onwin996.com Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onwin996.com/?aff=618
Submission: On October 08 via api (October 8th 2023, 9:54:57 pm UTC) from US — Scanned from NL

Summary HTTP 75 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 13 domains to perform 75 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is onwin996.com.
TLS certificate: Issued by GTS CA 1P5 on September 29th 2023. Valid for: 3 months.

This is the only time onwin996.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3035::6815:29cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
22	2606:4700:303... 2606:4700:3035::ac43:a724	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700:303... 2606:4700:3038::6815:ea2c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	138.201.138.156 138.201.138.156	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::6815:5ecf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
75	14

21 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

onwin996.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::6815:29cb (United States)

ASN13335 (CLOUDFLARENET, US)

bet-onwin.erisgaming.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-winchat-chatline.erisgaming.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Ulyanovsk, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:3035::ac43:a724 (United States)

ASN13335 (CLOUDFLARENET, US)

widget-winchat-chatline.erisgaming.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-winchat-chatline.erisgaming.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3038::6815:ea2c (United States)

ASN13335 (CLOUDFLARENET, US)

cloudcdn.owcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.138.156 (St. Ingbert, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.156.138.201.138.clients.your-server.de

o.stockcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:5ecf (United States)

ASN13335 (CLOUDFLARENET, US)

sentry.ichatline.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o4505991546601472.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	erisgaming.com bet-onwin.erisgaming.com widget-winchat-chatline.erisgaming.com api-winchat-chatline.erisgaming.com	573 KB
21	onwin996.com onwin996.com	2 MB
11	owcontent.com cloudcdn.owcontent.com	6 MB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 7957	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	21 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3539	70 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	146 KB
2	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 5907 browser.sentry-cdn.com — Cisco Umbrella Rank: 4252	81 KB
1	sentry.io o4505991546601472.ingest.sentry.io	373 B
1	ichatline.online sentry.ichatline.online	590 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
1	stockcdn.com o.stockcdn.com	115 KB
0	gaming-curacao.com Failed licensing.gaming-curacao.com Failed
75	13

	Domain	Requested by
21	onwin996.com	onwin996.com browser.sentry-cdn.com
12	api-winchat-chatline.erisgaming.com	widget-winchat-chatline.erisgaming.com onwin996.com
12	widget-winchat-chatline.erisgaming.com	onwin996.com widget-winchat-chatline.erisgaming.com
11	cloudcdn.owcontent.com	onwin996.com
7	mc.yandex.com	3 redirects onwin996.com
3	mc.yandex.ru	2 redirects onwin996.com
2	www.google-analytics.com	www.googletagmanager.com browser.sentry-cdn.com
2	www.googletagmanager.com	onwin996.com www.googletagmanager.com
1	o4505991546601472.ingest.sentry.io	browser.sentry-cdn.com
1	sentry.ichatline.online	widget-winchat-chatline.erisgaming.com
1	fonts.googleapis.com	widget-winchat-chatline.erisgaming.com
1	region1.google-analytics.com	www.googletagmanager.com
1	o.stockcdn.com	onwin996.com
1	browser.sentry-cdn.com	js.sentry-cdn.com
1	js.sentry-cdn.com	onwin996.com
1	bet-onwin.erisgaming.com	onwin996.com
0	licensing.gaming-curacao.com Failed	onwin996.com
75	17

This site contains links to these domains. Also see Links.

Domain
truelink.to
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
t.me
www.onwin.com
onwinmobil.com

Subject Issuer	Validity	Valid
onwin996.com GTS CA 1P5	`2023-09-29` - `2023-12-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-02` - `2024-03-01`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
owcontent.com GTS CA 1P5	`2023-09-13` - `2023-12-12`	3 months	crt.sh
o.stockcdn.com R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
ichatline.online GTS CA 1P5	`2023-09-10` - `2023-12-09`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-25` - `2024-08-24`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://onwin996.com/?aff=618
Frame ID: 9DC5EA45DFAD57A1287AD0DDBCEB839A
Requests: 52 HTTP requests in this frame

Frame: https://licensing.gaming-curacao.com/validator/?lh=84f220f2075cf5af182fdad8599f7ede&template=tseal
Frame ID: 087934469847C229C041DFD4DDC64BE2
Requests: 1 HTTP requests in this frame

Frame: https://widget-winchat-chatline.erisgaming.com/?_t=1696802091617
Frame ID: AFBCD0E298A534951E27E61236022FC7
Requests: 19 HTTP requests in this frame

Frame: https://api-winchat-chatline.erisgaming.com/chatline__api_v2/uploads/clients/650/6500881cabb4bf137900ed53/file.1694762448707.png
Frame ID: B28B5B68CC4766BC0CA1F2A4BAEA413E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Onwin Bahis ve Casino Sitesi | Onwin Giriş | Onwin Yeni Adresi ve Resmi Sitesi | Onwin

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

75
Requests

93 %
HTTPS

77 %
IPv6

13
Domains

17
Subdomains

14
IPs

4
Countries

8890 kB
Transfer

15333 kB
Size

18
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://truelink.to/onwintv
Title: ONWIN TVCANLI İZLE

Search URL Search Domain Scan URL

URL: https://www.facebook.com/profile.php?id=100090110965562

Search URL Search Domain Scan URL

URL: https://www.instagram.com/onwin_ig

Search URL Search Domain Scan URL

URL: https://twitter.com/Onwin_TR_Resmi

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC_5ylnRMzWbCaxAc-02HVUw

Search URL Search Domain Scan URL

URL: https://t.me/Onwintelegram

Search URL Search Domain Scan URL

URL: https://www.onwin.com/
Title: Onwin

Search URL Search Domain Scan URL

URL: https://onwinmobil.com/
Title: Onwin Mobil Uygulama

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10150.JYcsgEakG-PcakLd0TRXfDS-ynB-qLwMKM1yg6ES35u8XJgsQnGSG5rrKYp0UV3J.KoXlRzo2RluN86-aZkx_vHB33-M%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10150.ACjsNiNM5H0aEuXLc1AzRBItQrivRz0K4PGkDQlKVfso6aWjUtDw-6UXD6PhhNSfT1rwvaPOfExOQCjGgObxfaI59Xze9adAeLc94xQR6oI%2C.AMDhy5E2tcbamxbG4QEVn_iqrU0%2C

Request Chain 55

https://mc.yandex.com/watch/60390211?wmode=7&page-url=https%3A%2F%2Fonwin996.com%2F%3Faff%3D618&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A892%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1174299367693%3Ahid%3A158200539%3Az%3A120%3Ai%3A20231008235451%3Aet%3A1696802092%3Ac%3A1%3Arn%3A32046675%3Arqn%3A1%3Au%3A1696802092465655284%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A18%2C46%2C194%2C1%2C0%2C0%2C%2C135%2C1%2C%2C%2C%2C395%3Aco%3A0%3Acpf%3A1%3Ans%3A1696802090634%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1696802092%3At%3AOnwin%20Bahis%20ve%20Casino%20Sitesi%20%7C%20Onwin%20Giri%C5%9F%20%7C%20Onwin%20Yeni%20Adresi%20ve%20Resmi%20Sitesi%20%7C%20Onwin&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/60390211/1?wmode=7&page-url=https%3A%2F%2Fonwin996.com%2F%3Faff%3D618&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A892%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1174299367693%3Ahid%3A158200539%3Az%3A120%3Ai%3A20231008235451%3Aet%3A1696802092%3Ac%3A1%3Arn%3A32046675%3Arqn%3A1%3Au%3A1696802092465655284%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A18%2C46%2C194%2C1%2C0%2C0%2C%2C135%2C1%2C%2C%2C%2C395%3Aco%3A0%3Acpf%3A1%3Ans%3A1696802090634%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1696802092%3At%3AOnwin%20Bahis%20ve%20Casino%20Sitesi%20%7C%20Onwin%20Giri%C5%9F%20%7C%20Onwin%20Yeni%20Adresi%20ve%20Resmi%20Sitesi%20%7C%20Onwin&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Request Chain 60

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10150.RKFNoUl5LbbWyqr1MmTJJhfK90iPjRhODDGuLqhQDWdE9qHuyZjgLTFnI74kbhNJ.tZ-sncWIoRb0v-wjSbZ78YJYUZ8%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10150.ecXNIXy9tl67J82AdvJWhxlKjJTvojyS3W7zvZeLGXowiKAl-_wdweRbNXookFdviMhAD4ekjjWGfDPYODY099IzJho-CTir4i0Gy6LCwR0%2C.3H-kSlXo-lZaJ_ybFIgvibpf1oQ%2C

75 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
onwin996.com/ 8 KB
4 KB 258ms
195ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4c5328cf1e09df8f4fac22ba95070f875f085a302253e2080dad7be614b97b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, must-revalidate max-age=0, private, no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81319feae91d905e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 08 Oct 2023 21:54:50 GMT
expires: -1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbZWSjWwF3%2Be6q1cmuxKaWXYb4JgVtWM%2BO2dX%2BnwWb81AwIDo32QMVmp%2B9SduiqZu3IuGOBVF4gH6I5vh%2FXcW13ZBMdalSoZt8sdRMQg2IN0QLS%2Fr8bKDGH0Qzufm94%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-ratelimit-limit: 90
x-ratelimit-remaining: 89

GET
H2 200 version.txt
bet-onwin.erisgaming.com/sportsbook__static/umd/ 20 B
1008 B 104ms
36ms Other
text/plain 2606:4700:3035::6815:29cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bet-onwin.erisgaming.com/sportsbook__static/umd/version.txt
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:29cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adb093172c400af7545b37ca20f079b35827adf9aa08ba00b0cb518baf5e4ca9

Request headers

Referer: https://onwin996.com/
Origin: https://onwin996.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 20
pragma: no-cache
last-modified: Wed, 04 Oct 2023 14:15:24 GMT
server: cloudflare
etag: "651d737c-14"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B49zIg6qZ5ap7ZsXBYDsRV%2BQosrkvYL9WItQVG5IEUpBnc4%2FaPNL7ZgRbCN15lkmAX1a7LynK50ECYWK9lO%2B%2FXJsCg1X4cltSxqNJAiEVycUP%2F1ctqDt4HsX8qriDOHqapgentwehErHJPIOyESfTF9DInPvCE8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range,Response-Result
cache-control: no-cache, no-store, no-cache, private, must-revalidate, proxy-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 81319fec9b749183-FRA
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data
expires: Sun, 08 Oct 2023 21:54:49 GMT

GET
H2 200 b3ccfaa64853a0187a3bd3bf96fff659.min.js Show response
js.sentry-cdn.com/ 2 KB
2 KB 44ms
15ms Script
text/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/b3ccfaa64853a0187a3bd3bf96fff659.min.js

Requested by

Host: onwin996.com
URL: https://onwin996.com/?aff=618

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

696f67f4e2350e2fd99ae0a180a831b50362714d307c4d58687b48c31328d723

Security Headers

Name	Value
Content-Security-Policy	default-src ; frame-ancestors 'self' .sentry.io; object-src 'self'; style-src * 'unsafe-inline'; font-src * data:; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com ssl.google-analytics.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; img-src * blob: data:; base-uri 'none'; connect-src *; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=934038989cc9e2377e66e3f447d6276cfd0e569d
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onwin996.com/
Origin: https://onwin996.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src *; frame-ancestors 'self' *.sentry.io; object-src 'self'; style-src * 'unsafe-inline'; font-src * data:; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com ssl.google-analytics.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; img-src * blob: data:; base-uri 'none'; connect-src *; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=934038989cc9e2377e66e3f447d6276cfd0e569d
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 08 Oct 2023 21:54:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
age: 70
x-envoy-upstream-service-time: 377
content-length: 1248
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-common-production-5d5b7bfc6f-bq6d8, cache-chi-klot8100167-CHI, cache-ams21075-AMS
x-frame-options: deny
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
content-language: en
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 manifest.ow.js Show response
onwin996.com/js/ 1 KB
1 KB 28ms
27ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onwin996.com/js/manifest.ow.js?1696785314
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e549f1fcfab734025757f85babfcf8a8f2eef7e88aae11c61d5b4900f2fa166

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/?aff=618
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 08 Oct 2023 17:15:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16755
etag: W/"6522e3a2-5d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YfUBsdoL51%2FHug0RdJYP%2F75s2nqDKgl0swzhnHiAY%2BYvkcJxIDwMLizIxUzMQIM6nZVh34M5OYNh9oL4jKzhrVh7q6EOLFvswnyu580KZfPWkt9e7xmFeAOcXfAwH7E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31104000
cf-ray: 81319fec2a0a905e-FRA

GET
H2 200 vendor.ow.js Show response
onwin996.com/js/ 2 MB
477 KB 43ms
42ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onwin996.com/js/vendor.ow.js?1696785314
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17a7ed7fec57774eacf70bdb02f5bb7cb640b60f3d9fbcf0d254681bf10628be

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/?aff=618
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 08 Oct 2023 17:15:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16755
etag: W/"6522e3a2-1f80b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3q9O6w%2BAZsr2DvSS087ydTz2PC3sdZS0GRYdaDCWI6%2F7zyjlTzm82JZsjogDKlW8Ev1C7GPtPGP5fnqlH5pudZdq9CljdmHVAbkYSo7DvjQnh8wjb2lCdPK44NcVf4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31104000
cf-ray: 81319fec3a0c905e-FRA

GET
H2 200 site.ow.js Show response
onwin996.com/js/ 3 MB
700 KB 64ms
63ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onwin996.com/js/site.ow.js?08201514
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dcac13739bb264442074ab92c760d2637543a87cf0cc1794c3f26ed88aa547c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/?aff=618
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 08 Oct 2023 17:15:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16755
etag: W/"6522e3a2-30cecf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3h0zgijlYhFhEoSwiW8Lz6HAKk8dxZqdnu2uKnH21rF%2BGvmexW1VQ7KLj8%2FMkJl7qzoVt7jEjpo1BydvXwgCCFf%2FmMOyTvimcZGpHYtuMuuGuqOhV2fE%2BPvU6NugxLc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31104000
cf-ray: 81319fec3a0d905e-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 118ms
46ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-159945301-1

Requested by

Host: onwin996.com
URL: https://onwin996.com/?aff=618

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e5dc8105208c0b7b1437991307f371e58da27c99b7b8030d0c41688fcb05764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69022
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 Oct 2023 21:54:50 GMT

GET
H2 200 bundle.tracing.replay.min.js Show response
browser.sentry-cdn.com/7.73.0/ 249 KB
79 KB 15ms
13ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/7.73.0/bundle.tracing.replay.min.js

Requested by

Host: js.sentry-cdn.com
URL: https://js.sentry-cdn.com/b3ccfaa64853a0187a3bd3bf96fff659.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2f9ec3ebba0c9240acc44aa4e1f748a474d7a2cc3c5cefac086d18f58fe0951e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://onwin996.com/
Origin: https://onwin996.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 02 Oct 2023 11:46:58 GMT
server: Fastly
age: 550900
etag: "389ce22644e0764e27bdacbe8dee9da8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 80600
expires: Tue, 01 Oct 2024 12:53:11 GMT

GET
BLOB 200
OK 1fbb4e61-5496-4bbb-b992-d0de0647367d
https://onwin996.com/ 46 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://onwin996.com/1fbb4e61-5496-4bbb-b992-d0de0647367d
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 46922
Content-Type

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 217ms
106ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: onwin996.com
URL: https://onwin996.com/?aff=618

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e9597987b6f5f6a1e2c0a9bb76f9728ad3bda5548c3b1341dac1e7708c18ee7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 06 Oct 2023 14:28:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "651fef42-11470"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70768
expires: Sun, 08 Oct 2023 22:54:51 GMT

GET
H2 200 client.winchat.co.uk.iframe.bundle.js Show response
widget-winchat-chatline.erisgaming.com/lib/ 102 KB
27 KB 112ms
48ms Script
application/javascript 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-winchat-chatline.erisgaming.com/lib/client.winchat.co.uk.iframe.bundle.js?_t=1696802091028
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a62080a52984e2af85421a2f183f32861da5333f355a01e9042478817bf36c0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 07 Oct 2023 12:40:46 GMT
server: cloudflare
etag: W/"652151ce-19600"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSQWAi%2FErFmYA5cfz8kX6F%2FXPid8%2FgUupJtXbUb8C9CzNC52NdDsQO92CSbsQaeXTUksUnvcGX99xK5Ll93V5dwE1bCXNPAIeb7XGT%2FRNxmWB9veNs2F1N2sx1CtDZCr5Td%2B2UnFgbgAyLusqrJrfOK7Ad5ScL21CFNdyhFxccw%2BD2AztQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range,Response-Result
cache-control: max-age=14400
cf-ray: 81319fed7c7a9b43-FRA
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data

GET /
licensing.gaming-curacao.com/validator/ Frame 0879 0
0

GET
H2 200 top-dot.png
onwin996.com/assets-ow/img/ 1 KB
1 KB 26ms
25ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onwin996.com/assets-ow/img/top-dot.png
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62a2945ceb4fce09aad9ce0d85a44a925f9862ab025ce8822b897582010e35b1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/?aff=618
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Sat, 14 Aug 2021 11:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 204462
etag: "6117aac4-413"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOeyhmjVMAscLUGVnY0acUCWzqgpj5hkt1xXKyI%2B2fP88%2BS9BpZI77Jt7qn%2B9scvY4NAfKWH%2BFvGDz55lcFEDsnWmrMwfVEMuRYFlbDw5ayv1mKmsrcuNxiXl4Kg84I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fef6be3905e-FRA
content-length: 1043

GET
H2 200 tr.svg
cloudcdn.owcontent.com/images/vendor/flag-icon-css/flags/4x3/ 554 B
1 KB 73ms
20ms Image
image/svg+xml 2606:4700:3038::6815:ea2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudcdn.owcontent.com/images/vendor/flag-icon-css/flags/4x3/tr.svg

Requested by

Host: onwin996.com
URL: https://onwin996.com/?aff=618

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

033a416ecc30a516c54c6a0fac2d212a38fb051e5976cda49eb9d22264814a66

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	deny

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
content-security-policy: frame-ancestors 'none';
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122494
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 12:11:21 GMT
x-accel-version: 0.01
server: cloudflare
etag: W/"22a-5bdba618fbca7-gzip"
vary: Accept-Encoding,User-Agent
x-frame-options: deny
content-type: image/svg+xml
access-control-allow-origin: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXflj0ubvaJvuAp%2BzFgEzVY7W%2BlEGOmgcr6v4ZTFaIMlxWMggGofXq8Kmy4O5L1m0Fokt9hcRv0%2BWs361F%2FNjSJ2M7wj93if8Ou6oopbX0OP7hphEO8I5S0RYjUkhnRb2iUkg0Wk1ZKnN6BqshlfkyRiXq%2FM"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31104000
access-control-allow-credentials: true
cf-ray: 81319fefbef766c9-AMS
access-control-allow-headers: access-control-allow-origin, X-Socket-Id, x-requested-with, Authorization

GET
H2 200 button-shadow.png
onwin996.com/assets-ow/img/ 1 KB
1 KB 25ms
25ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onwin996.com/assets-ow/img/button-shadow.png
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40c974d4ef230253d9432d451eff675be9825c5a19f1fd3a7d82d6f5459816e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/?aff=618
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Sat, 14 Aug 2021 11:35:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 386764
etag: "6117aa96-489"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUR8592PsJqsm7hsbDCfFa9qIB9hbvBSjt7aqOG9SVQVU16wDHugtOoehGJNnRTDacM1%2FtOAmLq0n0GcV98zxjIF3srBBiOomrkcYSKeKGCGLehHd2bTg3YjVUTecqU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fef6be5905e-FRA
content-length: 1161

GET
H2 200 plane.png
onwin996.com/assets-ow/img/ 4 KB
4 KB 26ms
26ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onwin996.com/assets-ow/img/plane.png
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e61051a53456f93e2bc6c8ecbdd75b2e81b5cc1ffe27125d8e592024da9f510

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/?aff=618
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Sat, 14 Aug 2021 10:25:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 203830
etag: "61179a12-ff2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QY9qA2LJBZDd4DGRk5C92sVVmgHT9P1kL42rgMrlVVrIurRveciCPKwPMX8J3y9TPVQS%2F5W%2Flfj0RugefEfUXbNs4o%2B9BhTqQVj99%2FBmxLiBUC3AE%2BkLziSthj4HXks%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fef6be6905e-FRA
content-length: 4082

GET
H2 200 gilroyMedium.woff2
onwin996.com/assets-ow/fonts/ 24 KB
24 KB 26ms
25ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onwin996.com/assets-ow/fonts/gilroyMedium.woff2
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a83c29c530f3c0bc760ad84064922e3bb138bbd759c26c5af5e5a494b5af344

Request headers

Referer: https://onwin996.com/?aff=618
Origin: https://onwin996.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Nov 2020 15:53:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 203671
etag: "5fa2ce78-5f8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdZrQGujD0CCT37gvwh4I8RNCAC19CzZUCuVT7UzZSiiYbRRUJccPuSjwrc%2BNePv%2BY99rsFWhzFJBh3wS7nwUi%2BoW1zME%2BGsHiqgp6vpaPUA%2FG1nwZn9YNSw2vXhZ80%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fef6be8905e-FRA
content-length: 24460

GET
H2 200 Flaticon.woff2
onwin996.com/assets-ow/fonts/ 6 KB
6 KB 29ms
28ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onwin996.com/assets-ow/fonts/Flaticon.woff2
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 929248fed703b8c05cd30633e5d28574088eeb4748b530ff93fca8652d562b18

Request headers

Referer: https://onwin996.com/?aff=618
Origin: https://onwin996.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Thu, 26 Nov 2020 12:50:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 386764
etag: "5fbfa4b2-1760"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjrwwTzx7xuYUDBWFx0JSQP5%2BfDpQzVu4Z70bnGImiHdqqhaWi%2FmbfH6mb4NRCGZdP%2F77dGbL7IBuVCulyYHB6gXRa%2FOu15oOTzvyT36FHmFnsXpXHtUIL0E2Tsno%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fef6be9905e-FRA
content-length: 5984

GET
H2 200 gilroySemiBold.woff2
onwin996.com/assets-ow/fonts/ 24 KB
24 KB 27ms
26ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onwin996.com/assets-ow/fonts/gilroySemiBold.woff2
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7efedfc9d872132c1a9b59dce7a7511733b9808aff73e485209d9331c750157e

Request headers

Referer: https://onwin996.com/?aff=618
Origin: https://onwin996.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Nov 2020 15:53:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 203404
etag: "5fa2ce7a-5f00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIc7VKVxTHudvg1NfNW5Qnc3shBhDjfr7WA73kSYvvo0Bzjqx%2FjsE7FhQVyK5spS766suYH5oPMyplKHYRcU8qQZ8b%2BkISM2636LRviK3JzANvXH5BD8b6o13nlK%2FWk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fef6beb905e-FRA
content-length: 24320

GET
H2 200 gilroyExtraBold.woff2
onwin996.com/assets-ow/fonts/ 23 KB
24 KB 27ms
26ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onwin996.com/assets-ow/fonts/gilroyExtraBold.woff2
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 658b51673be1d58b3cd373edb2b84ea42be756b084b949e5ae5d898e060ffa50

Request headers

Referer: https://onwin996.com/?aff=618
Origin: https://onwin996.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Nov 2020 15:53:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 204022
etag: "5fa2ce7a-5ca4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShbJTZXyQFcA9zNYWHZDQer89WLJkQzcg85YE44ig36K8hlzSJlHFRN%2FU5AeExtun8zmTo3Vgs2ISP25OLxmZtt4s6xPSgjk2XnMAufWQdTsyu60hpOypLX1R4vg%2Fqk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fef6bec905e-FRA
content-length: 23716

GET
H2 200 gilroyBold.woff2
onwin996.com/assets-ow/fonts/ 24 KB
24 KB 28ms
27ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onwin996.com/assets-ow/fonts/gilroyBold.woff2
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dc4ace9ef8e910993ba5be17f399b976c789b6753c8aa6f6abc85684209b56d

Request headers

Referer: https://onwin996.com/?aff=618
Origin: https://onwin996.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Nov 2020 15:53:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 203423
etag: "5fa2ce7a-5fd8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkAPPLcj3P8i4DBPkl5uy97QxLXxbLGT%2BV9kogfyHnQxHlBSEDroT%2BhWocST%2F7CrsEXPDGFRUE7KwGUWdq%2FCz7wXUUalD%2FV4c3fuKomu3%2FNvp6dDT53HYuCcQXE12FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fef6bed905e-FRA
content-length: 24536

GET
H2 200 gilroyRegular.woff2
onwin996.com/assets-ow/fonts/ 23 KB
23 KB 29ms
29ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onwin996.com/assets-ow/fonts/gilroyRegular.woff2
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efd2156ef31df6774d01b689bec57ae90e3e3d73b744f0c46511bcba49e392a9

Request headers

Referer: https://onwin996.com/?aff=618
Origin: https://onwin996.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Nov 2020 15:53:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 204053
etag: "5fa2ce78-5a54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B81R1KFQBAglQkXrsQh6lNv4hmxjxuN7xcJmxOIKQTjaKTGOXs9g%2F9l%2FwBgHCMPk1uPuTK2s2zhsuvRSsVl0XYOLlNFWNH2G9mMoADQe4tGojREQP6xdKOaTi2M6eNM%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fef6bee905e-FRA
content-length: 23124

GET
H2 200 fa-solid-900.woff2
o.stockcdn.com/fonts/ 115 KB
115 KB 90ms
26ms Font
application/octet-stream 138.201.138.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.stockcdn.com/fonts/fa-solid-900.woff2
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.138.156 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.156.138.201.138.clients.your-server.de
Software: nginx / PleskLin
Resource Hash: 0fc8bfb8053723b289c576544ec5feccc05da9680cb65e46f8d468153cb93106

Request headers

Referer: https://onwin996.com/
Origin: https://onwin996.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
last-modified: Thu, 29 Oct 2020 18:49:57 GMT
server: nginx
etag: "1cb7c-5b2d3bf1bd9b0"
x-powered-by: PleskLin
vary: User-Agent
access-control-allow-origin: https://onwin996.com
cache-control: max-age=31104000, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: access-control-allow-origin, X-Socket-Id, x-requested-with, Authorization
content-length: 117628

GET
H2 200 ajax-loader.gif
onwin996.com/images/vendor/slick-carousel/slick/ 4 KB
4 KB 30ms
30ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onwin996.com/images/vendor/slick-carousel/slick/ajax-loader.gif?c5cd7f5300576ab4c88202b42f6ded62
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/?aff=618
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 21:13:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 204867
etag: "651f270d-1052"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7BhNojgtlExfdsfMGO8auwHALTgpX9PqoeRW6CUJ94LUkLmeehcJJVCjQOv8yz1enS0PQ%2FrI7n5jxxykafplOWKIdWLm1RtHSdWWB6QJQ0PgJE3V2UygRUDnhfoylo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fef9c0c905e-FRA
content-length: 4178

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 logo.svg
cloudcdn.owcontent.com/assets/svg/ 2 KB
1 KB 27ms
21ms Image
image/svg+xml 2606:4700:3038::6815:ea2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudcdn.owcontent.com/assets/svg/logo.svg
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7254feb9fc740ff0c3aa8acdc9f166d9e7f6850e8ff2a3ea785a4b16c1be33c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Mar 2021 11:54:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2659066
etag: W/"6051edf5-988"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xn2KPbmSNUKLbyZ4XUFJIoLd3F4wEzUyJPbtjHGncwu65aq%2B6QgLij8Kd9TSrojjIOmEXQC9kqwO3u2FqCfiDTOsmOlybUQ4OeP5BNXhUt9qB05vITzjlJyxbQD1FlkyD5I8pRwc%2B%2FUC7Cn9l6uoDStEWthk"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31104000
cf-ray: 81319fefbefb66c9-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo.png
onwin996.com/assets-ow/img/ 4 KB
4 KB 28ms
25ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onwin996.com/assets-ow/img/logo.png
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b333536bdf8fb470d3cf8db440cee1b4a254ee380b792145faee7c6b1d4ba73

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/?aff=618
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Sat, 14 Aug 2021 10:24:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 203830
etag: "611799fa-f00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RW5tHCupXZwgxAiIJ%2BMRFx8ZsUXk4v%2BQuWqdS5kaOwq2eDy1vK6no%2BqWMtxoX5wfR1zgUjhoPFjw806TjrIVWLOtb3PFsfmQGv3LkcmqjTgEupqhNgGjyLSWES0VsY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fefac1b905e-FRA
content-length: 3840

GET
H2 200 c30t230921102436.png
cloudcdn.owcontent.com/images/cms/ 1 MB
1 MB 42ms
36ms Image
image/png 2606:4700:3038::6815:ea2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudcdn.owcontent.com/images/cms/c30t230921102436.png
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f51d33a016687aed1b31b2a53a760e0d56cf0a439a52f569a01f49a961aba5f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Thu, 21 Sep 2023 07:24:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 101464
etag: "650befb4-12b563"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uScYPIko4%2FQTLxyRgp%2FB5ycc%2Ft95BGvzC7FVSHfI60Q3U%2BR%2BcRljva2w%2FMo9dqLs1BrvbevySVAhU1R7CjIxlMsIyK9ZcXyQv4Ik2sVV0D4hCwyVMGsIUrMDwuSVbzV4NXUVdoJzLMY857ebh8CviuqvSnEt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fefbef866c9-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1226083

GET
H2 200 c0t230927155519.png
cloudcdn.owcontent.com/images/cms/ 936 KB
937 KB 27ms
21ms Image
image/png 2606:4700:3038::6815:ea2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudcdn.owcontent.com/images/cms/c0t230927155519.png
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13adb7a59fb90168cba7b0d58312fcf4c354d70f3cf6aafd949b85953ed8c4d8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Wed, 27 Sep 2023 12:55:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 122494
etag: "65142637-e9f09"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IChpy8Eenu6SPbK7EAMRso6PO4%2FXXyR1kuwA8%2FEYTf3XJbEB0wFLM0pSlpiR40us5n8DLsF2YO6HKHBDnVYsbVcfIb3nFHl0pSguvNt9LBbLVXu3iXCHsYznz61MBwYtAdLNRwevDxDJFBJJlC%2FalqFYbBiE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fefbefc66c9-AMS
alt-svc: h3=":443"; ma=86400
content-length: 958217

GET
H2 200 c0t230927161237.png
cloudcdn.owcontent.com/images/cms/ 958 KB
959 KB 42ms
36ms Image
image/png 2606:4700:3038::6815:ea2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudcdn.owcontent.com/images/cms/c0t230927161237.png
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c956e25ea9d2ddd73cc03f6f25214838a1d8b91943dc8d9d13f80828b3e0deb4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Wed, 27 Sep 2023 13:12:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 976774
etag: "65142a45-ef823"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kE9wgw0j6TEtUfCpSXsmMq7m%2FbbdbgPlcRckCd1lenni26nNWlfnHXGDEi8G6Btz%2FNGC3CK7ojcMwu%2FqD3vRqKzlRVkGDmXOHcKo5CdKcSHCQN9EzXCfdk%2B%2BcUEfBvLa9tyh2NIQAbb39oxJeKrLh4TtBOr8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fefbefa66c9-AMS
alt-svc: h3=":443"; ma=86400
content-length: 981027

GET
H2 200 c30t231008123135.png
cloudcdn.owcontent.com/images/cms/ 1 MB
1 MB 42ms
36ms Image
image/png 2606:4700:3038::6815:ea2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudcdn.owcontent.com/images/cms/c30t231008123135.png
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a66948f551068358de477bcc2ebd7233f59fa59236dddf6e3605f30027aa612

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Sun, 08 Oct 2023 09:31:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 36873
etag: "652276f7-12af62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wwprTrHDkljHSd3Lg8d%2BTeksNkz9bsYYDuQZde7M%2Bw8JtIvYRz8fs3NMkyUmp7ZVOrRU3MBgpgZvojP0bP4JuvycKHzqpW21Q8uIaK6aN%2F%2BCKYhGm4RPHsFIPRNNUndKAtCteAewEdKwFeHQqzT28pVJsf3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fefbefd66c9-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1224546

GET
H2 200 c0t230807151228.png
cloudcdn.owcontent.com/images/cms/ 1 MB
1 MB 22ms
22ms Image
image/png 2606:4700:3038::6815:ea2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudcdn.owcontent.com/images/cms/c0t230807151228.png
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2045b1aec7b8aff6b9cea1a504e210a5fb27a0268878575b0b946efa3424d5bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Mon, 07 Aug 2023 12:12:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 101464
etag: "64d0dfac-148b32"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rif9%2FYHQyXBeC5HjGc%2FeUxCsIRGbIwa%2FBJk3Qu82T18tYIF5XVVGk1LF2S8iqHpY8WLvcobUf8K0vBwm1a%2B4iuEm%2F8Eo05PO9Zh2g2lBI8NXMk2WwdC3SvElhdQS6sFNCLNWr1rk1Kfi%2F9cxYb6kyKvoqkNv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fefcf0c66c9-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1346354

GET
H2 200 c0t230925162930.jpeg
cloudcdn.owcontent.com/images/cms/ 351 KB
352 KB 27ms
27ms Image
image/jpeg 2606:4700:3038::6815:ea2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudcdn.owcontent.com/images/cms/c0t230925162930.jpeg
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e151679b5de03651be089d5f32dcbead37c02cc1b879ccc1bb9db70832a4125

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Sep 2023 13:29:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1152912
etag: "65118b3a-57b4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQrspcvRNxqiil3TP3Gx%2Bo0ONg5eO0lM1ts1xjIdBaFhApMz95x899i0Usr4T%2FCWzPzmAcXh7u1bZihj6omoNPZTXkBMsZAeUlqlJCaeg%2FkCBgAOLLaAgVGjZZhiM1j6Y%2FteumBuzjfvnHPYXwnGvzrSNezp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fefcf0d66c9-AMS
alt-svc: h3=":443"; ma=86400
content-length: 359244

GET
H2 200 c0t231002165204.jpeg
cloudcdn.owcontent.com/images/cms/ 324 KB
325 KB 27ms
27ms Image
image/jpeg 2606:4700:3038::6815:ea2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudcdn.owcontent.com/images/cms/c0t231002165204.jpeg
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f06a889ed0d433b82dcb408baf21b8fd01e7fc4124712b27e42cda6b3cb0072

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 13:52:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 88763
etag: "651acb04-51044"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKjXQMueco%2ByPM91Mje6cerwwbFq%2BbD92nDvBIjm8qliQWLOuvbs8nC%2F56vBjCoq7tXTcsgI74Ex5eLNy1h7Q8Vy43I0WJ5td8fpjafc6E0KnRtUXcNPxGsGxIBNyK3s649tyTIAtM016rBXWWa99CuGKsHe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fefcf0e66c9-AMS
alt-svc: h3=":443"; ma=86400
content-length: 331844

GET
H2 200 01.jpg
onwin996.com/assets-ow/img/popular/ 71 KB
72 KB 33ms
30ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onwin996.com/assets-ow/img/popular/01.jpg
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9819da7c8b8bed2e2dd62f28d696e172813ae0330bda9a9d5c8274cda82579c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/?aff=618
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Sat, 14 Aug 2021 14:14:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 204054
etag: "6117cfb0-11c84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VQECGcv2UsPN08fymbnhQ2Vl0w%2FqNYySGerIUd7UQCEVITyvw3G2NWRK5VgafKMiDyclbmqYyy1koFT2zmXZQ5sLkpDMBZZF3acxoXg9IeArWN%2F%2Bey6%2Bq4j7U5icR0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fefbc1d905e-FRA
content-length: 72836

GET
H2 200 02.jpg
onwin996.com/assets-ow/img/popular/ 46 KB
47 KB 36ms
34ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onwin996.com/assets-ow/img/popular/02.jpg
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64df21ee26df5fbb824279d23cae3886515675709e5553de9d85188ab14d84c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/?aff=618
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Sat, 14 Aug 2021 14:14:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 204052
etag: "6117cfbc-b9a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naU%2B1L2kmbFZek7CEMqn%2FZ6mgdrxrfyZ%2FsWohH0cHLYsHnQSukrQkk5fyk5nXYNF7p9kPkFrSJGS97vgK5aIBrSnxYyUFkPVA020nPZoSDYnwwBPEELknN%2FEK7rPWOE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fefbc1e905e-FRA
content-length: 47528

GET
H2 200 03.jpg
onwin996.com/assets-ow/img/popular/ 41 KB
41 KB 28ms
25ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onwin996.com/assets-ow/img/popular/03.jpg
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 999e24f95b8c4d16cefc124e39f773c1483666f73c479bef8f8bebce28c9c53e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/?aff=618
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Sat, 14 Aug 2021 14:14:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 203830
etag: "6117cfcc-a326"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8bfcROuW59QFsBLdGUcxr3N1mZRa6i3Y6qv60i21nY0raW1yv4ri9h2BWSJ9dhtWsaB%2F%2FQdj%2BYgGGIF3MFzSkwGzAZiXmIX2lcj5MllhGu6Y6f%2Fn5mRlwBRpYVLeu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fefbc1f905e-FRA
content-length: 41766

GET
H2 200 04.jpg
onwin996.com/assets-ow/img/popular/ 50 KB
50 KB 34ms
32ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onwin996.com/assets-ow/img/popular/04.jpg
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f6a3d56a4778ad72a8003bfa223cfc6e50e151295ab415e0a6d2848e46acb8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/?aff=618
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Sat, 14 Aug 2021 14:15:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 204021
etag: "6117cfea-c62c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbcaAbUMs7zoNZe6z%2FG%2BKfM%2FTgKDn0VbQ1sMVvRnYXuR2Hj3iFKNJXSaM%2Fe6A5%2FvEdWW7i%2FzGjMx1CjJqjd3l3DB7TyCaFcCkdU3pTr2vSseoH22PagD9mV3r30Hq%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fefbc21905e-FRA
content-length: 50732

GET
H2 200 05.jpg
onwin996.com/assets-ow/img/popular/ 56 KB
57 KB 29ms
27ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onwin996.com/assets-ow/img/popular/05.jpg
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f41488af0f65ea6b4ef5def1b1e8e0aee6858b138d14a8765f14e627af570731

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/?aff=618
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
cf-cache-status: HIT
last-modified: Sat, 14 Aug 2021 14:15:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 204460
etag: "6117d000-e146"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsANoCZnW3tJVPrks41tXolMyGBup1jX7W4pAUq5hEW6HSjFvxlGSwNE9u1bTKBCP4vZ1APL61MZChZ9sHaJW4mFUbG4AcG1jLQDVPFlikaJlDW0B3X1Mwndm6NCRvA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31104000
accept-ranges: bytes
cf-ray: 81319fefbc22905e-FRA
content-length: 57670

GET
DATA 200
OK truncated
/ 184 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 721065a2a044d276f74139fbe64d6fa9735ac5bd1074b53c14c3f790119d4069

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 186 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a53360908ee4eb452a0735ad32423a51c6b44a0df6e46214b339a0d0035ebd43

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 ls-on.svg
cloudcdn.owcontent.com/assets/svg/ 1 KB
963 B 28ms
27ms Image
image/svg+xml 2606:4700:3038::6815:ea2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudcdn.owcontent.com/assets/svg/ls-on.svg
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d119099e5c1ee7bd6fe30913490ca0ed71f77ab18e890fc9eabc0e4e60448c7a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Mar 2021 11:54:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 16636803
etag: W/"6051edf7-5df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3N165mPPF0GM%2BRIOZ9prsSahmqFh7PiNs6MdfQUnq0%2BofORlxNHBaYAsCD4EuNCzgr5uCfK7Adu2NgZ7AYw04e5TN3Sf5V5vxmNnFThsrmEPSMhsQn0ngzWSMeImtx0zyzZUznKBGSpNuc2hxE3Pa1gnAkW"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31104000
cf-ray: 81319fefcf0f66c9-AMS
alt-svc: h3=":443"; ma=86400

POST
H2 200 getMyDetails Show response
onwin996.com/ 124 B
659 B 201ms
201ms XHR
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onwin996.com/getMyDetails
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.73.0/bundle.tracing.replay.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52dfc9aa3f9b5afd7392634b7153321b16717d7eefd31c942d8df90a07200401

Request headers

Accept: application/json, text/plain, */*
Referer: https://onwin996.com/?aff=618
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 21:54:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEHRMA7OVgQLwQksMy0uI2hM%2FIlgYS5xrPwoMtgnrzFiSjXaIDO7DumavpLHUqCdjDuvinGKBS0fS0iaCzM5TT%2BKW6KBFjsVjPSdUUbdpfDeO9nOAW52qPsJPQ%2Fy4GE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://onwin996.com
cache-control: private, must-revalidate, max-age=0, private, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 81319fefdc30905e-FRA
access-control-allow-headers: access-control-allow-origin, X-Socket-Id, x-requested-with, Authorization
expires: -1

GET
H2 200 18.svg
cloudcdn.owcontent.com/assets/svg/ 2 KB
1 KB 59ms
58ms Image
image/svg+xml 2606:4700:3038::6815:ea2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudcdn.owcontent.com/assets/svg/18.svg
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9d3e88453d233928e2d60264ddc8dde064de376da8908102a3a34321d930efe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Apr 2021 22:07:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 82928
etag: W/"6070d006-8e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHBiwsN5iYP0kTWNvQOUlv4r7wQwJIuOH%2FnvYWeb4fjQLfkjkObuXQB7t%2Bw1zHRl0mxffShJgKSLbmbj2OTnQVdGwEsqvn1HV%2BVb2QVJZ5cwzpz5xyY1NYIH2CLl3WTTJdacY9hDMjR6d%2FANMOJ0MM%2B79shQ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31104000
cf-ray: 81319ff07f7f66c9-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
78 KB 76ms
76ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JC6CDV8FKT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-159945301-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ceadf4dd892766136b27efdddc63b71294848417b2492fd656c8fa6061ea9ecc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79526
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 08 Oct 2023 21:54:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 151ms
52ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-159945301-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 08 Oct 2023 21:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 198
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 08 Oct 2023 23:51:33 GMT

GET
H2 200 / Show response
widget-winchat-chatline.erisgaming.com/ Frame AFBC 581 B
715 B 67ms
66ms Document
text/html 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-winchat-chatline.erisgaming.com/?_t=1696802091617
Requested by: Host: widget-winchat-chatline.erisgaming.com
URL: https://widget-winchat-chatline.erisgaming.com/lib/client.winchat.co.uk.iframe.bundle.js?_t=1696802091028
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e96bddbbfbebaa531b95015956288bbadf69a5ef7365fff8eb7428b83dd55832

Request headers

Referer: https://onwin996.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range,Response-Result
alt-svc: h3=":443"; ma=86400
cache-control: max-age=5 no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81319ff0bf849b43-FRA
content-encoding: br
content-type: text/html
date: Sun, 08 Oct 2023 21:54:51 GMT
expires: Sun, 08 Oct 2023 21:54:56 GMT
last-modified: Sat, 07 Oct 2023 12:41:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDrVxM1Tc6aYCMO2ihRAMo49i6Bgo%2BiyFiUPn1CiqALR1%2BmQX32QXj8mFLPODx7N1HsF9ahsYlk2JhXQkiybsA2tC%2F7I569eP1hgjKBAACr8bINfnuAswLmtMWxJKx%2FSVDD5ViZxmu264C5vReKFokLwSQgpnR1ofdHbxByUTNqBL3LOOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10150.JYcsgEakG-PcakLd0TRXfDS-ynB-qLwMKM1yg6ES35u8XJgsQnGSG5rrKYp0UV3J.KoXlRzo2RluN86-aZkx_vHB33-M%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10150.ACjsNiNM5H0aEuXLc1AzRBItQrivRz0K4PGkDQlKVfso6aWjUtDw-6UXD6PhhNSfT1rwvaPOfExOQCjGgObxfaI59Xze9adAeLc94xQR6oI%2C.AMDhy5E2tcbamxbG4QEVn_iqrU0%2C

43 B
67 B

54ms
53ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10150.ACjsNiNM5H0aEuXLc1AzRBItQrivRz0K4PGkDQlKVfso6aWjUtDw-6UXD6PhhNSfT1rwvaPOfExOQCjGgObxfaI59Xze9adAeLc94xQR6oI%2C.AMDhy5E2tcbamxbG4QEVn_iqrU0%2C

Requested by

Host: onwin996.com
URL: https://onwin996.com/?aff=618

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10150.ACjsNiNM5H0aEuXLc1AzRBItQrivRz0K4PGkDQlKVfso6aWjUtDw-6UXD6PhhNSfT1rwvaPOfExOQCjGgObxfaI59Xze9adAeLc94xQR6oI%2C.AMDhy5E2tcbamxbG4QEVn_iqrU0%2C
date: Sun, 08 Oct 2023 21:54:51 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
137 B 85ms
83ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: onwin996.com
URL: https://onwin996.com/?aff=618

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 06 Oct 2023 14:26:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "651feecc-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 08 Oct 2023 22:54:51 GMT

GET
H3 200 6899.fb63e340f99c38440576.js Show response
widget-winchat-chatline.erisgaming.com/ Frame AFBC 7 KB
3 KB 51ms
50ms Script
application/javascript 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-winchat-chatline.erisgaming.com/6899.fb63e340f99c38440576.js
Requested by: Host: widget-winchat-chatline.erisgaming.com
URL: https://widget-winchat-chatline.erisgaming.com/?_t=1696802091617
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 784b957e0f4d895eab9a60bb93f6708da9a53e6d07410db5d44829c5b3da8388

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widget-winchat-chatline.erisgaming.com/?_t=1696802091617
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 993
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 07 Oct 2023 12:41:03 GMT
server: cloudflare
etag: W/"652151df-1db1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSx0LoXbi4wLwHJ2rh4BuR%2BfP5RQu0jnjivmWDMz0zic4ZxesmPb8a%2BtUSwko5uwV3Ai4Qaz2ewl0YcnT%2Fr1DKjGmOuqPuFoFRCf4tv9RicLXTuG4PACD1Zh9%2B03WWVhc%2F6oMp82duwCBNTsxNGVfiyEC9X82iN5ahX%2FqOJ9cwMATOoQYw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range,Response-Result
cache-control: max-age=14400
cf-ray: 81319ff13c9930d2-FRA
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data

GET
H3 200 main.7680d9399cf66cae23b6.js Show response
widget-winchat-chatline.erisgaming.com/ Frame AFBC 1 MB
375 KB 69ms
68ms Script
application/javascript 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-winchat-chatline.erisgaming.com/main.7680d9399cf66cae23b6.js
Requested by: Host: widget-winchat-chatline.erisgaming.com
URL: https://widget-winchat-chatline.erisgaming.com/?_t=1696802091617
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24c607adbc0a8bb42ff7eeebf1f4a41ba344e9a72548ee93979a1040038037ae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widget-winchat-chatline.erisgaming.com/?_t=1696802091617
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2333
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 07 Oct 2023 12:41:03 GMT
server: cloudflare
etag: W/"652151df-120839"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMuRfXpHZmKW3SWWVMBvP3gaCZxUqkqWysi02S2v0vQalbMyangKTiSVBPZ2VTmjCOYMgtHGx%2Fd6%2BqVWoBATNVSElF9Qpy95bo17I6waxNLUf2kzD3ZDFwnnPKfudXMINan6Z68qpUpsSfor0EeR5FyQlYxnDb3DfGWKXXzwMVrixhlR%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range,Response-Result
cache-control: max-age=14400
cf-ray: 81319ff13c9b30d2-FRA
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data

GET
H3 200 6899.cbac4ff795877da7942a.css
widget-winchat-chatline.erisgaming.com/ Frame AFBC 565 KB
74 KB 148ms
147ms Stylesheet
text/css 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-winchat-chatline.erisgaming.com/6899.cbac4ff795877da7942a.css
Requested by: Host: widget-winchat-chatline.erisgaming.com
URL: https://widget-winchat-chatline.erisgaming.com/?_t=1696802091617
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae255c0f70b0fec8d97ca3d01b8e590cedbcd3e24ecce684ce54f3df148ca2e6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widget-winchat-chatline.erisgaming.com/?_t=1696802091617
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3890
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 07 Oct 2023 12:41:03 GMT
server: cloudflare
etag: W/"652151df-8d22c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fs24366dFU8f0ReMepVb5ZZNDJuJILLgw0MuFi4BlSqPiK%2BdWWDo5x4cq5DloNvKf7s4AQiMmTo4wcly7sOZtzLkE0GnKWYRX5XSgTUrm%2BQVzz4M76KzSWoYBCxw%2Bug4TATAyTY7ZsXj3uTO8KNR%2B9PhiS%2FixJDNsJSCOv7aZnIB%2BrhR7w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range,Response-Result
cache-control: max-age=14400
cf-ray: 81319ff13c9c30d2-FRA
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data

GET
H3 200 main.98d29dc8c07b864e14e8.css
widget-winchat-chatline.erisgaming.com/ Frame AFBC 522 KB
67 KB 51ms
50ms Stylesheet
text/css 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-winchat-chatline.erisgaming.com/main.98d29dc8c07b864e14e8.css
Requested by: Host: widget-winchat-chatline.erisgaming.com
URL: https://widget-winchat-chatline.erisgaming.com/?_t=1696802091617
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e260df35857c0f107b6c9f81f60d1ed31d3f8e38239bde11398751cce9a98a2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widget-winchat-chatline.erisgaming.com/?_t=1696802091617
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3890
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 07 Oct 2023 12:41:03 GMT
server: cloudflare
etag: W/"652151df-8297e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmknDgnma0oWnebI0pjdzV4dkM8GgnrcG1bKMZXaMb%2F7lH5SwBsxeT7PxYTxgaiGJr5L%2F%2BIxR1QIQTCEkz2Z3M1QNX84ta0Bk9dh7ZOtF9Z6h25TpkVSgPEg8%2B094BBtytwWIJuM14KLB00rTzP8%2F2rY%2FNOceq9IX520u8EYN%2FtQSVezlA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range,Response-Result
cache-control: max-age=14400
cf-ray: 81319ff13c9d30d2-FRA
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 61ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JC6CDV8FKT&gtm=45je3a40&_p=1694874492&cid=555080129.1696802092&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1696802091&sct=1&seg=0&dl=https%3A%2F%2Fonwin996.com%2F%3Faff%3D618&dt=Onwin%20Bahis%20ve%20Casino%20Sitesi%20%7C%20Onwin%20Giri%C5%9F%20%7C%20Onwin%20Yeni%20Adresi%20ve%20Resmi%20Sitesi%20%7C%20Onwin&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JC6CDV8FKT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 21:54:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onwin996.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 27ms
26ms XHR
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1694874492&t=pageview&_s=1&dl=https%3A%2F%2Fonwin996.com%2F%3Faff%3D618&ul=en-us&de=UTF-8&dt=Onwin%20Bahis%20ve%20Casino%20Sitesi%20%7C%20Onwin%20Giri%C5%9F%20%7C%20Onwin%20Yeni%20Adresi%20ve%20Resmi%20Sitesi%20%7C%20Onwin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=962026142&gjid=1515013856&cid=555080129.1696802092&tid=UA-159945301-1&_gid=460440481.1696802092&_r=1&gtm=457e3a40&jsscut=1&z=1731548334

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.73.0/bundle.tracing.replay.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://onwin996.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 21:54:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onwin996.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame AFBC 53 KB
2 KB 88ms
36ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: widget-winchat-chatline.erisgaming.com
URL: https://widget-winchat-chatline.erisgaming.com/6899.cbac4ff795877da7942a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9961219a6b63e6aca4d847d46ce2d2f609669ff83551186ab4d5ebde9ea6dc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widget-winchat-chatline.erisgaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Oct 2023 21:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 21:54:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Oct 2023 21:54:51 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/60390211/
Redirect Chain

https://mc.yandex.com/watch/60390211?wmode=7&page-url=https%3A%2F%2Fonwin996.com%2F%3Faff%3D618&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A892%3Afu%3A0%3...
https://mc.yandex.com/watch/60390211/1?wmode=7&page-url=https%3A%2F%2Fonwin996.com%2F%3Faff%3D618&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A892%3Afu%3A0...

428 B
837 B

58ms
57ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/60390211/1?wmode=7&page-url=https%3A%2F%2Fonwin996.com%2F%3Faff%3D618&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A892%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1174299367693%3Ahid%3A158200539%3Az%3A120%3Ai%3A20231008235451%3Aet%3A1696802092%3Ac%3A1%3Arn%3A32046675%3Arqn%3A1%3Au%3A1696802092465655284%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A18%2C46%2C194%2C1%2C0%2C0%2C%2C135%2C1%2C%2C%2C%2C395%3Aco%3A0%3Acpf%3A1%3Ans%3A1696802090634%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1696802092%3At%3AOnwin%20Bahis%20ve%20Casino%20Sitesi%20%7C%20Onwin%20Giri%C5%9F%20%7C%20Onwin%20Yeni%20Adresi%20ve%20Resmi%20Sitesi%20%7C%20Onwin&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Requested by

Host: onwin996.com
URL: https://onwin996.com/?aff=618

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c0127dea8ca31384350d8b5c19901c4cdd7bce4a85f0236722119441b3c4ece5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 21:54:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 08-Oct-2023 21:54:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onwin996.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 428
x-xss-protection: 1; mode=block
expires: Sun, 08-Oct-2023 21:54:52 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 21:54:51 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 08-Oct-2023 21:54:51 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/60390211/1?wmode=7&page-url=https%3A%2F%2Fonwin996.com%2F%3Faff%3D618&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A892%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1174299367693%3Ahid%3A158200539%3Az%3A120%3Ai%3A20231008235451%3Aet%3A1696802092%3Ac%3A1%3Arn%3A32046675%3Arqn%3A1%3Au%3A1696802092465655284%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A18%2C46%2C194%2C1%2C0%2C0%2C%2C135%2C1%2C%2C%2C%2C395%3Aco%3A0%3Acpf%3A1%3Ans%3A1696802090634%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1696802092%3At%3AOnwin%20Bahis%20ve%20Casino%20Sitesi%20%7C%20Onwin%20Giri%C5%9F%20%7C%20Onwin%20Yeni%20Adresi%20ve%20Resmi%20Sitesi%20%7C%20Onwin&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
access-control-allow-origin: https://onwin996.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 08-Oct-2023 21:54:51 GMT

GET
H3 200 5035.77d79c924e57b83fc35d.js Show response
widget-winchat-chatline.erisgaming.com/ Frame AFBC 5 KB
3 KB 29ms
28ms Script
application/javascript 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-winchat-chatline.erisgaming.com/5035.77d79c924e57b83fc35d.js
Requested by: Host: widget-winchat-chatline.erisgaming.com
URL: https://widget-winchat-chatline.erisgaming.com/main.7680d9399cf66cae23b6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5608e985c62d78f9bf9da4bbcdb16c6f106b7eb563338831bf4335e8f708e4de

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widget-winchat-chatline.erisgaming.com/?_t=1696802091617
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3505
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 07 Oct 2023 12:41:03 GMT
server: cloudflare
etag: W/"652151df-13ef"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Jdxxyiy%2FBl97AU%2BLucQtXPqvuF8e%2BccH8S5KQj5SLIccNcfcW1GBTnePZ9iZnMh8CuragEsUyQSzIzhgojJfEVSG5yo7v6CqmR9H3G2FFL8rFm9bgEiW4x7wEDM8ugKsPZ%2Bbe3avvDz73JZXen2BZtoIoKQEKXx2OCZ8ULzzkGmF%2B9KbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range,Response-Result
cache-control: max-age=14400
cf-ray: 81319ff34dfa30d2-FRA
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data

GET
H3 200 3257.8dc2639df8a2e103cc17.js Show response
widget-winchat-chatline.erisgaming.com/ Frame AFBC 333 B
1 KB 29ms
29ms Script
application/javascript 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-winchat-chatline.erisgaming.com/3257.8dc2639df8a2e103cc17.js
Requested by: Host: widget-winchat-chatline.erisgaming.com
URL: https://widget-winchat-chatline.erisgaming.com/main.7680d9399cf66cae23b6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2601d62920a3549b6de99f8239e10036b88710f8e37db10318603f5668b33b07

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widget-winchat-chatline.erisgaming.com/?_t=1696802091617
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3673
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 07 Oct 2023 12:41:03 GMT
server: cloudflare
etag: W/"652151df-14d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6TBQv935%2F32a6llIeFVEl5%2BPiepGEjyEw7rlUOjpYRQTUJTHgLtr6VaI9VFjeT5sgUKyuOVwxYJCl1fOArX7l0p6J6ZhaXWnVc0ufi2%2F5xhQy%2F%2FjP3V2ylvvAFnhp8e2Yd48pccI%2BsalMqVQ5Z2cy8TGZkwO8xVQG3Wa8t5fjvi%2FRWHzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range,Response-Result
cache-control: max-age=14400
cf-ray: 81319ff34dfb30d2-FRA
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data

POST
H2 200 / Show response
sentry.ichatline.online/api/78/envelope/ Frame AFBC 2 B
590 B 117ms
55ms Fetch
application/json 2606:4700:3032::6815:5ecf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry.ichatline.online/api/78/envelope/?sentry_key=dca6a327226e4d8196a5f4951785b7d4&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.61.1
Requested by: Host: widget-winchat-chatline.erisgaming.com
URL: https://widget-winchat-chatline.erisgaming.com/main.7680d9399cf66cae23b6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5ecf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://widget-winchat-chatline.erisgaming.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 08 Oct 2023 21:54:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: origin, access-control-request-method, access-control-request-headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Et%2FLcjwLnJuQzO72b7YQ9ahKM1hMiyhAK3xYx1htT5HcvNDh2v0GxAXNjLk7p0JKGUUlPsnPxPJLk%2BSWRmsWlG3AOyNFE5Tbj1aOF8LKnDdLqlcegrRCczz5KU1ZQGN52zZEMlpRUy35%2FypYQiRd60P5bDT2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
cf-ray: 81319ff3ced865aa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H3 200 9335.6d4d743902a39a290751.js Show response
widget-winchat-chatline.erisgaming.com/ Frame AFBC 232 B
997 B 28ms
27ms Script
application/javascript 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-winchat-chatline.erisgaming.com/9335.6d4d743902a39a290751.js
Requested by: Host: widget-winchat-chatline.erisgaming.com
URL: https://widget-winchat-chatline.erisgaming.com/main.7680d9399cf66cae23b6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a035ed50ae3b4e5e2e778670c2778239e8fc6f513afed287af7731e0bf98e947

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widget-winchat-chatline.erisgaming.com/?_t=1696802091617
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2117
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 07 Oct 2023 12:41:03 GMT
server: cloudflare
etag: W/"652151df-e8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJmP68LrAdqh28H%2FG42wX0vnFBAe0MWYAgg%2Bqtk2Dla3N04E2Wh4Y%2BDD0iagHrcxtrnKSnQrtQKAsPDht6GBwci5VLWz%2BxWcp92nvdP0xcxMydjA%2F6VQCIPh%2FjUAbdMZk8RVz9viXufcsvySxCXtcrSACm0VYIloUTH7ysdr1jSGK4rK3g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range,Response-Result
cache-control: max-age=14400
cf-ray: 81319ff36e1730d2-FRA
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10150.RKFNoUl5LbbWyqr1MmTJJhfK90iPjRhODDGuLqhQDWdE9qHuyZjgLTFnI74kbhNJ.tZ-sncWIoRb0v-wjSbZ78YJYUZ8%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10150.ecXNIXy9tl67J82AdvJWhxlKjJTvojyS3W7zvZeLGXowiKAl-_wdweRbNXookFdviMhAD4ekjjWGfDPYODY099IzJho-CTir4i0Gy6LCwR0%2C.3H-kSlXo-lZaJ_ybF...

43 B
79 B

54ms
54ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10150.ecXNIXy9tl67J82AdvJWhxlKjJTvojyS3W7zvZeLGXowiKAl-_wdweRbNXookFdviMhAD4ekjjWGfDPYODY099IzJho-CTir4i0Gy6LCwR0%2C.3H-kSlXo-lZaJ_ybFIgvibpf1oQ%2C

Requested by

Host: onwin996.com
URL: https://onwin996.com/?aff=618

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:52 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10150.ecXNIXy9tl67J82AdvJWhxlKjJTvojyS3W7zvZeLGXowiKAl-_wdweRbNXookFdviMhAD4ekjjWGfDPYODY099IzJho-CTir4i0Gy6LCwR0%2C.3H-kSlXo-lZaJ_ybFIgvibpf1oQ%2C
date: Sun, 08 Oct 2023 21:54:52 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

OPTIONS
H2 204 chatline--client--client_read__by_visitor
api-winchat-chatline.erisgaming.com/chatline_server__api/api/ Frame 0
0 58ms
41ms Preflight
text/plain 2606:4700:3035::6815:29cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-winchat-chatline.erisgaming.com/chatline_server__api/api/chatline--client--client_read__by_visitor
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:29cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,request-meta-data
Access-Control-Request-Method: POST
Origin: https://widget-winchat-chatline.erisgaming.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81319ff398ff9183-FRA
content-length: 0
content-type: text/plain; charset=utf-8
date: Sun, 08 Oct 2023 21:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yWjZLYwUpwG4Ol%2FYRjMZt3%2FYcgJ0jYP%2B5b6sQK%2FiR0DBZy7vNcGuKiM0Uq%2B1vnSh3n5VXsCATZU75egmYQgyuEGQLWA0dBOWTrya%2FP%2B4NnZsTuLU15oOEtk02A85rK40zArth47eK6eCbMSdlRnJFLl1mPS%2BtHKaR2RfyyCqNtUo1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H2 200 chatline--client--client_read__by_visitor Show response
api-winchat-chatline.erisgaming.com/chatline_server__api/api/ Frame AFBC 9 KB
4 KB 36ms
35ms Fetch
application/json 2606:4700:3035::6815:29cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-winchat-chatline.erisgaming.com/chatline_server__api/api/chatline--client--client_read__by_visitor
Requested by: Host: widget-winchat-chatline.erisgaming.com
URL: https://widget-winchat-chatline.erisgaming.com/main.7680d9399cf66cae23b6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:29cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c2bf790ef236995ac3c27325491dc23e646ddd50fb06e33df0722a4390947f

Request headers

Request-Meta-Data: eyJ2aXNpdG9yQWNjZXNzVG9rZW4iOiIifQ==
Accept: application/json
Referer: https://widget-winchat-chatline.erisgaming.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 08 Oct 2023 21:54:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCoJjznYQKdO%2Fqwg64uXRYffuqAv4qGbxLVSjwZRQdduISdwogsLhhhiL7VvbVuqKj0TGA7bSu5GjWOO8xi0SYV0NB6RR7%2FswZ0vUZWzTPj1I5wEfQfHiUfIn%2F%2Bfk20O7IxbMGzUquGYKVTliFA30cygjBubgDquVSFOLdPVzAcBnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range,Response-Result
response-result: SUCCESS
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data
alt-svc: h3=":443"; ma=86400
cf-ray: 81319ff3d93a9183-FRA

GET
H3 200 7270.f96dd1c719a2145a483b.js Show response
widget-winchat-chatline.erisgaming.com/ Frame AFBC 1 KB
2 KB 27ms
27ms Script
application/javascript 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-winchat-chatline.erisgaming.com/7270.f96dd1c719a2145a483b.js
Requested by: Host: widget-winchat-chatline.erisgaming.com
URL: https://widget-winchat-chatline.erisgaming.com/main.7680d9399cf66cae23b6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ab65ee4cf37ee36764bc1eeb568fcb20fa92a31c55f9bc157a8dd1c63ae3e6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widget-winchat-chatline.erisgaming.com/?_t=1696802091617
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1582
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 07 Oct 2023 12:41:03 GMT
server: cloudflare
etag: W/"652151df-531"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GUqwcekWbJOVQJ7sg89glb7ikLcXCtdw%2ByjufGq4o0iL6GGOmhcruLZ9u3rVYaLeUceT2PmHWqunB51ZU1L12FzAnPWaY%2FNp7CRKsvHI9ZZmvbROLp%2FBTnhzYsgbTHa2LqzllfUuPxxqC7XlSbeqmQA%2F3DomXmd7UeP%2ByA0VZ%2FdHTiw5w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range,Response-Result
cache-control: max-age=14400
cf-ray: 81319ff42e9030d2-FRA
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data

GET
H3 200 1554.460ebdc345dba3458532.js Show response
widget-winchat-chatline.erisgaming.com/ Frame AFBC 480 B
1 KB 27ms
27ms Script
application/javascript 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-winchat-chatline.erisgaming.com/1554.460ebdc345dba3458532.js
Requested by: Host: widget-winchat-chatline.erisgaming.com
URL: https://widget-winchat-chatline.erisgaming.com/main.7680d9399cf66cae23b6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75e9fcc2d95dc547d3774c9ac4017dac7a5bf9389b61548c18ead1a3f060c676

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widget-winchat-chatline.erisgaming.com/?_t=1696802091617
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3503
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 07 Oct 2023 12:41:03 GMT
server: cloudflare
etag: W/"652151df-1e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YCdPHxl8w8BrqFg4%2FY1G8MT7wewB5Awke37KqAoBtcKmNeENKhrwQD6IcS%2Fm%2B4suXEAPeSXffEqnGC7x7DG6Z6q0Nf2k3dYXOH8xZgNhv4Z66ngHiH2FF8FMnK24sJt36lpVoPtYL8SmyrL8YExUAnCCeNtUE2qWGLdwN6ggCgJGWJGfA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range,Response-Result
cache-control: max-age=14400
cf-ray: 81319ff42e9430d2-FRA
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data

GET
H3 200 6947.176603d045cb526a4f82.js Show response
widget-winchat-chatline.erisgaming.com/ Frame AFBC 895 B
1 KB 27ms
27ms Script
application/javascript 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-winchat-chatline.erisgaming.com/6947.176603d045cb526a4f82.js
Requested by: Host: widget-winchat-chatline.erisgaming.com
URL: https://widget-winchat-chatline.erisgaming.com/main.7680d9399cf66cae23b6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9ebbf2b2fc8855dce27652b190f776501793cf05d566ab760c78af1ddbc30dc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widget-winchat-chatline.erisgaming.com/?_t=1696802091617
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3275
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 07 Oct 2023 12:41:03 GMT
server: cloudflare
etag: W/"652151df-37f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBKlWO3LjwkGzIWmOYDMgJc7b495DnwakKA1Su%2FbmRV96cshIP4drcWKYRC6gM1DvslJUyLPjnN4%2B%2Fc6a%2BiikfXRj70Mh9bBRwjDOn4FrYJKX5LQrWqPZi69j6HSb%2F%2BzEN2t%2FRmBDuFkxFvNsRTl%2FyxpxznxNuWK98hH0TDXk0dsIBfRzA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range,Response-Result
cache-control: max-age=14400
cf-ray: 81319ff42e9830d2-FRA
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data

GET
H3 200 file.1694876624277.png
api-winchat-chatline.erisgaming.com/chatline__api_v2/uploads/clients/650/6500881cabb4bf137900ed53/ Frame AFBC 125 B
982 B 39ms
39ms Image
image/png 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-winchat-chatline.erisgaming.com/chatline__api_v2/uploads/clients/650/6500881cabb4bf137900ed53/file.1694876624277.png
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 92442848d0ea7d27cf265ad7c615f1ea8e76be654c42253febb56c8110c54ff2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://widget-winchat-chatline.erisgaming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:52 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 125
last-modified: Sat, 16 Sep 2023 15:03:44 GMT
server: cloudflare
etag: W/"7d-18a9e84e596"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JrR4tsaNpriRPTed%2BOQli0hH0wXT%2BGTGwIbRbIofK7Dhn2BGNVj5ErLHJMhVAekyo%2FLGpMPgnDEnRu%2FkyY101Kfn%2BAAPHlQSjwYfLWiBVtLJOGBdeVV9AzmGNlsvDopbgGxWybGV6M5MnPVlQzV0ruAAsvP3G6ikFNWlTRefJbaUZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range,Response-Result
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 81319ff42ea830d2-FRA
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data

OPTIONS
H3 204 chatline--chat--chat_read__by_visitor
api-winchat-chatline.erisgaming.com/chatline_server__api/api/ Frame 0
0 39ms
39ms Preflight
text/plain 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-winchat-chatline.erisgaming.com/chatline_server__api/api/chatline--chat--chat_read__by_visitor
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,request-meta-data
Access-Control-Request-Method: POST
Origin: https://widget-winchat-chatline.erisgaming.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81319ff51fdb3623-FRA
content-length: 0
content-type: text/plain; charset=utf-8
date: Sun, 08 Oct 2023 21:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ifruEdmydhaRLuUiav2F28zQMTBhhf8%2FJJd7FIlt6HGOwSryAHoYf3WwOk2jtEEDND8mXTgljjucEZin23l3lNXVtjSevowett8yWJuq0%2F5YfYnuqWyVUCb0DCgYqDTF3U5TamcQ27ZHRXXldIQ1CJJcrnVeC4R5nTsxbugLIYdcw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

OPTIONS
H3 204 chatline--department--departments_read__by_visitor
api-winchat-chatline.erisgaming.com/chatline_server__api/api/ Frame 0
0 37ms
36ms Preflight
text/plain 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-winchat-chatline.erisgaming.com/chatline_server__api/api/chatline--department--departments_read__by_visitor
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,request-meta-data
Access-Control-Request-Method: POST
Origin: https://widget-winchat-chatline.erisgaming.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81319ff51fdd3623-FRA
content-length: 0
content-type: text/plain; charset=utf-8
date: Sun, 08 Oct 2023 21:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCwHtI2cQ9kSl8sQDc9n3x0LztDs56Kp3oEedLumOm7OPFluNHZC0JAVLrBv%2F6GOw%2BkTJwSZrQOSlwAkNE5GE8X8kNjHVeiaOEhw5G%2FDGbZhDQPrTvyJD5ibbFe11gzHLtLrB7QBvQvO2hvc3%2Bsw9j9zwJX3waLtwZBvivT4NmGQ%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

OPTIONS
H3 204 chatline--visitor--visitor_update
api-winchat-chatline.erisgaming.com/chatline_server__api/api/ Frame 0
0 37ms
37ms Preflight
text/plain 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-winchat-chatline.erisgaming.com/chatline_server__api/api/chatline--visitor--visitor_update
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,request-meta-data
Access-Control-Request-Method: POST
Origin: https://widget-winchat-chatline.erisgaming.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81319ff51fdf3623-FRA
content-length: 0
content-type: text/plain; charset=utf-8
date: Sun, 08 Oct 2023 21:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHivnt1puSOmSXRXDXFsRa3bR8%2B3VX%2FIPrdPeJoxYm83WZqTXrfFrK0LfS6vVXXdlRRjZX5YJTcxamWJs3sP7k8dxs%2FRlmEAE1OOySfN60EMHtW%2FyDa6DicR%2F9%2B4nRvbDcLz3QVGkvei4%2F0a6er1ABXvE4B%2BZQkGjsiXjRSgSAIKZg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H3 200 chatline--chat--chat_read__by_visitor Show response
api-winchat-chatline.erisgaming.com/chatline_server__api/api/ Frame AFBC 13 B
798 B 34ms
34ms Fetch
application/json 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-winchat-chatline.erisgaming.com/chatline_server__api/api/chatline--chat--chat_read__by_visitor
Requested by: Host: widget-winchat-chatline.erisgaming.com
URL: https://widget-winchat-chatline.erisgaming.com/main.7680d9399cf66cae23b6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a031be004425f99b16f98fcddb6d11d0d8fe059b455d221b0a8d12081e168c16

Request headers

Request-Meta-Data: eyJ2aXNpdG9yQWNjZXNzVG9rZW4iOiI2NTAwODgxY2FiYjRiZjEzNzkwMGVkNTMtYmRkZjQ1MzEtYTJjMy00OGI1LWIyM2EtMjQ5NzZlMjJhMTgzIn0=
Accept: application/json
Referer: https://widget-winchat-chatline.erisgaming.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 08 Oct 2023 21:54:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIHBnEq4V3XngmWz0M4jOaeT%2FOk%2BAtHJCGxkVGr%2Bxr5c%2FGo6hMMayOWYiIxX1%2BH8hwBCJuiZyQKS0AEXdhZur4K6yBiGz6s1xU3ljD3ggqHkH5lQlhjVJumDA46QxtMdhqLD32XaWXAudHln6cioMfRyFxmMbINYI6fW2NKKjffFQA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range,Response-Result
response-result: SUCCESS
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data
content-length: 13
cf-ray: 81319ff558143623-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 chatline--department--departments_read__by_visitor Show response
api-winchat-chatline.erisgaming.com/chatline_server__api/api/ Frame AFBC 2 KB
1 KB 36ms
36ms Fetch
application/json 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-winchat-chatline.erisgaming.com/chatline_server__api/api/chatline--department--departments_read__by_visitor
Requested by: Host: widget-winchat-chatline.erisgaming.com
URL: https://widget-winchat-chatline.erisgaming.com/main.7680d9399cf66cae23b6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53331769cce3040ca3d76e2cf7518327f1f19af5d5487d9b89b943fcd9675168

Request headers

Request-Meta-Data: eyJ2aXNpdG9yQWNjZXNzVG9rZW4iOiI2NTAwODgxY2FiYjRiZjEzNzkwMGVkNTMtYmRkZjQ1MzEtYTJjMy00OGI1LWIyM2EtMjQ5NzZlMjJhMTgzIn0=
Accept: application/json
Referer: https://widget-winchat-chatline.erisgaming.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 08 Oct 2023 21:54:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgy12gJcFPNEz6Z7SDGVg9FCyM2F%2B%2FWXtvl9O9uu6aH9TOQ1N0qxrE5hm5xcRfaflpaxNwFcE1j02UN0crjKlfEpl4kcrOG7uxWEqlvw2kJKnf5iYIR1y11oqZeT7XDc0mjUUpo7qcbVDo3O7lEKMGvbFC4MCjHcnh1E62FNN%2BX%2FrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range,Response-Result
response-result: SUCCESS
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data
alt-svc: h3=":443"; ma=86400
cf-ray: 81319ff548103623-FRA

POST
H3 200 chatline--visitor--visitor_update Show response
api-winchat-chatline.erisgaming.com/chatline_server__api/api/ Frame AFBC 4 B
788 B 37ms
36ms Fetch
application/json 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-winchat-chatline.erisgaming.com/chatline_server__api/api/chatline--visitor--visitor_update
Requested by: Host: widget-winchat-chatline.erisgaming.com
URL: https://widget-winchat-chatline.erisgaming.com/main.7680d9399cf66cae23b6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Request-Meta-Data: eyJ2aXNpdG9yQWNjZXNzVG9rZW4iOiI2NTAwODgxY2FiYjRiZjEzNzkwMGVkNTMtYmRkZjQ1MzEtYTJjMy00OGI1LWIyM2EtMjQ5NzZlMjJhMTgzIn0=
Accept: application/json
Referer: https://widget-winchat-chatline.erisgaming.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 08 Oct 2023 21:54:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15iMadg6ZiO1D4Gn14ZUaNiwfaG%2FgHC7NylFmHXy%2FGPvh7vRHpn5%2FEmXkE5abNsY3E6vXs1gce5kf9qdoRJmTbCjwi1y%2BABThj6ylJhsZaxu8DvC2K7PkzFxFrzASqZ%2BK17tGWD1l0%2B3H3HyVesJiXOBCsQFNMKeBiMrRO%2F7NPIjHA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range,Response-Result
response-result: SUCCESS
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data
content-length: 4
cf-ray: 81319ff548133623-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 file.1694762448707.png
api-winchat-chatline.erisgaming.com/chatline__api_v2/uploads/clients/650/6500881cabb4bf137900ed53/ Frame B28B 7 KB
8 KB 36ms
36ms Image
image/png 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-winchat-chatline.erisgaming.com/chatline__api_v2/uploads/clients/650/6500881cabb4bf137900ed53/file.1694762448707.png
Requested by: Host: onwin996.com
URL: https://onwin996.com/?aff=618
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 721d22d5a3b8387ea2b826ca6a89bf58a01f484a665130ee170baed165ddd408

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://onwin996.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 21:54:52 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 6935
last-modified: Fri, 15 Sep 2023 07:20:48 GMT
server: cloudflare
etag: W/"1b17-18a97b6b768"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwAptuuWxBd8nZmPpqHQuVpw6K6C7%2BZ1adj9Q3Zkz%2FTbS%2BNu%2BTgVdzl5p66bl5X8q4OPeMY%2FKBCns6ZzadtcOIa7gakfsiLKFa5R5DrKN60ohL16itgZGEpAKFVNNBeQZl%2F7tC0blqd1GglQHomPwlKOleE%2BDvkfRZcl7XYGlMaV5A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range,Response-Result
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 81319ff52f5c30d2-FRA
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data

OPTIONS
H3 204 chatline--visitor--visitor_update
api-winchat-chatline.erisgaming.com/chatline_server__api/api/ Frame 0
0 34ms
34ms Preflight
text/plain 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-winchat-chatline.erisgaming.com/chatline_server__api/api/chatline--visitor--visitor_update
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,request-meta-data
Access-Control-Request-Method: POST
Origin: https://widget-winchat-chatline.erisgaming.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81319ff52fef3623-FRA
content-length: 0
content-type: text/plain; charset=utf-8
date: Sun, 08 Oct 2023 21:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0eWPbNLeUfZ51eF4eRyS9DXbawDx4TlDCyZkQ3SLnDvUwpqU1o7O%2FmN%2FvOqD1tJ3YvZKupCo3HrXj%2F6eKvidM7kXb9Zd2oCizsadgYzNbrof39wlSS6we2BI2ma1uxpt%2BXJTAie6XExDKq89mjgMi%2BDH7VR6sP6EA549djCS05vqA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H3 200 chatline--visitor--visitor_update Show response
api-winchat-chatline.erisgaming.com/chatline_server__api/api/ Frame AFBC 4 B
785 B 39ms
39ms Fetch
application/json 2606:4700:3035::ac43:a724
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-winchat-chatline.erisgaming.com/chatline_server__api/api/chatline--visitor--visitor_update
Requested by: Host: widget-winchat-chatline.erisgaming.com
URL: https://widget-winchat-chatline.erisgaming.com/main.7680d9399cf66cae23b6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Request-Meta-Data: eyJ2aXNpdG9yQWNjZXNzVG9rZW4iOiI2NTAwODgxY2FiYjRiZjEzNzkwMGVkNTMtYmRkZjQ1MzEtYTJjMy00OGI1LWIyM2EtMjQ5NzZlMjJhMTgzIn0=
Accept: application/json
Referer: https://widget-winchat-chatline.erisgaming.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 08 Oct 2023 21:54:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5SXN9dEIXh26EYyRLRDOqbHhf1j6ALhLi97XJOSy6YN%2F3rhhVSU14dZ8v5fwZeqfrcrUscpU%2F8Ve0z3TIBJ%2F7rR2tmFhWIHpUu7XmKqOKKlbCYKoB8agg7iD2YfUp6xjqS2aFP4MplA5Qa6f%2F9JfJqYjvP1H8N%2FsCYLGdvupGr66Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range,Response-Result
response-result: SUCCESS
access-control-allow-headers: DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-access-token,x-player-access-token,x-operator-impersonate-player-access-token,x-operator-access-token,x-fake-e2e-operator-access-token,x-platform-player-access-token,x-fake-platform-player-access-token,x-affiliate-access-token,x-funsclub-user-access-token,X-Message-Metadata,Request-Meta-Data
content-length: 4
cf-ray: 81319ff5581b3623-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 / Show response
o4505991546601472.ingest.sentry.io/api/4505991548764160/envelope/ 41 B
373 B 113ms
46ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4505991546601472.ingest.sentry.io/api/4505991548764160/envelope/?sentry_key=b3ccfaa64853a0187a3bd3bf96fff659&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.73.0

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.73.0/bundle.tracing.replay.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

b976b2adea178da5aec1eca867aac9ba7dadf39fb2071234820f02a06eecc54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://onwin996.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 08 Oct 2023 21:54:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: licensing.gaming-curacao.com
URL: https://licensing.gaming-curacao.com/validator/?lh=84f220f2075cf5af182fdad8599f7ede&template=tseal

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
onwin996.com/	1970-01-20 15:20:09	Name: onwin_session Value: hSuYcSOqGOsWRw47MtCviPf72XGLgdvEcSchrRyZ
.onwin996.com/	1970-01-21 00:56:02	Name: bid Value: 520047be-9b98-417e-b8ba-11d2c8be9590
.onwin996.com/	1970-01-21 00:56:02	Name: aff_id Value: 618
.onwin996.com/	1970-01-21 00:05:38	Name: _ym_uid Value: 1696802092465655284
.onwin996.com/	1970-01-21 00:05:38	Name: _ym_d Value: 1696802092
.onwin996.com/	1970-01-21 00:56:02	Name: _ga_JC6CDV8FKT Value: GS1.1.1696802091.1.0.1696802091.0.0.0
.mc.yandex.com/	1970-01-20 15:20:02	Name: sync_cookie_csrf Value: 1445612299fake
.onwin996.com/	1970-01-20 15:21:14	Name: _ym_isad Value: 2
.onwin996.com/	1970-01-21 00:56:02	Name: _ga Value: GA1.2.555080129.1696802092
.onwin996.com/	1970-01-20 15:21:28	Name: _gid Value: GA1.2.460440481.1696802092
.onwin996.com/	1970-01-20 15:20:02	Name: _gat_gtag_UA_159945301_1 Value: 1
.mc.yandex.ru/	1970-01-20 15:20:02	Name: sync_cookie_csrf Value: 2427701429fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2613175611696802091
.yandex.com/	1970-01-21 00:56:02	Name: i Value: dzHJv90LuKphWDnsoktHSYi+LNewBzoeiDbbqOzIAyLJpOrmjAYA49bcjmKC5WnXg5lOJKCpYvryqJlcK9AVMwfUBfU=
.yandex.com/	1970-01-21 00:56:02	Name: yandexuid Value: 9829133951696802091
.yandex.com/	1970-01-21 00:05:38	Name: yuidss Value: 9829133951696802091
.yandex.com/	1970-01-21 00:05:38	Name: ymex Value: 1728338091.yrts.1696802091#1728338091.yrtsi.1696802091
.yandex.com/	1970-01-21 00:05:38	Name: bh Value: KgI/MA==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-winchat-chatline.erisgaming.com
bet-onwin.erisgaming.com
browser.sentry-cdn.com
cloudcdn.owcontent.com
fonts.googleapis.com
js.sentry-cdn.com
licensing.gaming-curacao.com
mc.yandex.com
mc.yandex.ru
o.stockcdn.com
o4505991546601472.ingest.sentry.io
onwin996.com
region1.google-analytics.com
sentry.ichatline.online
widget-winchat-chatline.erisgaming.com
www.google-analytics.com
www.googletagmanager.com
licensing.gaming-curacao.com
138.201.138.156
188.114.96.3
2001:4860:4802:32::36
2606:4700:3032::6815:5ecf
2606:4700:3035::6815:29cb
2606:4700:3035::ac43:a724
2606:4700:3038::6815:ea2c
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2008
2a00:1450:4001:81c::200e
2a02:6b8::1:119
2a04:4e42::729
34.120.195.249
033a416ecc30a516c54c6a0fac2d212a38fb051e5976cda49eb9d22264814a66
0a66948f551068358de477bcc2ebd7233f59fa59236dddf6e3605f30027aa612
0a83c29c530f3c0bc760ad84064922e3bb138bbd759c26c5af5e5a494b5af344
0e5dc8105208c0b7b1437991307f371e58da27c99b7b8030d0c41688fcb05764
0fc8bfb8053723b289c576544ec5feccc05da9680cb65e46f8d468153cb93106
13adb7a59fb90168cba7b0d58312fcf4c354d70f3cf6aafd949b85953ed8c4d8
17a7ed7fec57774eacf70bdb02f5bb7cb640b60f3d9fbcf0d254681bf10628be
1a62080a52984e2af85421a2f183f32861da5333f355a01e9042478817bf36c0
1f06a889ed0d433b82dcb408baf21b8fd01e7fc4124712b27e42cda6b3cb0072
2045b1aec7b8aff6b9cea1a504e210a5fb27a0268878575b0b946efa3424d5bf
24c607adbc0a8bb42ff7eeebf1f4a41ba344e9a72548ee93979a1040038037ae
2601d62920a3549b6de99f8239e10036b88710f8e37db10318603f5668b33b07
27f6a3d56a4778ad72a8003bfa223cfc6e50e151295ab415e0a6d2848e46acb8
2b333536bdf8fb470d3cf8db440cee1b4a254ee380b792145faee7c6b1d4ba73
2e260df35857c0f107b6c9f81f60d1ed31d3f8e38239bde11398751cce9a98a2
2e61051a53456f93e2bc6c8ecbdd75b2e81b5cc1ffe27125d8e592024da9f510
2f51d33a016687aed1b31b2a53a760e0d56cf0a439a52f569a01f49a961aba5f
2f9ec3ebba0c9240acc44aa4e1f748a474d7a2cc3c5cefac086d18f58fe0951e
3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc
40c974d4ef230253d9432d451eff675be9825c5a19f1fd3a7d82d6f5459816e5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e151679b5de03651be089d5f32dcbead37c02cc1b879ccc1bb9db70832a4125
52dfc9aa3f9b5afd7392634b7153321b16717d7eefd31c942d8df90a07200401
53331769cce3040ca3d76e2cf7518327f1f19af5d5487d9b89b943fcd9675168
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5608e985c62d78f9bf9da4bbcdb16c6f106b7eb563338831bf4335e8f708e4de
5dc4ace9ef8e910993ba5be17f399b976c789b6753c8aa6f6abc85684209b56d
5dcac13739bb264442074ab92c760d2637543a87cf0cc1794c3f26ed88aa547c
61c2bf790ef236995ac3c27325491dc23e646ddd50fb06e33df0722a4390947f
62a2945ceb4fce09aad9ce0d85a44a925f9862ab025ce8822b897582010e35b1
63ab65ee4cf37ee36764bc1eeb568fcb20fa92a31c55f9bc157a8dd1c63ae3e6
64df21ee26df5fbb824279d23cae3886515675709e5553de9d85188ab14d84c2
658b51673be1d58b3cd373edb2b84ea42be756b084b949e5ae5d898e060ffa50
696f67f4e2350e2fd99ae0a180a831b50362714d307c4d58687b48c31328d723
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
721065a2a044d276f74139fbe64d6fa9735ac5bd1074b53c14c3f790119d4069
721d22d5a3b8387ea2b826ca6a89bf58a01f484a665130ee170baed165ddd408
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
75e9fcc2d95dc547d3774c9ac4017dac7a5bf9389b61548c18ead1a3f060c676
784b957e0f4d895eab9a60bb93f6708da9a53e6d07410db5d44829c5b3da8388
7e549f1fcfab734025757f85babfcf8a8f2eef7e88aae11c61d5b4900f2fa166
7efedfc9d872132c1a9b59dce7a7511733b9808aff73e485209d9331c750157e
92442848d0ea7d27cf265ad7c615f1ea8e76be654c42253febb56c8110c54ff2
929248fed703b8c05cd30633e5d28574088eeb4748b530ff93fca8652d562b18
9961219a6b63e6aca4d847d46ce2d2f609669ff83551186ab4d5ebde9ea6dc03
999e24f95b8c4d16cefc124e39f773c1483666f73c479bef8f8bebce28c9c53e
a031be004425f99b16f98fcddb6d11d0d8fe059b455d221b0a8d12081e168c16
a035ed50ae3b4e5e2e778670c2778239e8fc6f513afed287af7731e0bf98e947
a53360908ee4eb452a0735ad32423a51c6b44a0df6e46214b339a0d0035ebd43
a9819da7c8b8bed2e2dd62f28d696e172813ae0330bda9a9d5c8274cda82579c
adb093172c400af7545b37ca20f079b35827adf9aa08ba00b0cb518baf5e4ca9
ae255c0f70b0fec8d97ca3d01b8e590cedbcd3e24ecce684ce54f3df148ca2e6
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b976b2adea178da5aec1eca867aac9ba7dadf39fb2071234820f02a06eecc54c
c0127dea8ca31384350d8b5c19901c4cdd7bce4a85f0236722119441b3c4ece5
c956e25ea9d2ddd73cc03f6f25214838a1d8b91943dc8d9d13f80828b3e0deb4
c9d3e88453d233928e2d60264ddc8dde064de376da8908102a3a34321d930efe
ceadf4dd892766136b27efdddc63b71294848417b2492fd656c8fa6061ea9ecc
d119099e5c1ee7bd6fe30913490ca0ed71f77ab18e890fc9eabc0e4e60448c7a
d4c5328cf1e09df8f4fac22ba95070f875f085a302253e2080dad7be614b97b9
d7254feb9fc740ff0c3aa8acdc9f166d9e7f6850e8ff2a3ea785a4b16c1be33c
d9ebbf2b2fc8855dce27652b190f776501793cf05d566ab760c78af1ddbc30dc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e9597987b6f5f6a1e2c0a9bb76f9728ad3bda5548c3b1341dac1e7708c18ee7e
e96bddbbfbebaa531b95015956288bbadf69a5ef7365fff8eb7428b83dd55832
efd2156ef31df6774d01b689bec57ae90e3e3d73b744f0c46511bcba49e392a9
f41488af0f65ea6b4ef5def1b1e8e0aee6858b138d14a8765f14e627af570731

onwin996.com Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

75 Requests

93 %HTTPS

77 %IPv6

13 Domains

17 Subdomains

14 IPs

4 Countries

8890 kBTransfer

15333 kBSize

18 Cookies

8 Outgoing links

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

onwin996.com Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

93 %
HTTPS

77 %
IPv6

13
Domains

17
Subdomains

14
IPs

4
Countries

8890 kB
Transfer

15333 kB
Size

18
Cookies

75 HTTP transactions
3 data transactions