urlscan.io logo urlscan.io
SecurityTrails logo

rocket-x-1win.com Open in urlscan Pro
2606:4700:3037::ac43:9691  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rocket-x-1win.com/
Effective URL: https://rocket-x-1win.com/
Submission: On October 13 via manual from RO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 34 HTTP transactions. The main IP is 2606:4700:3037::ac43:9691, located in United States and belongs to CLOUDFLARENET, US. The main domain is rocket-x-1win.com.
TLS certificate: Issued by WE1 on September 5th 2024. Valid for: 3 months.
This is the only time rocket-x-1win.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
3 11 2a02:6b8::1:119 13238 (YANDEX)
34 7
18    2606:4700:3037::ac43:9691 (United States)

ASN13335 (CLOUDFLARENET, US)
rocket-x-1win.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
3    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2606:4700:3034::6815:1adf (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
11    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
Apex Domain
Subdomains		 Transfer
18 rocket-x-1win.com
rocket-x-1win.com
937 KB
9 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9307
4 KB
4 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1955
ka-f.fontawesome.com — Cisco Umbrella Rank: 5838
109 KB
3 gstatic.com
fonts.gstatic.com
46 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4610
73 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
34 6
Domain Requested by
18 rocket-x-1win.com rocket-x-1win.com
9 mc.yandex.com 2 redirects mc.yandex.ru
3 ka-f.fontawesome.com kit.fontawesome.com
3 fonts.gstatic.com fonts.googleapis.com
2 mc.yandex.ru 1 redirects rocket-x-1win.com
1 kit.fontawesome.com rocket-x-1win.com
1 fonts.googleapis.com rocket-x-1win.com
34 7

This site contains no links.

Subject Issuer Validity Valid
rocket-x-1win.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-01-27		 6 months crt.sh
*.gstatic.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
ka-f.fontawesome.com
WE1		 2024-08-29 -
2024-11-27		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-05-23 -
2024-11-02		 5 months crt.sh

This page contains 2 frames:

Primary Page: https://rocket-x-1win.com/
Frame ID: 7286CC0693451EC24B62FA9BE940998A
Requests: 44 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: C396253826B3D00D97B63AA51EE5E0B9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1Win Games Brasil - Bonus code 1Win 2024

Page URL History Show full URLs

  1. http://rocket-x-1win.com/ HTTP 307
    https://rocket-x-1win.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

94 %
HTTPS

100 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

1168 kB
Transfer

1986 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rocket-x-1win.com/ HTTP 307
    https://rocket-x-1win.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10521.XqC-VhRmlsLMhdlGNHxnO0_r8eGYZy7qiRHs6xf9jRXEC950vE5SiPOkj0a_EOJM.4ADY5BNmoz7dthM19rgzzcI_hNY%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10521.euUC--u8VROxMGOVdpmx8rhWZ3e6tnh-_9-PXIaEcya0J8Be9EJKFwsA5muuPUrVHChiYYkUStXDI9AHnD0TjhPc1SkXbZIqJxRl5udYbOdXZUTuVcAhF1iJgVpl3R003_H7UAVRlPo4HKW7FPAcY1tEk--dHA06uOZcp0rJQPqioKP6Btl9iq-qfsuD6jeG2URtsLqja9zDyhvnjM5nqY83jpAgYkH8Kd253HE6Sa8%2C.GJNKBQl90QzAP2vl5IrQf351maY%2C
Request Chain 40
  • https://mc.yandex.com/watch/94905709?wmode=7&page-url=https%3A%2F%2Frocket-x-1win.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1480%3Acn%3A1%3Adp%3A0%3Als%3A626118632679%3Ahid%3A789354617%3Az%3A120%3Ai%3A20241013161629%3Aet%3A1728828990%3Ac%3A1%3Arn%3A5362545%3Arqn%3A1%3Au%3A1728828990888413947%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A995%3Awv%3A2%3Ads%3A13%2C27%2C760%2C136%2C2%2C0%2C%2C62%2C1%2C1065%2C1065%2C0%2C1002%3Aco%3A0%3Acpf%3A1%3Ans%3A1728828988393%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1728828990%3At%3A1Win%20Games%20Brasil%20-%20Bonus%20code%201Win%202024&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009092)ti(1) HTTP 302
  • https://mc.yandex.com/watch/94905709/1?wmode=7&page-url=https%3A%2F%2Frocket-x-1win.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1480%3Acn%3A1%3Adp%3A0%3Als%3A626118632679%3Ahid%3A789354617%3Az%3A120%3Ai%3A20241013161629%3Aet%3A1728828990%3Ac%3A1%3Arn%3A5362545%3Arqn%3A1%3Au%3A1728828990888413947%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A995%3Awv%3A2%3Ads%3A13%2C27%2C760%2C136%2C2%2C0%2C%2C62%2C1%2C1065%2C1065%2C0%2C1002%3Aco%3A0%3Acpf%3A1%3Ans%3A1728828988393%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1728828990%3At%3A1Win%20Games%20Brasil%20-%20Bonus%20code%201Win%202024&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rocket-x-1win.com/
Redirect Chain
  • http://rocket-x-1win.com/
  • https://rocket-x-1win.com/
539 KB
72 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rocket-x-1win.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e197c54c4a46eb036cd1cc0a009a9ae87f21b86a8a90a508b2af7bf000244e0b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d1ff299ca9bdbf0-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sun, 13 Oct 2024 14:16:29 GMT
link
<https://rocket-x-1win.com/wp-json/>; rel="https://api.w.org/" <https://rocket-x-1win.com/wp-json/wp/v2/pages/12564>; rel="alternate"; title="JSON"; type="application/json" <https://rocket-x-1win.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Cb9oJRSa5KA8cTfpXvyhCExObHlbpYe2EXh7eRW0ROhb47rp4TtyFfd3zRhwS9Kggtm5oU3GF2%2Bm3okqjRc9UZ7Q6Y6iVoFDUk8u%2FgmJUBMRs2i2PJiLgUSRAfReJh9EtGO4RrrSEoB715%2F9rkJAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding Accept-Encoding,Cookie
x-powered-by
PHP/7.4.33

Redirect headers

Location
https://rocket-x-1win.com/
Non-Authoritative-Reason
HttpsUpgrades
speculation
rocket-x-1win.com/cdn-cgi/ 		128 B
583 B 		Other
General
Check archive.org
Download Go to
Full URL
https://rocket-x-1win.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://rocket-x-1win.com
Referer
https://rocket-x-1win.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9rKWT3SBnW5k62c0DzruN5pVX5bTzrm%2Fe6C89nYaFb0mc7tAR%2BbbShhXrtJJuy7ww%2BDEk%2FGf4UNoSP2ja2IaoDzGrOfzVkrKDTG7Fc1cuzkjP%2BmX9LaoO%2Flk0u7UnGnpIuHVyt%2B069iH%2FuzhMg%2Fh8w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d1ff29f08bcdbf0-FRA
access-control-allow-origin
https://rocket-x-1win.com
alt-svc
h3=":443"; ma=86400
content-length
128
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
rocket-loader.min.js
rocket-x-1win.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rocket-x-1win.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: rocket-x-1win.com
URL: https://rocket-x-1win.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"67055fd4-302c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1yOaN4W17jD6qqFkFDipVz7b6l%2FRlyLkHh%2FSI%2F8Wsf7bROY%2F%2FuCRnA%2FCDu2QTRk%2FuqZ9ttQ52poyOZxSF7ETzWqeAiOJO%2F2qbbBEzXwn18rpG8NW3q2Bom4HOzSr9MekVDsPBKlu5kgw7ZuSpWLQ3w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d1ff29f08c6dbf0-FRA
expires
Tue, 15 Oct 2024 14:16:29 GMT
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
application/javascript
last-modified
Tue, 08 Oct 2024 16:37:40 GMT
server
cloudflare
vary
Accept-Encoding
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700,900&display=swap
Requested by
Host: rocket-x-1win.com
URL: https://rocket-x-1win.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6613feeff6fb52a6d3f667c09273f6ab44695f0a0c8c1675fe34eeb3fdf1b259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 13 Oct 2024 14:16:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 13 Oct 2024 14:11:31 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6effffb09446a01a91070cbfe847a02e1d59f5f7afa4a6abbd3791fe6991a08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
jquery.min.js
rocket-x-1win.com/wp-includes/js/jquery/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rocket-x-1win.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: rocket-x-1win.com
URL: https://rocket-x-1win.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66bb3aea-15601"
age
22711
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IpOqn1kJPng%2FJX8lz3m2PUVUL34s2Y7tDZ2IfPwNMfvZJiaoVahez9P2AxS2BxM21ayJNYikayOP4iL90Y0bdMPZuiF5lq9CdoQglJ%2B2A9kAL2Owf50kN5k7%2BSwAP5%2BMVAjl%2FwXjKtEnjlwc6zNs1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d1ff29f79f8dbf0-FRA
expires
Sun, 20 Oct 2024 07:57:58 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
application/x-javascript
last-modified
Tue, 13 Aug 2024 10:52:26 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cb24332ddb6ef50d9f528c01c8f4c02ac68976dcbfcc9a826462fccae50ac2b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
892278f39223e7e3c0e466ea8ee71d7aa001ba8f8ef82ac1412e48525383939b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01631ed4d0d3cf29a504fc22934b3518866d03d5e219814fcdef78a9a1e0d9fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
autoptimize_eb16c182b1d86410342e5cbc51a3a422.js
rocket-x-1win.com/wp-content/cache/autoptimize/js/ 		124 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rocket-x-1win.com/wp-content/cache/autoptimize/js/autoptimize_eb16c182b1d86410342e5cbc51a3a422.js
Requested by
Host: rocket-x-1win.com
URL: https://rocket-x-1win.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5a8f1b55d45ead09c9942326ce73715c8093c611a6487621d1de8c6649ef396

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67077c2b-1f198"
age
22711
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eY9A33o7SJ%2FqqQK03tdkYX3qFHNw8FRPdf%2FfWySMnTknBAkj9en%2FyqbBv0UK%2BsXYQaDIj5IxOZGcYP0Oaj4gTsJ2wQw5bnlV6ZWmADpbdXPXEC8y0NgDC7Cg6DDaWAnTNZVo35mnETOQZzh7PdI32g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d1ff29fcaebdbf0-FRA
expires
Sun, 20 Oct 2024 07:57:58 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
application/x-javascript
last-modified
Thu, 10 Oct 2024 07:03:07 GMT
vary
Accept-Encoding
server
cloudflare
lazyload.min.js
rocket-x-1win.com/wp-content/plugins/rocket-lazy-load/assets/js/16.1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rocket-x-1win.com/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js
Requested by
Host: rocket-x-1win.com
URL: https://rocket-x-1win.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"64feb491-1ed2"
age
22711
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wv8OY5lnLb4piGQUMZ5wPcJ0dfddyiyyT3pRVvc9xi3p8a8R4TC70WJiTwH3ZrPI%2BQv8rHZBaCPdrna1Zcamhj%2BcwS64vZLbWe%2FxZ0ZO%2FyoTS3ms2S2Zd8Pp2O8CKEDlWBG2icn%2BMQypozZ%2FFOlTfw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d1ff29fcaeedbf0-FRA
expires
Sun, 20 Oct 2024 07:57:58 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
application/x-javascript
last-modified
Mon, 11 Sep 2023 06:32:49 GMT
vary
Accept-Encoding
server
cloudflare
23b8c66013.js
kit.fontawesome.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/23b8c66013.js
Requested by
Host: rocket-x-1win.com
URL: https://rocket-x-1win.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c49b4b83662d5ea9e45d6b80f6c14cb295e8afb89d6a165e52dd93ffa09bca2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

access-control-max-age
3000
x-request-id
F_4Ikb9rtqYeGN0BP9xB
cache-control
max-age=60, public, stale-while-revalidate=30
content-encoding
gzip
cf-cache-status
HIT
age
53
access-control-allow-methods
GET, OPTIONS
cf-ray
8d1ff2a01a283826-FRA
access-control-allow-origin
*
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
text/javascript
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
server
cloudflare
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
i18n.min.js
rocket-x-1win.com/wp-includes/js/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rocket-x-1win.com/wp-includes/js/dist/i18n.min.js
Requested by
Host: rocket-x-1win.com
URL: https://rocket-x-1win.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66bb3aea-23b5"
age
22711
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3aKNlZAMkxg3RnyhWF9wpI46Fx3btVK7xME8nPrbtdn104CVRw9tCGnYaQs6oPkmbnW8M6s2aI3D%2BsCJSjV7jZVpBsLCeXbvoX1GtcGpJ6RdgHsmJjYVDwnOIvZdZHr8ZJadoqWE8je%2B6v4Ry1k6hg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d1ff29fcaf1dbf0-FRA
expires
Sun, 20 Oct 2024 07:57:58 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
application/x-javascript
last-modified
Tue, 13 Aug 2024 10:52:26 GMT
vary
Accept-Encoding
server
cloudflare
hooks.min.js
rocket-x-1win.com/wp-includes/js/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rocket-x-1win.com/wp-includes/js/dist/hooks.min.js
Requested by
Host: rocket-x-1win.com
URL: https://rocket-x-1win.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66bb3aea-10d3"
age
22711
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PTySZvCOtIzpqFr5%2FlcHjgCdTwQogaX4ZPikRiNDJ5YHnML9xrr%2BMLjRrWDjNzfpjloAAK20XuDJDOnV11jsub0VaSuQ5cdbtZA6Qg%2BEv6ZGT8AeHjuP5XZ3JOuBAfNx1wkOvuRpmjKmx%2BWcUfASVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d1ff29fcaf3dbf0-FRA
expires
Sun, 20 Oct 2024 07:57:58 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
application/x-javascript
last-modified
Tue, 13 Aug 2024 10:52:26 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/ 		68 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ac0e7e7f71d143292b51ee698a5795bdf2531f3739570467cfad74ad81be01a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84551b0ec88add52736c8ff9cdde6d704637e055dc8580639476eb3f2c497e76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c2bb7d76df8dcd6d5343cbb61da70c39ec0b3f61904fafd1ba6b3b59df7b69c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e366793514dbd895c59bb47c82d05819b64f76802230522a41a1903b6f020427

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c704aede1d014c046dabc777d84a5dadfe636445c6e031cb35869edcb68c2d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d39b4ad4365ff35cbcbad2f3daf685e1f0427a96ff05abc06a32a220e1aed3a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://rocket-x-1win.com
Referer
https://fonts.googleapis.com/

Response headers

age
477224
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 01:42:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 01:42:45 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://rocket-x-1win.com
Referer
https://fonts.googleapis.com/

Response headers

age
240858
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 19:22:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 10 Oct 2024 19:22:11 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f226239b7cb86705238ec5a036a05bdb8fa187630f9c686db7c52ad53b64482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://rocket-x-1win.com
Referer
https://fonts.googleapis.com/

Response headers

age
494356
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 07 Oct 2025 20:57:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 20:57:13 GMT
last-modified
Thu, 01 Aug 2024 20:41:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
9780
x-xss-protection
0
server
sffe
cropped-favicon-32x32.png
rocket-x-1win.com/wp-content/uploads/2023/09/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://rocket-x-1win.com/wp-content/uploads/2023/09/cropped-favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c83ba7dca9033fc6181e0ac87b9c5e75f03e46c544ff44ec32df1ec338ee3e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

cf-cache-status
HIT
etag
"64febe2e-47a"
age
84705
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8SW2BlRuavHtGF%2FH7%2FDYK3eDgpWf0I%2F0xg%2BH72iAfXwpR11EVUoFiRQeeU0XBrfXv33B5rHxDw6p9sI8XkR0uzKyFe9HyMTWTA%2FsbMJe%2BbCZKd3wJswIe0xVieekwKn8Ub9ZUqAyDImRWF814K7YWA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 11 Nov 2024 14:44:44 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
image/png
last-modified
Mon, 11 Sep 2023 07:13:50 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d1ff2a04c24dbf0-FRA
accept-ranges
bytes
content-length
1146
server
cloudflare
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=23b8c66013
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/23b8c66013.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
cf-cache-status
MISS
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kQZ7e%2BROc%2B0YlDjLWT3Bv0hxwvrHfs4SUAW8LXsDZ6gKYc2oF1tSyqNoa3FLxKyg39c3VLzCgWYues68XGfXM29fEH3JcHMk1IYi%2FJ%2BmbImSGIOR5b1Rz9RO6uHhFs7oIHDLYU%2BvyiWvlznE9IU%2B3QTYSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
HfzMCTflvQqEDe9-d_GGS0s5aKOv63NDvj89lM618mk5duH0EK98Ug==
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
text/css
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
cf-ray
8d1ff2a0d8559749-FRA
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P2
server
cloudflare
tag.js
mc.yandex.ru/metrika/ 		208 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: rocket-x-1win.com
URL: https://rocket-x-1win.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
3161948f21bf24d9ef8c34e37b7d1790d5cce63c44d982ca9f63bc6b6acbfe99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6707cb5e-11cda"
expires
Sun, 13 Oct 2024 15:16:29 GMT
access-control-allow-origin
*
content-length
72922
date
Sun, 13 Oct 2024 14:16:29 GMT
last-modified
Thu, 10 Oct 2024 12:41:02 GMT
content-type
application/javascript
admin-ajax.php
rocket-x-1win.com/wp-admin/ 		38 B
637 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rocket-x-1win.com/wp-admin/admin-ajax.php
Requested by
Host: rocket-x-1win.com
URL: https://rocket-x-1win.com/wp-content/cache/autoptimize/js/autoptimize_eb16c182b1d86410342e5cbc51a3a422.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
58256ebe097c611bea84c802ff7c10fe16d5cdc431447c86a58b0ebe878f747f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Cache-Control
no-cache
Referer
https://rocket-x-1win.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-robots-tag
noindex
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ImPKfxE7Wzprvr97Eu3SoNk%2F5NEHi3UlLZkVM7uESwk7BiV4ax%2FW0N5q9nQhypCaXbEHCHffdaHbnxBds259ChJoz7lXwtdrlnz%2FhXHwA%2B7ZpTBM52DOkFGnjnAWf2MTxwKBnh6ac5GM%2FTFhXbzzXg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
application/json; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, must-revalidate, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d1ff2a05c6edbf0-FRA
access-control-allow-origin
https://rocket-x-1win.com
content-length
38
x-powered-by
PHP/7.4.33
server
cloudflare
rating_over.gif
rocket-x-1win.com/wp-content/plugins/wp-postratings/images/stars_crystal/ 		1009 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rocket-x-1win.com/wp-content/plugins/wp-postratings/images/stars_crystal/rating_over.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4cc3dfa1061aedf2533cf134f9d584568bc41a25090fb7ce77c5cdbec6c37e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

cf-cache-status
HIT
etag
"66bb3bd1-3f1"
age
22711
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ST6rY254vy%2F41eJSxDnG3FmOCCQDcKuOS5j81LttMrO1NSrsK9UAw%2BkPr9araTN8Qy4fa8SE%2F0%2B4aJ5gVYg2yjWC9wCvlBl5qaow%2BNANyj3pP3GAYPTWkuLz4aHbS%2BLm0aTZ6%2BjkGUHezcLDhV%2Fk6g%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 12 Nov 2024 07:57:58 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
image/gif
last-modified
Tue, 13 Aug 2024 10:56:17 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d1ff2a05c72dbf0-FRA
accept-ranges
bytes
content-length
1009
server
cloudflare
logo-1win-br.png
rocket-x-1win.com/wp-content/uploads/2023/09/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rocket-x-1win.com/wp-content/uploads/2023/09/logo-1win-br.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
865e899090695a8d00ac95e238bbeb64a43b4453f4e91c4024ed0c819cdc7908

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

cf-cache-status
HIT
etag
"64febe73-13bd"
age
22711
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kKs8Onuw7V93cFewipVUVk1u66bQnydUk6vSNT2%2BWG%2FTtnuHXlBFXGg1AikKG3IhRNOeqLwteDcVrLRwG4QNhwfKO%2FjmBmZxSTGGm2WGF0FK7GsJSQ7HXgEJ1q4SNPOgMozuy6Mc4rjbNs1emlmGMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 12 Nov 2024 07:57:58 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
image/png
last-modified
Mon, 11 Sep 2023 07:14:59 GMT
vary
Accept-Encoding
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d1ff2a06c94dbf0-FRA
accept-ranges
bytes
content-length
5053
server
cloudflare
1Win-App-Review-of-the-Best-Indian-Mobile-App-in-2023-768x518.webp
rocket-x-1win.com/wp-content/uploads/2023/12/ 		175 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rocket-x-1win.com/wp-content/uploads/2023/12/1Win-App-Review-of-the-Best-Indian-Mobile-App-in-2023-768x518.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c460965c8ff790006a5e860e34408564a5cf60e70f88c3192c5b691cf83c7f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"65883ff7-2ba18"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QosfoxvvN24QvCUR9bTKjOa1w%2BVtidXQiGs13JupUWRPoTSKWKbLZ5YaBq6tCoXZ6vU1RS1I1J45%2Bv%2FiPGpEhyOBGlkxFJUVDcPlzbsYx9GFmLZChQR6884qw4bCWHAf27NnDamK5y55VYT0mqJxOA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d1ff2a06c98dbf0-FRA
expires
Tue, 12 Nov 2024 14:16:29 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
178712
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
image/webp
last-modified
Sun, 24 Dec 2023 14:28:07 GMT
vary
Accept-Encoding
server
cloudflare
Fortune-Gems.jpg
rocket-x-1win.com/wp-content/uploads/2023/10/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rocket-x-1win.com/wp-content/uploads/2023/10/Fortune-Gems.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27b83109afaad8b6e11957eba7579ecbc505567cc12cc9e28a58f0b2013c59c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"6589509b-6b4a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RSDZHQ%2Fwc4I7f5ff5AF8xTmZfrB3twnIaTEWSb27b4n2N9Tg4JTpoJBHlGO5%2B%2Bv5JpCwEPN36TJiQtH8ZmcBTuyj8tgqCvAJ1EnOjpE0f%2FsJ2EEe%2FByuW%2FRo1XmlgRVrjSltvBbrDdyKTFOjXQee%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d1ff2a06c9ddbf0-FRA
expires
Tue, 12 Nov 2024 14:16:29 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
27466
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
image/jpeg
last-modified
Mon, 25 Dec 2023 09:51:23 GMT
vary
Accept-Encoding
server
cloudflare
Fortune-Mouse-1.jpg
rocket-x-1win.com/wp-content/uploads/2023/09/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rocket-x-1win.com/wp-content/uploads/2023/09/Fortune-Mouse-1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92b108d21a21288116ccb4b299ef0c9507f020a5759aa8bc20f07f3b717c6d1d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"65894eb8-9038"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mEECQo%2BPlEt0nybMjMcUF3eW8qAI2JdhA%2FWLK0289%2FAAxPJOIk%2FNvPTWPjUnKclGukHQ2p%2B8g09GaU9iWNjSVjYqiJrwYMTm5zQyKnzjw986%2B1TXVjqfx0JOzxVWcMCk1bUQ10ft7ysD5CMjgQ%2FsSA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d1ff2a06ca0dbf0-FRA
expires
Tue, 12 Nov 2024 14:16:29 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
36920
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
image/jpeg
last-modified
Mon, 25 Dec 2023 09:43:20 GMT
vary
Accept-Encoding
server
cloudflare
Fortune-Ox-1.jpg
rocket-x-1win.com/wp-content/uploads/2023/09/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rocket-x-1win.com/wp-content/uploads/2023/09/Fortune-Ox-1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9394708aecab53a5119366e223f4359f545b5e3674c45708ffa5f785d48b4064

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"65894f1b-9cf9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RJ5fkqQcLpsEWjEpHY73HC1MpDPw%2B%2FV8cCkn4QG0JwuF4gTo8hD5RVWZs8PrqpGmSlASbqtGATK6NE6hPsCXYm7uDniSoQGynqPHfp2M4A54zwHSeOpWVHIS0rBOieVMxWv2nu2S0jkQ37FKdhiZjA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d1ff2a06ca2dbf0-FRA
expires
Tue, 12 Nov 2024 14:16:29 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
40185
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
image/jpeg
last-modified
Mon, 25 Dec 2023 09:44:59 GMT
vary
Accept-Encoding
server
cloudflare
Fortune-Rabbit-570x570.png
rocket-x-1win.com/wp-content/uploads/2023/09/ 		496 KB
497 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rocket-x-1win.com/wp-content/uploads/2023/09/Fortune-Rabbit-570x570.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54b29ceacd62fbfd569dd7597050258b4db85679e2354e05df72c53e4958a8b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"650c3643-7bfc5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2FdMoKzzq1YiguwoL8MPKLhOtTcsWzdluJWIp4g9s6C9NGpDkqmc8jGIMqYTtAuKIuxP1DBBLxuLvakxfxCUPvYm13jtoJdsi7eVPIbB3pINNoLI5dQuXPh7fgsgt7Lkwuu2bg8%2FR4AYJCbqyBz4sA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d1ff2a06ca5dbf0-FRA
expires
Tue, 12 Nov 2024 14:16:29 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
507845
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
image/png
last-modified
Thu, 21 Sep 2023 12:25:39 GMT
vary
Accept-Encoding
server
cloudflare
admin-ajax.php
rocket-x-1win.com/wp-admin/ 		41 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rocket-x-1win.com/wp-admin/admin-ajax.php
Requested by
Host: rocket-x-1win.com
URL: https://rocket-x-1win.com/wp-includes/js/jquery/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
0a88e611418b0ee617b9b118e1e544c4df16229dc1d95ca81b31858c0429ac82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://rocket-x-1win.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-robots-tag
noindex
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=333UUgB63lcpqb6aZD7orBUY%2BAhkgYzHMrqWyGjwtJ%2BFyyqexy53YlYa4XLqpAI72M%2F9IHaXF9IfBAvx2gfNTn8Yy%2FjAOUDK0pTB6wGOgA1%2FAhF0mGSY0A%2Fh9CEBJyxxaMB7oKzt5d9EhqcSrV%2B%2B7g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 13 Oct 2024 14:16:30 GMT
content-type
text/plain; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, must-revalidate, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d1ff2a06ca7dbf0-FRA
access-control-allow-origin
https://rocket-x-1win.com
content-length
41
x-powered-by
PHP/7.4.33
server
cloudflare
free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-regular-400.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://rocket-x-1win.com
Referer
https://rocket-x-1win.com/

Response headers

access-control-max-age
3000
cf-cache-status
MISS
etag
"b8f1c6a3a94d42b082c29f0b1db8ba95"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VBbuhSjyLNL8gyfvZl0tPLw%2BqyfTMqqxYQN%2B1YDRIt9e52YpfBRrjaGoUjgqEActzigOUZ0dt1DbU11Wz7NN7nbakSfDZ7R6Nn0gDxSqXw2sBD6qH8uYXgPbIlI4Pa9YDPZ%2Fyl6GSZTpnfM%2BsE%2FjnsqGQw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
TqwnU2Q9Jlqx6qxt3P0ZjdopIlHai769GkCoF3W9YwwA8T4saMB2YQ==
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
font/woff2
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
cf-ray
8d1ff2a178f79749-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
13216
x-amz-cf-pop
FRA60-P2
server
cloudflare
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://rocket-x-1win.com
Referer
https://rocket-x-1win.com/

Response headers

access-control-max-age
3000
cf-cache-status
MISS
etag
"a9fd1225fb2cd32320e2b931dca01089"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HUiYJ%2BzKC%2BoUeMhJPHvH4n%2Bx7oPzCCDm%2BMZQSEpZGvrBo1fKU%2BrmXudBj5TYelvf5RGLO%2BjRYF4d50UG4ye6DkGe%2BdM%2BSw5%2FL45gGUIaYMhBWigB4L%2BrXuSYo%2BTbjeCS30ASJg2yC7clm3SzAN5G6p6Muw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
fJDTaskqYk15yL_7EttJ2icyLvWZIKg5BpN3wpIly1kRmmWg-hRDew==
date
Sun, 13 Oct 2024 14:16:29 GMT
content-type
font/woff2
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
vary
Accept-Encoding
access-control-allow-headers
fa-kit-token
cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
cf-ray
8d1ff2a178f89749-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
78168
x-amz-cf-pop
FRA60-P2
server
cloudflare
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10521.XqC-VhRmlsLMhdlGNHxnO0_r8eGYZy7qiRHs6xf9jRXEC950vE5SiPOkj0a_EOJM.4ADY5BNmoz7dthM19rgzzcI_hNY%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10521.euUC--u8VROxMGOVdpmx8rhWZ3e6tnh-_9-PXIaEcya0J8Be9EJKFwsA5muuPUrVHChiYYkUStXDI9AHnD0TjhPc1SkXbZIqJxRl5udYbOdXZUTuVcAhF1iJgVpl3R003_H7UAVRlP...
43 B
672 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10521.euUC--u8VROxMGOVdpmx8rhWZ3e6tnh-_9-PXIaEcya0J8Be9EJKFwsA5muuPUrVHChiYYkUStXDI9AHnD0TjhPc1SkXbZIqJxRl5udYbOdXZUTuVcAhF1iJgVpl3R003_H7UAVRlPo4HKW7FPAcY1tEk--dHA06uOZcp0rJQPqioKP6Btl9iq-qfsuD6jeG2URtsLqja9zDyhvnjM5nqY83jpAgYkH8Kd253HE6Sa8%2C.GJNKBQl90QzAP2vl5IrQf351maY%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

strict-transport-security
max-age=31536000
content-length
43
date
Sun, 13 Oct 2024 14:16:30 GMT
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://mc.yandex.com/sync_cookie_image_decide?token=10521.euUC--u8VROxMGOVdpmx8rhWZ3e6tnh-_9-PXIaEcya0J8Be9EJKFwsA5muuPUrVHChiYYkUStXDI9AHnD0TjhPc1SkXbZIqJxRl5udYbOdXZUTuVcAhF1iJgVpl3R003_H7UAVRlPo4HKW7FPAcY1tEk--dHA06uOZcp0rJQPqioKP6Btl9iq-qfsuD6jeG2URtsLqja9zDyhvnjM5nqY83jpAgYkH8Kd253HE6Sa8%2C.GJNKBQl90QzAP2vl5IrQf351maY%2C
x-xss-protection
1; mode=block
date
Sun, 13 Oct 2024 14:16:30 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
etag
"6707cb5e-2b"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Sun, 13 Oct 2024 15:16:30 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Sun, 13 Oct 2024 14:16:30 GMT
last-modified
Thu, 10 Oct 2024 12:41:02 GMT
content-type
image/gif
metrika_match.html
mc.yandex.com/metrika/ Frame C396 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://rocket-x-1win.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1046
content-type
text/html
date
Sun, 13 Oct 2024 14:16:30 GMT
etag
"6707cb5e-416"
expires
Sun, 13 Oct 2024 15:16:30 GMT
last-modified
Thu, 10 Oct 2024 12:41:02 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
1
mc.yandex.com/watch/94905709/
Redirect Chain
  • https://mc.yandex.com/watch/94905709?wmode=7&page-url=https%3A%2F%2Frocket-x-1win.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Afu%3A0%3Aen%3Autf-8%3A...
  • https://mc.yandex.com/watch/94905709/1?wmode=7&page-url=https%3A%2F%2Frocket-x-1win.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Afu%3A0%3Aen%3Autf-8%...
603 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/94905709/1?wmode=7&page-url=https%3A%2F%2Frocket-x-1win.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1480%3Acn%3A1%3Adp%3A0%3Als%3A626118632679%3Ahid%3A789354617%3Az%3A120%3Ai%3A20241013161629%3Aet%3A1728828990%3Ac%3A1%3Arn%3A5362545%3Arqn%3A1%3Au%3A1728828990888413947%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A995%3Awv%3A2%3Ads%3A13%2C27%2C760%2C136%2C2%2C0%2C%2C62%2C1%2C1065%2C1065%2C0%2C1002%3Aco%3A0%3Acpf%3A1%3Ans%3A1728828988393%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1728828990%3At%3A1Win%20Games%20Brasil%20-%20Bonus%20code%201Win%202024&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
65e13bf8f2eb2bfa08536c500ac071f086a3abcd74d0f5487bb72e4c4404c052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rocket-x-1win.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Sun, 13-Oct-2024 14:16:30 GMT
access-control-allow-origin
https://rocket-x-1win.com
content-length
603
date
Sun, 13 Oct 2024 14:16:30 GMT
x-xss-protection
1; mode=block
content-type
application/json; charset=utf-8
last-modified
Sun, 13-Oct-2024 14:16:30 GMT

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/94905709/1?wmode=7&page-url=https%3A%2F%2Frocket-x-1win.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1480%3Acn%3A1%3Adp%3A0%3Als%3A626118632679%3Ahid%3A789354617%3Az%3A120%3Ai%3A20241013161629%3Aet%3A1728828990%3Ac%3A1%3Arn%3A5362545%3Arqn%3A1%3Au%3A1728828990888413947%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A995%3Awv%3A2%3Ads%3A13%2C27%2C760%2C136%2C2%2C0%2C%2C62%2C1%2C1065%2C1065%2C0%2C1002%3Aco%3A0%3Acpf%3A1%3Ans%3A1728828988393%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1728828990%3At%3A1Win%20Games%20Brasil%20-%20Bonus%20code%201Win%202024&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Sun, 13-Oct-2024 14:16:30 GMT
access-control-allow-origin
https://rocket-x-1win.com
date
Sun, 13 Oct 2024 14:16:30 GMT
x-xss-protection
1; mode=block
last-modified
Sun, 13-Oct-2024 14:16:30 GMT
94905709
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/94905709?wv-part=1&wv-type=7&wmode=0&wv-hit=789354617&page-url=https%3A%2F%2Frocket-x-1win.com%2F&rn=645440674&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1728828991%3Aw%3A1600x1200%3Av%3A1480%3Az%3A120%3Ai%3A20241013161630%3Au%3A1728828990888413947%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Ast%3A1728828991&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://rocket-x-1win.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
access-control-allow-credentials
true
expires
Sun, 13-Oct-2024 14:16:31 GMT
access-control-allow-origin
https://rocket-x-1win.com
content-length
43
date
Sun, 13 Oct 2024 14:16:31 GMT
x-xss-protection
1; mode=block
content-type
image/gif
last-modified
Sun, 13-Oct-2024 14:16:31 GMT
94905709
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/94905709?wv-part=2&wv-type=7&wmode=0&wv-hit=789354617&page-url=https%3A%2F%2Frocket-x-1win.com%2F&rn=828018349&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1728828993%3Aw%3A1600x1200%3Av%3A1480%3Az%3A120%3Ai%3A20241013161632%3Au%3A1728828990888413947%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Ast%3A1728828993&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://rocket-x-1win.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
access-control-allow-credentials
true
expires
Sun, 13-Oct-2024 14:16:32 GMT
access-control-allow-origin
https://rocket-x-1win.com
content-length
43
date
Sun, 13 Oct 2024 14:16:32 GMT
x-xss-protection
1; mode=block
last-modified
Sun, 13-Oct-2024 14:16:32 GMT
content-type
image/gif
94905709
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/94905709?wv-part=1&wv-type=7&wmode=0&wv-hit=789354617&page-url=https%3A%2F%2Frocket-x-1win.com%2F&rn=1048205088&browser-info=we%3A1%3Aet%3A1728828993%3Aw%3A1600x1200%3Av%3A1480%3Az%3A120%3Ai%3A20241013161632%3Au%3A1728828990888413947%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Ast%3A1728828993&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://rocket-x-1win.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
access-control-allow-credentials
true
expires
Sun, 13-Oct-2024 14:16:32 GMT
access-control-allow-origin
https://rocket-x-1win.com
content-length
43
date
Sun, 13 Oct 2024 14:16:32 GMT
x-xss-protection
1; mode=block
last-modified
Sun, 13-Oct-2024 14:16:32 GMT
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| jQuery function| wp_broken_images object| __cfQR object| wp function| sprintf function| vsprintf object| viewsCacheL10n object| FontAwesomeKitConfig object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe function| ym boolean| __cfRLUnblockHandlers function| LazyLoad string| ajaxUrl object| wpcf7 object| tocplus object| ratingsL10n object| ratings_mouseover_image function| current_rating function| ratings_off function| set_is_being_rated function| rate_post_success function| rate_post object| testme_aj object| fb_opts function| easy_fancybox_handler function| easy_fancybox_auto string| ajaxurl object| swv function| _abort function| _error function| _start function| _process_inline function| _show function| _format_title function| _process_title function| _swipe function| _set_navigation function| _finish function| _preload_next function| _preload_prev function| _preload_image function| _get_zoom_to function| _get_orig_pos function| _closed function| _cleanup object| images object| iframes object| rocket_lazy object| Ya object| yaCounter94905709

20 Cookies

Domain/Path Name / Value
rocket-x-1win.com/ Name: pll_language
Value: pt
.yandex.ru/ Name: i
Value: hUdR8e7XUrJ/Z+7bOUEvi/OCcN+AMb0Bonf/IDP39HudERqJC8A3gQFm64eIYR7SaMuAGEeDTbXph5HPaNCWGTicTK8=
.yandex.ru/ Name: yandexuid
Value: 4655766731728828989
.yandex.ru/ Name: yashr
Value: 2005810231728828989
.rocket-x-1win.com/ Name: _ym_uid
Value: 1728828990888413947
.rocket-x-1win.com/ Name: _ym_d
Value: 1728828990
.yandex.com/ Name: yashr
Value: 6309693811728828990
.rocket-x-1win.com/ Name: _ym_isad
Value: 2
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3931621215fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2338796552fake
.yandex.com/ Name: yandexuid
Value: 4655766731728828989
.yandex.com/ Name: yuidss
Value: 4655766731728828989
.yandex.com/ Name: i
Value: hUdR8e7XUrJ/Z+7bOUEvi/OCcN+AMb0Bonf/IDP39HudERqJC8A3gQFm64eIYR7SaMuAGEeDTbXph5HPaNCWGTicTK8=
.yandex.com/ Name: yp
Value: 1728915390.yu.6407018531728828990
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 1098358961728828990
.yandex.com/ Name: ymex
Value: 1731420990.oyu.6407018531728828990#1760364990.yrts.1728828990
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGC+rK+4Bg==
.rocket-x-1win.com/ Name: _ym_visorc
Value: w

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
mc.yandex.com
mc.yandex.ru
rocket-x-1win.com
2606:4700:3034::6815:1adf
2606:4700:3037::ac43:9691
2606:4700:4400::ac40:93bc
2a00:1450:4001:81c::2003
2a00:1450:4001:830::200a
2a02:6b8::1:119
01631ed4d0d3cf29a504fc22934b3518866d03d5e219814fcdef78a9a1e0d9fd
0a88e611418b0ee617b9b118e1e544c4df16229dc1d95ca81b31858c0429ac82
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
27b83109afaad8b6e11957eba7579ecbc505567cc12cc9e28a58f0b2013c59c6
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
3161948f21bf24d9ef8c34e37b7d1790d5cce63c44d982ca9f63bc6b6acbfe99
3ac0e7e7f71d143292b51ee698a5795bdf2531f3739570467cfad74ad81be01a
3cb24332ddb6ef50d9f528c01c8f4c02ac68976dcbfcc9a826462fccae50ac2b
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b
4c704aede1d014c046dabc777d84a5dadfe636445c6e031cb35869edcb68c2d2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b29ceacd62fbfd569dd7597050258b4db85679e2354e05df72c53e4958a8b9
58256ebe097c611bea84c802ff7c10fe16d5cdc431447c86a58b0ebe878f747f
5c49b4b83662d5ea9e45d6b80f6c14cb295e8afb89d6a165e52dd93ffa09bca2
5d39b4ad4365ff35cbcbad2f3daf685e1f0427a96ff05abc06a32a220e1aed3a
65e13bf8f2eb2bfa08536c500ac071f086a3abcd74d0f5487bb72e4c4404c052
6613feeff6fb52a6d3f667c09273f6ab44695f0a0c8c1675fe34eeb3fdf1b259
6c2bb7d76df8dcd6d5343cbb61da70c39ec0b3f61904fafd1ba6b3b59df7b69c
6c460965c8ff790006a5e860e34408564a5cf60e70f88c3192c5b691cf83c7f8
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
84551b0ec88add52736c8ff9cdde6d704637e055dc8580639476eb3f2c497e76
865e899090695a8d00ac95e238bbeb64a43b4453f4e91c4024ed0c819cdc7908
892278f39223e7e3c0e466ea8ee71d7aa001ba8f8ef82ac1412e48525383939b
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8c83ba7dca9033fc6181e0ac87b9c5e75f03e46c544ff44ec32df1ec338ee3e9
92b108d21a21288116ccb4b299ef0c9507f020a5759aa8bc20f07f3b717c6d1d
9394708aecab53a5119366e223f4359f545b5e3674c45708ffa5f785d48b4064
9f226239b7cb86705238ec5a036a05bdb8fa187630f9c686db7c52ad53b64482
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d4cc3dfa1061aedf2533cf134f9d584568bc41a25090fb7ce77c5cdbec6c37e6
d6effffb09446a01a91070cbfe847a02e1d59f5f7afa4a6abbd3791fe6991a08
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e197c54c4a46eb036cd1cc0a009a9ae87f21b86a8a90a508b2af7bf000244e0b
e366793514dbd895c59bb47c82d05819b64f76802230522a41a1903b6f020427
e5a8f1b55d45ead09c9942326ce73715c8093c611a6487621d1de8c6649ef396
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda