1wdois.top
Open in
urlscan Pro
212.8.250.200
Public Scan
Effective URL: https://1wdois.top/casino/?open=register
Submission: On July 18 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on June 15th 2023. Valid for: 3 months.
This is the only time 1wdois.top was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 85.209.148.14 85.209.148.14 | 60591 (SUPPORTCH...) (SUPPORTCHAIN-AS) | |
5 | 212.8.250.200 212.8.250.200 | 49981 (WORLDSTREAM) (WORLDSTREAM) | |
35 | 190.115.24.75 190.115.24.75 | 262254 (DDOS-GUAR...) (DDOS-GUARD CORP.) | |
2 | 151.101.130.132 151.101.130.132 | 54113 (FASTLY) (FASTLY) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:821::2008 | 15169 (GOOGLE) (GOOGLE) | |
4 8 | 142.250.80.70 142.250.80.70 | 15169 (GOOGLE) (GOOGLE) | |
1 | 108.138.106.101 108.138.106.101 | 16509 (AMAZON-02) (AMAZON-02) | |
5 10 | 2a02:6b8::1:119 2a02:6b8::1:119 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:80f::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 18.164.96.87 18.164.96.87 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 54.213.220.225 54.213.220.225 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 2607:f8b0:400... 2607:f8b0:4006:81e::2002 | 15169 (GOOGLE) (GOOGLE) | |
63 | 12 |
ASN49981 (WORLDSTREAM, NL)
PTR: 212-8-250-200.hosted-by-worldstream.net
1wdois.top |
ASN262254 (DDOS-GUARD CORP., BZ)
PTR: ddos-guard.net
1win-cdn.com |
ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f6.1e100.net
12688802.fls.doubleclick.net | |
12572451.fls.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-101.jfk50.r.cloudfront.net
static.hotjar.com |
ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru | |
mc.yandex.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net
script.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-220-225.us-west-2.compute.amazonaws.com
api2.amplitude.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
35 |
1win-cdn.com
1win-cdn.com — Cisco Umbrella Rank: 406520 |
2 MB |
8 |
doubleclick.net
4 redirects
12688802.fls.doubleclick.net — Cisco Umbrella Rank: 601003 12572451.fls.doubleclick.net — Cisco Umbrella Rank: 588746 |
3 KB |
7 |
yandex.com
3 redirects
mc.yandex.com — Cisco Umbrella Rank: 9422 |
3 KB |
5 |
1wdois.top
1wdois.top |
108 KB |
4 |
google.com
adservice.google.com — Cisco Umbrella Rank: 113 |
890 B |
4 |
amplitude.com
api.lab.amplitude.com — Cisco Umbrella Rank: 6343 api2.amplitude.com — Cisco Umbrella Rank: 1597 |
414 B |
3 |
yandex.ru
2 redirects
mc.yandex.ru — Cisco Umbrella Rank: 3245 |
74 KB |
2 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 753 script.hotjar.com — Cisco Umbrella Rank: 1081 |
72 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79 |
159 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63 |
250 B |
1 |
1win.by
1 redirects
1win.by |
413 B |
63 | 11 |
Domain | Requested by | |
---|---|---|
35 | 1win-cdn.com |
1wdois.top
1win-cdn.com |
7 | mc.yandex.com |
3 redirects
1wdois.top
|
5 | 1wdois.top |
1win-cdn.com
1wdois.top |
4 | adservice.google.com |
12572451.fls.doubleclick.net
12688802.fls.doubleclick.net |
4 | 12572451.fls.doubleclick.net |
2 redirects
www.googletagmanager.com
|
4 | 12688802.fls.doubleclick.net |
2 redirects
www.googletagmanager.com
|
3 | mc.yandex.ru |
2 redirects
1wdois.top
|
2 | api2.amplitude.com |
1win-cdn.com
|
2 | www.googletagmanager.com |
1wdois.top
www.googletagmanager.com |
2 | api.lab.amplitude.com |
1win-cdn.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | static.hotjar.com |
1wdois.top
|
1 | 1win.by | 1 redirects |
63 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
1wdois.top R3 |
2023-06-15 - 2023-09-13 |
3 months | crt.sh |
1win-cdn.com R3 |
2023-06-27 - 2023-09-25 |
3 months | crt.sh |
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2023 Q1 |
2023-02-25 - 2024-03-28 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
*.hotjar.com Amazon ECDSA 256 M01 |
2023-03-09 - 2024-04-06 |
a year | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2023-03-17 - 2023-08-27 |
5 months | crt.sh |
*.amplitude.com COMODO RSA Domain Validation Secure Server CA |
2023-01-23 - 2024-02-14 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
This page contains 9 frames:
Primary Page:
https://1wdois.top/casino/?open=register
Frame ID: 4529B4B20D480073A927AEC55FB22D7E
Requests: 54 HTTP requests in this frame
Frame:
https://12688802.fls.doubleclick.net/activityi;dc_pre=CIjLh9qbmYADFT8OaAgdcWoOSw;src=12688802;type=actio0;cat=allpa0;ord=1;num=3626200427099;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister
Frame ID: 6EC5F21AC6EB3C861234F955F9487BCF
Requests: 1 HTTP requests in this frame
Frame:
https://12572451.fls.doubleclick.net/activityi;dc_pre=CNrwh9qbmYADFZEOaAgdR1YM_Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=869024322513.6052
Frame ID: 7B1761535048560C47CFF7ED256D8E13
Requests: 1 HTTP requests in this frame
Frame:
https://12688802.fls.doubleclick.net/activityi;dc_pre=CIjNh9qbmYADFd0JaAgdaDgHDw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1145590407688;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister
Frame ID: D6658939F71F942947EF8769FA8FC013
Requests: 1 HTTP requests in this frame
Frame:
https://12572451.fls.doubleclick.net/activityi;dc_pre=CKzzh9qbmYADFe8NaAgdrKUPiQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7715802189594.074
Frame ID: 67E8113B3866546F66570ADF2D477B08
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=CKzzh9qbmYADFe8NaAgdrKUPiQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7715802189594.074;~oref=https://1wdois.top/
Frame ID: A4413504E119FEFFDF5A20D8A75F9D41
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=CNrwh9qbmYADFZEOaAgdR1YM_Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=869024322513.6052;~oref=https://1wdois.top/
Frame ID: 978063A9185649B06D4530F6B8E3E5B0
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=CIjLh9qbmYADFT8OaAgdcWoOSw;src=12688802;type=actio0;cat=allpa0;ord=1;num=3626200427099;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister
Frame ID: B6BBA511856125DF2E5E88A75703288F
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=CIjNh9qbmYADFd0JaAgdaDgHDw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1145590407688;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister
Frame ID: A293841E35340D4B736B00A44AAE89FF
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
1winPage URL History Show full URLs
-
http://1win.by/
HTTP 302
https://1wdois.top/casino/?open=register Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
Yandex.Metrika (Analytics) Expand
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://1win.by/
HTTP 302
https://1wdois.top/casino/?open=register Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 38- https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=3626200427099;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister HTTP 302
- https://12688802.fls.doubleclick.net/activityi;dc_pre=CIjLh9qbmYADFT8OaAgdcWoOSw;src=12688802;type=actio0;cat=allpa0;ord=1;num=3626200427099;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister
- https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=869024322513.6052 HTTP 302
- https://12572451.fls.doubleclick.net/activityi;dc_pre=CNrwh9qbmYADFZEOaAgdR1YM_Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=869024322513.6052
- https://12688802.fls.doubleclick.net/activityi;src=12688802;type=actio0;cat=allpa0;ord=1;num=1145590407688;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister HTTP 302
- https://12688802.fls.doubleclick.net/activityi;dc_pre=CIjNh9qbmYADFd0JaAgdaDgHDw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1145590407688;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister
- https://12572451.fls.doubleclick.net/activityi;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7715802189594.074 HTTP 302
- https://12572451.fls.doubleclick.net/activityi;dc_pre=CKzzh9qbmYADFe8NaAgdrKUPiQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=7715802189594.074
- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10068.qYodkGRDjfX3_XTebW4wyvb865FsmxPgQzBA_U1121SPiQ2UojkGblvWci7s0hTj.HkkfmL_Yu0dfrS5aSf4N4xio7zI%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=10068.MVL9cxyiJYlCXqCBgMNUOVJ_TjCIoWKN7ei69OX1Dpt0cQceqttEQ4dz-Mx3KDrh4k-73XH7dSd78vnwHF2td8ZmNwPTcFsWetyZQb9aUWw%2C.K97asXBVS_7ibb35eOKf7yH2gbQ%2C
- https://mc.yandex.com/watch/92006234?wmode=7&page-url=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c3ao218h5r%3Afp%3A1766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A739125622762%3Ahid%3A928696896%3Az%3A0%3Ai%3A20230718213810%3Aet%3A1689716291%3Ac%3A1%3Arn%3A1038288612%3Arqn%3A1%3Au%3A1689716291531805464%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C309%2C334%2C263%2C442%2C0%2C%2C293%2C0%2C%2C%2C%2C3203%3Aco%3A0%3Acpf%3A1%3Ans%3A1689716284298%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1689716292%3At%3A1win&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
- https://mc.yandex.com/watch/92006234/1?wmode=7&page-url=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c3ao218h5r%3Afp%3A1766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A739125622762%3Ahid%3A928696896%3Az%3A0%3Ai%3A20230718213810%3Aet%3A1689716291%3Ac%3A1%3Arn%3A1038288612%3Arqn%3A1%3Au%3A1689716291531805464%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A81%2C309%2C334%2C263%2C442%2C0%2C%2C293%2C0%2C%2C%2C%2C3203%3Aco%3A0%3Acpf%3A1%3Ans%3A1689716284298%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1689716292%3At%3A1win&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
- https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10068.NbYpXkVPAdYutW193Qb6KIXVLtKSnHR4RNCyyfSagwDR0myy-uQsHxnB-iUpZ0iw.M4BwPxZkz2tDxeCP80x55TyMTJU%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10068.aChHO67qwKy81e5rg8H4RxAqnMIxaBo-1eHoJi-prgy57adm027lRc8HGaVE6Y64EZR5jY7d5Lsgg8qMwFq8zoFXeZogNUHne05GV-wLfu4%2C.m0Jm1HNKrMPi_czHYC3CuDsHVSc%2C
63 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
1wdois.top/casino/ Redirect Chain
|
279 KB 88 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SFNSDisplay-latin.50a4eaff3.woff2
1win-cdn.com/font/ |
32 KB 33 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SFNSText-latin.f09aa5229.woff2
1win-cdn.com/font/ |
42 KB 43 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
desktop.fd513a354.js
1win-cdn.com/js/ |
114 KB 114 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
desktop.fd4c6a7d6.css
1win-cdn.com/css/ |
87 KB 87 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.72ac85c3e.js
1win-cdn.com/js/ |
425 KB 426 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-common.030c54d92.js
1win-cdn.com/js/ |
21 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.7c3ae555b.js
1win-cdn.com/js/ |
79 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
affiliate:link_visit
1wdois.top/ |
15 B 425 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
44 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
76658.5f3db1a27.js
1win-cdn.com/js/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
36330.86419961c.js
1win-cdn.com/js/ |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons-common.9d6bd4bb8.js
1win-cdn.com/js/ |
209 KB 209 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
98937.6123ab935.js
1win-cdn.com/js/ |
28 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
76539.2a798d969.js
1win-cdn.com/js/ |
20 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
98924.244aac846.js
1win-cdn.com/js/ |
607 KB 608 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
vardata
api.lab.amplitude.com/sdk/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-app.js
1wdois.top/firebase/8.1.1/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
281 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
96772.c058a40d4.js
1win-cdn.com/js/ |
772 B 995 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vardata
api.lab.amplitude.com/sdk/ |
2 B 128 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
52530.8b2077c4e.js
1win-cdn.com/js/ |
11 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
57781.abe15e672.css
1win-cdn.com/css/ |
23 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
57781.1a0eda150.js
1win-cdn.com/js/ |
23 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
54801.e813453b9.js
1win-cdn.com/js/ |
25 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65772.5391b3618.js
1win-cdn.com/js/ |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
80069.b31fe7d7a.js
1win-cdn.com/js/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
17741.04ae9f123.js
1win-cdn.com/js/ |
19 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
37224.28f26d78d.css
1win-cdn.com/css/ |
13 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
37224.bc856e82f.js
1win-cdn.com/js/ |
20 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3859.c55978c42.js
1win-cdn.com/js/ |
12 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
58682.8449151af.js
1win-cdn.com/js/ |
90 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
17744.8c1358681.css
1win-cdn.com/css/ |
25 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
17744.7984f3499.js
1win-cdn.com/js/ |
24 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
title
1wdois.top/common/ |
29 B 247 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
38006.2eacc1af3.js
1win-cdn.com/js/ |
36 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
84058.b111a1d72.css
1win-cdn.com/css/ |
27 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
84058.2e80e437c.js
1win-cdn.com/js/ |
38 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-messaging.js
1wdois.top/firebase/8.1.1/ |
40 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CIjLh9qbmYADFT8OaAgdcWoOSw;src=12688802;type=actio0;cat=allpa0;ord=1;num=3626200427099;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=...
12688802.fls.doubleclick.net/ Frame 6EC5 Redirect Chain
|
564 B 486 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CNrwh9qbmYADFZEOaAgdR1YM_Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
12572451.fls.doubleclick.net/ Frame 7B17 Redirect Chain
|
554 B 476 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-2606090.js
static.hotjar.com/c/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
215 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
222 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CIjNh9qbmYADFd0JaAgdaDgHDw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1145590407688;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=...
12688802.fls.doubleclick.net/ Frame D665 Redirect Chain
|
564 B 484 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CKzzh9qbmYADFe8NaAgdrKUPiQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
12572451.fls.doubleclick.net/ Frame 67E8 Redirect Chain
|
554 B 483 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us.svg
1win-cdn.com/img/flags/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bear.09894b84b-290.webp
1win-cdn.com/img/ |
21 KB 21 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
emoji-soccer.1a6d4ecac-160.png
1win-cdn.com/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
emoji-slots.1c6e965b9-160.png
1win-cdn.com/img/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cashback.12a565952.svg
1win-cdn.com/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 250 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.ffc9533062802c2a6a6a.js
script.hotjar.com/ |
275 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
httpapi
api2.amplitude.com/2/ |
94 B 286 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
httpapi
api2.amplitude.com/2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
adservice.google.com/ddm/fls/i/dc_pre=CKzzh9qbmYADFe8NaAgdrKUPiQ;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame A441 |
194 B 440 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
adservice.google.com/ddm/fls/i/dc_pre=CNrwh9qbmYADFZEOaAgdR1YM_Q;src=12572451;type=1m0c10;cat=all_p0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B... Frame 9780 |
194 B 150 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CIjLh9qbmYADFT8OaAgdcWoOSw;src=12688802;type=actio0;cat=allpa0;ord=1;num=3626200427099;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=ht...
adservice.google.com/ddm/fls/i/ Frame B6BB |
194 B 150 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CIjNh9qbmYADFd0JaAgdaDgHDw;src=12688802;type=actio0;cat=allpa0;ord=1;num=1145590407688;auiddc=846324271.1689716290;gtm=45He37h0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=ht...
adservice.google.com/ddm/fls/i/ Frame A293 |
194 B 150 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
43 B 67 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 162 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/92006234/ Redirect Chain
|
435 B 518 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide_secondary
mc.yandex.com/ Redirect Chain
|
43 B 79 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
www.google-analytics.com/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.google-analytics.com
- URL
- https://www.google-analytics.com/g/collect?v=2&tid=G-548949LWLW>m=45je37h0&_p=1475321267&cid=2007229581.1689716290&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&dp=%2Fcasino%2F&sid=1689716290&sct=1&seg=0&dl=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister&dt=1win&en=registration_form_view&ep.page_url=https%3A%2F%2F1wdois.top%2Fcasino%2F%3Fopen%3Dregister&ep.domain=1wdois.top&_et=9
Verdicts & Comments Add Verdict or Comment
53 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 boolean| credentialless object| onbeforetoggle object| onscrollend object| INITIAL_DATA object| _chunksDictionary object| oneWinLang string| releaseTag string| gtmKey function| prefetchAllDynamicLogos function| getNextDynamicLogoIndex function| getLogoPath function| performTransition function| showLogo function| subscribeToLogoUpdate function| startUpdateDynamicLogosInterval object| webim object| webimHandlers function| initOrGetInstanceOfSupportChat function| loadScript string| vipDomain object| webpackChunk_1win_frontend_main object| SENTRY_RELEASE object| SENTRY_RELEASES object| dataLayer object| buildConfig object| configManager object| amplitude object| analyticsConnectorInstances object| socket object| firebase object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| axel number| a string| userId function| hj object| _hjSettings function| ym object| eventProperties object| gaGlobal object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| Ya object| yaCounter9200623427 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
1wdois.top/ | Name: visit_domain Value: 1wdois.top |
|
1wdois.top/ | Name: core-sticky Value: http://10.233.80.121:80 |
|
1wdois.top/ | Name: 1w_lang Value: en |
|
.1wdois.top/ | Name: AMP_MKTG_494cccfe21 Value: JTdCJTdE |
|
.1wdois.top/ | Name: _gcl_au Value: 1.1.846324271.1689716290 |
|
1wdois.top/ | Name: 1w_locale Value: 7 |
|
.1wdois.top/ | Name: AMP_494cccfe21 Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjI0ZmEzNzAzOC02MzU2LTQ5YzEtODhkYS02MGZjZWIyYmNhMjAlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNjg5NzE2Mjg5MzY2JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTY4OTcxNjI5MDI4MyUyQyUyMmxhc3RFdmVudElkJTIyJTNBNyU3RA== |
|
.1wdois.top/ | Name: _ga Value: GA1.1.2007229581.1689716290 |
|
.1wdois.top/ | Name: _ga_548949LWLW Value: GS1.1.1689716290.1.0.1689716290.0.0.0 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.1wdois.top/ | Name: _hjSessionUser_2606090 Value: eyJpZCI6ImNjMzhlN2QxLWMzZDUtNTIyNS1hNzVmLWJmYmUyYTRiYjQ3MiIsImNyZWF0ZWQiOjE2ODk3MTYyOTA3OTgsImV4aXN0aW5nIjpmYWxzZX0= |
|
.1wdois.top/ | Name: _hjFirstSeen Value: 1 |
|
.1wdois.top/ | Name: _hjIncludedInSessionSample_2606090 Value: 0 |
|
.1wdois.top/ | Name: _hjSession_2606090 Value: eyJpZCI6IjMyYjdmMjVmLTMyZjEtNDkzMC1hN2EyLWIzYTM3NDk2NDQyZiIsImNyZWF0ZWQiOjE2ODk3MTYyOTA4MTMsImluU2FtcGxlIjpmYWxzZX0= |
|
.1wdois.top/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
|
1wdois.top/ | Name: _hjHasCachedUserAttributes Value: true |
|
.1wdois.top/ | Name: _ym_uid Value: 1689716291531805464 |
|
.1wdois.top/ | Name: _ym_d Value: 1689716291 |
|
.1wdois.top/ | Name: _ym_isad Value: 2 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 2113212544fake |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 3416812966fake |
|
mc.yandex.com/ | Name: yabs-sid Value: 588866811689716291 |
|
.yandex.com/ | Name: i Value: 6T5sdVQ6tppH49CKeHXDjnTbeH2MtCnyrrM6yQVHrW3BqnSi6ZGIpEcNpbky2bz78h6NW51kWgbByv3se/aaSxc04qQ= |
|
.yandex.com/ | Name: yandexuid Value: 2198971431689716291 |
|
.yandex.com/ | Name: yuidss Value: 2198971431689716291 |
|
.yandex.com/ | Name: ymex Value: 1721252291.yc.1689716291#1721252291.yrts.1689716291#1721252291.yrtsi.1689716291 |
|
.yandex.com/ | Name: bh Value: KgI/MA== |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
12572451.fls.doubleclick.net
12688802.fls.doubleclick.net
1wdois.top
1win-cdn.com
1win.by
adservice.google.com
api.lab.amplitude.com
api2.amplitude.com
mc.yandex.com
mc.yandex.ru
script.hotjar.com
static.hotjar.com
www.google-analytics.com
www.googletagmanager.com
www.google-analytics.com
108.138.106.101
142.250.80.70
151.101.130.132
18.164.96.87
190.115.24.75
212.8.250.200
2607:f8b0:4006:80f::200e
2607:f8b0:4006:81e::2002
2607:f8b0:4006:821::2008
2a02:6b8::1:119
54.213.220.225
85.209.148.14
00516809df5dbccd894edd02924a0faed689f9be7911513f53cac72c5d2b57cc
01a87f9f8138f66274cfedb855c0bfbe1529600a65ed26b0c863533e1e94abce
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06e02d3d2d01bb2c88786b0a2dd2d692f6659c0159ec4754f7db49c12e03b0d6
0f5f52314298854044306d18d2cff2b3cffd7f5ed342bc557ade97ebda1ee29e
146bd1f57955c2b44a7c13e986b3b2fc3df979aa6a2c19e9efcb9ec05c2b82ef
15bcdf7d2d92f9b57833c5c495bfd99c4a677d2c0178b961c8cb52062ac6b5a2
186fb5041c00f8a966f98362c66ebc1d23d77a18d2dfd365eac89f999adb11a0
199453b6fe14c7e7c1cf73b4dac3004256c931ea2a07b28add544b864aa6c6ab
1d0c5b2f24257216ff03c864dd0d9c6717324de078b20e523d671d6a55226c84
1f679e8b2de904819f472dd497106d3687139c095cfe08cbcba326ba9384076c
26de7a7388a14d2b672ba64da416bea02d9c99157453a5c9e79b3bf77d97c7f7
28e6144130f75277c70095208483431e0579870239583c30fccdc7ebfb140d70
2a10c404a9dcb99423e353102e49d7ff893e70c0651175d33e0d4d9e0a04f272
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48e2edd1301b6050c4fb881b944104b93232a0d5e2ad33edae2819d2aa6911f1
49ee561afdbd5a30c963e3f6b9f2f7ba6f8bc759ed98d39645dba2781a3de55c
5409164b5daa69ef292b0c866658ebbafbfe1828bb13660f9e650e1ac1799da5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5527c5700e31178d5e36ca51dec5875026aaf93e17fa96c7db4daec94c9ce3a6
575412b54e344b5f40a21bb5b799f0430919cfb4ba807f9832c040e13711dc8e
58a372bb9d424111a2e73c427edb10db91c0f05e8f323f046d20f5cf8fd6f30f
61e5b4beb32a42849e1daeaf2bb49e7ffbae4c83fcde265bfa3beecfda03a1eb
6447823ef26e378c36555f7b20ab85bb2f5bcd0a845e8c60bef81eb5f36acd46
78936c120dea249c9a85f7298617a687ecadd8436dda3ca267bf646aaf21b2ff
8492b63b2d1147503ddb11a27f119e5287c5ae6f02f37e51ad6ae769af970658
855d498511cef8f17204f19ffef2603ecc64d06ea9f035e97c99aef0a8657f86
9141f1106df28a65d97d2179873c14a5f0ccab94efbdac276878b45d4217c3aa
943a5993ba9f76dc7ba5a9772d4e3162de151fce0fe58ffba5468f93b3961291
96da3e29ac0443c20a627ae317790a3ab648533392cb41ef616103704788ab0d
986353748cea95eb9e9bfa6491df404953eccbcb4b0dffd5e6f2fd797bf4cb8f
a1cabb3ae9bcbb220b52657e233b48a328e7297a687246ba3d68a5eaa81b30bf
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4010cd904385baf40748bc00e7ae96604ab7dbb0aa6b3c359d79e8a09d9b8b9
b7846cbb49f999944ea2363a3e49e4ce4907b29039032210b33b3dbbd774d7d1
b9debef46f3b718444e8f9797c95f617e650f84bc0dd882e0f36bec73ae30e32
bcd315cc73d30a72f5fd6815d7adb0b1a956872ceeb588b9b42b2c24ee3024fe
bcfcfebd76b6b0497682fdbc802e121c3eb882ca53f8233f1610e481a6f8f6f5
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c07b2c0a515caf1306fb4d9366fab5758253eeadcf8c0414cb44ccd48f82e59a
c3a02c05b3a78cc7208c765128cc8d3fa495f9a3369e38932dd9e1a4bf4796bd
c5fba99a16ab796a90d9fc6cc210c1217f1a0b0b8de31976f9e13a8df362eb95
c717619743567666a035cda560f802bcc6b1630615f8ac13e979853162eb4f36
ca429ef9782f89f740c88b584c8968b77ac6d750430c70fb3fccdafe83f73455
d0417989b0bf2fa9f63165bf435758311165efe8caa714a93334f5c896e64bb8
df3772666587111462634070c47969ad9687bbf80d0694bb2e6c33be39434d68
df4752615d8aa952d7751c6ede25d9dc4060869c27ffb160f901960cf2717095
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75deac1ab79ff052b72e9e731c0350415ea0255943561b7ea8ab3f09144037e
e9697507884e0e75889b9d395ef39f847000aaa40d48c36bb48abe768d5831a4
ed66d30c1c130d43f4d17fa4de325b6dedfb84d04c91576bfac3b6798167c3d8
f2fc8f2712717b32157f7741b1c723d6fe1d430c41652cfafd39c68980db20bd
f36cb2c958671ef975a5a1d043ad3ab57c12d00d46e625c52f26071edf6ea249
f546b8a025a255a59f9d06800fb89aeb18aaf18e3d1bc7eea0aa636eaa7437dc
f9e0aa797bdc3207aa3a1cf1a3ad0e3dee911ff26adef8279d2211f2c9819ce2
fa60baec09ee2cec267c57d12ad6da7ad37a89a52b11c1ddeb75e161cf8d546e