98XlDNxrOc42drixL0LjDDvy9tAFGpuu8PSNchOHZecShGrGE_QaFUDJljzzuOYzSFHl9ams9gJ1QVw%2C%2C.E4I8wOZ59Ng0jqBO5JA5VjJqv_k%2C
date
Sat, 11 Sep 2021 12:51:53 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:53 GMT
last-modified
Fri, 10 Sep 2021 15:33:58 GMT
etag
"61372b26-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 11 Sep 2021 13:51:53 GMT
1
mc.yandex.com/watch/54618220/
Redirect Chain
  • https://mc.yandex.com/watch/54618220?wmode=7&page-url=https%3A%2F%2F1xbet-trkiye.icu%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A520%3Afu%3A0%3Aen%3Autf-8%3Ala...
  • https://mc.yandex.com/watch/54618220/1?wmode=7&page-url=https%3A%2F%2F1xbet-trkiye.icu%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A520%3Afu%3A0%3Aen%3Autf-8%3A...
331 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/54618220/1?wmode=7&page-url=https%3A%2F%2F1xbet-trkiye.icu%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A520%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A507031703045%3Ahid%3A186342762%3Az%3A0%3Ai%3A20210911125153%3Aet%3A1631364713%3Ac%3A1%3Arn%3A926570719%3Arqn%3A1%3Au%3A1631364713983270669%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631364712347%3Ads%3A35%2C42%2C70%2C2%2C0%2C0%2C%2C357%2C1%2C%2C%2C%2C509%3Adsn%3A35%2C42%2C70%2C2%2C0%2C0%2C%2C359%2C1%2C%2C%2C%2C509%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631364713%3At%3A1XBET%20T%C3%9CRKIYE%20-%20Bahis%20Sitesi%20-%20GIRI%C5%9E%20-%201xbet%20Bonus%202021
Requested by
Host: 1xbet-trkiye.icu
URL: https://1xbet-trkiye.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
0f8ee6df2119f5c519383b7942ba448104b3b35add7c1845ab1fc8e4592d1465
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 12:51:53 GMT
x-content-type-options
nosniff
last-modified
Sat, 11-Sep-2021 12:51:53 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1xbet-trkiye.icu
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Sat, 11-Sep-2021 12:51:53 GMT

Redirect headers

pragma
no-cache
date
Sat, 11 Sep 2021 12:51:53 GMT
last-modified
Sat, 11-Sep-2021 12:51:53 GMT
location
/watch/54618220/1?wmode=7&page-url=https%3A%2F%2F1xbet-trkiye.icu%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A520%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A507031703045%3Ahid%3A186342762%3Az%3A0%3Ai%3A20210911125153%3Aet%3A1631364713%3Ac%3A1%3Arn%3A926570719%3Arqn%3A1%3Au%3A1631364713983270669%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631364712347%3Ads%3A35%2C42%2C70%2C2%2C0%2C0%2C%2C357%2C1%2C%2C%2C%2C509%3Adsn%3A35%2C42%2C70%2C2%2C0%2C0%2C%2C359%2C1%2C%2C%2C%2C509%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631364713%3At%3A1XBET%20T%C3%9CRKIYE%20-%20Bahis%20Sitesi%20-%20GIRI%C5%9E%20-%201xbet%20Bonus%202021
strict-transport-security
max-age=31536000
access-control-allow-origin
https://1xbet-trkiye.icu
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 11-Sep-2021 12:51:53 GMT
anchor
www.google.com/recaptcha/api2/ Frame 51C1 		40 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrBeQUAAAAAILU-UZRN0mmRgUVneYp5ROoFF9x&co=aHR0cHM6Ly8xeGJldC10cmtpeWUuaWN1OjQ0Mw..&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&theme=light&size=normal&cb=jzhcihottyj1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f106.1e100.net
Software
GSE /
Resource Hash
827942d24f45eaebb8c00c18c4c5ec28c3b0b9e08875b65e6d070f4e3d4d97d0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rlbviZmKguSHigpAK0AA0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LcrBeQUAAAAAILU-UZRN0mmRgUVneYp5ROoFF9x&co=aHR0cHM6Ly8xeGJldC10cmtpeWUuaWN1OjQ0Mw..&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&theme=light&size=normal&cb=jzhcihottyj1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1xbet-trkiye.icu/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 11 Sep 2021 12:51:53 GMT
content-security-policy
script-src 'report-sample' 'nonce-rlbviZmKguSHigpAK0AA0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20894
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ Frame 51C1 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrBeQUAAAAAILU-UZRN0mmRgUVneYp5ROoFF9x&co=aHR0cHM6Ly8xeGJldC10cmtpeWUuaWN1OjQ0Mw..&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&theme=light&size=normal&cb=jzhcihottyj1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 02:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39009
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 17:56:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 02:01:44 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ Frame 51C1 		343 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrBeQUAAAAAILU-UZRN0mmRgUVneYp5ROoFF9x&co=aHR0cHM6Ly8xeGJldC10cmtpeWUuaWN1OjQ0Mw..&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&theme=light&size=normal&cb=jzhcihottyj1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
3d37b170affddaaa2a6489a82bab8df4e72c56a65b069991ea9084643d477d58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 09:12:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
445175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137529
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 17:56:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 09:12:18 GMT
truncated
/ Frame 51C1 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 51C1 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 51C1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 08:42:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
187790
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Thu, 16 Sep 2021 08:42:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 51C1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrBeQUAAAAAILU-UZRN0mmRgUVneYp5ROoFF9x&co=aHR0cHM6Ly8xeGJldC10cmtpeWUuaWN1OjQ0Mw..&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&theme=light&size=normal&cb=jzhcihottyj1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 23:00:42 GMT
x-content-type-options
nosniff
age
568272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Sep 2022 23:00:42 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 51C1 		102 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrBeQUAAAAAILU-UZRN0mmRgUVneYp5ROoFF9x&co=aHR0cHM6Ly8xeGJldC10cmtpeWUuaWN1OjQ0Mw..&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&theme=light&size=normal&cb=jzhcihottyj1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f106.1e100.net
Software
GSE /
Resource Hash
0341c3af156a77bb38505ad7e31d748795d4177b15f58d79bff63b2f5e76cae9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrBeQUAAAAAILU-UZRN0mmRgUVneYp5ROoFF9x&co=aHR0cHM6Ly8xeGJldC10cmtpeWUuaWN1OjQ0Mw..&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&theme=light&size=normal&cb=jzhcihottyj1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 12:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sat, 11 Sep 2021 12:51:54 GMT
bframe
www.google.com/recaptcha/api2/ Frame 32C0 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&k=6LcrBeQUAAAAAILU-UZRN0mmRgUVneYp5ROoFF9x&cb=3w74mbx1en5x
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f106.1e100.net
Software
GSE /
Resource Hash
9e515bd7c663ded1b6ce9533fe0feb65a82cd87d3cbfcd55a26557c93249253f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uPRHkiP0MzNKUOeMq+VJvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&k=6LcrBeQUAAAAAILU-UZRN0mmRgUVneYp5ROoFF9x&cb=3w74mbx1en5x
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1xbet-trkiye.icu/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://1xbet-trkiye.icu/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 11 Sep 2021 12:51:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-uPRHkiP0MzNKUOeMq+VJvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1115
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ Frame 32C0 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&k=6LcrBeQUAAAAAILU-UZRN0mmRgUVneYp5ROoFF9x&cb=3w74mbx1en5x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 02:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39010
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 17:56:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 02:01:44 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ Frame 32C0 		343 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&k=6LcrBeQUAAAAAILU-UZRN0mmRgUVneYp5ROoFF9x&cb=3w74mbx1en5x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
3d37b170affddaaa2a6489a82bab8df4e72c56a65b069991ea9084643d477d58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 09:12:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
445176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137529
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 17:56:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 09:12:18 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster object| _wpemojiSettings function| cp_frontend_copy undefined| $ function| jQuery object| t_jp object| wp object| gglcptch function| ym object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| twemoji object| Ya object| yaCounter54618220 object| recaptcha object| closure_lm_663786

10 Cookies

Domain/Path Name / Value
.1xbet-trkiye.icu/ Name: _ym_uid
Value: 1631364713983270669
.1xbet-trkiye.icu/ Name: _ym_d
Value: 1631364713
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1275051667fake
.1xbet-trkiye.icu/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 220617069fake
.yandex.com/ Name: yandexuid
Value: 9053833861631364713
.yandex.com/ Name: yuidss
Value: 9053833861631364713
mc.yandex.com/ Name: yabs-sid
Value: 2561814771631364713
.yandex.com/ Name: i
Value: iKuTCbzym+vxD5HaCcHV9tHjGfEiuBSW7qhCVzzz4m5vb0ZFLcxlDchHgIkpXFQKYILMg7IqjHJInR6G2k3Xmw1bJXs=
.yandex.com/ Name: ymex
Value: 1662900713.yrts.1631364713#1662900713.yrtsi.1631364713

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9393.KDkzQhv98XlDNxrOc42drixL0LjDDvy9tAFGpuu8PSNchOHZecShGrGE_QaFUDJljzzuOYzSFHl9ams9gJ1QVw%2C%2C.E4I8wOZ59Ng0jqBO5JA5VjJqv_k%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1xbet-trkiye.icu
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
www.google.com
www.gstatic.com
142.251.32.99
172.67.162.52
74.125.140.106
87.250.251.119
0199ad8ea9b2446429410cb808de39dff62aa7ca44de37bb3360ba3a60984048
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0341c3af156a77bb38505ad7e31d748795d4177b15f58d79bff63b2f5e76cae9
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0f8ee6df2119f5c519383b7942ba448104b3b35add7c1845ab1fc8e4592d1465
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
3d37b170affddaaa2a6489a82bab8df4e72c56a65b069991ea9084643d477d58
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eddb1e387ee2f62f0a5a3a175bbe36974598a1881c9c51054e2cdb87ac48b87
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
444a92d025e49c64cd81e5f04ea69d735b65fe0e70cb44c33006578ef0190c31
46ae88090be4bcf84700686e0d5ccb041f1f98ab0879e96a5f2f9415af035a0e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5588b14d17a4626bee6df86922df5f374453557ad11b2e55467936fe0890adeb
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d5ca039baeed03b60bfbced37ece2e2735e0404cd8544e1d623e24ea1c7da63
5f784128d22d57b3842c6cd41b7d81e428736a1f91177333da2797e3e98c900b
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
67b64e67829f730c92545ba2887d3c7110fba5da911226ff2ce27515e4e4f564
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
827942d24f45eaebb8c00c18c4c5ec28c3b0b9e08875b65e6d070f4e3d4d97d0
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8688247ebc108f3e8ff3fde15a2cf7200bde86f4d70889dccd7ab8bca46c808c
8a6be71d89f33a2e3e2e10e0771a2529800d7af86f64680c66d5fd8a89b2f98e
9394585320520ce02f1314bab3c366851fd5863ee6b3b4fb53e6c4596d415f40
96e61209b1c1fff1abe78fb763fbf093a04e6e992dc24b299ab1c4c5f4272f16
9e515bd7c663ded1b6ce9533fe0feb65a82cd87d3cbfcd55a26557c93249253f
a8710fdc6b99717a5e5b2c9fbee32d46672f8a81120bb8582a225e34cfc63980
acfb2f12f1ebabf1d264b26e9ca593c2e239913b729c66239755c98e36d07285
b38bf480735ea9ba16486c96e38f0048c5a067de8bacadf74b154c496a1ca2b2
bbb5bc0f17c1c809d5a767e56f1fc15dfb8bfa5d91a938fef07dfe4e3648d0ae
d213141dcfdeae23ae379124d70426e6de6da8ee08e26e25aef4feabcbdb211e
d3970ec1e361f3fe4904e9445ff81e73ed1c35c7978886924e044e1c9c1696c9
f18b545c0c94c29089a136be883eebd8e5a598f5e9d23f532973903ec5f69de5